Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a9/e17714-467b-4433-9b7d-a6b991f4faf8/1/IoaBk2-DCOLO556cY2wIgmUgMC0.roa
File: IoaBk2-DCOLO556cY2wIgmUgMC0.roa (raw, json)
Hash identifier: fqUQvlLsV+Z5XPcW4xFKRqw+z6Pc/kvs1s4hxnjsneI=
Subject key identifier: 22:86:81:93:6F:83:08:E2:CE:E7:9E:9C:63:6C:08:82:65:20:30:2D
Certificate issuer: /CN=4a471cd6ce60abedd74762b101aa5e6f4207efce
Certificate serial: 0189233EE10878C43DA879DA851C0F096E86
Authority key identifier: 4A:47:1C:D6:CE:60:AB:ED:D7:47:62:B1:01:AA:5E:6F:42:07:EF:CE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Skcc1s5gq-3XR2KxAapeb0IH784.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a9/e17714-467b-4433-9b7d-a6b991f4faf8/1/IoaBk2-DCOLO556cY2wIgmUgMC0.roa
Signing time: Tue 04 Jul 2023 23:31:10 +0000
ROA not before: Tue 04 Jul 2023 23:31:10 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 197100
IP address blocks: 46.34.32.0/22 maxlen: 22
46.34.36.0/24 maxlen: 24
46.34.44.0/24 maxlen: 24
46.34.40.0/24 maxlen: 24
46.34.41.0/24 maxlen: 24
46.34.63.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:23:3e:e1:08:78:c4:3d:a8:79:da:85:1c:0f:09:6e:86
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4a471cd6ce60abedd74762b101aa5e6f4207efce
Validity
Not Before: Jul 4 23:31:10 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=228681936f8308e2cee79e9c636c08826520302d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:10:17:05:ef:25:f1:06:e9:09:10:0d:d0:44:
b3:e7:5b:7e:18:5b:9f:11:e0:9a:e0:78:5f:da:7f:
4a:ec:08:f2:1a:df:2c:84:27:f1:3f:f0:13:d1:e2:
dc:09:5a:c2:62:ca:0f:03:ae:51:5f:76:f0:00:ec:
eb:87:bb:92:8b:17:b0:e4:bd:54:3e:07:f6:ea:25:
80:80:a6:45:0b:bb:4f:95:c7:c9:c8:4d:e7:5a:4e:
78:38:1b:3f:16:1c:0f:c2:ad:a0:09:84:19:f2:5a:
28:a6:47:88:3a:d3:eb:1b:43:67:6e:c1:6e:08:8a:
59:40:63:84:cc:03:f9:c2:ab:27:be:52:aa:c4:b7:
96:9d:d8:a1:55:be:52:30:84:b3:b4:05:39:5c:3a:
7f:be:2a:7e:8a:ac:4c:22:da:a6:76:11:94:f3:83:
58:c8:9b:46:2f:89:54:df:c0:31:92:79:0a:3a:c3:
dc:52:98:50:4b:75:ae:45:14:5f:aa:3a:49:bd:10:
83:d4:32:16:93:33:e9:ff:1d:6b:d2:d6:cf:ac:0f:
da:6a:f3:71:0d:f3:26:48:77:3b:c5:89:c8:4f:fb:
6e:f1:6a:56:4b:6f:a5:36:5d:31:05:cd:2c:65:60:
46:db:6b:9f:11:0a:1e:cc:e5:6d:0b:c6:6a:58:20:
8c:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:86:81:93:6F:83:08:E2:CE:E7:9E:9C:63:6C:08:82:65:20:30:2D
X509v3 Authority Key Identifier:
keyid:4A:47:1C:D6:CE:60:AB:ED:D7:47:62:B1:01:AA:5E:6F:42:07:EF:CE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Skcc1s5gq-3XR2KxAapeb0IH784.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/e17714-467b-4433-9b7d-a6b991f4faf8/1/IoaBk2-DCOLO556cY2wIgmUgMC0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/e17714-467b-4433-9b7d-a6b991f4faf8/1/Skcc1s5gq-3XR2KxAapeb0IH784.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.34.32.0-46.34.36.255
46.34.40.0/23
46.34.44.0/24
46.34.63.0/24
Signature Algorithm: sha256WithRSAEncryption
3c:a8:94:eb:4f:69:6b:f3:c8:59:20:ac:28:12:40:12:15:63:
63:fb:77:e3:16:57:41:b6:44:3b:f0:47:49:78:43:e4:97:3c:
fa:21:09:84:6f:75:6b:d6:e7:d1:4b:ce:28:1f:a4:7e:19:5b:
82:65:b3:aa:20:5e:30:38:8d:22:09:9e:0f:b3:bb:b5:2c:72:
74:56:3b:dd:98:71:25:be:fa:eb:e3:fd:dc:c1:1e:5d:33:a3:
57:55:37:2b:f4:3d:7c:ff:5f:30:5e:ee:a3:e5:dc:85:2a:d6:
ab:3e:3d:ef:5a:6a:e4:9b:4f:2a:2e:9a:a2:a5:b9:23:c3:10:
0b:f2:63:7b:bf:e1:ab:61:61:50:98:18:28:ee:af:a8:da:b2:
08:0a:30:a6:7f:ca:d9:d4:7f:63:54:01:56:6d:cd:20:87:7a:
58:26:6e:3f:3d:00:d3:70:a4:4b:de:b8:b1:0a:9f:e2:f7:ba:
12:b5:cb:ef:df:2f:9d:50:4d:f8:a9:52:e1:60:5f:e6:37:28:
c6:ca:b4:01:e1:32:97:fa:bb:59:61:be:8a:f2:25:d0:f9:f3:
8c:05:48:00:cb:0a:5b:6b:e5:bb:d4:6d:1a:e9:3e:22:90:7f:
11:da:fc:54:03:2f:91:83:7b:a5:66:75:55:96:93:54:7f:dc:
02:db:d4:53
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAYkjPuEIeMQ9qHnahRwPCW6GMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRhNDcxY2Q2Y2U2MGFiZWRkNzQ3NjJiMTAxYWE1ZTZmNDIw
N2VmY2UwHhcNMjMwNzA0MjMzMTEwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMjg2ODE5MzZmODMwOGUyY2VlNzllOWM2MzZjMDg4MjY1MjAzMDJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgRAXBe8l8QbpCRAN0ESz51t+GFuf
EeCa4Hhf2n9K7AjyGt8shCfxP/AT0eLcCVrCYsoPA65RX3bwAOzrh7uSixew5L1U
Pgf26iWAgKZFC7tPlcfJyE3nWk54OBs/FhwPwq2gCYQZ8loopkeIOtPrG0NnbsFu
CIpZQGOEzAP5wqsnvlKqxLeWndihVb5SMISztAU5XDp/vip+iqxMItqmdhGU84NY
yJtGL4lU38AxknkKOsPcUphQS3WuRRRfqjpJvRCD1DIWkzPp/x1r0tbPrA/aavNx
DfMmSHc7xYnIT/tu8WpWS2+lNl0xBc0sZWBG22ufEQoezOVtC8ZqWCCMgwIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFCKGgZNvgwjizueenGNsCIJlIDAtMB8GA1UdIwQY
MBaAFEpHHNbOYKvt10disQGqXm9CB+/OMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU2tjYzFzNWdxLTNYUjJLeEFhcGViMElINzg0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOS9lMTc3MTQtNDY3Yi00NDMzLTliN2Qt
YTZiOTkxZjRmYWY4LzEvSW9hQmsyLURDT0xPNTU2Y1kyd0lnbVVnTUMwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOS9lMTc3MTQtNDY3Yi00NDMzLTliN2QtYTZiOTkxZjRmYWY4
LzEvU2tjYzFzNWdxLTNYUjJLeEFhcGViMElINzg0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgMAwDBAUuIiAD
BAAuIiQDBAEuIigDBAAuIiwDBAAuIj8wDQYJKoZIhvcNAQELBQADggEBADyolOtP
aWvzyFkgrCgSQBIVY2P7d+MWV0G2RDvwR0l4Q+SXPPohCYRvdWvW59FLzigfpH4Z
W4Jls6ogXjA4jSIJng+zu7UscnRWO92YcSW++uvj/dzBHl0zo1dVNyv0PXz/XzBe
7qPl3IUq1qs+Pe9aauSbTyoumqKluSPDEAvyY3u/4athYVCYGCjur6jasggKMKZ/
ytnUf2NUAVZtzSCHelgmbj89ANNwpEveuLEKn+L3uhK1y+/fL51QTfipUuFgX+Y3
KMbKtAHhMpf6u1lhvoryJdD584wFSADLCltr5bvUbRrpPiKQfxHa/FQDL5GDe6Vm
dVWWk1R/3ALb1FM=
-----END CERTIFICATE-----
Generated at Mon May 12 00:08:12 2025 by rpki-client