Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a9/e17714-467b-4433-9b7d-a6b991f4faf8/1/bD4f-Z-lM4F4nxviFqT6J1kPj2w.roa
File: bD4f-Z-lM4F4nxviFqT6J1kPj2w.roa (raw, json)
Hash identifier: Fg+Ns4KPwtNYGHeTxG8HNqEITfEcp+rsgKqmouqndBA=
Subject key identifier: 6C:3E:1F:F9:9F:A5:33:81:78:9F:1B:E2:16:A4:FA:27:59:0F:8F:6C
Certificate issuer: /CN=4a471cd6ce60abedd74762b101aa5e6f4207efce
Certificate serial: 0188916C4568D20E295D64EFB89ED47A7FBC
Authority key identifier: 4A:47:1C:D6:CE:60:AB:ED:D7:47:62:B1:01:AA:5E:6F:42:07:EF:CE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Skcc1s5gq-3XR2KxAapeb0IH784.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a9/e17714-467b-4433-9b7d-a6b991f4faf8/1/bD4f-Z-lM4F4nxviFqT6J1kPj2w.roa
Signing time: Tue 06 Jun 2023 15:56:11 +0000
ROA not before: Tue 06 Jun 2023 15:56:11 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 46.34.45.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:91:6c:45:68:d2:0e:29:5d:64:ef:b8:9e:d4:7a:7f:bc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4a471cd6ce60abedd74762b101aa5e6f4207efce
Validity
Not Before: Jun 6 15:56:11 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6c3e1ff99fa53381789f1be216a4fa27590f8f6c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:0f:55:67:84:5f:28:6d:0a:53:7a:a0:06:d0:
dd:ff:4b:31:d4:41:ce:17:31:59:2d:11:3b:14:d4:
17:8f:a3:72:19:4c:2a:cd:42:b1:13:4e:19:9f:ad:
38:b9:3f:87:5a:a9:08:05:8a:29:5e:3c:43:25:32:
be:4d:c3:da:c2:e0:72:e8:ce:25:81:f7:73:32:39:
05:e9:62:89:06:d0:e1:b0:b8:5d:74:f8:c7:6c:dc:
58:81:0f:1a:fa:00:ba:8d:5b:fe:24:ba:28:7e:74:
94:ab:fd:0a:c7:8d:13:6f:6a:4f:99:8e:c0:a8:3b:
3c:c2:d5:36:c2:82:8c:cc:c2:86:5b:ee:2e:7a:7d:
d6:79:d2:ae:ab:b7:a0:0e:6f:9b:e7:ec:9f:4d:13:
b3:88:40:5e:87:e9:ab:0f:0b:0a:9a:e5:66:3f:55:
6c:85:ae:f2:85:35:2d:f2:ee:5e:72:e0:61:fa:4a:
31:a9:17:26:fc:63:56:d5:6b:a1:32:cc:67:d0:19:
f4:0b:fb:69:a1:6f:58:3f:db:d4:fb:ad:52:d1:fb:
40:54:48:55:8d:a7:76:6d:47:e0:39:23:1a:06:8b:
0f:8c:a0:ed:7f:cb:a4:a6:cd:86:32:f3:37:69:9b:
10:89:4a:b5:e3:b9:b0:e1:b4:52:9f:77:47:16:5d:
2d:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:3E:1F:F9:9F:A5:33:81:78:9F:1B:E2:16:A4:FA:27:59:0F:8F:6C
X509v3 Authority Key Identifier:
keyid:4A:47:1C:D6:CE:60:AB:ED:D7:47:62:B1:01:AA:5E:6F:42:07:EF:CE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Skcc1s5gq-3XR2KxAapeb0IH784.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/e17714-467b-4433-9b7d-a6b991f4faf8/1/bD4f-Z-lM4F4nxviFqT6J1kPj2w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/e17714-467b-4433-9b7d-a6b991f4faf8/1/Skcc1s5gq-3XR2KxAapeb0IH784.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.34.45.0/24
Signature Algorithm: sha256WithRSAEncryption
6a:ba:35:73:00:5c:e9:d5:ab:5c:86:3c:d5:2c:18:88:b6:73:
ba:63:06:e7:a0:cc:7b:41:ca:8b:3b:3c:8a:0f:4f:17:d0:15:
6c:a3:b4:11:37:fd:c8:87:aa:cf:17:63:2b:07:6f:cd:f3:85:
bb:92:4c:95:ae:62:a2:e1:12:75:65:a5:99:40:9e:1a:17:cf:
21:c4:ad:40:4b:9b:64:d4:e4:25:fd:dd:35:4f:68:b1:13:05:
34:1c:77:16:b0:3c:96:1d:2a:15:27:1f:cb:6d:46:0b:c0:2a:
33:1a:75:fe:16:2d:de:8b:d7:b0:27:98:5a:3d:3f:e6:82:66:
3e:7f:0d:b3:7e:3a:0d:19:11:13:4e:a7:60:4b:60:3f:bf:5e:
7f:92:d0:8a:41:e7:6c:31:ed:64:96:41:5d:87:89:a5:f7:e6:
d8:85:f3:68:f3:b2:4a:3d:d6:83:fd:b6:3b:7e:35:23:34:81:
e4:63:42:e0:e0:67:ac:50:58:fc:fe:58:53:41:f0:ae:66:dd:
45:7c:92:02:1a:cb:9d:74:6c:ef:fb:22:e4:f3:99:b5:69:78:
91:e5:e5:1d:03:12:19:6c:6f:4c:c1:2d:6c:68:89:06:bf:a1:
ae:1f:ad:e9:4a:8b:40:ae:54:98:0b:e7:13:2e:0c:a4:70:88:
da:19:58:84
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYiRbEVo0g4pXWTvuJ7Uen+8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRhNDcxY2Q2Y2U2MGFiZWRkNzQ3NjJiMTAxYWE1ZTZmNDIw
N2VmY2UwHhcNMjMwNjA2MTU1NjExWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YzNlMWZmOTlmYTUzMzgxNzg5ZjFiZTIxNmE0ZmEyNzU5MGY4ZjZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1A9VZ4RfKG0KU3qgBtDd/0sx1EHO
FzFZLRE7FNQXj6NyGUwqzUKxE04Zn604uT+HWqkIBYopXjxDJTK+TcPawuBy6M4l
gfdzMjkF6WKJBtDhsLhddPjHbNxYgQ8a+gC6jVv+JLoofnSUq/0Kx40Tb2pPmY7A
qDs8wtU2woKMzMKGW+4uen3WedKuq7egDm+b5+yfTROziEBeh+mrDwsKmuVmP1Vs
ha7yhTUt8u5ecuBh+koxqRcm/GNW1WuhMsxn0Bn0C/tpoW9YP9vU+61S0ftAVEhV
jad2bUfgOSMaBosPjKDtf8ukps2GMvM3aZsQiUq147mw4bRSn3dHFl0teQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGw+H/mfpTOBeJ8b4hak+idZD49sMB8GA1UdIwQY
MBaAFEpHHNbOYKvt10disQGqXm9CB+/OMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU2tjYzFzNWdxLTNYUjJLeEFhcGViMElINzg0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOS9lMTc3MTQtNDY3Yi00NDMzLTliN2Qt
YTZiOTkxZjRmYWY4LzEvYkQ0Zi1aLWxNNEY0bnh2aUZxVDZKMWtQajJ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOS9lMTc3MTQtNDY3Yi00NDMzLTliN2QtYTZiOTkxZjRmYWY4
LzEvU2tjYzFzNWdxLTNYUjJLeEFhcGViMElINzg0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALiItMA0G
CSqGSIb3DQEBCwUAA4IBAQBqujVzAFzp1atchjzVLBiItnO6YwbnoMx7QcqLOzyK
D08X0BVso7QRN/3Ih6rPF2MrB2/N84W7kkyVrmKi4RJ1ZaWZQJ4aF88hxK1AS5tk
1OQl/d01T2ixEwU0HHcWsDyWHSoVJx/LbUYLwCozGnX+Fi3ei9ewJ5haPT/mgmY+
fw2zfjoNGRETTqdgS2A/v15/ktCKQedsMe1klkFdh4ml9+bYhfNo87JKPdaD/bY7
fjUjNIHkY0Lg4GesUFj8/lhTQfCuZt1FfJICGsuddGzv+yLk85m1aXiR5eUdAxIZ
bG9MwS1saIkGv6GuH63pSotArlSYC+cTLgykcIjaGViE
-----END CERTIFICATE-----
Generated at Sun May 11 23:56:41 2025 by rpki-client