Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c6/a734a4-143d-461d-bfd6-45caa6ef6700/1/tHClYIIgb6jmmEeh8rAbJuxCKbU.roa
File: tHClYIIgb6jmmEeh8rAbJuxCKbU.roa (raw, json)
Hash identifier: D4qLnF4+xWTIJ1kzoQXKcBQJTt7iO1qCPwqVHl2c3iU=
Subject key identifier: B4:70:A5:60:82:20:6F:A8:E6:98:47:A1:F2:B0:1B:26:EC:42:29:B5
Certificate issuer: /CN=2b928097dc9f89a7a3a8a296a78a4f9d0cbce17f
Certificate serial: 018572FA7F7804DB8B7982DB1473D2AB7353
Authority key identifier: 2B:92:80:97:DC:9F:89:A7:A3:A8:A2:96:A7:8A:4F:9D:0C:BC:E1:7F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/K5KAl9yfiaejqKKWp4pPnQy84X8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c6/a734a4-143d-461d-bfd6-45caa6ef6700/1/tHClYIIgb6jmmEeh8rAbJuxCKbU.roa
Signing time: Mon 02 Jan 2023 14:54:57 +0000
ROA not before: Mon 02 Jan 2023 14:54:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 197305
IP address blocks: 46.243.16.0/24 maxlen: 24
46.243.17.0/24 maxlen: 24
46.243.22.0/24 maxlen: 24
46.243.20.0/24 maxlen: 24
46.243.21.0/24 maxlen: 24
46.243.18.0/24 maxlen: 24
46.243.19.0/24 maxlen: 24
46.243.23.0/24 maxlen: 24
2a03:6dc0::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:fa:7f:78:04:db:8b:79:82:db:14:73:d2:ab:73:53
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2b928097dc9f89a7a3a8a296a78a4f9d0cbce17f
Validity
Not Before: Jan 2 14:54:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b470a56082206fa8e69847a1f2b01b26ec4229b5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:47:8c:ee:f6:fc:7a:ec:20:80:50:85:ce:16:
ef:2f:92:ca:7f:3e:e5:55:a9:56:11:56:ea:17:a4:
75:1f:c7:eb:20:be:7b:42:ad:5d:f8:e9:13:da:98:
4f:72:4b:23:c7:43:94:c8:e3:be:61:43:00:46:c6:
01:ce:99:61:e3:68:58:da:3b:28:78:5c:8d:7a:a3:
49:95:09:e6:c0:ea:a8:d0:a9:98:db:9f:08:c5:bf:
cc:09:5d:af:f2:43:3b:8e:e8:e1:ca:83:6b:c4:70:
b2:61:6c:da:27:9d:67:eb:9d:5c:26:c0:81:54:bc:
ee:a3:a5:f2:fd:c0:ab:83:a7:31:f7:4d:3e:62:3f:
6c:d4:38:84:50:e1:c5:be:e2:32:a5:5d:7b:aa:5d:
d5:27:ba:1b:68:d9:c1:aa:14:f0:86:4d:26:d7:b9:
c5:4f:fb:06:e0:e2:90:c6:d5:bf:67:62:8c:9c:44:
ad:c2:1d:7e:37:12:4b:4b:01:bc:02:a1:a0:bc:74:
bc:47:69:79:ba:db:36:31:d7:d6:43:90:88:de:66:
c0:f6:20:c4:d5:8f:2f:9d:53:9c:a1:6a:60:9e:1f:
74:7b:cb:33:85:62:bd:f5:95:25:c5:08:5d:56:4c:
27:ec:78:b1:29:e0:5d:00:d6:e8:b8:c7:8c:72:cc:
87:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:70:A5:60:82:20:6F:A8:E6:98:47:A1:F2:B0:1B:26:EC:42:29:B5
X509v3 Authority Key Identifier:
keyid:2B:92:80:97:DC:9F:89:A7:A3:A8:A2:96:A7:8A:4F:9D:0C:BC:E1:7F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/K5KAl9yfiaejqKKWp4pPnQy84X8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c6/a734a4-143d-461d-bfd6-45caa6ef6700/1/tHClYIIgb6jmmEeh8rAbJuxCKbU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c6/a734a4-143d-461d-bfd6-45caa6ef6700/1/K5KAl9yfiaejqKKWp4pPnQy84X8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.243.16.0/21
IPv6:
2a03:6dc0::/32
Signature Algorithm: sha256WithRSAEncryption
3f:43:79:b7:31:f2:9f:47:bc:8a:72:4b:48:57:18:6e:2f:16:
db:65:6e:d1:12:88:b6:41:4a:56:e3:cb:a7:8d:e5:25:1b:00:
41:8d:58:36:11:fb:c9:19:7f:dd:c3:1c:25:b2:47:11:63:9e:
2b:99:14:ff:01:79:0d:f4:98:91:f9:29:80:b8:35:f9:3f:07:
2d:25:d4:8f:fd:2c:a9:76:7c:8d:8e:e4:ee:00:40:27:d3:80:
e8:9a:27:94:50:59:73:eb:dc:81:99:a6:75:a9:d8:ea:c2:6a:
47:5a:57:61:d2:85:e4:b4:30:d0:b5:0d:47:73:86:34:38:ad:
97:82:7b:a6:e7:c4:7c:70:fb:ab:22:0c:23:cf:67:d5:7c:d5:
2f:9a:f4:06:03:85:22:f9:bb:56:91:24:d0:85:80:03:f1:9a:
39:83:91:f4:79:fb:83:24:a0:01:60:ce:36:0f:78:55:42:78:
d5:da:52:b8:d0:c6:1a:cc:20:d7:55:98:be:52:52:a3:9c:2a:
87:6f:46:a0:0c:ae:a1:4c:48:8c:26:78:28:e8:06:0a:7a:de:
ff:cd:d7:1e:dd:a8:e9:00:f8:cb:16:22:64:96:98:7c:73:d3:
cd:93:54:31:e4:7b:ad:cf:f5:68:32:6c:36:02:17:49:31:11:
53:3f:c3:d3
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVy+n94BNuLeYLbFHPSq3NTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJiOTI4MDk3ZGM5Zjg5YTdhM2E4YTI5NmE3OGE0ZjlkMGNi
Y2UxN2YwHhcNMjMwMTAyMTQ1NDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNDcwYTU2MDgyMjA2ZmE4ZTY5ODQ3YTFmMmIwMWIyNmVjNDIyOWI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAikeM7vb8euwggFCFzhbvL5LKfz7l
ValWEVbqF6R1H8frIL57Qq1d+OkT2phPcksjx0OUyOO+YUMARsYBzplh42hY2jso
eFyNeqNJlQnmwOqo0KmY258Ixb/MCV2v8kM7jujhyoNrxHCyYWzaJ51n651cJsCB
VLzuo6Xy/cCrg6cx900+Yj9s1DiEUOHFvuIypV17ql3VJ7obaNnBqhTwhk0m17nF
T/sG4OKQxtW/Z2KMnEStwh1+NxJLSwG8AqGgvHS8R2l5uts2MdfWQ5CI3mbA9iDE
1Y8vnVOcoWpgnh90e8szhWK99ZUlxQhdVkwn7HixKeBdANbouMeMcsyH6wIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFLRwpWCCIG+o5phHofKwGybsQim1MB8GA1UdIwQY
MBaAFCuSgJfcn4mno6iilqeKT50MvOF/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSzVLQWw5eWZpYWVqcUtLV3A0cFBuUXk4NFg4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNi9hNzM0YTQtMTQzZC00NjFkLWJmZDYt
NDVjYWE2ZWY2NzAwLzEvdEhDbFlJSWdiNmptbUVlaDhyQWJKdXhDS2JVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNi9hNzM0YTQtMTQzZC00NjFkLWJmZDYtNDVjYWE2ZWY2NzAw
LzEvSzVLQWw5eWZpYWVqcUtLV3A0cFBuUXk4NFg4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQDLvMQMA0E
AgACMAcDBQAqA23AMA0GCSqGSIb3DQEBCwUAA4IBAQA/Q3m3MfKfR7yKcktIVxhu
LxbbZW7REoi2QUpW48unjeUlGwBBjVg2EfvJGX/dwxwlskcRY54rmRT/AXkN9JiR
+SmAuDX5PwctJdSP/SypdnyNjuTuAEAn04DomieUUFlz69yBmaZ1qdjqwmpHWldh
0oXktDDQtQ1Hc4Y0OK2Xgnum58R8cPurIgwjz2fVfNUvmvQGA4Ui+btWkSTQhYAD
8Zo5g5H0efuDJKABYM42D3hVQnjV2lK40MYazCDXVZi+UlKjnCqHb0agDK6hTEiM
Jngo6AYKet7/zdce3ajpAPjLFiJklph8c9PNk1Qx5Hutz/VoMmw2AhdJMRFTP8PT
-----END CERTIFICATE-----
Generated at Sun May 11 22:53:30 2025 by rpki-client