Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/44/a00be2-877d-40e7-8a8a-af2cfa622d18/1/2a-wi-INIxterRUmclkE4JCzc-s.roa
File: 2a-wi-INIxterRUmclkE4JCzc-s.roa (raw, json)
Hash identifier: hd2iGikgsp872hGNiTrgwu6a/TUY2Gjkth5+zMMafIQ=
Subject key identifier: D9:AF:B0:8B:E2:0D:23:1B:5E:AD:15:26:72:59:04:E0:90:B3:73:EB
Certificate issuer: /CN=c89c2cc489ebe48f490584ac866fe362c4117e75
Certificate serial: 01852DB74F3E5CFE3735A3B99733AC0D349E
Authority key identifier: C8:9C:2C:C4:89:EB:E4:8F:49:05:84:AC:86:6F:E3:62:C4:11:7E:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yJwsxInr5I9JBYSshm_jYsQRfnU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/44/a00be2-877d-40e7-8a8a-af2cfa622d18/1/2a-wi-INIxterRUmclkE4JCzc-s.roa
Signing time: Tue 20 Dec 2022 04:07:45 +0000
ROA not before: Tue 20 Dec 2022 04:07:45 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 43395
IP address blocks: 46.148.35.0/24 maxlen: 24
46.148.36.0/24 maxlen: 24
46.148.38.0/24 maxlen: 24
46.148.43.0/24 maxlen: 24
46.148.44.0/24 maxlen: 24
46.148.41.0/24 maxlen: 24
46.148.45.0/24 maxlen: 24
46.148.46.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:2d:b7:4f:3e:5c:fe:37:35:a3:b9:97:33:ac:0d:34:9e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c89c2cc489ebe48f490584ac866fe362c4117e75
Validity
Not Before: Dec 20 04:07:45 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d9afb08be20d231b5ead1526725904e090b373eb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:3b:84:48:45:9c:0f:56:e5:ff:9d:c2:b9:b7:
67:b7:af:f6:7c:21:b3:e3:fa:b8:19:09:a6:a3:70:
a7:cb:10:c5:c8:f0:e2:b6:70:84:40:a6:8a:9c:97:
e2:f8:7e:7e:e8:01:01:19:d7:aa:65:66:d4:18:cf:
16:e2:b0:36:94:79:f7:01:3f:1d:52:fc:f8:31:32:
c9:76:fa:2c:0b:4b:ca:de:b1:d9:e0:45:dd:3e:0e:
8b:16:8e:ee:b9:0f:a0:bc:34:59:f8:ec:3f:30:9d:
5c:4b:c1:e1:26:2b:d1:92:26:54:43:ae:83:1e:8b:
ca:07:ed:47:a4:fd:ad:4b:05:94:a0:3e:f7:e8:1b:
38:2e:73:2c:51:06:00:1f:b8:0d:7e:ba:58:51:09:
37:3e:74:93:99:fd:dd:7f:96:36:1f:51:2f:ae:57:
f5:79:fe:9c:40:1f:f9:63:e9:f5:62:a2:21:98:77:
46:c0:27:d9:db:bd:92:e3:98:04:6d:3a:5c:84:e4:
75:71:17:9b:62:a2:b7:cc:08:9a:07:30:b3:15:c5:
df:7f:73:51:b8:87:f9:87:c3:2d:49:5c:0e:ce:c6:
0b:ec:ea:67:d6:5e:d3:d6:ec:0b:56:05:58:e8:94:
6b:c1:59:0f:1e:55:f4:ad:90:5c:b8:f1:c3:da:ac:
cc:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:AF:B0:8B:E2:0D:23:1B:5E:AD:15:26:72:59:04:E0:90:B3:73:EB
X509v3 Authority Key Identifier:
keyid:C8:9C:2C:C4:89:EB:E4:8F:49:05:84:AC:86:6F:E3:62:C4:11:7E:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yJwsxInr5I9JBYSshm_jYsQRfnU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/44/a00be2-877d-40e7-8a8a-af2cfa622d18/1/2a-wi-INIxterRUmclkE4JCzc-s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/44/a00be2-877d-40e7-8a8a-af2cfa622d18/1/yJwsxInr5I9JBYSshm_jYsQRfnU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.148.35.0-46.148.36.255
46.148.38.0/24
46.148.41.0/24
46.148.43.0-46.148.46.255
Signature Algorithm: sha256WithRSAEncryption
7d:6b:dc:b6:0d:b5:1d:02:e2:1f:c8:94:06:0f:c8:4d:55:c6:
51:35:3d:77:4d:41:34:5e:0d:d4:5b:2d:06:58:2f:4c:0c:92:
0e:be:3c:ac:45:68:53:08:da:0f:c1:0c:88:c3:e5:12:df:0f:
3b:bc:58:be:9a:26:a0:45:2f:fe:94:13:dd:9a:41:6f:26:72:
b3:82:a9:63:6b:04:ad:ab:20:a0:80:92:42:83:b4:a6:2d:2d:
8e:e2:51:c0:7d:ea:68:bf:be:55:f9:1c:7b:2e:ff:4c:f1:ca:
68:15:e7:85:f5:20:b0:b7:14:07:a6:4d:0e:ed:d0:e2:0c:5b:
8f:0e:7d:32:be:b3:e5:65:d5:f6:2f:c3:e8:99:68:fb:3d:e4:
14:5a:68:07:2d:d9:83:92:f7:2b:38:db:d9:5e:f4:09:da:85:
69:d9:f0:ef:ad:53:35:fc:c2:58:8f:96:6a:ed:51:63:89:1e:
0f:71:2d:e5:44:c2:93:6b:59:c9:39:71:36:b1:8b:9f:a1:6a:
55:6e:56:bd:f1:63:49:cc:35:3d:c9:19:e4:bc:c1:3a:8e:e6:
9f:56:cf:d5:3c:b9:6c:05:55:d9:6f:23:0e:bb:71:98:93:84:
3c:ab:ba:94:08:7d:e1:04:65:57:2b:e2:cd:c0:66:3a:0e:8b:
b5:db:1f:5b
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgISAYUtt08+XP43NaO5lzOsDTSeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM4OWMyY2M0ODllYmU0OGY0OTA1ODRhYzg2NmZlMzYyYzQx
MTdlNzUwHhcNMjIxMjIwMDQwNzQ1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOWFmYjA4YmUyMGQyMzFiNWVhZDE1MjY3MjU5MDRlMDkwYjM3M2ViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiTuESEWcD1bl/53Cubdnt6/2fCGz
4/q4GQmmo3CnyxDFyPDitnCEQKaKnJfi+H5+6AEBGdeqZWbUGM8W4rA2lHn3AT8d
Uvz4MTLJdvosC0vK3rHZ4EXdPg6LFo7uuQ+gvDRZ+Ow/MJ1cS8HhJivRkiZUQ66D
HovKB+1HpP2tSwWUoD736Bs4LnMsUQYAH7gNfrpYUQk3PnSTmf3df5Y2H1Evrlf1
ef6cQB/5Y+n1YqIhmHdGwCfZ272S45gEbTpchOR1cRebYqK3zAiaBzCzFcXff3NR
uIf5h8MtSVwOzsYL7Opn1l7T1uwLVgVY6JRrwVkPHlX0rZBcuPHD2qzMYwIDAQAB
o4ICKzCCAicwHQYDVR0OBBYEFNmvsIviDSMbXq0VJnJZBOCQs3PrMB8GA1UdIwQY
MBaAFMicLMSJ6+SPSQWErIZv42LEEX51MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveUp3c3hJbnI1STlKQllTc2htX2pZc1FSZm5VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NC9hMDBiZTItODc3ZC00MGU3LThhOGEt
YWYyY2ZhNjIyZDE4LzEvMmEtd2ktSU5JeHRlclJVbWNsa0U0SkN6Yy1zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NC9hMDBiZTItODc3ZC00MGU3LThhOGEtYWYyY2ZhNjIyZDE4
LzEveUp3c3hJbnI1STlKQllTc2htX2pZc1FSZm5VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEEGCCsGAQUFBwEHAQH/BDIwMDAuBAIAATAoMAwDBAAulCMD
BAAulCQDBAAulCYDBAAulCkwDAMEAC6UKwMEAC6ULjANBgkqhkiG9w0BAQsFAAOC
AQEAfWvctg21HQLiH8iUBg/ITVXGUTU9d01BNF4N1FstBlgvTAySDr48rEVoUwja
D8EMiMPlEt8PO7xYvpomoEUv/pQT3ZpBbyZys4KpY2sErasgoICSQoO0pi0tjuJR
wH3qaL++Vfkcey7/TPHKaBXnhfUgsLcUB6ZNDu3Q4gxbjw59Mr6z5WXV9i/D6Jlo
+z3kFFpoBy3Zg5L3Kzjb2V70CdqFadnw761TNfzCWI+Wau1RY4keD3Et5UTCk2tZ
yTlxNrGLn6FqVW5WvfFjScw1PckZ5LzBOo7mn1bP1Ty5bAVV2W8jDrtxmJOEPKu6
lAh94QRlVyvizcBmOg6LtdsfWw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:27:21 2024 by rpki-client on console-fra.rpki-client.org