Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/fe3d1a-ec07-4033-b40c-ca24361e7e4d/1/fi8Hq2AaJeHvs84amGwa12KYxaw.roa
File: fi8Hq2AaJeHvs84amGwa12KYxaw.roa (raw, json)
Hash identifier: rO3qc3CXzeNROlrdOR55mOxqwBiNWHvYij7yB6CCl2Q=
Subject key identifier: 7E:2F:07:AB:60:1A:25:E1:EF:B3:CE:1A:98:6C:1A:D7:62:98:C5:AC
Certificate issuer: /CN=311867bba7eeccf2b04c122ab8ec2cf1e72fc5ea
Certificate serial: 0184569C22A4C3A574FE23B7F08571E6F9CB
Authority key identifier: 31:18:67:BB:A7:EE:CC:F2:B0:4C:12:2A:B8:EC:2C:F1:E7:2F:C5:EA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MRhnu6fuzPKwTBIquOws8ecvxeo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/fe3d1a-ec07-4033-b40c-ca24361e7e4d/1/fi8Hq2AaJeHvs84amGwa12KYxaw.roa
Signing time: Tue 08 Nov 2022 09:39:43 +0000
ROA not before: Tue 08 Nov 2022 09:39:43 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 39591
IP address blocks: 46.17.12.0/23 maxlen: 23
46.17.8.0/22 maxlen: 22
2a02:2870::/33 maxlen: 33
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:56:9c:22:a4:c3:a5:74:fe:23:b7:f0:85:71:e6:f9:cb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=311867bba7eeccf2b04c122ab8ec2cf1e72fc5ea
Validity
Not Before: Nov 8 09:39:43 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=7e2f07ab601a25e1efb3ce1a986c1ad76298c5ac
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:e2:45:ef:40:47:9b:d6:ec:2f:2b:92:f3:a9:
15:60:4c:53:1f:28:19:92:e0:b7:87:1c:c2:bc:62:
38:d3:13:8c:d5:c3:f1:b4:85:ec:3a:4e:47:48:b5:
e1:db:ce:3d:06:7a:2c:0d:86:49:05:1c:61:47:4c:
43:88:28:02:92:e3:e6:cc:6a:b9:c9:d2:a7:27:6d:
32:5e:a2:63:8e:2d:2b:76:66:52:5c:fb:43:21:3b:
02:ee:ef:ae:ff:10:5b:14:c5:3c:96:1d:97:bb:17:
0a:fb:b1:8e:22:77:b3:9c:5b:6d:a7:01:03:c0:b2:
48:86:83:57:6e:d6:d4:86:61:69:d8:81:04:6e:b4:
98:55:ff:48:5d:b3:a6:30:45:f3:2f:cc:d3:f3:1e:
9d:ce:65:7f:28:1b:74:86:6b:32:2d:c1:68:c6:71:
69:fb:59:f7:1b:a7:b3:a4:7b:2f:ff:6f:60:f2:b9:
d3:c3:d2:c2:b4:d2:8b:97:03:5f:e4:a2:8a:e0:ef:
ee:f2:d8:37:aa:71:24:22:7c:aa:c7:31:42:e7:2e:
43:62:4a:5c:ac:2b:b7:81:79:24:e2:96:a7:9d:d3:
7a:1a:dc:65:cb:08:11:20:05:aa:32:78:d2:3f:aa:
33:77:30:94:71:34:f7:fb:b6:8f:f9:76:16:fa:96:
3a:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7E:2F:07:AB:60:1A:25:E1:EF:B3:CE:1A:98:6C:1A:D7:62:98:C5:AC
X509v3 Authority Key Identifier:
keyid:31:18:67:BB:A7:EE:CC:F2:B0:4C:12:2A:B8:EC:2C:F1:E7:2F:C5:EA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MRhnu6fuzPKwTBIquOws8ecvxeo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/fe3d1a-ec07-4033-b40c-ca24361e7e4d/1/fi8Hq2AaJeHvs84amGwa12KYxaw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/fe3d1a-ec07-4033-b40c-ca24361e7e4d/1/MRhnu6fuzPKwTBIquOws8ecvxeo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.17.8.0-46.17.13.255
IPv6:
2a02:2870::/33
Signature Algorithm: sha256WithRSAEncryption
0a:34:4c:a6:fb:84:11:45:f5:f3:c4:e3:80:32:84:c1:ad:dc:
c3:0d:50:57:b9:b1:81:5f:2b:4a:b9:fc:97:c4:62:ce:33:6a:
f5:a1:c7:f2:85:1b:a8:63:a7:e1:cc:94:63:ff:8b:60:a9:5f:
8f:e4:a6:26:79:8d:c4:2f:f2:21:73:43:92:6c:05:90:14:18:
c4:f0:f6:90:d1:39:12:27:75:11:e7:70:05:de:3b:64:a7:96:
47:c8:04:85:bf:38:1b:f2:c1:68:8a:c6:7d:f0:fc:68:24:f8:
2e:b5:2e:39:d9:00:00:0a:a3:90:a7:1f:5e:e8:73:ba:d3:93:
63:85:82:6b:7a:1e:82:c0:4b:9a:ba:ac:a1:bc:ff:43:5f:bb:
f9:4b:29:74:4c:5e:36:71:b7:d2:f0:3c:ff:05:c5:9f:c6:8c:
9a:16:b7:bd:49:cf:3c:e7:20:fa:3f:07:de:20:05:77:d1:45:
00:c6:4a:90:a1:8d:0b:3b:08:2b:d6:fb:8f:27:eb:10:4a:e8:
0e:de:3f:18:2b:79:44:d2:53:a3:7b:30:2f:b7:c1:aa:a4:df:
dd:f8:bd:8f:27:f9:8c:5b:4f:bc:34:4b:0d:b4:65:ec:71:f5:
d7:2a:22:fe:e2:1c:19:6c:dc:84:97:e0:f1:8d:d1:98:b6:c3:
7e:8d:15:0f
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYRWnCKkw6V0/iO38IVx5vnLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMxMTg2N2JiYTdlZWNjZjJiMDRjMTIyYWI4ZWMyY2YxZTcy
ZmM1ZWEwHhcNMjIxMTA4MDkzOTQzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZTJmMDdhYjYwMWEyNWUxZWZiM2NlMWE5ODZjMWFkNzYyOThjNWFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAquJF70BHm9bsLyuS86kVYExTHygZ
kuC3hxzCvGI40xOM1cPxtIXsOk5HSLXh2849BnosDYZJBRxhR0xDiCgCkuPmzGq5
ydKnJ20yXqJjji0rdmZSXPtDITsC7u+u/xBbFMU8lh2XuxcK+7GOIneznFttpwED
wLJIhoNXbtbUhmFp2IEEbrSYVf9IXbOmMEXzL8zT8x6dzmV/KBt0hmsyLcFoxnFp
+1n3G6ezpHsv/29g8rnTw9LCtNKLlwNf5KKK4O/u8tg3qnEkInyqxzFC5y5DYkpc
rCu3gXkk4panndN6GtxlywgRIAWqMnjSP6ozdzCUcTT3+7aP+XYW+pY6WQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFH4vB6tgGiXh77POGphsGtdimMWsMB8GA1UdIwQY
MBaAFDEYZ7un7szysEwSKrjsLPHnL8XqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTVJobnU2ZnV6UEt3VEJJcXVPd3M4ZWN2eGVvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS9mZTNkMWEtZWMwNy00MDMzLWI0MGMt
Y2EyNDM2MWU3ZTRkLzEvZmk4SHEyQWFKZUh2czg0YW1Hd2ExMktZeGF3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS9mZTNkMWEtZWMwNy00MDMzLWI0MGMtY2EyNDM2MWU3ZTRk
LzEvTVJobnU2ZnV6UEt3VEJJcXVPd3M4ZWN2eGVvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAUBAIAATAOMAwDBAMuEQgD
BAEuEQwwDgQCAAIwCAMGByoCKHAAMA0GCSqGSIb3DQEBCwUAA4IBAQAKNEym+4QR
RfXzxOOAMoTBrdzDDVBXubGBXytKufyXxGLOM2r1ocfyhRuoY6fhzJRj/4tgqV+P
5KYmeY3EL/Ihc0OSbAWQFBjE8PaQ0TkSJ3UR53AF3jtkp5ZHyASFvzgb8sFoisZ9
8PxoJPgutS452QAACqOQpx9e6HO605NjhYJreh6CwEuauqyhvP9DX7v5Syl0TF42
cbfS8Dz/BcWfxoyaFre9Sc885yD6PwfeIAV30UUAxkqQoY0LOwgr1vuPJ+sQSugO
3j8YK3lE0lOjezAvt8GqpN/d+L2PJ/mMW0+8NEsNtGXscfXXKiL+4hwZbNyEl+Dx
jdGYtsN+jRUP
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:09:42 2024 by rpki-client on console-ams.rpki-client.org