Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7b/faea43-f333-4509-a6db-3ac96be285e0/1/oMWKl4jPn1qEY0gc_uYY66kl23w.roa
File: oMWKl4jPn1qEY0gc_uYY66kl23w.roa (raw, json)
Hash identifier: sUp180AN7Mh1P2ZY1iH90grz59We7ySYgoUXmOohY78=
Subject key identifier: A0:C5:8A:97:88:CF:9F:5A:84:63:48:1C:FE:E6:18:EB:A9:25:DB:7C
Certificate issuer: /CN=859d5177077b90818c6f90ae4e44332d8cacbb74
Certificate serial: 383467DE
Authority key identifier: 85:9D:51:77:07:7B:90:81:8C:6F:90:AE:4E:44:33:2D:8C:AC:BB:74
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hZ1Rdwd7kIGMb5CuTkQzLYysu3Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7b/faea43-f333-4509-a6db-3ac96be285e0/1/oMWKl4jPn1qEY0gc_uYY66kl23w.roa
Signing time: Sat 01 Jan 2022 09:01:36 +0000
ROA not before: Sat 01 Jan 2022 09:01:36 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 50583
IP address blocks: 46.33.160.0/24 maxlen: 24
46.33.160.0/19 maxlen: 19
46.33.162.0/24 maxlen: 24
46.33.161.0/24 maxlen: 24
46.33.164.0/24 maxlen: 24
46.33.163.0/24 maxlen: 24
46.33.166.0/24 maxlen: 24
46.33.165.0/24 maxlen: 24
46.33.172.0/24 maxlen: 24
46.33.167.0/24 maxlen: 24
46.33.169.0/24 maxlen: 24
46.33.168.0/24 maxlen: 24
46.33.171.0/24 maxlen: 24
46.33.170.0/24 maxlen: 24
195.191.172.0/24 maxlen: 24
195.191.172.0/23 maxlen: 23
195.191.173.0/24 maxlen: 24
46.33.175.0/24 maxlen: 24
46.33.173.0/24 maxlen: 24
46.33.174.0/24 maxlen: 24
46.33.176.0/24 maxlen: 24
46.33.178.0/24 maxlen: 24
185.173.125.0/24 maxlen: 24
185.173.124.0/22 maxlen: 22
185.173.124.0/24 maxlen: 24
46.33.177.0/24 maxlen: 24
46.33.179.0/24 maxlen: 24
46.33.186.0/24 maxlen: 24
46.33.180.0/24 maxlen: 24
185.173.126.0/24 maxlen: 24
46.33.181.0/24 maxlen: 24
185.173.127.0/24 maxlen: 24
46.33.183.0/24 maxlen: 24
46.33.182.0/24 maxlen: 24
46.33.185.0/24 maxlen: 24
46.33.184.0/24 maxlen: 24
46.33.187.0/24 maxlen: 24
46.33.188.0/24 maxlen: 24
46.33.190.0/24 maxlen: 24
46.33.189.0/24 maxlen: 24
46.33.191.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 942958558 (0x383467de)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=859d5177077b90818c6f90ae4e44332d8cacbb74
Validity
Not Before: Jan 1 09:01:36 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a0c58a9788cf9f5a8463481cfee618eba925db7c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:c5:98:86:e6:e6:d9:c6:3d:9f:e6:77:84:ac:
61:7d:1d:43:7e:5f:07:79:cd:e1:17:4d:e1:43:75:
78:b1:15:d1:a3:33:cd:0d:f4:ba:00:f9:d2:7f:fc:
ef:ea:b8:fa:c3:3f:8b:09:cc:12:08:4d:7e:c4:57:
e8:6b:48:ce:08:ec:25:6c:b3:12:22:0f:7f:c2:96:
94:e8:bc:ba:fa:77:61:2b:f4:7c:de:f9:f0:13:34:
cc:1f:60:be:03:88:05:22:f2:c6:46:32:4f:8f:f2:
85:16:ea:83:e4:bd:0f:a5:af:05:c4:8f:9e:f0:5e:
d7:35:31:e1:13:ba:60:21:5c:01:a3:13:c5:a9:b4:
1d:4c:f7:23:91:1d:f2:f8:16:f2:38:c8:fa:67:0f:
b0:d2:5a:1a:21:f3:33:57:4a:54:b5:53:fc:76:96:
80:a9:e9:4d:32:2e:4c:f6:fc:74:25:4e:5a:58:cc:
5f:8e:99:3e:5a:02:90:bd:d8:39:fa:6b:6b:40:c6:
c8:3b:22:6f:3b:dc:e9:d2:4c:41:d9:f6:8c:5e:c6:
70:6a:b8:38:77:a5:7d:fd:24:49:83:70:4b:c3:a8:
3c:84:43:7f:4a:e9:f0:c8:08:82:c1:af:56:3d:11:
a0:91:a9:0c:bc:93:16:06:d2:eb:74:92:86:25:1f:
91:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:C5:8A:97:88:CF:9F:5A:84:63:48:1C:FE:E6:18:EB:A9:25:DB:7C
X509v3 Authority Key Identifier:
keyid:85:9D:51:77:07:7B:90:81:8C:6F:90:AE:4E:44:33:2D:8C:AC:BB:74
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hZ1Rdwd7kIGMb5CuTkQzLYysu3Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/faea43-f333-4509-a6db-3ac96be285e0/1/oMWKl4jPn1qEY0gc_uYY66kl23w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/faea43-f333-4509-a6db-3ac96be285e0/1/hZ1Rdwd7kIGMb5CuTkQzLYysu3Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.33.160.0/19
185.173.124.0/22
195.191.172.0/23
Signature Algorithm: sha256WithRSAEncryption
a5:ea:0b:7e:91:75:8d:09:5d:53:fd:15:5c:6f:a7:c1:4a:41:
57:1a:4c:2e:c0:8a:2d:35:08:23:8a:c9:98:c1:d2:0b:d0:be:
a8:62:26:4e:8c:2b:53:0c:e6:3d:46:e8:1a:06:f6:0e:97:a8:
57:ed:07:ea:bd:db:10:68:e4:51:cd:9b:da:61:ef:42:92:d8:
db:8b:fb:c3:ed:04:3b:a7:3d:0d:70:b1:61:ce:49:32:95:13:
1d:9d:7b:35:a0:39:ba:9b:99:7f:49:9e:eb:a4:9c:2c:67:b1:
cd:86:53:e2:44:3e:e3:bd:dc:18:37:bb:66:66:6d:a6:6e:09:
39:34:0d:a4:e7:20:a7:14:00:d3:54:1e:5b:1d:b5:d5:29:df:
a7:b3:79:d3:b0:d4:14:dd:aa:2a:40:50:b1:35:01:7d:16:41:
a7:04:91:64:4b:25:a9:ca:d3:f8:2a:50:a2:0a:d8:37:57:31:
29:7c:69:4d:3b:7b:9f:3f:ed:03:37:a3:89:b2:a5:4b:d5:1f:
da:43:c1:31:8c:2d:41:39:b7:ca:a0:3c:31:84:71:a7:c0:e5:
8c:97:a5:7c:2c:6a:61:f7:e0:d5:2a:cf:84:13:24:62:32:59:
8f:9f:03:e1:dc:ad:5c:ab:c2:2e:30:80:12:22:62:b6:6b:51:
c7:a0:b6:4a
-----BEGIN CERTIFICATE-----
MIIE+zCCA+OgAwIBAgIEODRn3jANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
NTlkNTE3NzA3N2I5MDgxOGM2ZjkwYWU0ZTQ0MzMyZDhjYWNiYjc0MB4XDTIyMDEw
MTA5MDEzNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYTBjNThhOTc4OGNm
OWY1YTg0NjM0ODFjZmVlNjE4ZWJhOTI1ZGI3YzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKHFmIbm5tnGPZ/md4SsYX0dQ35fB3nN4RdN4UN1eLEV0aMz
zQ30ugD50n/87+q4+sM/iwnMEghNfsRX6GtIzgjsJWyzEiIPf8KWlOi8uvp3YSv0
fN758BM0zB9gvgOIBSLyxkYyT4/yhRbqg+S9D6WvBcSPnvBe1zUx4RO6YCFcAaMT
xam0HUz3I5Ed8vgW8jjI+mcPsNJaGiHzM1dKVLVT/HaWgKnpTTIuTPb8dCVOWljM
X46ZPloCkL3YOfpra0DGyDsibzvc6dJMQdn2jF7GcGq4OHelff0kSYNwS8OoPIRD
f0rp8MgIgsGvVj0RoJGpDLyTFgbS63SShiUfkakCAwEAAaOCAhUwggIRMB0GA1Ud
DgQWBBSgxYqXiM+fWoRjSBz+5hjrqSXbfDAfBgNVHSMEGDAWgBSFnVF3B3uQgYxv
kK5ORDMtjKy7dDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2haMVJkd2Q3a0lHTWI1Q3VUa1F6TFl5c3UzUS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvN2IvZmFlYTQzLWYzMzMtNDUwOS1hNmRiLTNhYzk2YmUyODVlMC8x
L29NV0tsNGpQbjFxRVkwZ2NfdVlZNjZrbDIzdy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvN2Iv
ZmFlYTQzLWYzMzMtNDUwOS1hNmRiLTNhYzk2YmUyODVlMC8xL2haMVJkd2Q3a0lH
TWI1Q3VUa1F6TFl5c3UzUS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAr
BggrBgEFBQcBBwEB/wQcMBowGAQCAAEwEgMEBS4hoAMEArmtfAMEAcO/rDANBgkq
hkiG9w0BAQsFAAOCAQEApeoLfpF1jQldU/0VXG+nwUpBVxpMLsCKLTUII4rJmMHS
C9C+qGImTowrUwzmPUboGgb2DpeoV+0H6r3bEGjkUc2b2mHvQpLY24v7w+0EO6c9
DXCxYc5JMpUTHZ17NaA5upuZf0me66ScLGexzYZT4kQ+473cGDe7ZmZtpm4JOTQN
pOcgpxQA01QeWx211Snfp7N507DUFN2qKkBQsTUBfRZBpwSRZEslqcrT+CpQogrY
N1cxKXxpTTt7nz/tAzejibKlS9Uf2kPBMYwtQTm3yqA8MYRxp8DljJelfCxqYffg
1SrPhBMkYjJZj58D4dytXKvCLjCAEiJitmtRx6C2Sg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:36:11 2024 by rpki-client on console-fra.rpki-client.org