Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/6d5d75-4d1e-4697-b1d3-36e344abc9d3/1/Z9g77LaMzqcANcgQMBOJSHQM69o.roa
File: Z9g77LaMzqcANcgQMBOJSHQM69o.roa (raw, json)
Hash identifier: wm4Xz4ktuoZ4XmOral14a+3AJhhrnFaoiDXsKZkCLH4=
Subject key identifier: 67:D8:3B:EC:B6:8C:CE:A7:00:35:C8:10:30:13:89:48:74:0C:EB:DA
Certificate issuer: /CN=e37ee1eced19f8a0a3a635bfaa264293e3437795
Certificate serial: 34C4C474
Authority key identifier: E3:7E:E1:EC:ED:19:F8:A0:A3:A6:35:BF:AA:26:42:93:E3:43:77:95
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/437h7O0Z-KCjpjW_qiZCk-NDd5U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b8/6d5d75-4d1e-4697-b1d3-36e344abc9d3/1/Z9g77LaMzqcANcgQMBOJSHQM69o.roa
Signing time: Fri 11 Feb 2022 23:20:32 +0000
ROA not before: Fri 11 Feb 2022 23:20:32 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 203622
IP address blocks: 46.32.166.0/24 maxlen: 24
46.32.165.0/24 maxlen: 24
46.32.164.0/24 maxlen: 24
46.32.160.0/24 maxlen: 24
46.32.162.0/24 maxlen: 24
46.32.161.0/24 maxlen: 24
46.32.167.0/24 maxlen: 24
46.32.170.0/24 maxlen: 24
46.32.172.0/24 maxlen: 24
46.32.171.0/24 maxlen: 24
46.32.177.0/24 maxlen: 24
46.32.179.0/24 maxlen: 24
46.32.178.0/24 maxlen: 24
46.32.174.0/24 maxlen: 24
46.32.173.0/24 maxlen: 24
46.32.176.0/24 maxlen: 24
46.32.175.0/24 maxlen: 24
46.32.184.0/24 maxlen: 24
46.32.186.0/24 maxlen: 24
46.32.185.0/24 maxlen: 24
46.32.191.0/24 maxlen: 24
46.32.188.0/24 maxlen: 24
46.32.187.0/24 maxlen: 24
46.32.190.0/24 maxlen: 24
46.32.189.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 885310580 (0x34c4c474)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e37ee1eced19f8a0a3a635bfaa264293e3437795
Validity
Not Before: Feb 11 23:20:32 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=67d83becb68ccea70035c81030138948740cebda
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:f0:e7:39:63:78:87:f7:b7:d3:25:08:da:a7:
20:44:d0:a8:a7:45:8e:85:6a:6f:27:c4:4d:cf:7b:
22:cd:3c:31:d1:ec:ff:1e:6d:16:1e:ea:ed:6a:d7:
e5:e4:82:92:9e:cb:6c:bd:06:f7:09:99:8d:2c:13:
40:f7:72:c9:86:c0:03:4c:16:1b:54:76:13:e3:52:
a3:12:63:fc:15:b2:bb:30:68:27:a0:21:4a:db:7d:
00:09:48:94:68:04:47:b0:37:c2:94:14:72:70:8a:
5a:ba:fb:0a:f7:79:03:7b:5f:12:a2:cb:8b:92:3a:
a7:de:81:5f:17:34:a6:a1:20:48:22:d2:c6:30:15:
e1:53:fb:d6:9f:4c:6e:32:06:08:03:a8:a0:ec:24:
5b:14:01:f4:ee:c4:1b:00:bd:62:8a:94:68:25:09:
d0:20:a3:0c:93:60:ea:86:2b:1b:f4:c9:e9:90:88:
78:cf:fb:84:71:d1:a4:1c:91:f5:ed:bf:01:fb:65:
79:42:11:96:72:a0:ce:1d:3a:70:dd:9f:4c:c1:6d:
cc:f6:18:36:e0:ca:ad:33:12:db:e9:43:94:1a:33:
01:1c:99:ba:70:e1:2f:3c:8d:fd:a7:d0:c9:20:58:
d2:ac:4e:91:2b:82:f0:cb:32:41:6f:b9:92:86:07:
b5:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:D8:3B:EC:B6:8C:CE:A7:00:35:C8:10:30:13:89:48:74:0C:EB:DA
X509v3 Authority Key Identifier:
keyid:E3:7E:E1:EC:ED:19:F8:A0:A3:A6:35:BF:AA:26:42:93:E3:43:77:95
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/437h7O0Z-KCjpjW_qiZCk-NDd5U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/6d5d75-4d1e-4697-b1d3-36e344abc9d3/1/Z9g77LaMzqcANcgQMBOJSHQM69o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/6d5d75-4d1e-4697-b1d3-36e344abc9d3/1/437h7O0Z-KCjpjW_qiZCk-NDd5U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.32.160.0-46.32.162.255
46.32.164.0/22
46.32.170.0-46.32.179.255
46.32.184.0/21
Signature Algorithm: sha256WithRSAEncryption
2d:1e:25:03:b8:2e:52:9f:47:80:81:57:a8:e2:d6:fa:d4:f7:
dc:be:7c:cd:29:c6:68:7c:46:83:12:5d:03:62:59:52:1c:f9:
a3:2c:c3:03:fc:a4:8f:43:29:6e:19:f4:9a:32:4d:56:eb:58:
19:59:d8:58:98:d2:26:ac:cc:2b:9d:5e:7f:c8:d8:a2:ab:28:
d9:8d:8f:e6:20:94:6c:36:80:75:fe:b0:84:5a:12:c5:29:b5:
d7:6b:19:b9:ef:c2:ae:a0:63:9b:9c:54:08:7b:54:17:e0:35:
f1:30:f0:bb:d1:d7:b3:3e:01:06:1f:4d:0d:a8:ca:89:a8:2e:
9c:96:f7:11:d4:90:0a:ad:3e:86:15:ab:0e:81:aa:8e:c4:25:
5f:66:8d:31:ed:17:94:e3:f9:26:f3:2e:06:3f:03:06:36:18:
42:bd:a6:c4:cd:43:48:11:6a:1e:76:ff:c0:c2:d9:a4:3c:75:
69:a3:b0:35:b5:d5:0c:92:d5:ed:7e:de:2b:40:e0:74:61:a0:
21:66:51:d8:da:f5:32:d1:2a:41:63:17:7b:ea:7c:32:3b:f7:
5c:85:82:81:c8:f4:b9:8a:94:bb:fc:9b:ff:1c:9d:f7:fb:ab:
d6:a5:c5:83:cb:ca:2c:32:20:fb:db:b8:43:ed:4c:3b:b1:f9:
0f:47:42:36
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgIENMTEdDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhl
MzdlZTFlY2VkMTlmOGEwYTNhNjM1YmZhYTI2NDI5M2UzNDM3Nzk1MB4XDTIyMDIx
MTIzMjAzMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNjdkODNiZWNiNjhj
Y2VhNzAwMzVjODEwMzAxMzg5NDg3NDBjZWJkYTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALTw5zljeIf3t9MlCNqnIETQqKdFjoVqbyfETc97Is08MdHs
/x5tFh7q7WrX5eSCkp7LbL0G9wmZjSwTQPdyyYbAA0wWG1R2E+NSoxJj/BWyuzBo
J6AhStt9AAlIlGgER7A3wpQUcnCKWrr7Cvd5A3tfEqLLi5I6p96BXxc0pqEgSCLS
xjAV4VP71p9MbjIGCAOooOwkWxQB9O7EGwC9YoqUaCUJ0CCjDJNg6oYrG/TJ6ZCI
eM/7hHHRpByR9e2/AftleUIRlnKgzh06cN2fTMFtzPYYNuDKrTMS2+lDlBozARyZ
unDhLzyN/afQySBY0qxOkSuC8MsyQW+5koYHtX0CAwEAAaOCAiswggInMB0GA1Ud
DgQWBBRn2DvstozOpwA1yBAwE4lIdAzr2jAfBgNVHSMEGDAWgBTjfuHs7Rn4oKOm
Nb+qJkKT40N3lTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzQzN2g3TzBaLUtDanBqV19xaVpDay1ORGQ1VS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYjgvNmQ1ZDc1LTRkMWUtNDY5Ny1iMWQzLTM2ZTM0NGFiYzlkMy8x
L1o5Zzc3TGFNenFjQU5jZ1FNQk9KU0hRTTY5by5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjgv
NmQ1ZDc1LTRkMWUtNDY5Ny1iMWQzLTM2ZTM0NGFiYzlkMy8xLzQzN2g3TzBaLUtD
anBqV19xaVpDay1ORGQ1VS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBB
BggrBgEFBQcBBwEB/wQyMDAwLgQCAAEwKDAMAwQFLiCgAwQALiCiAwQCLiCkMAwD
BAEuIKoDBAIuILADBAMuILgwDQYJKoZIhvcNAQELBQADggEBAC0eJQO4LlKfR4CB
V6ji1vrU99y+fM0pxmh8RoMSXQNiWVIc+aMswwP8pI9DKW4Z9JoyTVbrWBlZ2FiY
0iaszCudXn/I2KKrKNmNj+YglGw2gHX+sIRaEsUptddrGbnvwq6gY5ucVAh7VBfg
NfEw8LvR17M+AQYfTQ2oyomoLpyW9xHUkAqtPoYVqw6Bqo7EJV9mjTHtF5Tj+Sbz
LgY/AwY2GEK9psTNQ0gRah52/8DC2aQ8dWmjsDW11QyS1e1+3itA4HRhoCFmUdja
9TLRKkFjF3vqfDI791yFgoHI9LmKlLv8m/8cnff7q9alxYPLyiwyIPvbuEPtTDux
+Q9HQjY=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:51:11 2024 by rpki-client on console-fra.rpki-client.org