Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e6/622981-9650-4271-92ca-7cfef4276a0f/1/A28_VSkn0RREqazBCmgtLR7Lv8E.roa
File: A28_VSkn0RREqazBCmgtLR7Lv8E.roa (raw, json)
Hash identifier: ybBkQaAhY9lhsnzZebmnPnB2bEwSU8lVp30MjbVUe2c=
Subject key identifier: 03:6F:3F:55:29:27:D1:14:44:A9:AC:C1:0A:68:2D:2D:1E:CB:BF:C1
Certificate issuer: /CN=5588f197f97e8900755544e810cddef9d90fbc41
Certificate serial: 09676A11
Authority key identifier: 55:88:F1:97:F9:7E:89:00:75:55:44:E8:10:CD:DE:F9:D9:0F:BC:41
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VYjxl_l-iQB1VUToEM3e-dkPvEE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e6/622981-9650-4271-92ca-7cfef4276a0f/1/A28_VSkn0RREqazBCmgtLR7Lv8E.roa
Signing time: Tue 05 Apr 2022 16:09:40 +0000
ROA not before: Tue 05 Apr 2022 16:09:40 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 399587
IP address blocks: 46.3.48.0/20 maxlen: 20
46.3.72.0/21 maxlen: 21
46.3.80.0/21 maxlen: 22
46.3.208.0/21 maxlen: 21
46.3.216.0/21 maxlen: 22
46.3.224.0/21 maxlen: 22
46.3.120.0/21 maxlen: 22
46.3.32.0/19 maxlen: 22
46.3.32.0/20 maxlen: 20
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 157772305 (0x9676a11)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5588f197f97e8900755544e810cddef9d90fbc41
Validity
Not Before: Apr 5 16:09:40 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=036f3f552927d11444a9acc10a682d2d1ecbbfc1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:72:02:f5:62:d0:c4:e3:10:ea:49:9e:7a:2e:
71:87:25:3c:17:eb:d3:d7:f1:a0:81:0e:1c:2e:ce:
08:49:cc:64:e0:2b:0b:f4:59:21:cc:74:1e:ab:e5:
61:7e:2c:d9:34:2c:bb:0b:9b:aa:97:ca:22:c0:a4:
1c:1e:55:a5:e3:e3:d4:e6:4b:f2:ad:c2:50:ee:8c:
f4:16:6c:4d:bd:af:89:9e:ab:ff:ef:36:40:86:a5:
5c:ba:1b:a1:7d:9b:bc:e2:a0:35:bf:eb:28:17:01:
d8:ec:67:ce:86:91:63:a7:81:ba:81:44:6d:4d:cf:
41:19:52:d6:61:12:33:20:e5:20:39:db:40:f3:44:
a1:25:26:83:c3:4d:94:91:af:21:20:ec:16:cd:2f:
ae:13:4d:ae:3b:8b:e0:c2:26:ca:0e:07:d0:e9:e4:
b5:6d:1b:5a:bd:cc:71:9f:78:01:ab:2a:38:d1:1a:
4d:fb:36:a1:46:57:a1:0f:f0:2a:51:cf:7d:c1:28:
24:20:a2:b6:bd:df:63:ba:73:58:be:ee:5f:93:1e:
ce:9f:39:6a:85:2f:f5:79:9a:88:0e:88:33:90:87:
2f:ba:41:bf:69:9d:17:f1:ba:f3:aa:3c:85:e7:34:
26:55:66:1b:27:9e:6a:bd:c8:cf:3d:35:c6:af:c6:
ac:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:6F:3F:55:29:27:D1:14:44:A9:AC:C1:0A:68:2D:2D:1E:CB:BF:C1
X509v3 Authority Key Identifier:
keyid:55:88:F1:97:F9:7E:89:00:75:55:44:E8:10:CD:DE:F9:D9:0F:BC:41
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VYjxl_l-iQB1VUToEM3e-dkPvEE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/622981-9650-4271-92ca-7cfef4276a0f/1/A28_VSkn0RREqazBCmgtLR7Lv8E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/622981-9650-4271-92ca-7cfef4276a0f/1/VYjxl_l-iQB1VUToEM3e-dkPvEE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.3.32.0/19
46.3.72.0-46.3.87.255
46.3.120.0/21
46.3.208.0-46.3.231.255
Signature Algorithm: sha256WithRSAEncryption
51:ba:0c:df:94:73:f8:c0:e3:51:97:64:8d:37:65:38:ed:3f:
58:c9:0c:0b:b4:ae:0c:60:6d:81:4e:50:ac:60:c9:01:cc:ce:
e5:c8:3d:a2:b2:36:6d:ee:0e:e6:37:11:64:42:12:b2:a7:8e:
63:d6:1d:9d:b8:b2:11:ca:bc:a5:f4:6c:4d:5f:f1:f7:51:34:
a6:3e:72:b1:0b:a8:bb:63:d7:f9:c0:44:0a:44:0c:d0:b7:e8:
6e:7b:b2:43:0e:36:85:f7:d6:e3:62:1d:08:98:a1:68:74:f0:
75:45:53:d5:9e:31:0a:70:52:22:8b:42:6b:8f:7b:cd:21:6b:
f8:5b:cb:b3:a9:5c:95:1d:5b:57:99:7b:81:42:95:cb:41:1d:
dc:7a:81:45:2e:61:be:e8:f6:5d:fc:f9:fc:fb:55:21:22:98:
f2:b5:b3:3a:fd:6f:e1:24:75:41:e3:04:cc:63:35:b6:eb:3c:
1d:4a:91:0d:19:ed:0f:37:15:1c:9a:30:cd:18:f8:c7:12:5b:
01:43:e8:97:aa:7a:22:36:f8:10:81:f8:a0:4b:13:30:e5:65:
23:bd:8e:3a:39:83:14:1a:c4:30:c0:90:fc:27:91:9b:79:1c:
7d:7e:13:fa:11:8f:a4:17:f0:60:ce:24:64:33:7d:25:e3:0c:
85:73:c8:52
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgIECWdqETANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg1
NTg4ZjE5N2Y5N2U4OTAwNzU1NTQ0ZTgxMGNkZGVmOWQ5MGZiYzQxMB4XDTIyMDQw
NTE2MDk0MFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMDM2ZjNmNTUyOTI3
ZDExNDQ0YTlhY2MxMGE2ODJkMmQxZWNiYmZjMTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMVyAvVi0MTjEOpJnnoucYclPBfr09fxoIEOHC7OCEnMZOAr
C/RZIcx0HqvlYX4s2TQsuwubqpfKIsCkHB5VpePj1OZL8q3CUO6M9BZsTb2viZ6r
/+82QIalXLoboX2bvOKgNb/rKBcB2OxnzoaRY6eBuoFEbU3PQRlS1mESMyDlIDnb
QPNEoSUmg8NNlJGvISDsFs0vrhNNrjuL4MImyg4H0OnktW0bWr3McZ94AasqONEa
Tfs2oUZXoQ/wKlHPfcEoJCCitr3fY7pzWL7uX5Mezp85aoUv9XmaiA6IM5CHL7pB
v2mdF/G686o8hec0JlVmGyeear3Izz01xq/GrGECAwEAAaOCAiswggInMB0GA1Ud
DgQWBBQDbz9VKSfRFESprMEKaC0tHsu/wTAfBgNVHSMEGDAWgBRViPGX+X6JAHVV
ROgQzd752Q+8QTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1ZZanhsX2wtaVFCMVZVVG9FTTNlLWRrUHZFRS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZTYvNjIyOTgxLTk2NTAtNDI3MS05MmNhLTdjZmVmNDI3NmEwZi8x
L0EyOF9WU2tuMFJSRXFhekJDbWd0TFI3THY4RS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZTYv
NjIyOTgxLTk2NTAtNDI3MS05MmNhLTdjZmVmNDI3NmEwZi8xL1ZZanhsX2wtaVFC
MVZVVG9FTTNlLWRrUHZFRS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBB
BggrBgEFBQcBBwEB/wQyMDAwLgQCAAEwKAMEBS4DIDAMAwQDLgNIAwQDLgNQAwQD
LgN4MAwDBAQuA9ADBAMuA+AwDQYJKoZIhvcNAQELBQADggEBAFG6DN+Uc/jA41GX
ZI03ZTjtP1jJDAu0rgxgbYFOUKxgyQHMzuXIPaKyNm3uDuY3EWRCErKnjmPWHZ24
shHKvKX0bE1f8fdRNKY+crELqLtj1/nARApEDNC36G57skMONoX31uNiHQiYoWh0
8HVFU9WeMQpwUiKLQmuPe80ha/hby7OpXJUdW1eZe4FClctBHdx6gUUuYb7o9l38
+fz7VSEimPK1szr9b+EkdUHjBMxjNbbrPB1KkQ0Z7Q83FRyaMM0Y+McSWwFD6Jeq
eiI2+BCB+KBLEzDlZSO9jjo5gxQaxDDAkPwnkZt5HH1+E/oRj6QX8GDOJGQzfSXj
DIVzyFI=
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:10:55 2025 by rpki-client