Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e6/622981-9650-4271-92ca-7cfef4276a0f/1/FF9WaxjL9hogzGbkRtrqODapwWQ.roa
File: FF9WaxjL9hogzGbkRtrqODapwWQ.roa (raw, json)
Hash identifier: 5akReXTW3pBakyK0Jyh7ja5gMY30vNPTFuxW5GWOUdQ=
Subject key identifier: 14:5F:56:6B:18:CB:F6:1A:20:CC:66:E4:46:DA:EA:38:36:A9:C1:64
Certificate issuer: /CN=5588f197f97e8900755544e810cddef9d90fbc41
Certificate serial: 018241A84650C99802F7B9DEB0286CAD057B
Authority key identifier: 55:88:F1:97:F9:7E:89:00:75:55:44:E8:10:CD:DE:F9:D9:0F:BC:41
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VYjxl_l-iQB1VUToEM3e-dkPvEE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e6/622981-9650-4271-92ca-7cfef4276a0f/1/FF9WaxjL9hogzGbkRtrqODapwWQ.roa
Signing time: Wed 27 Jul 2022 21:55:23 +0000
ROA not before: Wed 27 Jul 2022 21:55:23 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 397423
IP address blocks: 46.232.64.0/21 maxlen: 24
46.3.160.0/22 maxlen: 24
46.3.72.0/21 maxlen: 24
46.3.208.0/21 maxlen: 24
46.3.224.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:41:a8:46:50:c9:98:02:f7:b9:de:b0:28:6c:ad:05:7b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5588f197f97e8900755544e810cddef9d90fbc41
Validity
Not Before: Jul 27 21:55:23 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=145f566b18cbf61a20cc66e446daea3836a9c164
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:a7:df:76:ee:d2:8f:57:5d:4a:08:bc:44:19:
fa:bd:11:19:ba:cd:e5:55:6e:f1:92:25:2e:3a:a1:
3f:51:61:e9:4f:3f:37:0a:3d:3c:ff:70:e3:25:4b:
ca:6b:e5:f2:43:36:c4:27:12:bb:d2:a9:a7:c7:a9:
87:f5:f8:85:e6:2a:f4:46:5f:97:15:10:ba:25:14:
94:db:cf:2c:5d:53:46:6c:b1:bb:4f:e5:a5:68:0d:
e7:99:d2:8c:db:9a:64:df:cd:ae:88:af:e1:b7:a6:
09:d9:af:93:43:8b:66:e4:72:54:6f:c9:69:1a:a4:
5d:35:a6:80:db:b7:ec:9c:7a:c5:33:d7:1f:ec:46:
34:e9:39:06:9a:2b:fc:13:f1:e4:ac:f4:00:6c:0d:
3a:5d:4b:e2:2d:eb:43:87:31:2d:fc:a5:70:ad:d2:
15:4f:7a:f8:6e:00:46:01:0f:dd:70:e9:3f:a0:5e:
97:db:fd:da:24:7e:2f:2c:ba:87:2f:73:52:a0:13:
a7:b6:58:35:08:2d:5f:50:8a:a7:77:f9:ee:93:c2:
df:fb:75:97:ef:13:4b:e0:a7:2e:2b:2f:7c:60:0c:
89:b6:9e:2a:fe:53:d9:cb:f6:ff:96:29:f3:36:b4:
b5:9e:53:91:f8:b0:43:f1:08:5a:90:3f:9f:35:a9:
00:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
14:5F:56:6B:18:CB:F6:1A:20:CC:66:E4:46:DA:EA:38:36:A9:C1:64
X509v3 Authority Key Identifier:
keyid:55:88:F1:97:F9:7E:89:00:75:55:44:E8:10:CD:DE:F9:D9:0F:BC:41
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VYjxl_l-iQB1VUToEM3e-dkPvEE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/622981-9650-4271-92ca-7cfef4276a0f/1/FF9WaxjL9hogzGbkRtrqODapwWQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/622981-9650-4271-92ca-7cfef4276a0f/1/VYjxl_l-iQB1VUToEM3e-dkPvEE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.3.72.0/21
46.3.160.0/22
46.3.208.0/21
46.3.224.0/22
46.232.64.0/21
Signature Algorithm: sha256WithRSAEncryption
37:fa:3b:d1:3f:0d:8a:97:47:23:0f:4f:00:14:0a:cd:ec:a8:
b3:90:2e:84:37:0a:0a:49:96:54:79:2d:4e:aa:a2:9f:95:dd:
96:c2:55:d8:f7:38:24:5d:05:dc:f5:65:97:80:93:ca:ad:62:
4e:b7:b0:c7:c0:1c:f5:e0:9d:61:64:e9:2b:b2:58:bf:7d:f4:
62:b0:ec:0f:7e:60:d6:e0:58:ba:c8:66:42:3d:e9:43:17:97:
02:9c:98:db:41:8a:98:54:97:46:e1:92:a8:2d:e5:3f:62:a5:
95:18:f0:a9:d9:d1:43:da:55:73:bc:aa:2b:c9:f3:f4:2f:0c:
71:84:07:8b:6b:2d:8d:6b:29:6d:87:3b:dd:c1:2f:b8:cf:f1:
90:2d:49:d4:67:2e:e9:89:4c:e2:b9:4f:26:e0:84:67:e4:59:
19:ff:5a:4c:a2:6f:92:19:34:7f:69:d0:a7:5c:ca:a4:76:e4:
56:ed:0a:b5:9d:40:a5:42:2b:ea:dc:78:84:4c:07:c4:52:3a:
63:f7:97:99:0f:42:cd:50:12:72:58:8e:07:7f:3a:53:ea:93:
7e:17:4a:44:84:68:6f:23:f5:84:1c:fc:1e:a6:b4:06:63:2b:
06:3c:e7:98:34:b1:8f:0b:d6:98:dd:99:dd:42:7c:44:32:61:
7e:08:cb:f0
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYJBqEZQyZgC97nesChsrQV7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU1ODhmMTk3Zjk3ZTg5MDA3NTU1NDRlODEwY2RkZWY5ZDkw
ZmJjNDEwHhcNMjIwNzI3MjE1NTIzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNDVmNTY2YjE4Y2JmNjFhMjBjYzY2ZTQ0NmRhZWEzODM2YTljMTY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg6ffdu7Sj1ddSgi8RBn6vREZus3l
VW7xkiUuOqE/UWHpTz83Cj08/3DjJUvKa+XyQzbEJxK70qmnx6mH9fiF5ir0Rl+X
FRC6JRSU288sXVNGbLG7T+WlaA3nmdKM25pk382uiK/ht6YJ2a+TQ4tm5HJUb8lp
GqRdNaaA27fsnHrFM9cf7EY06TkGmiv8E/HkrPQAbA06XUviLetDhzEt/KVwrdIV
T3r4bgBGAQ/dcOk/oF6X2/3aJH4vLLqHL3NSoBOntlg1CC1fUIqnd/nuk8Lf+3WX
7xNL4KcuKy98YAyJtp4q/lPZy/b/linzNrS1nlOR+LBD8QhakD+fNakAnQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFBRfVmsYy/YaIMxm5Eba6jg2qcFkMB8GA1UdIwQY
MBaAFFWI8Zf5fokAdVVE6BDN3vnZD7xBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVllqeGxfbC1pUUIxVlVUb0VNM2UtZGtQdkVFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNi82MjI5ODEtOTY1MC00MjcxLTkyY2Et
N2NmZWY0Mjc2YTBmLzEvRkY5V2F4akw5aG9nekdia1J0cnFPRGFwd1dRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNi82MjI5ODEtOTY1MC00MjcxLTkyY2EtN2NmZWY0Mjc2YTBm
LzEvVllqeGxfbC1pUUIxVlVUb0VNM2UtZGtQdkVFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQDLgNIAwQC
LgOgAwQDLgPQAwQCLgPgAwQDLuhAMA0GCSqGSIb3DQEBCwUAA4IBAQA3+jvRPw2K
l0cjD08AFArN7KizkC6ENwoKSZZUeS1OqqKfld2WwlXY9zgkXQXc9WWXgJPKrWJO
t7DHwBz14J1hZOkrsli/ffRisOwPfmDW4Fi6yGZCPelDF5cCnJjbQYqYVJdG4ZKo
LeU/YqWVGPCp2dFD2lVzvKoryfP0LwxxhAeLay2NaylthzvdwS+4z/GQLUnUZy7p
iUziuU8m4IRn5FkZ/1pMom+SGTR/adCnXMqkduRW7Qq1nUClQivq3HiETAfEUjpj
95eZD0LNUBJyWI4HfzpT6pN+F0pEhGhvI/WEHPweprQGYysGPOeYNLGPC9aY3Znd
QnxEMmF+CMvw
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:02:55 2025 by rpki-client