Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e6/622981-9650-4271-92ca-7cfef4276a0f/1/HopUeddbJv4-PBKGUOU4rjtSXVY.roa
File: HopUeddbJv4-PBKGUOU4rjtSXVY.roa (raw, json)
Hash identifier: wYqq9QPYl3upwOIDc2O8j3vCIjleIuvp/aZFefurkMs=
Subject key identifier: 1E:8A:54:79:D7:5B:26:FE:3E:3C:12:86:50:E5:38:AE:3B:52:5D:56
Certificate issuer: /CN=5588f197f97e8900755544e810cddef9d90fbc41
Certificate serial: 0186CD9A65C6A2A2286FD29795051D580DFF
Authority key identifier: 55:88:F1:97:F9:7E:89:00:75:55:44:E8:10:CD:DE:F9:D9:0F:BC:41
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VYjxl_l-iQB1VUToEM3e-dkPvEE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e6/622981-9650-4271-92ca-7cfef4276a0f/1/HopUeddbJv4-PBKGUOU4rjtSXVY.roa
Signing time: Fri 10 Mar 2023 22:18:13 +0000
ROA not before: Fri 10 Mar 2023 22:18:13 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 393427
IP address blocks: 46.3.160.0/24 maxlen: 24
46.3.161.0/24 maxlen: 24
46.3.162.0/24 maxlen: 24
46.3.163.0/24 maxlen: 24
46.3.184.0/24 maxlen: 24
46.3.185.0/24 maxlen: 24
46.3.186.0/24 maxlen: 24
46.3.187.0/24 maxlen: 24
46.3.188.0/24 maxlen: 24
46.3.189.0/24 maxlen: 24
46.3.101.0/24 maxlen: 24
46.3.88.0/24 maxlen: 24
46.3.89.0/24 maxlen: 24
46.3.90.0/24 maxlen: 24
46.3.91.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:cd:9a:65:c6:a2:a2:28:6f:d2:97:95:05:1d:58:0d:ff
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5588f197f97e8900755544e810cddef9d90fbc41
Validity
Not Before: Mar 10 22:18:13 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1e8a5479d75b26fe3e3c128650e538ae3b525d56
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:dc:a8:ab:b7:48:d3:5d:6e:2b:9a:99:56:94:
ef:99:7c:c2:f2:5c:66:1d:2f:32:c8:bc:50:02:81:
05:3f:ff:78:c4:a9:e3:69:ea:c4:aa:ca:56:68:7c:
a6:74:ea:3a:cd:13:0b:ba:7a:62:0b:7b:a4:07:ae:
35:4b:c1:c5:8a:66:15:46:e1:da:0f:70:b3:96:d4:
9f:51:6a:0e:e3:88:00:19:eb:e9:ec:8e:60:04:fb:
17:76:1f:24:b5:31:f6:86:17:ec:b0:2d:81:ee:51:
7b:40:f2:46:ab:17:89:3f:80:6f:4b:c7:8d:7d:83:
e6:3b:a0:da:ee:94:9c:b7:00:c2:1e:36:bc:ca:33:
86:d0:dc:ba:53:7f:7e:ce:dd:0a:c5:f7:89:b5:1f:
fa:b3:e8:6d:62:0c:a7:82:5b:73:b4:00:b6:b7:e5:
07:eb:cd:08:bd:42:b9:4d:13:8a:19:ad:83:67:c4:
8b:93:22:78:fd:87:f0:e4:20:02:64:d5:ca:92:4f:
f4:d5:92:c3:91:f2:31:d4:db:92:1a:51:4a:ed:ea:
87:62:a9:fa:1e:6a:d3:37:e1:b0:bf:68:e0:c0:0e:
03:21:fb:04:fd:a6:11:03:8c:35:14:81:db:8b:e0:
cb:f0:1c:11:2a:6a:5b:1e:ce:1c:21:bc:aa:67:fb:
20:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:8A:54:79:D7:5B:26:FE:3E:3C:12:86:50:E5:38:AE:3B:52:5D:56
X509v3 Authority Key Identifier:
keyid:55:88:F1:97:F9:7E:89:00:75:55:44:E8:10:CD:DE:F9:D9:0F:BC:41
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VYjxl_l-iQB1VUToEM3e-dkPvEE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/622981-9650-4271-92ca-7cfef4276a0f/1/HopUeddbJv4-PBKGUOU4rjtSXVY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/622981-9650-4271-92ca-7cfef4276a0f/1/VYjxl_l-iQB1VUToEM3e-dkPvEE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.3.88.0/22
46.3.101.0/24
46.3.160.0/22
46.3.184.0-46.3.189.255
Signature Algorithm: sha256WithRSAEncryption
1a:5d:38:34:ec:03:56:6c:ec:09:5f:1f:59:0a:ab:70:eb:a8:
f3:0f:59:d7:4b:1c:17:35:f2:eb:af:8b:17:5c:c7:dd:e9:bb:
68:61:b3:72:d1:18:d8:ea:2e:90:08:fb:5e:a0:3d:a5:fc:3d:
14:01:21:08:47:ba:35:b0:43:ad:21:e9:0c:39:4c:52:59:51:
0a:31:14:ee:fc:a8:45:42:71:e0:91:f8:00:8e:64:7c:39:92:
74:dc:76:82:c5:47:5f:ac:8d:b7:f1:07:34:48:dc:cb:25:ec:
d7:66:ae:e5:9b:5f:a1:56:c9:92:da:72:21:6c:d6:09:68:2d:
f5:a8:39:fe:d9:14:36:e8:4e:7f:d7:a5:fb:a1:69:59:8d:b0:
2a:5d:00:cf:e6:22:27:8a:a1:a4:ea:c9:70:e5:a6:1c:cb:83:
44:bd:26:61:be:50:e6:46:a8:9a:fb:2b:cc:22:c8:ed:ed:c8:
aa:d9:87:a4:26:99:5d:64:c3:31:29:cc:c5:b8:e8:bf:73:05:
48:2a:df:9a:85:66:62:7a:c8:fd:f4:e2:f4:98:2c:2d:60:a6:
a6:c9:dc:3d:a4:de:88:ac:49:66:7e:3e:17:87:42:0f:f7:f1:
4d:85:c9:14:3c:c8:01:c5:0e:68:a7:5a:35:64:0a:86:47:ff:
e7:88:e6:90
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAYbNmmXGoqIob9KXlQUdWA3/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU1ODhmMTk3Zjk3ZTg5MDA3NTU1NDRlODEwY2RkZWY5ZDkw
ZmJjNDEwHhcNMjMwMzEwMjIxODEzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZThhNTQ3OWQ3NWIyNmZlM2UzYzEyODY1MGU1MzhhZTNiNTI1ZDU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAntyoq7dI011uK5qZVpTvmXzC8lxm
HS8yyLxQAoEFP/94xKnjaerEqspWaHymdOo6zRMLunpiC3ukB641S8HFimYVRuHa
D3CzltSfUWoO44gAGevp7I5gBPsXdh8ktTH2hhfssC2B7lF7QPJGqxeJP4BvS8eN
fYPmO6Da7pSctwDCHja8yjOG0Ny6U39+zt0KxfeJtR/6s+htYgyngltztAC2t+UH
680IvUK5TROKGa2DZ8SLkyJ4/Yfw5CACZNXKkk/01ZLDkfIx1NuSGlFK7eqHYqn6
HmrTN+Gwv2jgwA4DIfsE/aYRA4w1FIHbi+DL8BwRKmpbHs4cIbyqZ/sgmQIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFB6KVHnXWyb+PjwShlDlOK47Ul1WMB8GA1UdIwQY
MBaAFFWI8Zf5fokAdVVE6BDN3vnZD7xBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVllqeGxfbC1pUUIxVlVUb0VNM2UtZGtQdkVFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNi82MjI5ODEtOTY1MC00MjcxLTkyY2Et
N2NmZWY0Mjc2YTBmLzEvSG9wVWVkZGJKdjQtUEJLR1VPVTRyanRTWFZZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNi82MjI5ODEtOTY1MC00MjcxLTkyY2EtN2NmZWY0Mjc2YTBm
LzEvVllqeGxfbC1pUUIxVlVUb0VNM2UtZGtQdkVFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQCLgNYAwQA
LgNlAwQCLgOgMAwDBAMuA7gDBAEuA7wwDQYJKoZIhvcNAQELBQADggEBABpdODTs
A1Zs7AlfH1kKq3DrqPMPWddLHBc18uuvixdcx93pu2hhs3LRGNjqLpAI+16gPaX8
PRQBIQhHujWwQ60h6Qw5TFJZUQoxFO78qEVCceCR+ACOZHw5knTcdoLFR1+sjbfx
BzRI3Msl7NdmruWbX6FWyZLaciFs1gloLfWoOf7ZFDboTn/XpfuhaVmNsCpdAM/m
IieKoaTqyXDlphzLg0S9JmG+UOZGqJr7K8wiyO3tyKrZh6QmmV1kwzEpzMW46L9z
BUgq35qFZmJ6yP304vSYLC1gpqbJ3D2k3oisSWZ+PheHQg/38U2FyRQ8yAHFDmin
WjVkCoZH/+eI5pA=
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:07:58 2025 by rpki-client