Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/01/d13658-af7e-4d6e-82ef-6e0696fee8e6/1/THo1FeLU-WqyS__6VqM_smHDwME.roa
File: THo1FeLU-WqyS__6VqM_smHDwME.roa (raw, json)
Hash identifier: nR81PbEeM1RTGM7quB7Pp+V7bLv0T09C8yMDLw2LKeo=
Subject key identifier: 4C:7A:35:15:E2:D4:F9:6A:B2:4B:FF:FA:56:A3:3F:B2:61:C3:C0:C1
Certificate issuer: /CN=f497673c78efae5f6bd80a25ace3d3c37193e789
Certificate serial: 10F789EE
Authority key identifier: F4:97:67:3C:78:EF:AE:5F:6B:D8:0A:25:AC:E3:D3:C3:71:93:E7:89
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9JdnPHjvrl9r2AolrOPTw3GT54k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/01/d13658-af7e-4d6e-82ef-6e0696fee8e6/1/THo1FeLU-WqyS__6VqM_smHDwME.roa
Signing time: Sat 01 Jan 2022 15:55:19 +0000
ROA not before: Sat 01 Jan 2022 15:55:19 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 30844
IP address blocks: 46.17.232.0/21 maxlen: 24
77.246.48.0/20 maxlen: 24
217.15.112.0/20 maxlen: 24
217.74.224.0/20 maxlen: 24
5.11.8.0/21 maxlen: 24
185.25.208.0/22 maxlen: 24
2a01:410:2::/48 maxlen: 48
2a01:410::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 284658158 (0x10f789ee)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f497673c78efae5f6bd80a25ace3d3c37193e789
Validity
Not Before: Jan 1 15:55:19 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=4c7a3515e2d4f96ab24bfffa56a33fb261c3c0c1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:78:11:f3:83:fa:30:47:2f:a6:ce:b1:9a:0b:
9b:d1:52:8b:6e:cc:27:cc:55:a6:79:40:cf:63:ca:
9b:f4:e9:77:fc:aa:be:5f:8d:ce:27:54:d0:0c:5c:
42:85:70:92:5b:74:48:8b:b6:68:e6:dc:49:ad:ff:
64:ab:0e:d7:ac:aa:49:10:40:fe:33:b1:b3:d8:2a:
5b:55:15:7b:da:67:4b:b8:18:fa:c6:88:be:a0:18:
c6:f2:8b:0e:e4:07:ff:61:1e:9f:2d:eb:f8:d0:2f:
8d:f8:12:09:e0:4f:d7:b9:b4:b3:c8:43:3a:3e:3a:
27:01:99:0c:0f:f7:1e:fc:23:4c:6e:fc:73:b4:f0:
3c:3e:d6:90:da:22:f1:44:b3:6c:74:c1:04:40:0e:
73:f5:7a:4e:2c:e1:d0:ca:36:15:7c:d6:cb:25:c6:
f6:e3:eb:63:0d:8d:15:6a:b8:2e:e1:aa:b6:ed:04:
28:8c:98:08:66:ef:54:bc:d4:e8:a1:5f:12:b9:20:
9d:52:d8:45:0e:af:fb:b8:8c:48:8a:db:d7:55:9a:
1b:a7:5b:91:c8:02:f3:8d:85:22:88:4c:29:00:18:
7b:5a:15:93:95:5c:ed:19:ee:ea:46:01:cd:1c:22:
f3:67:8a:01:02:44:e8:4b:82:97:0d:75:9d:9b:9c:
3d:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:7A:35:15:E2:D4:F9:6A:B2:4B:FF:FA:56:A3:3F:B2:61:C3:C0:C1
X509v3 Authority Key Identifier:
keyid:F4:97:67:3C:78:EF:AE:5F:6B:D8:0A:25:AC:E3:D3:C3:71:93:E7:89
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9JdnPHjvrl9r2AolrOPTw3GT54k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/01/d13658-af7e-4d6e-82ef-6e0696fee8e6/1/THo1FeLU-WqyS__6VqM_smHDwME.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/01/d13658-af7e-4d6e-82ef-6e0696fee8e6/1/9JdnPHjvrl9r2AolrOPTw3GT54k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.11.8.0/21
46.17.232.0/21
77.246.48.0/20
185.25.208.0/22
217.15.112.0/20
217.74.224.0/20
IPv6:
2a01:410::/32
Signature Algorithm: sha256WithRSAEncryption
8c:3d:3d:c2:fd:be:6d:d4:cb:74:74:53:3e:f6:e3:8f:fc:a8:
27:9f:1f:70:4f:16:1a:06:35:2c:c9:db:64:02:07:b5:74:5d:
6b:f9:50:f7:14:9f:04:d2:fb:79:f0:1a:1c:db:28:d4:a5:45:
47:01:80:90:41:36:ff:e7:09:20:95:20:4e:d4:56:81:eb:6c:
de:33:6e:23:eb:aa:b8:cf:03:99:bc:1f:2a:71:3a:6c:e3:20:
3b:ec:01:74:c0:99:d9:2b:21:e0:98:4a:0c:a1:8f:41:2f:13:
04:eb:b3:8a:79:ba:71:02:4f:8b:9f:bd:38:5b:a2:70:00:3b:
07:12:80:19:e3:0d:8e:62:50:0d:99:25:a5:df:c2:d7:c6:6b:
0a:79:fe:c2:e9:f2:61:af:e7:eb:96:67:27:9b:dc:10:18:42:
09:99:7a:19:66:64:48:d6:e3:9d:5b:e6:d6:4f:5b:8b:57:26:
c9:90:44:dd:60:8e:01:29:cf:da:34:9a:5d:55:f7:d5:5f:b0:
ff:e6:1d:46:5c:21:49:a1:d8:23:0f:32:da:6b:62:92:59:92:
ed:3b:f9:0c:27:1b:df:0b:f8:0d:bf:38:c8:9a:05:bc:08:d8:
0e:42:17:63:11:66:99:b4:d9:10:63:13:d3:48:0c:7e:f8:b3:
17:63:33:79
-----BEGIN CERTIFICATE-----
MIIFHDCCBASgAwIBAgIEEPeJ7jANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
NDk3NjczYzc4ZWZhZTVmNmJkODBhMjVhY2UzZDNjMzcxOTNlNzg5MB4XDTIyMDEw
MTE1NTUxOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNGM3YTM1MTVlMmQ0
Zjk2YWIyNGJmZmZhNTZhMzNmYjI2MWMzYzBjMTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAI94EfOD+jBHL6bOsZoLm9FSi27MJ8xVpnlAz2PKm/Tpd/yq
vl+NzidU0AxcQoVwklt0SIu2aObcSa3/ZKsO16yqSRBA/jOxs9gqW1UVe9pnS7gY
+saIvqAYxvKLDuQH/2Eeny3r+NAvjfgSCeBP17m0s8hDOj46JwGZDA/3HvwjTG78
c7TwPD7WkNoi8USzbHTBBEAOc/V6Tizh0Mo2FXzWyyXG9uPrYw2NFWq4LuGqtu0E
KIyYCGbvVLzU6KFfErkgnVLYRQ6v+7iMSIrb11WaG6dbkcgC842FIohMKQAYe1oV
k5Vc7Rnu6kYBzRwi82eKAQJE6EuClw11nZucPXsCAwEAAaOCAjYwggIyMB0GA1Ud
DgQWBBRMejUV4tT5arJL//pWoz+yYcPAwTAfBgNVHSMEGDAWgBT0l2c8eO+uX2vY
CiWs49PDcZPniTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzlKZG5QSGp2cmw5cjJBb2xyT1BUdzNHVDU0ay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMDEvZDEzNjU4LWFmN2UtNGQ2ZS04MmVmLTZlMDY5NmZlZThlNi8x
L1RIbzFGZUxVLVdxeVNfXzZWcU1fc21IRHdNRS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMDEv
ZDEzNjU4LWFmN2UtNGQ2ZS04MmVmLTZlMDY5NmZlZThlNi8xLzlKZG5QSGp2cmw5
cjJBb2xyT1BUdzNHVDU0ay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBM
BggrBgEFBQcBBwEB/wQ9MDswKgQCAAEwJAMEAwULCAMEAy4R6AMEBE32MAMEArkZ
0AMEBNkPcAMEBNlK4DANBAIAAjAHAwUAKgEEEDANBgkqhkiG9w0BAQsFAAOCAQEA
jD09wv2+bdTLdHRTPvbjj/yoJ58fcE8WGgY1LMnbZAIHtXRda/lQ9xSfBNL7efAa
HNso1KVFRwGAkEE2/+cJIJUgTtRWgets3jNuI+uquM8DmbwfKnE6bOMgO+wBdMCZ
2Ssh4JhKDKGPQS8TBOuzinm6cQJPi5+9OFuicAA7BxKAGeMNjmJQDZklpd/C18Zr
Cnn+wunyYa/n65ZnJ5vcEBhCCZl6GWZkSNbjnVvm1k9bi1cmyZBE3WCOASnP2jSa
XVX31V+w/+YdRlwhSaHYIw8y2mtiklmS7Tv5DCcb3wv4Db84yJoFvAjYDkIXYxFm
mbTZEGMT00gMfvizF2MzeQ==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:42:20 2023 by rpki-client on console-fra.rpki-client.org