Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/07/011ef2-7012-4a6e-8a1c-0e0e137e5591/1/tl2CtNp2HF77FX6q_nSriXBM2u4.roa
File: tl2CtNp2HF77FX6q_nSriXBM2u4.roa (raw, json)
Hash identifier: JZ0QXjEr8ZfaBlYGAx1c3S6K1PvBVYY0+04/piH2FEI=
Subject key identifier: B6:5D:82:B4:DA:76:1C:5E:FB:15:7E:AA:FE:74:AB:89:70:4C:DA:EE
Certificate issuer: /CN=e520446f79ffc2d7c3a9ef340ce9de25723a719a
Certificate serial: 055118
Authority key identifier: E5:20:44:6F:79:FF:C2:D7:C3:A9:EF:34:0C:E9:DE:25:72:3A:71:9A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5SBEb3n_wtfDqe80DOneJXI6cZo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/07/011ef2-7012-4a6e-8a1c-0e0e137e5591/1/tl2CtNp2HF77FX6q_nSriXBM2u4.roa
Signing time: Thu 09 Jun 2022 17:16:02 +0000
ROA not before: Thu 09 Jun 2022 17:16:02 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 33993
IP address blocks: 46.160.192.0/21 maxlen: 21
46.160.200.0/21 maxlen: 21
46.160.208.0/21 maxlen: 21
217.194.240.0/20 maxlen: 20
46.160.216.0/21 maxlen: 21
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 348440 (0x55118)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e520446f79ffc2d7c3a9ef340ce9de25723a719a
Validity
Not Before: Jun 9 17:16:02 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=b65d82b4da761c5efb157eaafe74ab89704cdaee
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:f0:e6:4a:9f:59:e9:f8:3d:d9:80:dd:af:e8:
e7:f8:34:86:e6:a1:2c:db:50:14:a3:04:df:b3:78:
ed:bc:34:82:2a:15:75:fb:f4:f7:d9:a2:75:02:20:
f7:14:eb:ff:ba:8d:7e:0d:fc:13:43:d1:c4:c1:d6:
b8:04:41:2b:cb:68:8f:f1:78:e1:ec:7a:c6:3d:57:
7e:fc:cc:d3:eb:7b:23:b7:23:9b:a4:60:7c:86:e4:
f1:c5:59:0d:24:08:45:d0:16:dc:08:c2:2c:94:c9:
da:71:ed:1b:be:ca:f1:46:c1:42:33:77:85:53:88:
11:9f:c7:26:a4:1f:89:6b:ee:ff:39:d3:cb:e4:ff:
32:81:bb:95:3b:65:41:d5:0d:dd:58:ec:f0:02:bc:
e7:78:c7:e1:18:96:9f:59:48:ec:c2:de:5e:e2:25:
00:98:2c:0f:f3:5e:6c:6b:12:c7:50:71:d5:22:2d:
0d:8a:80:71:67:b5:41:8c:bb:5b:cc:f1:6a:39:5c:
bf:9c:36:bf:c5:00:af:a7:08:0b:9d:5b:73:54:4f:
c1:d0:96:13:80:7d:24:14:16:0e:69:19:90:3e:84:
3b:a0:a1:ae:1a:9f:5b:8f:8f:23:65:12:98:a2:6e:
aa:b8:1c:52:5e:ba:c4:d5:e8:f5:b5:20:5a:78:08:
4c:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:5D:82:B4:DA:76:1C:5E:FB:15:7E:AA:FE:74:AB:89:70:4C:DA:EE
X509v3 Authority Key Identifier:
keyid:E5:20:44:6F:79:FF:C2:D7:C3:A9:EF:34:0C:E9:DE:25:72:3A:71:9A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5SBEb3n_wtfDqe80DOneJXI6cZo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/07/011ef2-7012-4a6e-8a1c-0e0e137e5591/1/tl2CtNp2HF77FX6q_nSriXBM2u4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/07/011ef2-7012-4a6e-8a1c-0e0e137e5591/1/5SBEb3n_wtfDqe80DOneJXI6cZo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.160.192.0/19
217.194.240.0/20
Signature Algorithm: sha256WithRSAEncryption
a2:eb:7f:06:fb:8b:5a:d2:ce:2f:d2:4c:36:ce:07:dd:c6:60:
31:9b:e0:29:da:fc:18:07:05:f0:e5:a4:1e:4f:07:09:5c:74:
89:bb:ad:e9:39:09:91:de:2a:07:03:d4:68:4c:7b:ec:77:29:
ff:d9:30:ef:8d:0f:82:b4:73:39:d9:13:74:2d:06:92:f9:55:
3d:51:3c:9f:d4:4a:8d:19:c6:b2:e2:2d:90:da:31:f2:68:5c:
dd:e3:84:10:1b:ae:2a:3c:b9:33:35:d6:15:50:0a:26:0d:68:
27:7a:33:4d:b6:d9:76:8f:7a:79:99:1c:e2:ef:7a:08:b7:b3:
0d:12:06:29:c5:15:41:51:4a:75:54:14:01:ed:d2:e1:f6:a5:
b0:78:f3:b1:ec:9d:27:31:e0:d5:db:55:4a:b7:c6:dc:b3:12:
8b:a8:2c:bf:15:8a:9e:c9:f2:9a:b9:e3:6e:93:2d:dc:f7:e3:
2a:9e:4c:13:80:52:9a:29:ac:26:47:98:e0:d9:3d:1f:74:50:
bd:64:8a:3c:eb:12:12:f2:72:92:21:cb:ee:4c:bb:d1:18:4c:
23:b9:6b:99:3f:6f:0d:9e:f1:f2:8c:2b:5d:49:eb:c8:1c:4f:
57:4d:a4:c3:0f:ae:87:58:8d:1d:45:92:7c:0b:39:cc:94:36:
7d:c8:5d:03
-----BEGIN CERTIFICATE-----
MIIE9DCCA9ygAwIBAgIDBVEYMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGU1
MjA0NDZmNzlmZmMyZDdjM2E5ZWYzNDBjZTlkZTI1NzIzYTcxOWEwHhcNMjIwNjA5
MTcxNjAyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyhiNjVkODJiNGRhNzYx
YzVlZmIxNTdlYWFmZTc0YWI4OTcwNGNkYWVlMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAwvDmSp9Z6fg92YDdr+jn+DSG5qEs21AUowTfs3jtvDSCKhV1
+/T32aJ1AiD3FOv/uo1+DfwTQ9HEwda4BEEry2iP8Xjh7HrGPVd+/MzT63sjtyOb
pGB8huTxxVkNJAhF0BbcCMIslMnace0bvsrxRsFCM3eFU4gRn8cmpB+Ja+7/OdPL
5P8ygbuVO2VB1Q3dWOzwArzneMfhGJafWUjswt5e4iUAmCwP815saxLHUHHVIi0N
ioBxZ7VBjLtbzPFqOVy/nDa/xQCvpwgLnVtzVE/B0JYTgH0kFBYOaRmQPoQ7oKGu
Gp9bj48jZRKYom6quBxSXrrE1ej1tSBaeAhMvwIDAQABo4ICDzCCAgswHQYDVR0O
BBYEFLZdgrTadhxe+xV+qv50q4lwTNruMB8GA1UdIwQYMBaAFOUgRG95/8LXw6nv
NAzp3iVyOnGaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
NVNCRWIzbl93dGZEcWU4MERPbmVKWEk2Y1pvLmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC8wNy8wMTFlZjItNzAxMi00YTZlLThhMWMtMGUwZTEzN2U1NTkxLzEv
dGwyQ3ROcDJIRjc3Rlg2cV9uU3JpWEJNMnU0LnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNy8w
MTFlZjItNzAxMi00YTZlLThhMWMtMGUwZTEzN2U1NTkxLzEvNVNCRWIzbl93dGZE
cWU4MERPbmVKWEk2Y1pvLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCUG
CCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQFLqDAAwQE2cLwMA0GCSqGSIb3DQEB
CwUAA4IBAQCi638G+4ta0s4v0kw2zgfdxmAxm+Ap2vwYBwXw5aQeTwcJXHSJu63p
OQmR3ioHA9RoTHvsdyn/2TDvjQ+CtHM52RN0LQaS+VU9UTyf1EqNGcay4i2Q2jHy
aFzd44QQG64qPLkzNdYVUAomDWgnejNNttl2j3p5mRzi73oIt7MNEgYpxRVBUUp1
VBQB7dLh9qWwePOx7J0nMeDV21VKt8bcsxKLqCy/FYqeyfKaueNuky3c9+MqnkwT
gFKaKawmR5jg2T0fdFC9ZIo86xIS8nKSIcvuTLvRGEwjuWuZP28NnvHyjCtdSevI
HE9XTaTDD66HWI0dRZJ8CznMlDZ9yF0D
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:24:32 2025 by rpki-client