Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0d/d3dba0-d715-495f-9178-393a4080c747/1/S-JFiU7mfz0PMc8Sg7BaQZDigXQ.roa
File: S-JFiU7mfz0PMc8Sg7BaQZDigXQ.roa (raw, json)
Hash identifier: YCyQM5OwBPSNsqgJ4f04Lwoxsfe0TefabcZQ9HOUPx0=
Subject key identifier: 4B:E2:45:89:4E:E6:7F:3D:0F:31:CF:12:83:B0:5A:41:90:E2:81:74
Certificate issuer: /CN=e7fec2833d3c8e232903cdd3afc03ecdbe83b085
Certificate serial: 01853435E7E3C3DDED5FB29FC2E596EA43E8
Authority key identifier: E7:FE:C2:83:3D:3C:8E:23:29:03:CD:D3:AF:C0:3E:CD:BE:83:B0:85
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5_7Cgz08jiMpA83Tr8A-zb6DsIU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0d/d3dba0-d715-495f-9178-393a4080c747/1/S-JFiU7mfz0PMc8Sg7BaQZDigXQ.roa
Signing time: Wed 21 Dec 2022 10:23:46 +0000
ROA not before: Wed 21 Dec 2022 10:23:46 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 56403
IP address blocks: 185.194.128.0/24 maxlen: 24
46.235.16.0/22 maxlen: 22
46.235.20.0/23 maxlen: 23
46.235.22.0/24 maxlen: 24
46.235.23.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:34:35:e7:e3:c3:dd:ed:5f:b2:9f:c2:e5:96:ea:43:e8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e7fec2833d3c8e232903cdd3afc03ecdbe83b085
Validity
Not Before: Dec 21 10:23:46 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=4be245894ee67f3d0f31cf1283b05a4190e28174
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:95:ef:12:a3:c6:58:be:8c:24:66:46:a8:bb:
8c:a3:11:1c:b5:33:ad:a8:c9:3f:22:f4:71:d7:c1:
ad:e1:da:bc:90:41:e7:22:a3:0b:dc:6e:22:78:55:
1a:e8:02:86:75:84:bc:dd:72:c0:24:1d:b5:34:62:
46:5c:10:e7:6a:5c:bf:23:04:bd:d5:68:0d:91:ef:
32:3d:74:e9:23:fc:69:85:c3:27:70:d1:75:11:fa:
fb:c4:b1:57:16:6b:7f:9f:66:74:0b:f9:d0:a8:a7:
79:5a:c7:10:5d:27:db:42:96:3e:57:fa:05:4a:3f:
02:96:2e:36:a2:e1:9f:65:4f:31:09:18:4b:36:02:
0b:04:42:c1:62:77:c4:fe:ea:4c:a9:bf:42:36:38:
b7:00:ea:8d:42:6b:ff:18:6e:ea:da:79:3c:18:2d:
18:5a:9c:f8:8c:24:6b:38:fe:03:fd:a9:b3:5d:c5:
47:e3:61:a9:3f:ee:93:68:c6:18:cd:7e:7e:8b:bc:
24:8c:df:5c:fd:eb:29:18:b9:dc:35:5b:be:67:60:
af:f2:29:c9:5b:4d:9b:07:d4:54:7a:43:49:3e:bf:
8d:06:61:a2:3d:03:5b:b1:51:a8:0c:54:41:5e:5f:
2d:d2:66:47:c2:a1:92:48:51:00:44:30:9b:b4:4a:
62:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:E2:45:89:4E:E6:7F:3D:0F:31:CF:12:83:B0:5A:41:90:E2:81:74
X509v3 Authority Key Identifier:
keyid:E7:FE:C2:83:3D:3C:8E:23:29:03:CD:D3:AF:C0:3E:CD:BE:83:B0:85
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5_7Cgz08jiMpA83Tr8A-zb6DsIU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/d3dba0-d715-495f-9178-393a4080c747/1/S-JFiU7mfz0PMc8Sg7BaQZDigXQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/d3dba0-d715-495f-9178-393a4080c747/1/5_7Cgz08jiMpA83Tr8A-zb6DsIU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.235.16.0/21
185.194.128.0/24
Signature Algorithm: sha256WithRSAEncryption
52:42:01:a3:97:d9:11:a3:dd:10:8f:d5:86:c3:cc:62:48:f5:
c6:d2:24:0c:91:59:5b:92:53:6d:eb:5d:92:5c:77:6e:f2:fb:
8a:ff:d3:62:fc:a7:65:f4:51:7d:f3:f1:c6:52:aa:30:cd:e2:
35:06:4a:64:bb:0d:9b:e3:f9:bb:08:23:c4:af:19:46:d4:52:
ec:f9:99:e3:fa:b0:87:74:e1:15:33:63:61:b0:1e:ee:98:38:
74:7f:e4:d1:0b:c0:51:37:c3:06:8c:a9:23:2b:20:f7:f9:e1:
0d:cc:2e:b2:97:fa:d7:a7:fb:8e:66:ed:0e:47:73:0b:7e:cc:
3c:6a:15:34:b9:84:df:59:a7:aa:81:ca:09:32:af:e4:62:40:
11:a9:50:61:53:e6:f1:8f:97:3f:e2:d2:20:5a:dd:56:f5:ba:
e6:29:fb:b6:f5:0b:56:02:da:e2:1b:fb:64:c5:34:99:31:79:
d1:e1:1e:22:59:b7:d3:3c:74:a2:8d:b0:ab:c4:35:09:b9:49:
e1:d0:84:39:75:34:5b:b9:3f:16:47:12:99:2e:e5:ed:f9:ae:
43:1f:60:61:33:08:9c:a0:5a:3f:01:96:83:cb:bb:4b:9b:7d:
58:d8:5c:64:1b:4a:87:42:b0:94:e9:62:35:4a:8f:dd:f7:b2:
c9:ba:b4:47
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYU0Nefjw93tX7KfwuWW6kPoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU3ZmVjMjgzM2QzYzhlMjMyOTAzY2RkM2FmYzAzZWNkYmU4
M2IwODUwHhcNMjIxMjIxMTAyMzQ2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YmUyNDU4OTRlZTY3ZjNkMGYzMWNmMTI4M2IwNWE0MTkwZTI4MTc0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkZXvEqPGWL6MJGZGqLuMoxEctTOt
qMk/IvRx18Gt4dq8kEHnIqML3G4ieFUa6AKGdYS83XLAJB21NGJGXBDnaly/IwS9
1WgNke8yPXTpI/xphcMncNF1Efr7xLFXFmt/n2Z0C/nQqKd5WscQXSfbQpY+V/oF
Sj8Cli42ouGfZU8xCRhLNgILBELBYnfE/upMqb9CNji3AOqNQmv/GG7q2nk8GC0Y
Wpz4jCRrOP4D/amzXcVH42GpP+6TaMYYzX5+i7wkjN9c/espGLncNVu+Z2Cv8inJ
W02bB9RUekNJPr+NBmGiPQNbsVGoDFRBXl8t0mZHwqGSSFEARDCbtEpiXQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFEviRYlO5n89DzHPEoOwWkGQ4oF0MB8GA1UdIwQY
MBaAFOf+woM9PI4jKQPN06/APs2+g7CFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNV83Q2d6MDhqaU1wQTgzVHI4QS16YjZEc0lVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZC9kM2RiYTAtZDcxNS00OTVmLTkxNzgt
MzkzYTQwODBjNzQ3LzEvUy1KRmlVN21mejBQTWM4U2c3QmFRWkRpZ1hRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZC9kM2RiYTAtZDcxNS00OTVmLTkxNzgtMzkzYTQwODBjNzQ3
LzEvNV83Q2d6MDhqaU1wQTgzVHI4QS16YjZEc0lVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQDLusQAwQA
ucKAMA0GCSqGSIb3DQEBCwUAA4IBAQBSQgGjl9kRo90Qj9WGw8xiSPXG0iQMkVlb
klNt612SXHdu8vuK/9Ni/Kdl9FF98/HGUqowzeI1Bkpkuw2b4/m7CCPErxlG1FLs
+Znj+rCHdOEVM2NhsB7umDh0f+TRC8BRN8MGjKkjKyD3+eENzC6yl/rXp/uOZu0O
R3MLfsw8ahU0uYTfWaeqgcoJMq/kYkARqVBhU+bxj5c/4tIgWt1W9brmKfu29QtW
AtriG/tkxTSZMXnR4R4iWbfTPHSijbCrxDUJuUnh0IQ5dTRbuT8WRxKZLuXt+a5D
H2BhMwicoFo/AZaDy7tLm31Y2FxkG0qHQrCU6WI1So/d97LJurRH
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:18:48 2024 by rpki-client on console-fra.rpki-client.org