Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/NYidOLFD1ax0pEszvnk_Voau0l0.roa
File: NYidOLFD1ax0pEszvnk_Voau0l0.roa (raw, json)
Hash identifier: ES7Cd9Cww6/P88IEBuV05c6fEf8X9oNgQijLXvGcRUU=
Subject key identifier: 35:88:9D:38:B1:43:D5:AC:74:A4:4B:33:BE:79:3F:56:86:AE:D2:5D
Certificate issuer: /CN=ab0952c8ba8dadb1d34de6c6a93864a609fc41ec
Certificate serial: 38861D27
Authority key identifier: AB:09:52:C8:BA:8D:AD:B1:D3:4D:E6:C6:A9:38:64:A6:09:FC:41:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/NYidOLFD1ax0pEszvnk_Voau0l0.roa
Signing time: Sat 01 Jan 2022 05:54:20 +0000
ROA not before: Sat 01 Jan 2022 05:54:20 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 47814
IP address blocks: 46.19.204.251/32 maxlen: 32
46.19.205.0/24 maxlen: 24
46.19.206.0/24 maxlen: 24
185.176.116.0/22 maxlen: 22
94.101.233.206/32 maxlen: 32
2001:1bf8::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 948313383 (0x38861d27)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab0952c8ba8dadb1d34de6c6a93864a609fc41ec
Validity
Not Before: Jan 1 05:54:20 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=35889d38b143d5ac74a44b33be793f5686aed25d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:9d:3c:57:58:e0:19:30:92:d9:96:c2:4d:7d:
14:81:8c:98:8d:02:a1:79:cc:8c:37:30:0f:c7:44:
91:77:dd:19:36:55:78:cb:eb:e9:18:08:e3:ac:5c:
f7:e9:ae:89:10:d1:75:39:91:86:78:f5:59:d7:32:
09:52:31:8d:78:19:60:85:1d:64:b8:9c:8f:94:8b:
95:bb:87:8a:8d:8f:e1:c9:be:1c:f3:7f:b1:6c:d1:
05:13:ce:4f:ec:f4:7a:91:cc:ad:45:fc:ef:d6:6a:
2c:3f:cc:b2:35:cd:ae:64:70:25:11:94:63:44:f9:
4d:0c:2a:dc:00:d3:08:45:ac:c5:0f:4b:96:ae:ea:
5b:95:82:f0:6c:aa:10:a2:07:9d:9d:0e:6e:d0:19:
28:5c:c7:46:36:5b:99:62:1f:1e:9b:d4:4c:32:b7:
4e:36:04:27:d2:f0:e0:5f:cb:d3:a4:6f:dd:d2:9c:
e2:88:3e:3e:8e:4d:ba:88:2b:bd:63:32:e8:cf:3d:
78:a6:c7:dd:07:56:66:0d:93:d2:61:f4:0b:f7:61:
c0:76:58:a8:c0:40:4b:3a:a6:55:31:cd:e9:2b:eb:
5c:d6:79:71:36:f7:a9:b4:01:52:9d:d0:cc:93:8f:
af:1c:50:4d:aa:9e:79:3a:14:d6:47:fe:1b:0e:e4:
42:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:88:9D:38:B1:43:D5:AC:74:A4:4B:33:BE:79:3F:56:86:AE:D2:5D
X509v3 Authority Key Identifier:
keyid:AB:09:52:C8:BA:8D:AD:B1:D3:4D:E6:C6:A9:38:64:A6:09:FC:41:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/NYidOLFD1ax0pEszvnk_Voau0l0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/qwlSyLqNrbHTTebGqThkpgn8Qew.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.19.204.251/32
46.19.205.0-46.19.206.255
94.101.233.206/32
185.176.116.0/22
IPv6:
2001:1bf8::/29
Signature Algorithm: sha256WithRSAEncryption
1c:c1:42:bf:8c:53:8a:2b:99:9a:3a:c1:f4:45:77:2c:13:40:
9a:0c:e9:53:e4:94:7f:bc:32:20:68:45:1a:42:08:cd:be:7c:
1b:3e:5b:2a:7d:6e:c2:04:fc:08:48:5c:48:7a:c4:bb:65:ab:
fb:2f:b0:0b:48:6a:14:5d:65:c0:27:9b:ba:4e:6c:62:af:ea:
c7:8f:6b:c0:df:87:f2:bf:bc:ab:fc:01:d3:88:27:58:17:d0:
e6:da:92:26:f3:85:bf:1f:e4:9f:62:13:0a:72:3e:6c:aa:d2:
8a:88:d5:9b:6a:b1:c7:8b:20:4b:2c:19:7b:11:e1:2a:e4:91:
cf:9e:a7:4f:99:2a:eb:e2:50:b4:2f:dd:98:fb:dd:19:78:f7:
65:b3:89:a4:c8:c3:dd:00:af:18:3c:3d:cf:87:5f:41:02:1e:
94:08:1b:55:ac:f0:80:b6:1e:e4:a6:3c:a3:ee:98:d2:54:1b:
ad:40:6e:c7:d8:e6:3e:6a:53:a1:97:0d:54:a5:5f:9a:44:14:
bb:52:9c:08:ba:1c:e9:b6:4f:8f:54:dc:ef:a2:c6:aa:42:c2:
2e:0e:80:07:41:3e:4d:99:a8:04:df:3d:96:5a:50:67:71:ce:
e8:5c:4f:2a:25:ac:84:2d:1b:be:c7:f4:9d:b2:df:00:e0:ab:
0e:95:59:1c
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgIEOIYdJzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
YjA5NTJjOGJhOGRhZGIxZDM0ZGU2YzZhOTM4NjRhNjA5ZmM0MWVjMB4XDTIyMDEw
MTA1NTQyMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMzU4ODlkMzhiMTQz
ZDVhYzc0YTQ0YjMzYmU3OTNmNTY4NmFlZDI1ZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOadPFdY4BkwktmWwk19FIGMmI0CoXnMjDcwD8dEkXfdGTZV
eMvr6RgI46xc9+muiRDRdTmRhnj1WdcyCVIxjXgZYIUdZLicj5SLlbuHio2P4cm+
HPN/sWzRBRPOT+z0epHMrUX879ZqLD/MsjXNrmRwJRGUY0T5TQwq3ADTCEWsxQ9L
lq7qW5WC8GyqEKIHnZ0ObtAZKFzHRjZbmWIfHpvUTDK3TjYEJ9Lw4F/L06Rv3dKc
4og+Po5NuogrvWMy6M89eKbH3QdWZg2T0mH0C/dhwHZYqMBASzqmVTHN6SvrXNZ5
cTb3qbQBUp3QzJOPrxxQTaqeeToU1kf+Gw7kQk0CAwEAAaOCAjQwggIwMB0GA1Ud
DgQWBBQ1iJ04sUPVrHSkSzO+eT9Whq7SXTAfBgNVHSMEGDAWgBSrCVLIuo2tsdNN
5sapOGSmCfxB7DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3F3bFN5THFOcmJIVFRlYkdxVGhrcGduOFFldy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMGUvMzU1NWZlLTEyY2QtNDAyYS1hODEwLTU1NTRkNmUxNjg2Zi8x
L05ZaWRPTEZEMWF4MHBFc3p2bmtfVm9hdTBsMC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMGUv
MzU1NWZlLTEyY2QtNDAyYS1hODEwLTU1NTRkNmUxNjg2Zi8xL3F3bFN5THFOcmJI
VFRlYkdxVGhrcGduOFFldy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBK
BggrBgEFBQcBBwEB/wQ7MDkwKAQCAAEwIgMFAC4TzPswDAMEAC4TzQMEAC4TzgMF
AF5l6c4DBAK5sHQwDQQCAAIwBwMFAyABG/gwDQYJKoZIhvcNAQELBQADggEBABzB
Qr+MU4ormZo6wfRFdywTQJoM6VPklH+8MiBoRRpCCM2+fBs+Wyp9bsIE/AhIXEh6
xLtlq/svsAtIahRdZcAnm7pObGKv6sePa8Dfh/K/vKv8AdOIJ1gX0Obakibzhb8f
5J9iEwpyPmyq0oqI1ZtqsceLIEssGXsR4Srkkc+ep0+ZKuviULQv3Zj73Rl492Wz
iaTIw90Arxg8Pc+HX0ECHpQIG1Ws8IC2HuSmPKPumNJUG61AbsfY5j5qU6GXDVSl
X5pEFLtSnAi6HOm2T49U3O+ixqpCwi4OgAdBPk2ZqATfPZZaUGdxzuhcTyolrIQt
G77H9J2y3wDgqw6VWRw=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:47:37 2023 by rpki-client on console-ams.rpki-client.org