Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1a/88fff5-dfd9-4008-95b7-785e5883644d/1/z6jRRiv2mDOc_Njr6DLLHT-jyRk.roa
File: z6jRRiv2mDOc_Njr6DLLHT-jyRk.roa (raw, json)
Hash identifier: W5AptGnPxUo0eqheDulrKVK+oZyrYb63/QP5XYNtVnU=
Subject key identifier: CF:A8:D1:46:2B:F6:98:33:9C:FC:D8:EB:E8:32:CB:1D:3F:A3:C9:19
Certificate issuer: /CN=d8d662dcc6fe3b81ef3de2fca3cfcedc11ebaa43
Certificate serial: 018363BC244FB397A9A624576E2072493841
Authority key identifier: D8:D6:62:DC:C6:FE:3B:81:EF:3D:E2:FC:A3:CF:CE:DC:11:EB:AA:43
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2NZi3Mb-O4HvPeL8o8_O3BHrqkM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1a/88fff5-dfd9-4008-95b7-785e5883644d/1/z6jRRiv2mDOc_Njr6DLLHT-jyRk.roa
Signing time: Thu 22 Sep 2022 05:46:57 +0000
ROA not before: Thu 22 Sep 2022 05:46:57 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 51759
IP address blocks: 46.36.108.0/24 maxlen: 24
46.36.108.0/23 maxlen: 23
46.36.107.0/24 maxlen: 24
46.36.106.0/24 maxlen: 24
46.36.110.0/24 maxlen: 24
46.36.109.0/24 maxlen: 24
46.36.97.0/24 maxlen: 24
46.36.96.0/23 maxlen: 23
46.36.96.0/24 maxlen: 24
46.36.102.0/24 maxlen: 24
46.36.101.0/24 maxlen: 24
46.36.100.0/24 maxlen: 24
46.36.100.0/22 maxlen: 22
46.36.99.0/24 maxlen: 24
46.36.105.0/24 maxlen: 24
46.36.104.0/22 maxlen: 22
46.36.104.0/24 maxlen: 24
46.36.103.0/24 maxlen: 24
46.36.102.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:63:bc:24:4f:b3:97:a9:a6:24:57:6e:20:72:49:38:41
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d8d662dcc6fe3b81ef3de2fca3cfcedc11ebaa43
Validity
Not Before: Sep 22 05:46:57 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=cfa8d1462bf698339cfcd8ebe832cb1d3fa3c919
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f1:0a:36:02:53:dc:56:ae:4d:76:1c:4d:53:4a:
12:9e:80:4d:be:9f:66:8b:4c:51:1b:61:63:58:90:
c0:0e:48:c6:0b:7d:6b:a0:e0:f9:d5:dd:88:cf:5c:
a3:10:fe:fb:f1:11:47:e0:10:88:66:64:e5:df:dc:
e8:74:49:5d:39:39:b7:32:fc:78:70:3a:87:74:6b:
f8:f2:35:2f:47:2a:73:36:71:ac:40:88:a8:32:21:
26:e5:a2:f4:36:e5:7e:bf:37:8e:b7:a3:1c:d1:7b:
aa:8d:27:19:a4:5d:97:27:3c:c3:39:d0:4f:64:cc:
5a:30:a3:1c:ae:e9:c6:37:11:81:1c:b0:8e:01:7d:
1f:4d:b7:a5:68:db:91:af:7e:cf:b5:b2:50:90:4f:
4a:6f:09:4a:68:2f:ab:d3:a3:87:3a:56:24:7b:f4:
e0:a7:1b:fc:57:6c:e1:a6:51:a0:4c:9c:c0:a9:e2:
fa:b1:e7:6a:88:20:f2:da:d6:44:f9:10:5a:20:6d:
16:49:af:73:d1:e6:49:4e:91:f7:49:b1:85:48:0a:
7d:d0:6c:e0:c4:5a:da:dc:e0:e0:0e:93:d5:85:a2:
71:32:6a:ac:2f:15:5e:b5:4f:bb:e6:43:3f:11:0c:
e4:3a:a0:6f:23:1e:44:9a:c6:72:20:52:cb:09:f9:
35:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:A8:D1:46:2B:F6:98:33:9C:FC:D8:EB:E8:32:CB:1D:3F:A3:C9:19
X509v3 Authority Key Identifier:
keyid:D8:D6:62:DC:C6:FE:3B:81:EF:3D:E2:FC:A3:CF:CE:DC:11:EB:AA:43
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2NZi3Mb-O4HvPeL8o8_O3BHrqkM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/88fff5-dfd9-4008-95b7-785e5883644d/1/z6jRRiv2mDOc_Njr6DLLHT-jyRk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/88fff5-dfd9-4008-95b7-785e5883644d/1/2NZi3Mb-O4HvPeL8o8_O3BHrqkM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.36.96.0/23
46.36.99.0-46.36.110.255
Signature Algorithm: sha256WithRSAEncryption
24:0b:af:fe:09:5f:f0:58:3e:9f:32:8b:fa:9a:ee:be:83:ef:
62:e0:c6:37:b5:ff:90:60:0e:2f:77:42:75:62:e1:0d:00:50:
88:a5:94:41:61:b1:3e:23:5f:a1:c6:e2:56:4a:06:3e:f4:20:
02:19:0d:f8:e1:32:fb:b5:6b:ce:c0:d3:9c:aa:97:54:e2:a3:
1a:13:81:1c:25:11:08:0b:e1:2c:72:7a:eb:16:22:5e:10:ec:
c2:2e:55:2f:79:23:ef:92:ef:9b:9e:91:3b:99:a8:7f:46:52:
68:d1:ff:fc:88:c4:39:ce:f3:f1:99:5c:d3:2c:f3:62:e3:1c:
9f:a9:13:76:7f:13:62:14:83:75:fd:78:63:29:b5:0b:a9:fd:
c8:c7:4d:6f:a5:0f:69:b0:27:6f:97:e4:10:d9:83:86:fe:57:
56:6b:66:a8:7c:00:dd:ab:e2:b5:c1:84:22:ec:a1:35:ab:3a:
f7:fb:d1:48:b2:1b:9f:98:89:e7:5d:11:df:9a:22:99:62:97:
f5:14:0b:64:d7:a4:40:4e:4e:96:fd:46:5e:81:02:0a:ad:d9:
4d:af:fd:c9:b8:e4:42:a3:eb:19:19:55:28:e8:e0:bd:1d:14:
3c:b5:99:de:83:68:d1:cd:ae:3d:56:79:0e:b8:b1:dd:9d:5c:
8d:3a:4b:f7
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYNjvCRPs5eppiRXbiBySThBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ4ZDY2MmRjYzZmZTNiODFlZjNkZTJmY2EzY2ZjZWRjMTFl
YmFhNDMwHhcNMjIwOTIyMDU0NjU3WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZmE4ZDE0NjJiZjY5ODMzOWNmY2Q4ZWJlODMyY2IxZDNmYTNjOTE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8Qo2AlPcVq5NdhxNU0oSnoBNvp9m
i0xRG2FjWJDADkjGC31roOD51d2Iz1yjEP778RFH4BCIZmTl39zodEldOTm3Mvx4
cDqHdGv48jUvRypzNnGsQIioMiEm5aL0NuV+vzeOt6Mc0XuqjScZpF2XJzzDOdBP
ZMxaMKMcrunGNxGBHLCOAX0fTbelaNuRr37PtbJQkE9KbwlKaC+r06OHOlYke/Tg
pxv8V2zhplGgTJzAqeL6sedqiCDy2tZE+RBaIG0WSa9z0eZJTpH3SbGFSAp90Gzg
xFra3ODgDpPVhaJxMmqsLxVetU+75kM/EQzkOqBvIx5EmsZyIFLLCfk1mwIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFM+o0UYr9pgznPzY6+gyyx0/o8kZMB8GA1UdIwQY
MBaAFNjWYtzG/juB7z3i/KPPztwR66pDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMk5aaTNNYi1PNEh2UGVMOG84X08zQkhycWtNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYS84OGZmZjUtZGZkOS00MDA4LTk1Yjct
Nzg1ZTU4ODM2NDRkLzEvejZqUlJpdjJtRE9jX05qcjZETExIVC1qeVJrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYS84OGZmZjUtZGZkOS00MDA4LTk1YjctNzg1ZTU4ODM2NDRk
LzEvMk5aaTNNYi1PNEh2UGVMOG84X08zQkhycWtNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUAwQBLiRgMAwD
BAAuJGMDBAAuJG4wDQYJKoZIhvcNAQELBQADggEBACQLr/4JX/BYPp8yi/qa7r6D
72Lgxje1/5BgDi93QnVi4Q0AUIillEFhsT4jX6HG4lZKBj70IAIZDfjhMvu1a87A
05yql1TioxoTgRwlEQgL4SxyeusWIl4Q7MIuVS95I++S75uekTuZqH9GUmjR//yI
xDnO8/GZXNMs82LjHJ+pE3Z/E2IUg3X9eGMptQup/cjHTW+lD2mwJ2+X5BDZg4b+
V1ZrZqh8AN2r4rXBhCLsoTWrOvf70UiyG5+YieddEd+aIplil/UUC2TXpEBOTpb9
Rl6BAgqt2U2v/cm45EKj6xkZVSjo4L0dFDy1md6DaNHNrj1WeQ64sd2dXI06S/c=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:44:52 2023 by rpki-client on console-fra.rpki-client.org