Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1f/3d579f-815a-446e-8ed9-d16691ad69fa/1/WQYyam7oX7GWpGaZvLnGRP-44ds.roa
File: WQYyam7oX7GWpGaZvLnGRP-44ds.roa (raw, json)
Hash identifier: WXBToBOjtr/SNDCKblZAFmrPBp6tp8GLaFVl+XRiups=
Subject key identifier: 59:06:32:6A:6E:E8:5F:B1:96:A4:66:99:BC:B9:C6:44:FF:B8:E1:DB
Certificate issuer: /CN=480aaeb53792d520169bce280c3dd86f8376ec63
Certificate serial: 11FD1B88
Authority key identifier: 48:0A:AE:B5:37:92:D5:20:16:9B:CE:28:0C:3D:D8:6F:83:76:EC:63
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SAqutTeS1SAWm84oDD3Yb4N27GM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1f/3d579f-815a-446e-8ed9-d16691ad69fa/1/WQYyam7oX7GWpGaZvLnGRP-44ds.roa
Signing time: Sat 01 Jan 2022 16:07:25 +0000
ROA not before: Sat 01 Jan 2022 16:07:25 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 197403
IP address blocks: 46.28.152.0/24 maxlen: 24
46.28.152.0/21 maxlen: 21
46.28.155.0/24 maxlen: 24
46.28.158.0/24 maxlen: 24
46.28.159.0/24 maxlen: 24
46.28.153.0/24 maxlen: 24
46.28.156.0/24 maxlen: 24
46.28.154.0/24 maxlen: 24
46.28.157.0/24 maxlen: 24
2a00:7840::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 301800328 (0x11fd1b88)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=480aaeb53792d520169bce280c3dd86f8376ec63
Validity
Not Before: Jan 1 16:07:25 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=5906326a6ee85fb196a46699bcb9c644ffb8e1db
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:e2:60:a3:d0:84:77:da:25:66:0c:b2:b5:32:
22:45:8e:f2:82:76:09:e9:76:f6:23:af:33:e9:4c:
10:73:6f:f7:36:31:d8:eb:f1:b8:d3:8a:48:e8:82:
5a:30:73:7f:6f:64:52:20:f9:c2:b4:70:e7:03:71:
ff:ff:e4:e7:4d:b2:09:4d:74:7d:bb:ea:74:58:30:
95:be:71:49:b6:b0:43:14:14:10:48:a7:bc:36:99:
1f:a4:f8:e9:8d:cd:06:f4:0c:54:68:9b:f7:8d:89:
86:85:47:ff:dc:c6:80:8e:ca:df:94:5e:ad:ce:b4:
e8:77:4a:cd:89:e9:ce:41:dc:c3:dc:9f:ed:0d:e4:
6a:7b:02:ad:e6:35:47:97:bd:7b:8a:dd:5f:fa:3e:
ad:2a:e3:63:8b:2e:d1:16:b9:50:a6:b2:e8:9d:64:
fd:22:91:ae:df:50:e6:56:29:d9:cd:58:f5:d5:7b:
fb:89:82:b6:50:8c:22:43:63:d7:60:4e:20:3a:61:
5d:97:a7:93:b9:09:2a:f3:21:4f:9a:0a:eb:87:ca:
d1:20:e5:8d:a1:d0:a4:a9:b2:08:49:51:b9:30:7e:
89:a5:78:68:0a:b9:14:3c:40:b1:65:27:7a:f3:b3:
18:87:81:3e:b0:f3:83:08:65:49:c2:27:97:0d:8f:
06:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
59:06:32:6A:6E:E8:5F:B1:96:A4:66:99:BC:B9:C6:44:FF:B8:E1:DB
X509v3 Authority Key Identifier:
keyid:48:0A:AE:B5:37:92:D5:20:16:9B:CE:28:0C:3D:D8:6F:83:76:EC:63
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SAqutTeS1SAWm84oDD3Yb4N27GM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/3d579f-815a-446e-8ed9-d16691ad69fa/1/WQYyam7oX7GWpGaZvLnGRP-44ds.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/3d579f-815a-446e-8ed9-d16691ad69fa/1/SAqutTeS1SAWm84oDD3Yb4N27GM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.28.152.0/21
IPv6:
2a00:7840::/32
Signature Algorithm: sha256WithRSAEncryption
69:49:6c:28:47:c6:07:56:c8:d8:4e:4d:7a:70:b9:df:e4:60:
fd:c2:11:b2:ac:04:e2:7b:4b:29:74:0d:63:b2:0c:68:17:13:
cd:59:b2:73:ba:49:d8:4b:fd:09:0a:0c:2d:72:7f:70:77:98:
00:ce:7e:95:78:6d:80:a9:ed:3e:ad:50:eb:4a:11:4b:2f:d2:
93:3d:cc:e2:a6:cb:c1:58:f9:67:61:2c:f9:97:3f:a6:75:da:
5a:46:51:e4:9e:33:d4:35:50:62:b1:9e:26:96:3a:49:e0:fd:
d1:60:9a:c6:e5:8a:31:1f:3a:11:75:88:56:35:e2:5e:9f:c5:
b6:45:f2:47:77:66:af:30:87:d8:37:30:b7:a8:1f:6f:53:d0:
c1:ca:df:30:b0:f2:90:a3:62:58:d5:7b:aa:70:cb:2a:52:b6:
d2:9c:98:07:27:10:bf:47:81:1b:36:42:00:07:c6:af:7c:23:
63:9f:89:0b:b2:f2:29:05:e7:b7:54:50:10:6d:8d:53:bd:69:
62:41:95:ef:ab:ad:99:9e:46:ad:d3:fa:c7:db:38:72:fe:31:
81:95:46:9e:ac:90:b7:3c:ad:40:28:91:0e:ed:90:28:75:5e:
1e:f9:ec:2d:12:22:46:f8:b9:a0:d1:b5:db:37:fd:cf:41:73:
67:39:cc:7d
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIEEf0biDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0
ODBhYWViNTM3OTJkNTIwMTY5YmNlMjgwYzNkZDg2ZjgzNzZlYzYzMB4XDTIyMDEw
MTE2MDcyNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNTkwNjMyNmE2ZWU4
NWZiMTk2YTQ2Njk5YmNiOWM2NDRmZmI4ZTFkYjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANziYKPQhHfaJWYMsrUyIkWO8oJ2Cel29iOvM+lMEHNv9zYx
2OvxuNOKSOiCWjBzf29kUiD5wrRw5wNx///k502yCU10fbvqdFgwlb5xSbawQxQU
EEinvDaZH6T46Y3NBvQMVGib942JhoVH/9zGgI7K35Rerc606HdKzYnpzkHcw9yf
7Q3kansCreY1R5e9e4rdX/o+rSrjY4su0Ra5UKay6J1k/SKRrt9Q5lYp2c1Y9dV7
+4mCtlCMIkNj12BOIDphXZenk7kJKvMhT5oK64fK0SDljaHQpKmyCElRuTB+iaV4
aAq5FDxAsWUnevOzGIeBPrDzgwhlScInlw2PBhkCAwEAAaOCAhgwggIUMB0GA1Ud
DgQWBBRZBjJqbuhfsZakZpm8ucZE/7jh2zAfBgNVHSMEGDAWgBRICq61N5LVIBab
zigMPdhvg3bsYzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1NBcXV0VGVTMVNBV204NG9ERDNZYjROMjdHTS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMWYvM2Q1NzlmLTgxNWEtNDQ2ZS04ZWQ5LWQxNjY5MWFkNjlmYS8x
L1dRWXlhbTdvWDdHV3BHYVp2TG5HUlAtNDRkcy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMWYv
M2Q1NzlmLTgxNWEtNDQ2ZS04ZWQ5LWQxNjY5MWFkNjlmYS8xL1NBcXV0VGVTMVNB
V204NG9ERDNZYjROMjdHTS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAu
BggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEAy4cmDANBAIAAjAHAwUAKgB4QDAN
BgkqhkiG9w0BAQsFAAOCAQEAaUlsKEfGB1bI2E5NenC53+Rg/cIRsqwE4ntLKXQN
Y7IMaBcTzVmyc7pJ2Ev9CQoMLXJ/cHeYAM5+lXhtgKntPq1Q60oRSy/Skz3M4qbL
wVj5Z2Es+Zc/pnXaWkZR5J4z1DVQYrGeJpY6SeD90WCaxuWKMR86EXWIVjXiXp/F
tkXyR3dmrzCH2Dcwt6gfb1PQwcrfMLDykKNiWNV7qnDLKlK20pyYBycQv0eBGzZC
AAfGr3wjY5+JC7LyKQXnt1RQEG2NU71pYkGV76utmZ5GrdP6x9s4cv4xgZVGnqyQ
tzytQCiRDu2QKHVeHvnsLRIiRvi5oNG12zf9z0FzZznMfQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:21:51 2024 by rpki-client on console-fra.rpki-client.org