Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/22/7d8505-3899-4a9e-8cf1-fa5af38deb5e/1/9zJ6NrxVnxWkvZiViR7QQJSMM1k.roa
File: 9zJ6NrxVnxWkvZiViR7QQJSMM1k.roa (raw, json)
Hash identifier: rO5VpBvI1yZ7/Gn5LI1FMA9cOKUDz+5fwV9kQMwcGR4=
Subject key identifier: F7:32:7A:36:BC:55:9F:15:A4:BD:98:95:89:1E:D0:40:94:8C:33:59
Certificate issuer: /CN=40e3953c5cb452f159f8e1505fc702e883657e72
Certificate serial: 37747092
Authority key identifier: 40:E3:95:3C:5C:B4:52:F1:59:F8:E1:50:5F:C7:02:E8:83:65:7E:72
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QOOVPFy0UvFZ-OFQX8cC6INlfnI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/22/7d8505-3899-4a9e-8cf1-fa5af38deb5e/1/9zJ6NrxVnxWkvZiViR7QQJSMM1k.roa
Signing time: Sat 01 Jan 2022 14:03:55 +0000
ROA not before: Sat 01 Jan 2022 14:03:55 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 25804
IP address blocks: 178.79.218.0/23 maxlen: 23
46.228.144.0/24 maxlen: 24
178.79.198.0/23 maxlen: 23
46.183.88.0/24 maxlen: 24
2a02:3d0:8::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 930377874 (0x37747092)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=40e3953c5cb452f159f8e1505fc702e883657e72
Validity
Not Before: Jan 1 14:03:55 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=f7327a36bc559f15a4bd9895891ed040948c3359
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:e0:3c:01:fa:32:d7:c3:d6:5d:10:31:ba:7a:
4c:0e:16:4c:61:9a:f3:27:34:60:91:22:46:b8:7d:
61:73:03:6b:67:4c:e6:7d:30:3a:ac:f4:76:39:a6:
21:ac:d9:06:83:87:96:76:18:7d:8b:29:c4:97:63:
d6:42:d4:7c:66:a1:2d:71:29:47:9a:d1:14:e4:f9:
cd:f9:01:c1:d9:ba:2e:94:6a:0b:5f:39:f0:90:6d:
d9:1b:f0:33:8f:e8:8f:a7:c3:e6:77:bf:b3:fb:ba:
b4:12:41:e5:b1:9f:ee:10:b5:d7:0b:71:7b:8c:64:
40:d9:ff:33:0b:a4:8a:0a:b5:47:06:aa:75:1d:eb:
30:a8:2c:7b:e6:f0:42:d0:f1:38:17:d4:15:63:76:
62:bb:b0:a6:6b:98:e5:ec:0f:80:6f:4d:a0:f2:00:
69:4f:aa:70:d5:4d:03:9d:c4:62:b1:3e:00:61:35:
2f:0e:a7:34:78:50:88:31:17:72:32:fa:b4:40:64:
9d:a1:01:c7:69:58:e8:47:a4:38:83:68:75:a2:e5:
60:b7:26:a4:60:f7:04:f0:29:86:b3:21:e6:0a:a7:
c0:bb:f7:c8:a4:fe:76:fa:20:8d:50:1b:2e:f9:6c:
c0:c5:9a:88:dd:c3:cd:3c:66:16:8b:bd:8a:a4:d5:
c0:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F7:32:7A:36:BC:55:9F:15:A4:BD:98:95:89:1E:D0:40:94:8C:33:59
X509v3 Authority Key Identifier:
keyid:40:E3:95:3C:5C:B4:52:F1:59:F8:E1:50:5F:C7:02:E8:83:65:7E:72
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QOOVPFy0UvFZ-OFQX8cC6INlfnI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/22/7d8505-3899-4a9e-8cf1-fa5af38deb5e/1/9zJ6NrxVnxWkvZiViR7QQJSMM1k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/22/7d8505-3899-4a9e-8cf1-fa5af38deb5e/1/QOOVPFy0UvFZ-OFQX8cC6INlfnI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.183.88.0/24
46.228.144.0/24
178.79.198.0/23
178.79.218.0/23
IPv6:
2a02:3d0:8::/48
Signature Algorithm: sha256WithRSAEncryption
71:b7:f9:65:a5:43:b0:a8:01:5f:41:7f:02:f9:5d:25:55:fc:
aa:f0:1f:45:54:46:44:d3:5a:24:05:9f:15:9d:2d:04:1d:eb:
e5:b1:1a:06:6d:38:42:52:5f:85:12:c9:0c:2e:c1:e7:31:43:
29:50:60:23:62:57:7e:7b:26:2c:f3:12:24:8c:ce:c6:6c:7d:
14:1a:4e:86:c3:59:02:78:63:95:37:b5:fd:9e:3b:90:47:7c:
d9:b6:d4:b5:02:84:cc:23:9c:04:6d:05:45:a7:61:5c:d1:fd:
22:91:01:26:fd:b9:56:51:12:2b:35:d2:9b:2a:dd:2f:ca:ed:
26:0b:1b:3b:c3:0b:a3:64:78:3d:31:55:d0:90:70:a2:e4:5e:
7f:64:40:63:0c:04:77:52:e0:48:24:a8:12:fe:05:48:b9:75:
ed:78:a8:ba:ca:dc:f4:fc:53:4f:b2:c4:ba:e3:09:2c:c7:dc:
96:5e:69:d8:6a:c6:48:1a:e7:b4:f3:65:17:82:25:a5:61:6e:
14:1e:aa:11:7e:17:f5:b1:a2:47:f5:41:0d:25:b4:b4:c0:57:
b5:18:0a:0d:e0:c7:cf:74:06:9f:8a:24:2e:00:17:c9:dc:f3:
56:e5:81:ad:1e:a4:f0:bc:8b:17:e2:5d:e2:28:dc:b9:57:f4:
cc:c8:56:51
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgIEN3RwkjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0
MGUzOTUzYzVjYjQ1MmYxNTlmOGUxNTA1ZmM3MDJlODgzNjU3ZTcyMB4XDTIyMDEw
MTE0MDM1NVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZjczMjdhMzZiYzU1
OWYxNWE0YmQ5ODk1ODkxZWQwNDA5NDhjMzM1OTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALLgPAH6MtfD1l0QMbp6TA4WTGGa8yc0YJEiRrh9YXMDa2dM
5n0wOqz0djmmIazZBoOHlnYYfYspxJdj1kLUfGahLXEpR5rRFOT5zfkBwdm6LpRq
C1858JBt2RvwM4/oj6fD5ne/s/u6tBJB5bGf7hC11wtxe4xkQNn/Mwukigq1Rwaq
dR3rMKgse+bwQtDxOBfUFWN2YruwpmuY5ewPgG9NoPIAaU+qcNVNA53EYrE+AGE1
Lw6nNHhQiDEXcjL6tEBknaEBx2lY6EekOINodaLlYLcmpGD3BPAphrMh5gqnwLv3
yKT+dvogjVAbLvlswMWaiN3DzTxmFou9iqTVwFsCAwEAAaOCAiwwggIoMB0GA1Ud
DgQWBBT3Mno2vFWfFaS9mJWJHtBAlIwzWTAfBgNVHSMEGDAWgBRA45U8XLRS8Vn4
4VBfxwLog2V+cjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1FPT1ZQRnkwVXZGWi1PRlFYOGNDNklObGZuSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMjIvN2Q4NTA1LTM4OTktNGE5ZS04Y2YxLWZhNWFmMzhkZWI1ZS8x
Lzl6SjZOcnhWbnhXa3ZaaVZpUjdRUUpTTU0xay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjIv
N2Q4NTA1LTM4OTktNGE5ZS04Y2YxLWZhNWFmMzhkZWI1ZS8xL1FPT1ZQRnkwVXZG
Wi1PRlFYOGNDNklObGZuSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBC
BggrBgEFBQcBBwEB/wQzMDEwHgQCAAEwGAMEAC63WAMEAC7kkAMEAbJPxgMEAbJP
2jAPBAIAAjAJAwcAKgID0AAIMA0GCSqGSIb3DQEBCwUAA4IBAQBxt/llpUOwqAFf
QX8C+V0lVfyq8B9FVEZE01okBZ8VnS0EHevlsRoGbThCUl+FEskMLsHnMUMpUGAj
Yld+eyYs8xIkjM7GbH0UGk6Gw1kCeGOVN7X9njuQR3zZttS1AoTMI5wEbQVFp2Fc
0f0ikQEm/blWURIrNdKbKt0vyu0mCxs7wwujZHg9MVXQkHCi5F5/ZEBjDAR3UuBI
JKgS/gVIuXXteKi6ytz0/FNPssS64wksx9yWXmnYasZIGue082UXgiWlYW4UHqoR
fhf1saJH9UENJbS0wFe1GAoN4MfPdAafiiQuABfJ3PNW5YGtHqTwvIsX4l3iKNy5
V/TMyFZR
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:58:01 2024 by rpki-client on console-ams.rpki-client.org