Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/1ea2b0-6b9a-44d7-a2e5-2206cc2e691c/1/1-LdfjOIN3j5dwrrZBYdZcpw0zrc.roa
File: 1-LdfjOIN3j5dwrrZBYdZcpw0zrc.roa (raw, json)
Hash identifier: nzgCnJUAB38TIJsKPmpZq3P5vFg5O7JNEt3lWCZxLaY=
Subject key identifier: F8:B7:5F:8C:E2:0D:DE:3E:5D:C2:BA:D9:05:87:59:72:9C:34:CE:B7
Certificate issuer: /CN=81cca9f15e1921953a628c8ad2ac4be977b6c303
Certificate serial: 01824E61B903F4F12EA7253B632859CC81F7
Authority key identifier: 81:CC:A9:F1:5E:19:21:95:3A:62:8C:8A:D2:AC:4B:E9:77:B6:C3:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gcyp8V4ZIZU6YoyK0qxL6Xe2wwM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/24/1ea2b0-6b9a-44d7-a2e5-2206cc2e691c/1/1-LdfjOIN3j5dwrrZBYdZcpw0zrc.roa
Signing time: Sat 30 Jul 2022 09:13:23 +0000
ROA not before: Sat 30 Jul 2022 09:13:23 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 49100
IP address blocks: 46.209.122.0/24 maxlen: 24
46.209.237.0/24 maxlen: 24
46.209.234.0/24 maxlen: 24
5.160.106.0/24 maxlen: 24
77.104.114.0/23 maxlen: 23
46.209.102.0/24 maxlen: 24
46.209.10.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:4e:61:b9:03:f4:f1:2e:a7:25:3b:63:28:59:cc:81:f7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=81cca9f15e1921953a628c8ad2ac4be977b6c303
Validity
Not Before: Jul 30 09:13:23 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=f8b75f8ce20dde3e5dc2bad9058759729c34ceb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:85:c3:9f:42:eb:d7:07:30:14:9e:ad:8f:8e:
3a:33:05:a1:85:37:b6:12:ec:6e:71:30:b8:f1:72:
c1:55:1a:38:50:12:01:00:55:1c:7a:4a:26:3f:45:
9d:79:72:fe:b8:3a:1f:c2:eb:da:a9:d4:25:42:c0:
cf:ab:07:0b:f9:db:d2:b0:a9:b0:bf:dd:e1:cc:67:
7e:13:0d:92:7c:f6:00:cf:ff:3e:a4:f3:e6:04:90:
35:79:e2:eb:51:3f:49:6d:f7:a1:1a:2e:46:99:15:
9e:f4:4f:f0:38:51:89:0f:0c:f9:49:e0:c5:c3:41:
96:66:45:f1:21:5e:56:4e:99:85:32:6c:95:02:2c:
92:65:c9:fe:aa:dd:98:d2:a5:62:af:28:9f:fa:8b:
42:59:c8:52:f7:34:74:59:34:fd:5a:f0:da:e9:74:
c5:7f:c5:e2:1b:6d:a6:97:87:d4:13:6e:17:f1:11:
e6:f7:2f:4c:d5:0d:16:45:0f:04:0e:7e:5f:3f:dc:
d5:82:b3:a1:30:d6:3b:39:1f:21:2d:33:cc:d4:3f:
56:7b:13:f4:4b:25:99:7e:51:2c:92:db:c1:ad:80:
c1:8a:73:1e:bd:b1:b5:e8:82:44:b8:60:f0:f2:8c:
21:81:0e:8b:7e:89:b0:ac:4b:17:ea:fd:41:59:f9:
19:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F8:B7:5F:8C:E2:0D:DE:3E:5D:C2:BA:D9:05:87:59:72:9C:34:CE:B7
X509v3 Authority Key Identifier:
keyid:81:CC:A9:F1:5E:19:21:95:3A:62:8C:8A:D2:AC:4B:E9:77:B6:C3:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gcyp8V4ZIZU6YoyK0qxL6Xe2wwM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/1ea2b0-6b9a-44d7-a2e5-2206cc2e691c/1/1-LdfjOIN3j5dwrrZBYdZcpw0zrc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/24/1ea2b0-6b9a-44d7-a2e5-2206cc2e691c/1/gcyp8V4ZIZU6YoyK0qxL6Xe2wwM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.160.106.0/24
46.209.10.0/24
46.209.102.0/24
46.209.122.0/24
46.209.234.0/24
46.209.237.0/24
77.104.114.0/23
Signature Algorithm: sha256WithRSAEncryption
aa:da:42:db:74:ab:66:77:1e:7f:8b:38:dc:0e:b5:aa:e8:af:
04:20:78:2a:55:d9:27:ee:97:3f:c9:a3:fa:6e:bf:23:ee:80:
fa:6e:a3:39:d1:a7:b2:c2:16:3b:25:31:a0:f9:d0:96:ce:b3:
9b:53:b2:c0:7d:08:18:9c:96:c0:e9:82:a7:27:c7:0f:7e:00:
8b:2c:f4:16:50:c7:b1:5f:00:77:8a:2d:2b:58:88:1a:f6:e2:
51:2d:ac:e7:a6:db:71:d9:1d:9e:18:61:a1:77:f8:dd:a6:e9:
44:0d:e5:6b:02:3a:be:cd:3c:d9:e4:7e:53:01:b6:46:2c:c0:
3b:87:08:74:75:9f:61:03:72:55:90:99:50:4b:46:dc:07:11:
54:c3:56:3e:56:ff:8f:dd:98:32:89:7a:7c:58:1c:c7:1e:92:
66:a3:f8:0d:32:b7:02:fa:97:8a:5a:ac:42:71:8d:dd:57:15:
d4:88:ea:c4:34:d0:29:81:45:63:c9:6c:e1:10:37:b0:63:4b:
c2:59:1f:54:a5:34:c5:88:8e:bb:c7:29:93:ea:fe:66:67:9c:
1e:ff:f3:ea:3e:57:9b:8e:33:37:42:85:a1:28:3f:5f:36:9d:
ef:41:7f:5c:ac:0e:e2:f4:00:74:60:10:98:bf:d8:20:c7:69:
68:69:4f:38
-----BEGIN CERTIFICATE-----
MIIFIjCCBAqgAwIBAgISAYJOYbkD9PEupyU7YyhZzIH3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgxY2NhOWYxNWUxOTIxOTUzYTYyOGM4YWQyYWM0YmU5Nzdi
NmMzMDMwHhcNMjIwNzMwMDkxMzIzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmOGI3NWY4Y2UyMGRkZTNlNWRjMmJhZDkwNTg3NTk3MjljMzRjZWI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzoXDn0Lr1wcwFJ6tj446MwWhhTe2
EuxucTC48XLBVRo4UBIBAFUcekomP0WdeXL+uDofwuvaqdQlQsDPqwcL+dvSsKmw
v93hzGd+Ew2SfPYAz/8+pPPmBJA1eeLrUT9JbfehGi5GmRWe9E/wOFGJDwz5SeDF
w0GWZkXxIV5WTpmFMmyVAiySZcn+qt2Y0qViryif+otCWchS9zR0WTT9WvDa6XTF
f8XiG22ml4fUE24X8RHm9y9M1Q0WRQ8EDn5fP9zVgrOhMNY7OR8hLTPM1D9WexP0
SyWZflEsktvBrYDBinMevbG16IJEuGDw8owhgQ6LfomwrEsX6v1BWfkZAwIDAQAB
o4ICLjCCAiowHQYDVR0OBBYEFPi3X4ziDd4+XcK62QWHWXKcNM63MB8GA1UdIwQY
MBaAFIHMqfFeGSGVOmKMitKsS+l3tsMDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ2N5cDhWNFpJWlU2WW95SzBxeEw2WGUyd3dNLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNC8xZWEyYjAtNmI5YS00NGQ3LWEyZTUt
MjIwNmNjMmU2OTFjLzEvMS1MZGZqT0lOM2o1ZHdyclpCWWRaY3B3MHpyYy5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMjQvMWVhMmIwLTZiOWEtNDRkNy1hMmU1LTIyMDZjYzJlNjkx
Yy8xL2djeXA4VjRaSVpVNllveUswcXhMNlhlMnd3TS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjBDBggrBgEFBQcBBwEB/wQ0MDIwMAQCAAEwKgMEAAWgagME
AC7RCgMEAC7RZgMEAC7RegMEAC7R6gMEAC7R7QMEAU1ocjANBgkqhkiG9w0BAQsF
AAOCAQEAqtpC23SrZncef4s43A61quivBCB4KlXZJ+6XP8mj+m6/I+6A+m6jOdGn
ssIWOyUxoPnQls6zm1OywH0IGJyWwOmCpyfHD34Aiyz0FlDHsV8Ad4otK1iIGvbi
US2s56bbcdkdnhhhoXf43abpRA3lawI6vs082eR+UwG2RizAO4cIdHWfYQNyVZCZ
UEtG3AcRVMNWPlb/j92YMol6fFgcxx6SZqP4DTK3AvqXilqsQnGN3VcV1IjqxDTQ
KYFFY8ls4RA3sGNLwlkfVKU0xYiOu8cpk+r+ZmecHv/z6j5Xm44zN0KFoSg/Xzad
70F/XKwO4vQAdGAQmL/YIMdpaGlPOA==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:49:06 2023 by rpki-client on console-ams.rpki-client.org