Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/5f4eb6-6026-4098-88d7-953c68506d5c/1/wRDyZKj1v7WDlXxHaVCiOQ_j7g4.roa
File: wRDyZKj1v7WDlXxHaVCiOQ_j7g4.roa (raw, json)
Hash identifier: YGJ/l2mCgwfdm71DeaQHBwDfCn2P8kMKf8Xl6NBjgRQ=
Subject key identifier: C1:10:F2:64:A8:F5:BF:B5:83:95:7C:47:69:50:A2:39:0F:E3:EE:0E
Certificate issuer: /CN=02d0e88885ef48b20c87b76fd85d42e6eb3d7183
Certificate serial: 03DFF8C6
Authority key identifier: 02:D0:E8:88:85:EF:48:B2:0C:87:B7:6F:D8:5D:42:E6:EB:3D:71:83
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AtDoiIXvSLIMh7dv2F1C5us9cYM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3a/5f4eb6-6026-4098-88d7-953c68506d5c/1/wRDyZKj1v7WDlXxHaVCiOQ_j7g4.roa
Signing time: Sat 01 Jan 2022 15:58:09 +0000
ROA not before: Sat 01 Jan 2022 15:58:09 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 41942
IP address blocks: 46.31.0.0/21 maxlen: 21
46.31.4.0/24 maxlen: 24
46.31.6.0/24 maxlen: 24
46.31.5.0/24 maxlen: 24
91.102.200.0/21 maxlen: 21
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 65009862 (0x3dff8c6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=02d0e88885ef48b20c87b76fd85d42e6eb3d7183
Validity
Not Before: Jan 1 15:58:09 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=c110f264a8f5bfb583957c476950a2390fe3ee0e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:4f:a2:aa:c1:78:32:77:5d:8a:34:2f:41:2f:
77:54:a4:68:f3:07:8b:d1:e7:5b:6f:22:f1:df:17:
0d:8c:43:53:74:b0:94:2f:37:a5:38:30:82:fd:87:
49:fc:12:ea:33:99:ee:58:86:fb:31:8b:51:1c:3c:
2d:8a:72:91:29:6c:5b:54:91:d9:02:76:a8:5e:55:
0f:c5:c9:54:ca:da:d7:1b:4f:b7:84:36:37:c9:35:
59:c8:f3:ab:85:f4:0d:c5:b1:18:63:c9:56:4b:0c:
08:cf:0c:b0:e2:71:98:74:b6:47:13:7b:3c:ad:08:
e6:ea:98:61:c8:ba:b9:18:22:a3:48:76:42:9a:a7:
f0:61:66:63:d5:a9:cc:b3:c5:59:90:5b:1b:57:9c:
19:52:4f:3f:13:89:8a:f7:09:2a:fc:26:ca:09:f5:
32:c5:de:3c:75:05:71:6f:17:52:ee:fb:2f:e7:c0:
20:ae:c3:3f:53:1c:7f:07:ea:fb:51:cf:5f:9f:26:
88:b0:c3:a2:9c:17:94:b1:c2:f0:f5:af:f3:de:43:
b2:f7:68:9a:ec:fb:7e:d8:10:7c:47:e9:2b:48:72:
6f:1a:ad:2e:b7:a7:5a:66:7a:34:b6:ab:c4:7e:ef:
21:8b:12:e8:ae:1c:63:9e:93:2d:1c:a4:0f:f5:6d:
82:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C1:10:F2:64:A8:F5:BF:B5:83:95:7C:47:69:50:A2:39:0F:E3:EE:0E
X509v3 Authority Key Identifier:
keyid:02:D0:E8:88:85:EF:48:B2:0C:87:B7:6F:D8:5D:42:E6:EB:3D:71:83
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AtDoiIXvSLIMh7dv2F1C5us9cYM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/5f4eb6-6026-4098-88d7-953c68506d5c/1/wRDyZKj1v7WDlXxHaVCiOQ_j7g4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/5f4eb6-6026-4098-88d7-953c68506d5c/1/AtDoiIXvSLIMh7dv2F1C5us9cYM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.31.0.0/21
91.102.200.0/21
Signature Algorithm: sha256WithRSAEncryption
95:a3:3a:66:77:76:7f:86:73:af:b3:dc:43:a7:62:15:80:79:
96:0d:15:b1:42:02:b4:a7:02:39:7b:dd:85:f3:17:c9:c0:1d:
9b:d6:39:b7:9b:80:bf:9d:93:20:42:cd:b5:f5:8c:4d:1b:ec:
da:83:03:e5:6f:b8:dd:d2:33:fa:5d:7c:24:ec:a1:f8:13:fb:
9c:a6:e5:03:1c:7e:72:a9:04:a3:79:96:f0:4b:a3:f5:30:d0:
0a:ff:c9:c8:c6:f3:82:12:af:14:db:93:48:37:84:6f:f5:2c:
8b:3d:e5:97:31:ee:d7:c2:52:e0:4c:9c:38:be:bf:25:4b:c6:
d3:49:d6:2c:78:fe:a6:ed:20:8d:12:43:17:10:d4:0b:da:42:
f1:63:f2:d2:29:90:4d:46:db:f6:3e:c0:72:2a:66:e1:a0:7c:
c0:ab:d1:24:b6:06:eb:39:ee:37:e4:c1:03:1c:57:a4:0f:38:
f6:55:05:f0:2a:11:43:7b:ba:d4:26:76:30:22:4b:88:29:f7:
c7:43:3f:d3:54:db:30:ed:71:06:d9:cd:d7:21:20:9f:03:0a:
67:11:b0:c3:77:1d:50:03:c1:c6:b8:4b:b5:8a:c5:37:bd:87:
f0:07:1c:97:5a:44:a8:61:97:11:4b:0d:4f:8b:87:b5:4f:e6:
fe:94:c4:68
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIEA9/4xjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
MmQwZTg4ODg1ZWY0OGIyMGM4N2I3NmZkODVkNDJlNmViM2Q3MTgzMB4XDTIyMDEw
MTE1NTgwOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYzExMGYyNjRhOGY1
YmZiNTgzOTU3YzQ3Njk1MGEyMzkwZmUzZWUwZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALJPoqrBeDJ3XYo0L0Evd1SkaPMHi9HnW28i8d8XDYxDU3Sw
lC83pTgwgv2HSfwS6jOZ7liG+zGLURw8LYpykSlsW1SR2QJ2qF5VD8XJVMra1xtP
t4Q2N8k1Wcjzq4X0DcWxGGPJVksMCM8MsOJxmHS2RxN7PK0I5uqYYci6uRgio0h2
Qpqn8GFmY9WpzLPFWZBbG1ecGVJPPxOJivcJKvwmygn1MsXePHUFcW8XUu77L+fA
IK7DP1Mcfwfq+1HPX58miLDDopwXlLHC8PWv895Dsvdomuz7ftgQfEfpK0hybxqt
LrenWmZ6NLarxH7vIYsS6K4cY56TLRykD/VtgiMCAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBTBEPJkqPW/tYOVfEdpUKI5D+PuDjAfBgNVHSMEGDAWgBQC0OiIhe9IsgyH
t2/YXULm6z1xgzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0F0RG9pSVh2U0xJTWg3ZHYyRjFDNXVzOWNZTS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvM2EvNWY0ZWI2LTYwMjYtNDA5OC04OGQ3LTk1M2M2ODUwNmQ1Yy8x
L3dSRHlaS2oxdjdXRGxYeEhhVkNpT1FfajdnNC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvM2Ev
NWY0ZWI2LTYwMjYtNDA5OC04OGQ3LTk1M2M2ODUwNmQ1Yy8xL0F0RG9pSVh2U0xJ
TWg3ZHYyRjFDNXVzOWNZTS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEAy4fAAMEA1tmyDANBgkqhkiG9w0B
AQsFAAOCAQEAlaM6Znd2f4Zzr7PcQ6diFYB5lg0VsUICtKcCOXvdhfMXycAdm9Y5
t5uAv52TIELNtfWMTRvs2oMD5W+43dIz+l18JOyh+BP7nKblAxx+cqkEo3mW8Euj
9TDQCv/JyMbzghKvFNuTSDeEb/Usiz3llzHu18JS4EycOL6/JUvG00nWLHj+pu0g
jRJDFxDUC9pC8WPy0imQTUbb9j7Acipm4aB8wKvRJLYG6znuN+TBAxxXpA849lUF
8CoRQ3u61CZ2MCJLiCn3x0M/01TbMO1xBtnN1yEgnwMKZxGww3cdUAPBxrhLtYrF
N72H8Accl1pEqGGXEUsNT4uHtU/m/pTEaA==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:46:47 2023 by rpki-client on console-fra.rpki-client.org