Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/c91ec3-2820-417b-9aad-bacab475e6cc/1/q_AeNxuipkEIetOUQBfSY2mkaKA.roa
File: q_AeNxuipkEIetOUQBfSY2mkaKA.roa (raw, json)
Hash identifier: IkxCTZUB3TTsPHSNErLZIv0Px8dW4L+NBYAmzJhB7mk=
Subject key identifier: AB:F0:1E:37:1B:A2:A6:41:08:7A:D3:94:40:17:D2:63:69:A4:68:A0
Certificate issuer: /CN=1cee91296c94992d151a232240e6cf3a176d2039
Certificate serial: 02016DFD
Authority key identifier: 1C:EE:91:29:6C:94:99:2D:15:1A:23:22:40:E6:CF:3A:17:6D:20:39
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HO6RKWyUmS0VGiMiQObPOhdtIDk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3a/c91ec3-2820-417b-9aad-bacab475e6cc/1/q_AeNxuipkEIetOUQBfSY2mkaKA.roa
Signing time: Sat 01 Jan 2022 03:59:41 +0000
ROA not before: Sat 01 Jan 2022 03:59:41 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 43110
IP address blocks: 46.172.64.0/24 maxlen: 24
46.172.70.0/24 maxlen: 24
46.172.69.0/24 maxlen: 24
46.172.65.0/24 maxlen: 24
46.172.66.0/24 maxlen: 24
46.172.71.0/24 maxlen: 24
46.172.78.0/24 maxlen: 24
46.172.92.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 33648125 (0x2016dfd)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1cee91296c94992d151a232240e6cf3a176d2039
Validity
Not Before: Jan 1 03:59:41 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=abf01e371ba2a641087ad3944017d26369a468a0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e9:92:db:26:e1:e0:69:e3:0f:46:9f:6c:28:18:
ce:31:71:fa:a4:1c:53:03:a9:c6:17:a3:27:38:dd:
3c:71:cc:03:73:d5:92:2c:19:4f:37:69:90:94:da:
cd:ff:f8:5a:c4:41:c2:23:19:d1:c9:d8:69:30:fd:
04:f2:66:ea:40:80:0e:c3:12:cd:ee:fe:92:e0:f1:
ad:20:e3:94:6c:e0:40:df:31:f6:66:95:7f:dd:12:
cf:b5:13:68:68:ff:b1:f3:ad:6c:d8:63:01:01:c8:
7e:39:82:33:20:8e:1b:60:87:d7:9f:20:6e:88:ae:
ec:c1:ff:22:ca:c8:23:b2:72:12:7b:37:64:31:c3:
dd:c2:13:1d:b7:b6:91:1c:5b:a3:17:1f:ef:9e:1e:
21:12:07:00:d7:90:ef:e4:35:81:6e:66:8d:82:34:
e9:9d:8d:a2:b1:17:11:07:99:ad:ca:1c:ed:cb:73:
26:e2:c4:21:8b:02:3e:d9:94:55:7c:51:4a:74:b4:
1d:92:ea:6e:f6:a1:43:c4:d0:4a:f9:6f:b6:56:53:
0f:e3:0f:a6:f5:ad:74:dc:e6:9a:82:db:1f:7e:2f:
0a:a3:ec:8f:81:7e:2e:c5:ab:8b:f1:c0:9f:e0:9f:
9d:c3:37:3c:8a:f1:1c:a3:c3:da:5c:17:a4:ad:f6:
a5:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AB:F0:1E:37:1B:A2:A6:41:08:7A:D3:94:40:17:D2:63:69:A4:68:A0
X509v3 Authority Key Identifier:
keyid:1C:EE:91:29:6C:94:99:2D:15:1A:23:22:40:E6:CF:3A:17:6D:20:39
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HO6RKWyUmS0VGiMiQObPOhdtIDk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/c91ec3-2820-417b-9aad-bacab475e6cc/1/q_AeNxuipkEIetOUQBfSY2mkaKA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/c91ec3-2820-417b-9aad-bacab475e6cc/1/HO6RKWyUmS0VGiMiQObPOhdtIDk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.172.64.0-46.172.66.255
46.172.69.0-46.172.71.255
46.172.78.0/24
46.172.92.0/24
Signature Algorithm: sha256WithRSAEncryption
52:72:23:e1:a2:27:30:36:3a:a8:f9:f3:57:d6:69:b1:ad:55:
be:29:00:96:52:02:73:74:0b:f9:a2:41:b9:2e:c4:72:56:f3:
7f:cf:e2:37:77:95:12:1b:af:18:6a:07:01:3b:12:13:b6:ef:
fb:c3:ec:9c:7f:78:03:5c:24:10:72:94:52:2e:76:f6:90:45:
fe:ac:a9:8f:c6:15:5d:2d:fa:59:c7:39:65:e7:e2:5f:7c:f1:
87:c7:1e:f5:3c:2e:d8:84:30:7e:a8:d1:13:db:cd:0c:ed:f1:
48:ec:9e:13:f2:23:cd:88:13:43:e6:c5:3e:43:53:f3:cc:cf:
ae:0f:b6:b7:f8:55:3e:18:4e:4e:28:e8:fd:18:69:a5:d9:27:
6e:2c:d2:f8:1e:f2:b1:4f:82:49:93:05:9b:ca:1a:14:c4:0b:
e0:4d:66:bf:97:39:61:46:99:eb:d8:97:f8:6f:84:7d:73:09:
8a:de:49:08:f8:8a:73:27:62:4b:16:4b:fe:bb:1b:e0:81:ee:
f1:89:b2:d9:cd:fb:07:29:3f:b5:55:95:c0:fb:11:98:31:18:
54:d1:55:ca:a1:27:ad:c9:cb:4d:f1:37:a2:3c:d2:9a:ef:03:
d8:d7:ad:9a:86:89:d0:a2:e9:47:22:87:6c:3b:e3:97:ab:64:
50:a9:b6:18
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgIEAgFt/TANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
Y2VlOTEyOTZjOTQ5OTJkMTUxYTIzMjI0MGU2Y2YzYTE3NmQyMDM5MB4XDTIyMDEw
MTAzNTk0MVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYWJmMDFlMzcxYmEy
YTY0MTA4N2FkMzk0NDAxN2QyNjM2OWE0NjhhMDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOmS2ybh4GnjD0afbCgYzjFx+qQcUwOpxhejJzjdPHHMA3PV
kiwZTzdpkJTazf/4WsRBwiMZ0cnYaTD9BPJm6kCADsMSze7+kuDxrSDjlGzgQN8x
9maVf90Sz7UTaGj/sfOtbNhjAQHIfjmCMyCOG2CH158gboiu7MH/IsrII7JyEns3
ZDHD3cITHbe2kRxboxcf754eIRIHANeQ7+Q1gW5mjYI06Z2NorEXEQeZrcoc7ctz
JuLEIYsCPtmUVXxRSnS0HZLqbvahQ8TQSvlvtlZTD+MPpvWtdNzmmoLbH34vCqPs
j4F+LsWri/HAn+CfncM3PIrxHKPD2lwXpK32pbkCAwEAAaOCAiswggInMB0GA1Ud
DgQWBBSr8B43G6KmQQh605RAF9JjaaRooDAfBgNVHSMEGDAWgBQc7pEpbJSZLRUa
IyJA5s86F20gOTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0hPNlJLV3lVbVMwVkdpTWlRT2JQT2hkdElEay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvM2EvYzkxZWMzLTI4MjAtNDE3Yi05YWFkLWJhY2FiNDc1ZTZjYy8x
L3FfQWVOeHVpcGtFSWV0T1VRQmZTWTJta2FLQS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvM2Ev
YzkxZWMzLTI4MjAtNDE3Yi05YWFkLWJhY2FiNDc1ZTZjYy8xL0hPNlJLV3lVbVMw
VkdpTWlRT2JQT2hkdElEay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBB
BggrBgEFBQcBBwEB/wQyMDAwLgQCAAEwKDAMAwQGLqxAAwQALqxCMAwDBAAurEUD
BAMurEADBAAurE4DBAAurFwwDQYJKoZIhvcNAQELBQADggEBAFJyI+GiJzA2Oqj5
81fWabGtVb4pAJZSAnN0C/miQbkuxHJW83/P4jd3lRIbrxhqBwE7EhO27/vD7Jx/
eANcJBBylFIudvaQRf6sqY/GFV0t+lnHOWXn4l988YfHHvU8LtiEMH6o0RPbzQzt
8UjsnhPyI82IE0PmxT5DU/PMz64Ptrf4VT4YTk4o6P0YaaXZJ24s0vge8rFPgkmT
BZvKGhTEC+BNZr+XOWFGmevYl/hvhH1zCYreSQj4inMnYksWS/67G+CB7vGJstnN
+wcpP7VVlcD7EZgxGFTRVcqhJ63Jy03xN6I80prvA9jXrZqGidCi6Ucih2w745er
ZFCpthg=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:50:32 2023 by rpki-client on console-ams.rpki-client.org