Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/43/9ca446-fc5c-4746-b26f-30ce83701b39/1/bo27gHo1gxJhUY-tG0lyWD_ReAM.roa
File: bo27gHo1gxJhUY-tG0lyWD_ReAM.roa (raw, json)
Hash identifier: EUfQPF8w6UgA9Rt4Mus8NA5VI+YunGU/Xhk+b8+GPck=
Subject key identifier: 6E:8D:BB:80:7A:35:83:12:61:51:8F:AD:1B:49:72:58:3F:D1:78:03
Certificate issuer: /CN=3433ae1c60672c7591a8f97d68f79fb2a5ee8da7
Certificate serial: 164C55B2
Authority key identifier: 34:33:AE:1C:60:67:2C:75:91:A8:F9:7D:68:F7:9F:B2:A5:EE:8D:A7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NDOuHGBnLHWRqPl9aPefsqXujac.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/43/9ca446-fc5c-4746-b26f-30ce83701b39/1/bo27gHo1gxJhUY-tG0lyWD_ReAM.roa
Signing time: Sat 01 Jan 2022 14:56:14 +0000
ROA not before: Sat 01 Jan 2022 14:56:14 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 16125
IP address blocks: 46.166.160.0/20 maxlen: 32
185.8.104.0/22 maxlen: 32
5.199.160.0/20 maxlen: 32
93.115.24.0/21 maxlen: 32
185.150.116.0/22 maxlen: 32
188.214.128.0/21 maxlen: 32
2a02:ae00::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 374101426 (0x164c55b2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3433ae1c60672c7591a8f97d68f79fb2a5ee8da7
Validity
Not Before: Jan 1 14:56:14 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=6e8dbb807a35831261518fad1b4972583fd17803
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:1a:27:10:3e:25:ec:6e:f5:f6:f0:15:b3:c3:
2e:22:a7:5f:39:11:5a:28:5c:41:30:3c:85:b2:f5:
67:95:a6:7b:90:b0:c5:cb:82:36:89:d2:22:95:84:
b9:91:ec:b8:24:5b:77:78:7c:3a:71:32:d9:66:9f:
fb:a1:f4:09:99:e8:2e:13:c5:66:fe:f9:c8:f7:3f:
7b:37:0c:ec:e7:56:6d:c7:2a:59:15:1d:c0:ad:4d:
68:27:77:d7:31:72:9a:c3:41:bb:a0:45:8a:0c:01:
f8:d3:c5:f4:30:09:49:d3:fa:79:fd:86:29:0c:32:
89:53:d9:9c:4d:94:3f:92:9c:92:ac:91:5c:b4:9c:
eb:9f:6f:59:44:26:73:60:d7:f1:57:98:3e:d2:27:
84:29:e3:e5:73:e6:f7:a5:29:5b:83:61:de:62:df:
32:6f:b4:56:95:21:3f:2d:04:d9:c9:2e:ef:02:73:
16:ba:18:03:6f:bc:8a:d0:7e:bd:d1:dd:a3:e6:9f:
d9:29:a6:84:62:07:22:63:24:6f:88:db:01:8b:60:
ff:97:e2:29:75:c0:2b:e4:b8:44:07:9a:87:b6:68:
19:73:e9:79:d7:95:f0:8a:11:07:f7:b9:80:96:43:
2f:05:f0:fa:39:86:74:50:23:c9:b7:0c:68:f6:07:
6a:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:8D:BB:80:7A:35:83:12:61:51:8F:AD:1B:49:72:58:3F:D1:78:03
X509v3 Authority Key Identifier:
keyid:34:33:AE:1C:60:67:2C:75:91:A8:F9:7D:68:F7:9F:B2:A5:EE:8D:A7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NDOuHGBnLHWRqPl9aPefsqXujac.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/43/9ca446-fc5c-4746-b26f-30ce83701b39/1/bo27gHo1gxJhUY-tG0lyWD_ReAM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/43/9ca446-fc5c-4746-b26f-30ce83701b39/1/NDOuHGBnLHWRqPl9aPefsqXujac.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.199.160.0/20
46.166.160.0/20
93.115.24.0/21
185.8.104.0/22
185.150.116.0/22
188.214.128.0/21
IPv6:
2a02:ae00::/32
Signature Algorithm: sha256WithRSAEncryption
54:df:d2:a7:fb:16:db:4c:13:5f:dc:e3:63:ce:20:5c:7d:63:
3c:af:17:68:fb:38:42:71:2f:e2:83:af:1c:6f:9c:76:35:51:
d4:d4:48:7a:2c:0f:ac:cb:ab:de:a2:9f:9d:26:f8:96:a3:d7:
cd:bc:60:68:90:b0:18:5d:96:6f:4c:a8:c6:45:ce:03:a1:6b:
32:8a:f2:cc:da:5e:d8:55:ce:f2:4f:f8:2e:e3:be:a2:55:20:
cb:25:fd:dd:28:83:67:77:b4:91:58:92:07:c4:99:fb:08:4a:
e9:b2:5f:46:cb:8e:77:e4:f3:a7:32:65:91:74:78:9a:5c:f3:
e6:4b:ba:8d:03:be:fd:d4:69:84:fb:2d:90:14:5a:b2:8d:45:
7b:ae:b6:c9:02:8f:fe:0e:e7:7d:1e:a6:07:eb:8e:33:73:f3:
38:94:4a:0e:5c:c8:7c:d0:11:fc:aa:5f:3b:3c:7e:2c:4e:78:
4b:39:94:6a:f4:59:5d:09:8b:f2:e0:79:04:a3:ca:d3:99:25:
ce:c6:32:87:e0:e4:ce:f8:04:7c:50:60:0f:d0:fe:db:b2:96:
79:22:5b:f9:f7:da:5b:6e:6a:84:bf:d9:a2:92:a2:6d:e2:ee:
a9:2b:34:e7:93:4c:1a:61:40:6b:cf:04:02:a6:f2:8e:6c:7b:
0c:b8:a7:2f
-----BEGIN CERTIFICATE-----
MIIFHDCCBASgAwIBAgIEFkxVsjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
NDMzYWUxYzYwNjcyYzc1OTFhOGY5N2Q2OGY3OWZiMmE1ZWU4ZGE3MB4XDTIyMDEw
MTE0NTYxNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNmU4ZGJiODA3YTM1
ODMxMjYxNTE4ZmFkMWI0OTcyNTgzZmQxNzgwMzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANoaJxA+Jexu9fbwFbPDLiKnXzkRWihcQTA8hbL1Z5Wme5Cw
xcuCNonSIpWEuZHsuCRbd3h8OnEy2Waf+6H0CZnoLhPFZv75yPc/ezcM7OdWbccq
WRUdwK1NaCd31zFymsNBu6BFigwB+NPF9DAJSdP6ef2GKQwyiVPZnE2UP5KckqyR
XLSc659vWUQmc2DX8VeYPtInhCnj5XPm96UpW4Nh3mLfMm+0VpUhPy0E2cku7wJz
FroYA2+8itB+vdHdo+af2SmmhGIHImMkb4jbAYtg/5fiKXXAK+S4RAeah7ZoGXPp
edeV8IoRB/e5gJZDLwXw+jmGdFAjybcMaPYHajECAwEAAaOCAjYwggIyMB0GA1Ud
DgQWBBRujbuAejWDEmFRj60bSXJYP9F4AzAfBgNVHSMEGDAWgBQ0M64cYGcsdZGo
+X1o95+ype6NpzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L05ET3VIR0JuTEhXUnFQbDlhUGVmc3FYdWphYy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNDMvOWNhNDQ2LWZjNWMtNDc0Ni1iMjZmLTMwY2U4MzcwMWIzOS8x
L2JvMjdnSG8xZ3hKaFVZLXRHMGx5V0RfUmVBTS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNDMv
OWNhNDQ2LWZjNWMtNDc0Ni1iMjZmLTMwY2U4MzcwMWIzOS8xL05ET3VIR0JuTEhX
UnFQbDlhUGVmc3FYdWphYy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBM
BggrBgEFBQcBBwEB/wQ9MDswKgQCAAEwJAMEBAXHoAMEBC6moAMEA11zGAMEArkI
aAMEArmWdAMEA7zWgDANBAIAAjAHAwUAKgKuADANBgkqhkiG9w0BAQsFAAOCAQEA
VN/Sp/sW20wTX9zjY84gXH1jPK8XaPs4QnEv4oOvHG+cdjVR1NRIeiwPrMur3qKf
nSb4lqPXzbxgaJCwGF2Wb0yoxkXOA6FrMoryzNpe2FXO8k/4LuO+olUgyyX93SiD
Z3e0kViSB8SZ+whK6bJfRsuOd+TzpzJlkXR4mlzz5ku6jQO+/dRphPstkBRaso1F
e662yQKP/g7nfR6mB+uOM3PzOJRKDlzIfNAR/KpfOzx+LE54SzmUavRZXQmL8uB5
BKPK05klzsYyh+DkzvgEfFBgD9D+27KWeSJb+ffaW25qhL/ZopKibeLuqSs055NM
GmFAa88EAqbyjmx7DLinLw==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:50:54 2023 by rpki-client on console-ams.rpki-client.org