Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/46/5d8915-c448-40e7-8caa-ba771ffd269c/1/6zKx7WydnD3YXXqNmIKCw_XJ0c0.roa
File: 6zKx7WydnD3YXXqNmIKCw_XJ0c0.roa (raw, json)
Hash identifier: RWAP/BhSS1FuL2pBlCq0ubwQJPtYQidgF+8RwpTDXnk=
Subject key identifier: EB:32:B1:ED:6C:9D:9C:3D:D8:5D:7A:8D:98:82:82:C3:F5:C9:D1:CD
Certificate issuer: /CN=8d11cb015df9baab61228dbbce17dd4e00e63c13
Certificate serial: 0183410C6BF7520DDF96F5E80A669E06C9A9
Authority key identifier: 8D:11:CB:01:5D:F9:BA:AB:61:22:8D:BB:CE:17:DD:4E:00:E6:3C:13
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jRHLAV35uqthIo27zhfdTgDmPBM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/46/5d8915-c448-40e7-8caa-ba771ffd269c/1/6zKx7WydnD3YXXqNmIKCw_XJ0c0.roa
Signing time: Thu 15 Sep 2022 12:07:56 +0000
ROA not before: Thu 15 Sep 2022 12:07:56 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 9009
IP address blocks: 158.46.136.0/21 maxlen: 21
158.46.144.0/20 maxlen: 24
158.46.152.0/24 maxlen: 24
158.46.156.0/24 maxlen: 24
158.46.158.0/24 maxlen: 24
158.46.164.0/22 maxlen: 22
158.46.162.0/23 maxlen: 23
158.46.160.0/23 maxlen: 23
158.46.168.0/21 maxlen: 21
158.46.186.0/23 maxlen: 23
158.46.184.0/23 maxlen: 23
178.171.20.0/22 maxlen: 24
158.46.132.0/22 maxlen: 22
178.171.36.0/23 maxlen: 23
158.46.188.0/22 maxlen: 24
178.171.103.0/24 maxlen: 24
178.171.105.0/24 maxlen: 24
178.171.112.0/23 maxlen: 23
178.171.108.0/23 maxlen: 23
178.171.106.0/23 maxlen: 23
178.171.114.0/23 maxlen: 23
178.171.116.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:41:0c:6b:f7:52:0d:df:96:f5:e8:0a:66:9e:06:c9:a9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8d11cb015df9baab61228dbbce17dd4e00e63c13
Validity
Not Before: Sep 15 12:07:56 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=eb32b1ed6c9d9c3dd85d7a8d988282c3f5c9d1cd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ed:4f:fe:c0:92:82:0d:8e:aa:a3:7b:0a:97:a6:
1f:0d:11:3a:5b:fb:6c:71:8b:1e:0b:26:28:7e:98:
dd:c8:a4:3e:1a:c3:91:86:b0:16:66:2c:19:2e:94:
41:94:80:b7:10:f7:8c:48:89:7a:04:f9:81:4c:3c:
6f:8f:2a:53:e5:3b:cc:be:81:db:0a:74:a2:2e:41:
3a:40:cd:a1:11:51:94:67:27:bb:a9:d4:c5:d8:76:
1f:b5:10:dc:36:61:6d:90:22:61:4e:1d:8e:3f:cf:
7b:3f:de:5f:34:fd:e2:b9:ef:88:88:52:9b:9b:f2:
87:25:9a:5a:79:ec:dc:2f:76:47:d1:9a:41:84:7f:
76:3d:3f:7c:ef:10:b2:08:de:e4:ba:1a:81:29:d3:
ab:df:3c:cd:fc:fd:77:a0:34:ac:29:8a:e4:b8:27:
2e:11:ce:3a:1e:e3:c8:da:3d:2b:10:a8:81:c2:c4:
f1:e7:e1:94:1b:84:0f:32:5e:62:54:75:f3:1a:ce:
af:da:cf:c7:fa:1e:d3:df:e7:97:04:c0:dd:ca:37:
4b:84:e9:27:f3:18:d9:66:76:15:75:2e:b3:33:97:
14:06:9a:d4:96:46:3d:c5:d7:88:91:90:d1:82:e5:
2f:d1:f5:8d:87:f1:cd:4b:81:1a:df:b4:ed:11:37:
40:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EB:32:B1:ED:6C:9D:9C:3D:D8:5D:7A:8D:98:82:82:C3:F5:C9:D1:CD
X509v3 Authority Key Identifier:
keyid:8D:11:CB:01:5D:F9:BA:AB:61:22:8D:BB:CE:17:DD:4E:00:E6:3C:13
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jRHLAV35uqthIo27zhfdTgDmPBM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/46/5d8915-c448-40e7-8caa-ba771ffd269c/1/6zKx7WydnD3YXXqNmIKCw_XJ0c0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/46/5d8915-c448-40e7-8caa-ba771ffd269c/1/jRHLAV35uqthIo27zhfdTgDmPBM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
158.46.132.0-158.46.175.255
158.46.184.0/21
178.171.20.0/22
178.171.36.0/23
178.171.103.0/24
178.171.105.0-178.171.109.255
178.171.112.0-178.171.117.255
Signature Algorithm: sha256WithRSAEncryption
81:af:45:e0:42:82:36:c4:82:1f:1f:0d:16:b1:d5:10:48:e3:
20:07:1d:cb:93:dd:58:ca:07:67:72:ad:2e:cc:d6:97:fe:33:
0f:10:d1:a4:ee:c4:57:e8:17:44:4c:f9:c6:ae:e7:c2:55:80:
23:89:38:ac:2a:86:99:f0:40:35:9c:0d:9b:98:91:f9:ca:b6:
ce:bc:b9:64:66:68:44:98:85:d4:14:35:58:0e:3c:b8:13:75:
98:95:80:a6:67:16:0d:4f:c9:f9:1c:4a:eb:be:f2:67:14:58:
5d:c7:0a:96:18:02:3c:0a:e3:43:20:6e:c3:ed:b8:9a:31:8c:
fb:b9:e2:2d:f7:4a:45:0c:19:94:30:58:e0:77:cc:bc:1a:2b:
7b:6c:d1:98:2d:b1:f6:bb:4a:94:9f:46:08:8a:c2:ee:4f:00:
98:b0:46:a8:46:72:34:3b:ea:01:4c:41:03:45:ae:82:0d:98:
e4:88:87:c5:56:07:77:43:c0:03:e4:99:69:1e:62:ee:7d:67:
9f:07:a9:f3:e3:e3:65:53:47:a9:56:09:f5:c6:76:f4:f4:06:
14:08:91:0f:f2:e6:65:95:50:62:c4:bf:ae:f0:f8:7c:c1:18:
fd:46:3b:f9:91:cf:fd:55:b9:e4:90:b3:b9:20:91:54:30:1c:
d8:92:b3:a6
-----BEGIN CERTIFICATE-----
MIIFOTCCBCGgAwIBAgISAYNBDGv3Ug3flvXoCmaeBsmpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhkMTFjYjAxNWRmOWJhYWI2MTIyOGRiYmNlMTdkZDRlMDBl
NjNjMTMwHhcNMjIwOTE1MTIwNzU2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYjMyYjFlZDZjOWQ5YzNkZDg1ZDdhOGQ5ODgyODJjM2Y1YzlkMWNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7U/+wJKCDY6qo3sKl6YfDRE6W/ts
cYseCyYofpjdyKQ+GsORhrAWZiwZLpRBlIC3EPeMSIl6BPmBTDxvjypT5TvMvoHb
CnSiLkE6QM2hEVGUZye7qdTF2HYftRDcNmFtkCJhTh2OP897P95fNP3iue+IiFKb
m/KHJZpaeezcL3ZH0ZpBhH92PT987xCyCN7kuhqBKdOr3zzN/P13oDSsKYrkuCcu
Ec46HuPI2j0rEKiBwsTx5+GUG4QPMl5iVHXzGs6v2s/H+h7T3+eXBMDdyjdLhOkn
8xjZZnYVdS6zM5cUBprUlkY9xdeIkZDRguUv0fWNh/HNS4Ea37TtETdAmwIDAQAB
o4ICRTCCAkEwHQYDVR0OBBYEFOsyse1snZw92F16jZiCgsP1ydHNMB8GA1UdIwQY
MBaAFI0RywFd+bqrYSKNu84X3U4A5jwTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvalJITEFWMzV1cXRoSW8yN3poZmRUZ0RtUEJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ni81ZDg5MTUtYzQ0OC00MGU3LThjYWEt
YmE3NzFmZmQyNjljLzEvNnpLeDdXeWRuRDNZWFhxTm1JS0N3X1hKMGMwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ni81ZDg5MTUtYzQ0OC00MGU3LThjYWEtYmE3NzFmZmQyNjlj
LzEvalJITEFWMzV1cXRoSW8yN3poZmRUZ0RtUEJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFsGCCsGAQUFBwEHAQH/BEwwSjBIBAIAATBCMAwDBAKeLoQD
BASeLqADBAOeLrgDBAKyqxQDBAGyqyQDBACyq2cwDAMEALKraQMEAbKrbDAMAwQE
sqtwAwQBsqt0MA0GCSqGSIb3DQEBCwUAA4IBAQCBr0XgQoI2xIIfHw0WsdUQSOMg
Bx3Lk91Yygdncq0uzNaX/jMPENGk7sRX6BdETPnGrufCVYAjiTisKoaZ8EA1nA2b
mJH5yrbOvLlkZmhEmIXUFDVYDjy4E3WYlYCmZxYNT8n5HErrvvJnFFhdxwqWGAI8
CuNDIG7D7biaMYz7ueIt90pFDBmUMFjgd8y8Git7bNGYLbH2u0qUn0YIisLuTwCY
sEaoRnI0O+oBTEEDRa6CDZjkiIfFVgd3Q8AD5JlpHmLufWefB6nz4+NlU0epVgn1
xnb09AYUCJEP8uZllVBixL+u8Ph8wRj9Rjv5kc/9VbnkkLO5IJFUMBzYkrOm
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:47:22 2023 by rpki-client on console-fra.rpki-client.org