Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/46/5d8915-c448-40e7-8caa-ba771ffd269c/1/Ckri6Lrc96AAjK5FL9MWPwfm7NE.roa
File: Ckri6Lrc96AAjK5FL9MWPwfm7NE.roa (raw, json)
Hash identifier: BeMZYCbkgd2It72KLzI1Wa+0KtSdIaZn0Meczdk6giI=
Subject key identifier: 0A:4A:E2:E8:BA:DC:F7:A0:00:8C:AE:45:2F:D3:16:3F:07:E6:EC:D1
Certificate issuer: /CN=8d11cb015df9baab61228dbbce17dd4e00e63c13
Certificate serial: 0183B626D6127D897CC0E1DDCA94756659A4
Authority key identifier: 8D:11:CB:01:5D:F9:BA:AB:61:22:8D:BB:CE:17:DD:4E:00:E6:3C:13
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jRHLAV35uqthIo27zhfdTgDmPBM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/46/5d8915-c448-40e7-8caa-ba771ffd269c/1/Ckri6Lrc96AAjK5FL9MWPwfm7NE.roa
Signing time: Sat 08 Oct 2022 05:52:21 +0000
ROA not before: Sat 08 Oct 2022 05:52:21 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 399587
IP address blocks: 178.171.50.0/23 maxlen: 23
178.171.48.0/23 maxlen: 23
178.171.62.0/23 maxlen: 23
158.46.176.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:b6:26:d6:12:7d:89:7c:c0:e1:dd:ca:94:75:66:59:a4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8d11cb015df9baab61228dbbce17dd4e00e63c13
Validity
Not Before: Oct 8 05:52:21 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=0a4ae2e8badcf7a0008cae452fd3163f07e6ecd1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:85:a6:61:31:f9:48:bd:1b:00:9a:cf:ba:be:
e8:25:78:55:89:5e:f5:66:71:e0:61:41:f9:99:05:
2a:b7:1f:bd:b5:40:9e:3d:c1:ad:6c:12:94:ad:64:
e9:da:e4:5d:f0:77:26:7d:e3:5c:4e:94:16:be:cf:
4c:45:02:62:fb:5f:c0:b5:b4:13:33:08:71:87:8c:
12:3f:20:69:4f:f5:97:e6:97:b5:45:44:31:be:44:
88:cf:e9:2b:66:e7:fe:c3:98:fe:88:6e:73:e7:fa:
22:ff:55:f4:5b:40:7c:99:e9:69:6e:7e:80:e4:dd:
d0:9c:33:95:b1:f2:81:13:09:45:6a:42:23:70:df:
e5:c9:23:c3:9a:f1:2c:e3:84:d9:55:69:a6:03:d4:
44:cc:21:f8:f9:b1:7e:ef:e4:2b:7e:47:c6:97:a1:
36:40:f4:97:3f:a5:91:58:84:c2:dc:2f:69:bc:f0:
e5:05:cf:00:b7:97:b7:55:41:30:ae:b3:60:54:c8:
f2:0a:c0:e8:c7:89:1d:58:1c:53:6b:2c:16:97:f1:
72:a4:20:6b:d5:dd:0c:85:85:67:82:91:c4:a5:c0:
55:76:21:8d:40:47:a9:11:7f:1b:37:4a:08:10:95:
81:b1:93:8e:68:a9:8d:29:9c:52:9b:e9:41:3d:5c:
20:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:4A:E2:E8:BA:DC:F7:A0:00:8C:AE:45:2F:D3:16:3F:07:E6:EC:D1
X509v3 Authority Key Identifier:
keyid:8D:11:CB:01:5D:F9:BA:AB:61:22:8D:BB:CE:17:DD:4E:00:E6:3C:13
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jRHLAV35uqthIo27zhfdTgDmPBM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/46/5d8915-c448-40e7-8caa-ba771ffd269c/1/Ckri6Lrc96AAjK5FL9MWPwfm7NE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/46/5d8915-c448-40e7-8caa-ba771ffd269c/1/jRHLAV35uqthIo27zhfdTgDmPBM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
158.46.176.0/22
178.171.48.0/22
178.171.62.0/23
Signature Algorithm: sha256WithRSAEncryption
99:e6:60:53:ff:67:74:af:62:b5:f9:db:89:56:9c:6d:d9:f8:
97:49:ea:f6:9b:8a:f5:8b:3d:55:b4:75:d7:80:11:cf:4c:a6:
bd:e9:00:64:d2:36:02:30:73:47:41:34:97:39:80:f1:a1:8b:
0c:31:6c:b8:39:e9:a2:e6:c5:ac:dc:62:9a:5a:4e:24:39:2c:
24:60:8e:62:06:41:05:c1:eb:e2:eb:8e:78:a3:11:58:ed:d0:
e1:96:27:49:5a:57:6d:9c:0e:26:ce:cd:78:58:d5:ac:7e:9e:
58:d7:2a:f8:e3:4a:09:27:07:53:a6:41:fd:41:68:ec:be:0f:
77:d6:b2:ee:fa:af:0e:e5:93:b6:0c:ca:0d:39:84:79:2b:4b:
58:b8:8e:85:2b:85:d2:4f:fa:b9:09:f9:20:e6:d5:71:97:f1:
c3:f7:2d:a7:b2:ca:06:15:2b:5d:0a:fe:4a:45:29:db:12:d1:
6c:08:e2:c3:e6:f9:f5:97:2d:c2:1f:e5:3b:86:fa:87:55:a5:
06:ce:e7:fa:44:c4:dd:1c:9a:23:41:de:c4:54:56:04:ec:ba:
3c:a2:43:a7:a8:78:66:8e:f6:d1:e5:90:fd:82:d4:54:92:00:
ab:40:f0:79:03:c8:15:fd:41:72:26:77:c0:f4:e3:9c:45:e3:
a3:8f:cb:60
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYO2JtYSfYl8wOHdypR1ZlmkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhkMTFjYjAxNWRmOWJhYWI2MTIyOGRiYmNlMTdkZDRlMDBl
NjNjMTMwHhcNMjIxMDA4MDU1MjIxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYTRhZTJlOGJhZGNmN2EwMDA4Y2FlNDUyZmQzMTYzZjA3ZTZlY2QxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwIWmYTH5SL0bAJrPur7oJXhViV71
ZnHgYUH5mQUqtx+9tUCePcGtbBKUrWTp2uRd8HcmfeNcTpQWvs9MRQJi+1/AtbQT
Mwhxh4wSPyBpT/WX5pe1RUQxvkSIz+krZuf+w5j+iG5z5/oi/1X0W0B8melpbn6A
5N3QnDOVsfKBEwlFakIjcN/lySPDmvEs44TZVWmmA9REzCH4+bF+7+QrfkfGl6E2
QPSXP6WRWITC3C9pvPDlBc8At5e3VUEwrrNgVMjyCsDox4kdWBxTaywWl/FypCBr
1d0MhYVngpHEpcBVdiGNQEepEX8bN0oIEJWBsZOOaKmNKZxSm+lBPVwgWwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFApK4ui63PegAIyuRS/TFj8H5uzRMB8GA1UdIwQY
MBaAFI0RywFd+bqrYSKNu84X3U4A5jwTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvalJITEFWMzV1cXRoSW8yN3poZmRUZ0RtUEJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ni81ZDg5MTUtYzQ0OC00MGU3LThjYWEt
YmE3NzFmZmQyNjljLzEvQ2tyaTZMcmM5NkFBaks1Rkw5TVdQd2ZtN05FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ni81ZDg5MTUtYzQ0OC00MGU3LThjYWEtYmE3NzFmZmQyNjlj
LzEvalJITEFWMzV1cXRoSW8yN3poZmRUZ0RtUEJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCni6wAwQC
sqswAwQBsqs+MA0GCSqGSIb3DQEBCwUAA4IBAQCZ5mBT/2d0r2K1+duJVpxt2fiX
Ser2m4r1iz1VtHXXgBHPTKa96QBk0jYCMHNHQTSXOYDxoYsMMWy4Oemi5sWs3GKa
Wk4kOSwkYI5iBkEFwevi6454oxFY7dDhlidJWldtnA4mzs14WNWsfp5Y1yr440oJ
JwdTpkH9QWjsvg931rLu+q8O5ZO2DMoNOYR5K0tYuI6FK4XST/q5Cfkg5tVxl/HD
9y2nssoGFStdCv5KRSnbEtFsCOLD5vn1ly3CH+U7hvqHVaUGzuf6RMTdHJojQd7E
VFYE7Lo8okOnqHhmjvbR5ZD9gtRUkgCrQPB5A8gV/UFyJnfA9OOcReOjj8tg
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:27:39 2024 by rpki-client on console-fra.rpki-client.org