Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/46/5d8915-c448-40e7-8caa-ba771ffd269c/1/OXreQIvuc8PWsdLjxvhBE4VdGig.roa
File: OXreQIvuc8PWsdLjxvhBE4VdGig.roa (raw, json)
Hash identifier: O5swNm4wDGja3Kg/MJf/F0TUkLbOGLoJPI3SijRO6mo=
Subject key identifier: 39:7A:DE:40:8B:EE:73:C3:D6:B1:D2:E3:C6:F8:41:13:85:5D:1A:28
Certificate issuer: /CN=8d11cb015df9baab61228dbbce17dd4e00e63c13
Certificate serial: 06E65FDE
Authority key identifier: 8D:11:CB:01:5D:F9:BA:AB:61:22:8D:BB:CE:17:DD:4E:00:E6:3C:13
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jRHLAV35uqthIo27zhfdTgDmPBM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/46/5d8915-c448-40e7-8caa-ba771ffd269c/1/OXreQIvuc8PWsdLjxvhBE4VdGig.roa
Signing time: Tue 17 May 2022 15:58:59 +0000
ROA not before: Tue 17 May 2022 15:58:59 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 9009
IP address blocks: 158.46.136.0/21 maxlen: 21
158.46.144.0/20 maxlen: 24
158.46.152.0/24 maxlen: 24
158.46.156.0/24 maxlen: 24
158.46.158.0/24 maxlen: 24
158.46.164.0/22 maxlen: 22
158.46.162.0/23 maxlen: 23
158.46.160.0/23 maxlen: 23
158.46.168.0/21 maxlen: 21
158.46.186.0/23 maxlen: 23
158.46.184.0/23 maxlen: 23
178.171.20.0/22 maxlen: 24
158.46.132.0/22 maxlen: 22
178.171.36.0/23 maxlen: 23
158.46.188.0/22 maxlen: 24
178.171.101.0/24 maxlen: 24
178.171.103.0/24 maxlen: 24
178.171.105.0/24 maxlen: 24
178.171.112.0/23 maxlen: 23
178.171.108.0/23 maxlen: 23
178.171.106.0/23 maxlen: 23
178.171.114.0/23 maxlen: 23
178.171.116.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 115761118 (0x6e65fde)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8d11cb015df9baab61228dbbce17dd4e00e63c13
Validity
Not Before: May 17 15:58:59 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=397ade408bee73c3d6b1d2e3c6f84113855d1a28
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:47:7f:a3:fe:92:ac:4c:ad:d6:41:6c:67:bf:
08:be:54:f2:c3:9a:fd:fd:72:62:8d:85:6a:0b:30:
40:1c:f3:6f:47:8a:5a:8b:8d:32:57:c0:bc:6f:2c:
e5:17:4a:69:3b:63:ad:3e:dd:60:2f:91:95:87:77:
25:17:96:47:f7:6a:6f:7c:31:b6:bb:00:67:57:1d:
3a:bf:95:fe:f6:4c:5b:6d:76:77:49:c8:5f:f7:44:
38:bf:07:76:34:16:e7:e1:5d:7a:12:95:db:e0:26:
3f:44:49:e0:96:dc:63:83:cd:2c:d8:ab:75:17:71:
59:09:56:b3:ab:81:f2:4d:a9:ba:37:53:5a:da:cf:
37:48:d7:5c:33:3c:48:19:3d:0a:5d:46:90:01:55:
0a:dd:80:fb:f1:a1:7d:40:84:43:e6:44:ab:2e:0f:
c9:5e:6b:82:26:ff:0d:8e:eb:cd:c0:ff:40:4b:3d:
50:00:4e:02:fe:04:e1:a0:38:8d:42:8e:66:61:ca:
83:5d:60:8a:5b:13:4f:49:8b:39:81:75:9c:64:a1:
06:23:f7:dc:b2:2c:5f:3a:c6:3b:af:39:26:db:3e:
af:b5:52:06:c5:2b:c2:99:75:23:25:49:65:6e:8c:
ed:80:7e:13:10:c8:85:0c:82:1c:31:b1:bb:b6:e0:
55:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:7A:DE:40:8B:EE:73:C3:D6:B1:D2:E3:C6:F8:41:13:85:5D:1A:28
X509v3 Authority Key Identifier:
keyid:8D:11:CB:01:5D:F9:BA:AB:61:22:8D:BB:CE:17:DD:4E:00:E6:3C:13
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jRHLAV35uqthIo27zhfdTgDmPBM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/46/5d8915-c448-40e7-8caa-ba771ffd269c/1/OXreQIvuc8PWsdLjxvhBE4VdGig.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/46/5d8915-c448-40e7-8caa-ba771ffd269c/1/jRHLAV35uqthIo27zhfdTgDmPBM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
158.46.132.0-158.46.175.255
158.46.184.0/21
178.171.20.0/22
178.171.36.0/23
178.171.101.0/24
178.171.103.0/24
178.171.105.0-178.171.109.255
178.171.112.0-178.171.117.255
Signature Algorithm: sha256WithRSAEncryption
a0:09:6e:08:82:0b:37:7f:3b:d6:9c:f8:21:4e:3f:58:02:ca:
81:f9:df:55:65:bb:2d:a8:6e:17:4e:34:cc:1d:18:58:83:b7:
c3:5c:78:5e:8b:94:d5:90:18:23:9a:dc:dc:58:a4:fe:f4:91:
d1:4d:05:06:00:19:f1:f9:ca:f6:0d:51:76:00:ee:a5:38:86:
89:d1:8a:90:84:fb:95:c8:9f:9e:d4:10:0c:39:b9:42:c0:7d:
d9:00:c7:c1:a0:8b:c8:7e:12:38:f6:9b:29:70:c9:8a:f3:d0:
ef:84:0b:e0:c1:15:49:82:fd:91:7b:c1:83:db:a8:79:f4:a7:
3c:48:77:f2:55:13:43:3c:b9:c4:9d:31:7f:b1:1b:14:46:1c:
3d:11:fc:14:97:30:1a:a2:08:9a:ab:1d:0d:5d:41:5b:56:1c:
e2:d7:88:8b:e6:86:40:f1:3b:b0:ef:b5:5a:68:d7:fa:36:d3:
82:69:9d:0b:5a:d8:a5:6a:09:1b:4f:01:4a:a0:d9:56:3c:46:
68:ed:cf:a5:2e:7a:1a:38:54:0b:25:f9:07:0c:63:e5:a2:dc:
e8:da:62:ed:80:2c:5e:6a:93:41:48:ab:47:58:52:4a:23:f6:
6b:f2:6a:9f:fd:c1:73:70:cc:ef:e6:d7:d0:5f:bd:0d:02:b5:
a0:14:5f:8c
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgIEBuZf3jANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
ZDExY2IwMTVkZjliYWFiNjEyMjhkYmJjZTE3ZGQ0ZTAwZTYzYzEzMB4XDTIyMDUx
NzE1NTg1OVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMzk3YWRlNDA4YmVl
NzNjM2Q2YjFkMmUzYzZmODQxMTM4NTVkMWEyODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALNHf6P+kqxMrdZBbGe/CL5U8sOa/f1yYo2FagswQBzzb0eK
WouNMlfAvG8s5RdKaTtjrT7dYC+RlYd3JReWR/dqb3wxtrsAZ1cdOr+V/vZMW212
d0nIX/dEOL8HdjQW5+FdehKV2+AmP0RJ4JbcY4PNLNirdRdxWQlWs6uB8k2pujdT
WtrPN0jXXDM8SBk9Cl1GkAFVCt2A+/GhfUCEQ+ZEqy4PyV5rgib/DY7rzcD/QEs9
UABOAv4E4aA4jUKOZmHKg11gilsTT0mLOYF1nGShBiP33LIsXzrGO685Jts+r7VS
BsUrwpl1IyVJZW6M7YB+ExDIhQyCHDGxu7bgVSMCAwEAAaOCAkswggJHMB0GA1Ud
DgQWBBQ5et5Ai+5zw9ax0uPG+EEThV0aKDAfBgNVHSMEGDAWgBSNEcsBXfm6q2Ei
jbvOF91OAOY8EzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2pSSExBVjM1dXF0aElvMjd6aGZkVGdEbVBCTS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNDYvNWQ4OTE1LWM0NDgtNDBlNy04Y2FhLWJhNzcxZmZkMjY5Yy8x
L09YcmVRSXZ1YzhQV3NkTGp4dmhCRTRWZEdpZy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNDYv
NWQ4OTE1LWM0NDgtNDBlNy04Y2FhLWJhNzcxZmZkMjY5Yy8xL2pSSExBVjM1dXF0
aElvMjd6aGZkVGdEbVBCTS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBh
BggrBgEFBQcBBwEB/wRSMFAwTgQCAAEwSDAMAwQCni6EAwQEni6gAwQDni64AwQC
sqsUAwQBsqskAwQAsqtlAwQAsqtnMAwDBACyq2kDBAGyq2wwDAMEBLKrcAMEAbKr
dDANBgkqhkiG9w0BAQsFAAOCAQEAoAluCIILN3871pz4IU4/WALKgfnfVWW7Lahu
F040zB0YWIO3w1x4XouU1ZAYI5rc3Fik/vSR0U0FBgAZ8fnK9g1RdgDupTiGidGK
kIT7lcifntQQDDm5QsB92QDHwaCLyH4SOPabKXDJivPQ74QL4MEVSYL9kXvBg9uo
efSnPEh38lUTQzy5xJ0xf7EbFEYcPRH8FJcwGqIImqsdDV1BW1Yc4teIi+aGQPE7
sO+1WmjX+jbTgmmdC1rYpWoJG08BSqDZVjxGaO3PpS56GjhUCyX5Bwxj5aLc6Npi
7YAsXmqTQUirR1hSSiP2a/Jqn/3Bc3DM7+bX0F+9DQK1oBRfjA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:27:39 2024 by rpki-client on console-fra.rpki-client.org