Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/46/5d8915-c448-40e7-8caa-ba771ffd269c/1/PkIU5znAPoQvyzYUQo5YJI_e0tc.roa
File: PkIU5znAPoQvyzYUQo5YJI_e0tc.roa (raw, json)
Hash identifier: eWN2KyHpNBqUh1hFl7C0favnW7uVQpbWtBA37Klo2eM=
Subject key identifier: 3E:42:14:E7:39:C0:3E:84:2F:CB:36:14:42:8E:58:24:8F:DE:D2:D7
Certificate issuer: /CN=8d11cb015df9baab61228dbbce17dd4e00e63c13
Certificate serial: 0183B046317BC536315592627252A5CD2095
Authority key identifier: 8D:11:CB:01:5D:F9:BA:AB:61:22:8D:BB:CE:17:DD:4E:00:E6:3C:13
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jRHLAV35uqthIo27zhfdTgDmPBM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/46/5d8915-c448-40e7-8caa-ba771ffd269c/1/PkIU5znAPoQvyzYUQo5YJI_e0tc.roa
Signing time: Fri 07 Oct 2022 02:28:53 +0000
ROA not before: Fri 07 Oct 2022 02:28:53 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 209372
IP address blocks: 158.46.149.0/24 maxlen: 24
158.46.148.0/24 maxlen: 24
178.171.70.0/24 maxlen: 24
178.171.69.0/24 maxlen: 24
158.46.177.0/24 maxlen: 24
178.171.88.0/23 maxlen: 23
178.171.20.0/22 maxlen: 24
178.171.32.0/22 maxlen: 22
178.171.36.0/24 maxlen: 24
178.171.37.0/24 maxlen: 24
158.46.251.0/24 maxlen: 24
158.46.250.0/24 maxlen: 24
158.46.188.0/22 maxlen: 24
178.171.104.0/24 maxlen: 24
178.171.101.0/24 maxlen: 24
178.171.100.0/24 maxlen: 24
158.46.200.0/21 maxlen: 21
178.171.119.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:b0:46:31:7b:c5:36:31:55:92:62:72:52:a5:cd:20:95
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8d11cb015df9baab61228dbbce17dd4e00e63c13
Validity
Not Before: Oct 7 02:28:53 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=3e4214e739c03e842fcb3614428e58248fded2d7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:41:94:ba:84:c8:7f:9e:58:3d:3a:05:cf:58:
e5:68:6c:8c:ce:b5:79:78:2a:52:db:41:89:7d:03:
7f:ee:9c:5d:e1:c8:04:69:43:4a:70:3b:13:7f:22:
fd:68:cd:a7:8f:c7:4a:ac:2e:5d:e5:71:3f:5b:45:
73:20:52:92:39:69:5f:bd:36:5d:02:ae:2b:ba:db:
d7:5c:aa:fb:d9:3d:4b:af:7a:99:95:28:5f:f2:1d:
c7:c1:81:03:0e:6b:ca:cd:ce:6e:96:25:f3:bd:1f:
90:7c:28:69:17:66:ce:e1:b3:81:28:3b:8e:b3:9c:
c2:5e:2d:6a:7b:c0:eb:2b:5d:07:59:51:d2:09:65:
04:1c:c4:fc:c0:af:71:63:3c:04:b5:12:25:7f:e7:
77:56:99:6b:8a:83:1b:2e:cd:84:1e:92:45:e5:a8:
89:99:da:9b:c8:bb:03:ac:48:c4:cf:21:e1:43:86:
86:6b:79:93:3f:c6:47:2e:c0:89:87:7b:26:f8:c2:
5e:64:3c:5c:8d:6a:96:16:08:cb:84:c1:33:fb:78:
71:15:99:56:cc:ad:9d:ee:f8:d8:b3:c4:33:f6:d8:
03:0d:b3:b6:16:b8:f8:ef:75:18:51:e3:05:28:c2:
80:73:dd:47:04:8f:4f:0b:b7:a8:e0:3c:b6:38:2c:
23:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:42:14:E7:39:C0:3E:84:2F:CB:36:14:42:8E:58:24:8F:DE:D2:D7
X509v3 Authority Key Identifier:
keyid:8D:11:CB:01:5D:F9:BA:AB:61:22:8D:BB:CE:17:DD:4E:00:E6:3C:13
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jRHLAV35uqthIo27zhfdTgDmPBM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/46/5d8915-c448-40e7-8caa-ba771ffd269c/1/PkIU5znAPoQvyzYUQo5YJI_e0tc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/46/5d8915-c448-40e7-8caa-ba771ffd269c/1/jRHLAV35uqthIo27zhfdTgDmPBM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
158.46.148.0/23
158.46.177.0/24
158.46.188.0/22
158.46.200.0/21
158.46.250.0/23
178.171.20.0/22
178.171.32.0-178.171.37.255
178.171.69.0-178.171.70.255
178.171.88.0/23
178.171.100.0/23
178.171.104.0/24
178.171.119.0/24
Signature Algorithm: sha256WithRSAEncryption
ad:3b:6b:4a:b9:15:de:06:8c:fc:90:89:ab:ee:e1:b4:40:a6:
a7:b4:b2:44:36:9d:1e:13:84:cc:c7:1a:7a:6b:14:37:97:3e:
02:0e:68:f1:18:35:6f:13:95:35:f0:45:7c:95:8c:4d:c7:23:
c8:b7:3c:ef:99:58:5b:34:62:df:3b:af:e9:9b:1c:3e:d0:97:
83:ed:9a:9b:4c:d2:58:1c:0c:a1:85:ac:ea:6a:69:9e:d3:77:
01:5e:2b:a4:bf:39:96:e6:39:ac:7d:f2:f2:30:c2:94:e1:bd:
66:fd:8c:1a:5a:53:7f:df:ee:2f:c7:3d:5b:eb:5b:96:ec:5d:
53:89:86:cc:f4:fb:60:6a:07:b3:ef:29:b3:04:3f:0d:45:63:
fb:97:4a:c9:40:b5:62:60:1a:ed:df:79:cc:b6:75:46:7e:b9:
c1:78:db:45:1e:84:26:ec:61:35:76:b6:60:1d:f6:2c:c7:7e:
45:c8:eb:a1:75:d2:9f:23:88:3b:53:69:bb:ca:63:29:40:af:
40:a9:3e:9f:73:84:ed:c0:fc:7b:fb:9f:a5:db:2e:2b:69:a4:
94:91:08:5f:a8:33:ff:a8:73:71:3a:75:d1:9f:66:35:78:29:
bc:fe:cc:e8:6e:60:6a:94:fb:16:93:50:33:04:fd:f8:c0:b8:
de:89:f6:af
-----BEGIN CERTIFICATE-----
MIIFTzCCBDegAwIBAgISAYOwRjF7xTYxVZJiclKlzSCVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhkMTFjYjAxNWRmOWJhYWI2MTIyOGRiYmNlMTdkZDRlMDBl
NjNjMTMwHhcNMjIxMDA3MDIyODUzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZTQyMTRlNzM5YzAzZTg0MmZjYjM2MTQ0MjhlNTgyNDhmZGVkMmQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlEGUuoTIf55YPToFz1jlaGyMzrV5
eCpS20GJfQN/7pxd4cgEaUNKcDsTfyL9aM2nj8dKrC5d5XE/W0VzIFKSOWlfvTZd
Aq4rutvXXKr72T1Lr3qZlShf8h3HwYEDDmvKzc5uliXzvR+QfChpF2bO4bOBKDuO
s5zCXi1qe8DrK10HWVHSCWUEHMT8wK9xYzwEtRIlf+d3VplrioMbLs2EHpJF5aiJ
mdqbyLsDrEjEzyHhQ4aGa3mTP8ZHLsCJh3sm+MJeZDxcjWqWFgjLhMEz+3hxFZlW
zK2d7vjYs8Qz9tgDDbO2Frj473UYUeMFKMKAc91HBI9PC7eo4Dy2OCwjKQIDAQAB
o4ICWzCCAlcwHQYDVR0OBBYEFD5CFOc5wD6EL8s2FEKOWCSP3tLXMB8GA1UdIwQY
MBaAFI0RywFd+bqrYSKNu84X3U4A5jwTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvalJITEFWMzV1cXRoSW8yN3poZmRUZ0RtUEJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ni81ZDg5MTUtYzQ0OC00MGU3LThjYWEt
YmE3NzFmZmQyNjljLzEvUGtJVTV6bkFQb1F2eXpZVVFvNVlKSV9lMHRjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ni81ZDg5MTUtYzQ0OC00MGU3LThjYWEtYmE3NzFmZmQyNjlj
LzEvalJITEFWMzV1cXRoSW8yN3poZmRUZ0RtUEJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHEGCCsGAQUFBwEHAQH/BGIwYDBeBAIAATBYAwQBni6UAwQA
ni6xAwQCni68AwQDni7IAwQBni76AwQCsqsUMAwDBAWyqyADBAGyqyQwDAMEALKr
RQMEALKrRgMEAbKrWAMEAbKrZAMEALKraAMEALKrdzANBgkqhkiG9w0BAQsFAAOC
AQEArTtrSrkV3gaM/JCJq+7htECmp7SyRDadHhOEzMcaemsUN5c+Ag5o8Rg1bxOV
NfBFfJWMTccjyLc875lYWzRi3zuv6ZscPtCXg+2am0zSWBwMoYWs6mppntN3AV4r
pL85luY5rH3y8jDClOG9Zv2MGlpTf9/uL8c9W+tbluxdU4mGzPT7YGoHs+8pswQ/
DUVj+5dKyUC1YmAa7d95zLZ1Rn65wXjbRR6EJuxhNXa2YB32LMd+RcjroXXSnyOI
O1Npu8pjKUCvQKk+n3OE7cD8e/ufpdsuK2mklJEIX6gz/6hzcTp10Z9mNXgpvP7M
6G5gapT7FpNQMwT9+MC43on2rw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:27:39 2024 by rpki-client on console-fra.rpki-client.org