Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/46/5d8915-c448-40e7-8caa-ba771ffd269c/1/RsY3fC1nMqY9tz1vhEqkUj1rM7g.roa
File: RsY3fC1nMqY9tz1vhEqkUj1rM7g.roa (raw, json)
Hash identifier: P5mLc+Z8BtWKkQteOV6Zlkd5lE90IECrhO5PV/AiXmU=
Subject key identifier: 46:C6:37:7C:2D:67:32:A6:3D:B7:3D:6F:84:4A:A4:52:3D:6B:33:B8
Certificate issuer: /CN=8d11cb015df9baab61228dbbce17dd4e00e63c13
Certificate serial: 018219DD33252831B29D1CC9E8FE74D361CF
Authority key identifier: 8D:11:CB:01:5D:F9:BA:AB:61:22:8D:BB:CE:17:DD:4E:00:E6:3C:13
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jRHLAV35uqthIo27zhfdTgDmPBM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/46/5d8915-c448-40e7-8caa-ba771ffd269c/1/RsY3fC1nMqY9tz1vhEqkUj1rM7g.roa
Signing time: Wed 20 Jul 2022 04:28:23 +0000
ROA not before: Wed 20 Jul 2022 04:28:23 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 399587
IP address blocks: 178.171.50.0/23 maxlen: 23
178.171.48.0/23 maxlen: 23
178.171.62.0/23 maxlen: 23
158.46.176.0/22 maxlen: 22
178.171.119.0/24 maxlen: 24
178.171.32.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:19:dd:33:25:28:31:b2:9d:1c:c9:e8:fe:74:d3:61:cf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8d11cb015df9baab61228dbbce17dd4e00e63c13
Validity
Not Before: Jul 20 04:28:23 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=46c6377c2d6732a63db73d6f844aa4523d6b33b8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:eb:5c:5a:cb:2a:01:5a:54:c9:e8:36:2f:6b:
ae:32:58:33:b4:10:38:37:dc:d4:77:80:ad:b6:a9:
2b:43:18:24:cb:b2:36:fb:9a:95:b0:1f:64:98:8d:
51:e9:19:79:fd:46:97:05:bc:ec:1c:b8:44:3f:3d:
f4:b7:c3:59:20:20:20:fb:d9:a5:c0:b7:8e:72:dd:
80:18:20:de:a1:58:23:d2:82:7c:f4:cb:ee:47:c6:
2e:a9:cd:f7:47:5e:56:43:a9:8e:98:23:51:52:fe:
03:8f:a4:53:f4:8d:cc:2b:b4:8e:49:5a:f5:3b:f3:
e6:a5:6c:a5:52:92:6a:ee:e6:13:df:d7:32:4d:20:
e1:ee:86:10:c6:03:65:79:ae:71:6a:4d:31:56:b9:
38:11:57:30:bb:a8:44:6d:21:3c:0c:ae:3d:f5:fe:
63:66:66:96:fc:4a:38:22:6b:e9:22:83:ea:97:d3:
a3:13:9c:62:33:9e:4f:10:cc:a1:cd:a2:53:12:be:
36:04:fb:95:0e:36:21:0d:df:10:0b:01:26:a8:ec:
20:05:5b:bd:14:5a:da:4e:39:75:7e:ae:d4:1f:0d:
db:9a:c7:45:ff:61:33:e6:11:d7:09:c5:ab:e4:13:
28:53:69:87:9f:33:41:bc:1b:28:7c:21:16:34:78:
5f:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
46:C6:37:7C:2D:67:32:A6:3D:B7:3D:6F:84:4A:A4:52:3D:6B:33:B8
X509v3 Authority Key Identifier:
keyid:8D:11:CB:01:5D:F9:BA:AB:61:22:8D:BB:CE:17:DD:4E:00:E6:3C:13
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jRHLAV35uqthIo27zhfdTgDmPBM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/46/5d8915-c448-40e7-8caa-ba771ffd269c/1/RsY3fC1nMqY9tz1vhEqkUj1rM7g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/46/5d8915-c448-40e7-8caa-ba771ffd269c/1/jRHLAV35uqthIo27zhfdTgDmPBM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
158.46.176.0/22
178.171.32.0/22
178.171.48.0/22
178.171.62.0/23
178.171.119.0/24
Signature Algorithm: sha256WithRSAEncryption
5f:96:52:49:fe:6d:9e:c0:38:95:cd:7e:d1:58:87:2a:ec:d4:
51:93:75:89:70:d6:fe:ed:35:c8:c9:bd:c9:ea:17:18:ac:97:
86:04:2e:9a:98:7b:67:7b:a4:40:4d:fc:63:c5:cd:08:93:2e:
29:b9:dc:09:cb:17:34:9a:6b:47:1c:01:c9:7e:7d:7e:82:6d:
dd:a2:fa:e7:65:0b:32:25:f4:36:d2:af:43:91:b5:17:e7:f5:
55:da:2a:f4:d3:8b:93:88:ae:8d:b3:d0:ad:b2:58:8f:32:10:
48:5c:17:2e:1f:c2:b5:46:91:ff:95:91:a5:6d:ef:b5:6b:87:
c3:26:ef:fd:f9:a5:b5:82:8b:b5:ce:a2:1f:22:15:9c:b2:44:
19:d4:16:1f:bd:46:42:18:6e:b0:c4:00:c7:0e:9f:3b:3b:98:
2d:5b:9e:d8:5c:7f:0c:90:62:2e:06:d3:47:1d:21:d3:34:39:
ce:05:f3:25:57:92:97:64:83:44:6c:b2:8d:b2:89:7d:e3:0d:
9b:76:d7:1f:0d:0d:82:be:2a:35:77:40:b6:bb:81:33:0c:d9:
ae:b4:15:4e:5a:d9:59:60:11:22:fe:19:00:87:dc:0e:28:0c:
dc:a1:b5:40:b0:55:da:ce:b7:4d:28:53:11:73:1f:44:25:cc:
d5:21:ab:f3
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYIZ3TMlKDGynRzJ6P5002HPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhkMTFjYjAxNWRmOWJhYWI2MTIyOGRiYmNlMTdkZDRlMDBl
NjNjMTMwHhcNMjIwNzIwMDQyODIzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NmM2Mzc3YzJkNjczMmE2M2RiNzNkNmY4NDRhYTQ1MjNkNmIzM2I4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqOtcWssqAVpUyeg2L2uuMlgztBA4
N9zUd4CttqkrQxgky7I2+5qVsB9kmI1R6Rl5/UaXBbzsHLhEPz30t8NZICAg+9ml
wLeOct2AGCDeoVgj0oJ89MvuR8Yuqc33R15WQ6mOmCNRUv4Dj6RT9I3MK7SOSVr1
O/PmpWylUpJq7uYT39cyTSDh7oYQxgNlea5xak0xVrk4EVcwu6hEbSE8DK499f5j
ZmaW/Eo4ImvpIoPql9OjE5xiM55PEMyhzaJTEr42BPuVDjYhDd8QCwEmqOwgBVu9
FFraTjl1fq7UHw3bmsdF/2Ez5hHXCcWr5BMoU2mHnzNBvBsofCEWNHhfFwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFEbGN3wtZzKmPbc9b4RKpFI9azO4MB8GA1UdIwQY
MBaAFI0RywFd+bqrYSKNu84X3U4A5jwTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvalJITEFWMzV1cXRoSW8yN3poZmRUZ0RtUEJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ni81ZDg5MTUtYzQ0OC00MGU3LThjYWEt
YmE3NzFmZmQyNjljLzEvUnNZM2ZDMW5NcVk5dHoxdmhFcWtVajFyTTdnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ni81ZDg5MTUtYzQ0OC00MGU3LThjYWEtYmE3NzFmZmQyNjlj
LzEvalJITEFWMzV1cXRoSW8yN3poZmRUZ0RtUEJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQCni6wAwQC
sqsgAwQCsqswAwQBsqs+AwQAsqt3MA0GCSqGSIb3DQEBCwUAA4IBAQBfllJJ/m2e
wDiVzX7RWIcq7NRRk3WJcNb+7TXIyb3J6hcYrJeGBC6amHtne6RATfxjxc0Iky4p
udwJyxc0mmtHHAHJfn1+gm3dovrnZQsyJfQ20q9DkbUX5/VV2ir004uTiK6Ns9Ct
sliPMhBIXBcuH8K1RpH/lZGlbe+1a4fDJu/9+aW1gou1zqIfIhWcskQZ1BYfvUZC
GG6wxADHDp87O5gtW57YXH8MkGIuBtNHHSHTNDnOBfMlV5KXZINEbLKNsol94w2b
dtcfDQ2Cvio1d0C2u4EzDNmutBVOWtlZYBEi/hkAh9wOKAzcobVAsFXazrdNKFMR
cx9EJczVIavz
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:06:09 2024 by rpki-client on console-ams.rpki-client.org