Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/2652cd-7ecf-49e8-a4f8-c7869128582c/1/1nWd60v1rFbc181scc6-9c0HBgo.roa
File: 1nWd60v1rFbc181scc6-9c0HBgo.roa (raw, json)
Hash identifier: e7Qsh7YHYR+QVvr45atsLzpGuCuJyAslMaRpG71Od88=
Subject key identifier: D6:75:9D:EB:4B:F5:AC:56:DC:D7:CD:6C:71:CE:BE:F5:CD:07:06:0A
Certificate issuer: /CN=d8284f18cd44604bdd6d08f4d878dc61456c40fd
Certificate serial: 09FE8B6C
Authority key identifier: D8:28:4F:18:CD:44:60:4B:DD:6D:08:F4:D8:78:DC:61:45:6C:40:FD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2ChPGM1EYEvdbQj02HjcYUVsQP0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5b/2652cd-7ecf-49e8-a4f8-c7869128582c/1/1nWd60v1rFbc181scc6-9c0HBgo.roa
Signing time: Mon 23 May 2022 05:39:30 +0000
ROA not before: Mon 23 May 2022 05:39:30 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 206774
IP address blocks: 46.252.1.0/24 maxlen: 24
46.252.3.0/24 maxlen: 24
46.252.9.0/24 maxlen: 24
46.252.8.0/24 maxlen: 24
46.252.5.0/24 maxlen: 24
46.252.7.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 167676780 (0x9fe8b6c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d8284f18cd44604bdd6d08f4d878dc61456c40fd
Validity
Not Before: May 23 05:39:30 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d6759deb4bf5ac56dcd7cd6c71cebef5cd07060a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:9e:38:e6:ef:de:eb:08:9f:51:41:dd:61:ba:
29:19:80:fb:3b:d2:67:db:8d:0d:d1:91:22:9e:bc:
81:14:68:09:14:c8:39:49:69:0b:71:f0:24:b6:83:
f8:be:a4:f3:0f:68:20:76:3a:5f:80:83:ce:21:cc:
c9:32:8a:7d:66:b2:44:9f:5e:56:d1:0b:78:ea:52:
55:34:3a:a5:5a:1a:b4:be:14:f6:8d:14:0a:40:22:
36:6b:e7:cf:8b:41:25:de:a6:79:98:07:c7:a3:de:
f6:ad:06:8f:5e:43:ea:b2:45:f3:88:cf:78:1d:0f:
d4:56:1b:a3:ef:66:9f:a8:63:01:0a:ec:12:ec:d7:
7f:c1:a9:99:53:ce:f1:41:c0:d9:e7:50:13:d4:fe:
ea:47:68:c4:71:4b:e7:3a:79:a7:18:42:67:75:52:
41:05:cf:a9:20:3c:0f:e6:e5:90:74:dc:8a:3b:a7:
da:dc:2d:bf:8f:f7:28:7a:49:be:ca:e9:6d:8e:1a:
22:3b:5c:a7:92:2b:4d:81:b6:d9:b3:ac:88:7c:36:
36:6e:f7:a0:cc:4a:d6:42:6c:ed:7a:bb:25:1c:a9:
38:eb:e4:67:5c:a8:f0:46:49:0b:89:ff:0e:c0:1f:
fb:96:db:68:8d:ef:ce:8f:b5:e1:fe:b9:51:91:7e:
69:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:75:9D:EB:4B:F5:AC:56:DC:D7:CD:6C:71:CE:BE:F5:CD:07:06:0A
X509v3 Authority Key Identifier:
keyid:D8:28:4F:18:CD:44:60:4B:DD:6D:08:F4:D8:78:DC:61:45:6C:40:FD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2ChPGM1EYEvdbQj02HjcYUVsQP0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/2652cd-7ecf-49e8-a4f8-c7869128582c/1/1nWd60v1rFbc181scc6-9c0HBgo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/2652cd-7ecf-49e8-a4f8-c7869128582c/1/2ChPGM1EYEvdbQj02HjcYUVsQP0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.252.1.0/24
46.252.3.0/24
46.252.5.0/24
46.252.7.0-46.252.9.255
Signature Algorithm: sha256WithRSAEncryption
c5:65:9d:d0:95:23:d2:8f:44:67:73:28:10:90:f2:27:df:d1:
4a:71:0a:b0:3a:1a:ed:74:11:35:8f:f9:36:51:a5:59:78:46:
1e:34:fd:73:e4:09:fe:14:b8:34:41:33:b9:78:8e:8b:17:79:
3f:17:16:d3:4a:ec:7f:4f:44:d6:64:c5:96:d9:77:5d:2a:bf:
10:53:c3:12:80:52:b9:6b:7f:01:ff:b2:f5:e1:bd:a9:d4:e0:
44:b7:38:c9:b7:ac:7c:dc:ff:d7:06:c3:8f:99:65:07:9d:7c:
f1:77:1d:ba:85:07:d5:8c:49:ca:07:5a:20:04:91:ad:40:50:
76:9b:52:c0:07:b2:10:57:70:fb:17:8b:43:76:0b:98:34:22:
76:c1:97:d7:5a:82:3d:0c:ec:a8:3d:e9:e1:19:82:37:af:f1:
e6:6f:c9:70:21:e7:80:c9:c7:07:92:7e:90:0a:a8:f0:07:92:
23:75:15:f6:32:f3:a4:9a:fe:3b:d8:9f:da:e4:79:0f:ce:98:
bb:64:0d:a4:6a:a6:96:e2:1d:7c:22:d7:aa:cc:4f:cb:32:c0:
cb:d5:d9:ba:8e:d2:82:83:9a:b2:89:fe:23:62:ce:25:f4:37:
f1:ba:07:4a:f0:6f:32:da:cf:a7:aa:2f:93:3f:cb:98:f4:70:
71:f4:6f:7a
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgIECf6LbDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
ODI4NGYxOGNkNDQ2MDRiZGQ2ZDA4ZjRkODc4ZGM2MTQ1NmM0MGZkMB4XDTIyMDUy
MzA1MzkzMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZDY3NTlkZWI0YmY1
YWM1NmRjZDdjZDZjNzFjZWJlZjVjZDA3MDYwYTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANOeOObv3usIn1FB3WG6KRmA+zvSZ9uNDdGRIp68gRRoCRTI
OUlpC3HwJLaD+L6k8w9oIHY6X4CDziHMyTKKfWayRJ9eVtELeOpSVTQ6pVoatL4U
9o0UCkAiNmvnz4tBJd6meZgHx6Pe9q0Gj15D6rJF84jPeB0P1FYbo+9mn6hjAQrs
EuzXf8GpmVPO8UHA2edQE9T+6kdoxHFL5zp5pxhCZ3VSQQXPqSA8D+blkHTcijun
2twtv4/3KHpJvsrpbY4aIjtcp5IrTYG22bOsiHw2Nm73oMxK1kJs7Xq7JRypOOvk
Z1yo8EZJC4n/DsAf+5bbaI3vzo+14f65UZF+aQcCAwEAAaOCAiMwggIfMB0GA1Ud
DgQWBBTWdZ3rS/WsVtzXzWxxzr71zQcGCjAfBgNVHSMEGDAWgBTYKE8YzURgS91t
CPTYeNxhRWxA/TAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzJDaFBHTTFFWUV2ZGJRajAySGpjWVVWc1FQMC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNWIvMjY1MmNkLTdlY2YtNDllOC1hNGY4LWM3ODY5MTI4NTgyYy8x
LzFuV2Q2MHYxckZiYzE4MXNjYzYtOWMwSEJnby5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNWIv
MjY1MmNkLTdlY2YtNDllOC1hNGY4LWM3ODY5MTI4NTgyYy8xLzJDaFBHTTFFWUV2
ZGJRajAySGpjWVVWc1FQMC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA5
BggrBgEFBQcBBwEB/wQqMCgwJgQCAAEwIAMEAC78AQMEAC78AwMEAC78BTAMAwQA
LvwHAwQBLvwIMA0GCSqGSIb3DQEBCwUAA4IBAQDFZZ3QlSPSj0RncygQkPIn39FK
cQqwOhrtdBE1j/k2UaVZeEYeNP1z5An+FLg0QTO5eI6LF3k/FxbTSux/T0TWZMWW
2XddKr8QU8MSgFK5a38B/7L14b2p1OBEtzjJt6x83P/XBsOPmWUHnXzxdx26hQfV
jEnKB1ogBJGtQFB2m1LAB7IQV3D7F4tDdguYNCJ2wZfXWoI9DOyoPenhGYI3r/Hm
b8lwIeeAyccHkn6QCqjwB5IjdRX2MvOkmv472J/a5HkPzpi7ZA2kaqaW4h18Iteq
zE/LMsDL1dm6jtKCg5qyif4jYs4l9DfxugdK8G8y2s+nqi+TP8uY9HBx9G96
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:52:39 2023 by rpki-client on console-ams.rpki-client.org