Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/2652cd-7ecf-49e8-a4f8-c7869128582c/1/PTkmg42LMiuV4i_pJmoaPm5cVqk.roa
File: PTkmg42LMiuV4i_pJmoaPm5cVqk.roa (raw, json)
Hash identifier: D+S14mtHnoMYwi88DQHV0RDLwGUIchATU4sRTLsF2tA=
Subject key identifier: 3D:39:26:83:8D:8B:32:2B:95:E2:2F:E9:26:6A:1A:3E:6E:5C:56:A9
Certificate issuer: /CN=d8284f18cd44604bdd6d08f4d878dc61456c40fd
Certificate serial: 09DF204F
Authority key identifier: D8:28:4F:18:CD:44:60:4B:DD:6D:08:F4:D8:78:DC:61:45:6C:40:FD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2ChPGM1EYEvdbQj02HjcYUVsQP0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5b/2652cd-7ecf-49e8-a4f8-c7869128582c/1/PTkmg42LMiuV4i_pJmoaPm5cVqk.roa
Signing time: Tue 10 May 2022 05:19:05 +0000
ROA not before: Tue 10 May 2022 05:19:05 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 206774
IP address blocks: 46.252.1.0/24 maxlen: 24
46.252.3.0/24 maxlen: 24
46.252.8.0/24 maxlen: 24
46.252.5.0/24 maxlen: 24
46.252.7.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 165617743 (0x9df204f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d8284f18cd44604bdd6d08f4d878dc61456c40fd
Validity
Not Before: May 10 05:19:05 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=3d3926838d8b322b95e22fe9266a1a3e6e5c56a9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:7a:e2:a4:d0:d3:a9:6b:be:39:58:da:6d:ed:
27:49:c8:0b:d5:f2:ae:4e:d4:23:06:fc:a4:11:96:
d3:a2:02:43:61:ea:db:24:38:cc:06:fa:ef:67:19:
64:60:55:18:db:f9:7f:04:b9:ae:ad:af:ba:f0:6c:
b5:9a:16:c6:10:6b:c9:5f:31:a4:08:7d:96:47:4f:
58:eb:5c:a8:97:52:a4:df:d8:5d:b5:7b:fd:37:d2:
10:4e:2b:9d:67:35:e2:a0:20:c9:39:68:11:dd:c2:
76:87:bc:86:34:20:05:73:cd:23:49:50:0b:bb:c9:
f1:91:ff:2c:bf:3a:39:6c:6b:77:7c:a5:7a:8c:d1:
3c:85:1e:d3:c8:fb:46:b6:8f:c1:ce:b9:89:5a:78:
28:5a:50:bd:dc:fc:da:21:2c:57:91:94:a6:ad:72:
4c:11:1e:36:43:4b:79:c5:63:b5:fa:ed:a7:1b:7a:
e3:e7:d1:69:87:2f:24:fc:25:cd:83:95:69:c5:1a:
f6:d9:fd:9b:55:b4:c6:94:5f:a3:05:a7:9f:0e:be:
e5:f7:8b:51:85:7c:c7:a9:1a:6e:33:80:67:46:cd:
9a:1c:7a:4a:a5:48:7a:eb:c2:19:31:48:f3:5f:c8:
9d:3c:63:01:84:ea:a8:6c:26:2a:45:c2:f2:52:71:
aa:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:39:26:83:8D:8B:32:2B:95:E2:2F:E9:26:6A:1A:3E:6E:5C:56:A9
X509v3 Authority Key Identifier:
keyid:D8:28:4F:18:CD:44:60:4B:DD:6D:08:F4:D8:78:DC:61:45:6C:40:FD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2ChPGM1EYEvdbQj02HjcYUVsQP0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/2652cd-7ecf-49e8-a4f8-c7869128582c/1/PTkmg42LMiuV4i_pJmoaPm5cVqk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/2652cd-7ecf-49e8-a4f8-c7869128582c/1/2ChPGM1EYEvdbQj02HjcYUVsQP0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.252.1.0/24
46.252.3.0/24
46.252.5.0/24
46.252.7.0-46.252.8.255
Signature Algorithm: sha256WithRSAEncryption
41:1f:9d:2c:50:b4:c0:6b:b4:4b:e2:b1:e8:49:9e:24:99:29:
f8:e4:d8:ff:44:45:f2:b1:ed:83:ee:41:15:b2:8f:17:28:1e:
53:aa:c6:e0:6b:45:f6:cc:83:42:85:a7:04:3d:99:a5:51:c4:
12:66:1e:df:5c:ec:6c:ce:48:cb:20:a5:57:7c:96:a0:b1:71:
f2:86:37:64:85:0c:3a:ca:5a:00:69:29:e0:75:aa:b4:2c:41:
eb:5b:1f:ee:06:a5:2d:c8:79:14:89:13:0c:1b:16:4d:6d:04:
6d:4a:e5:bb:81:4d:aa:a9:77:c1:25:e6:67:51:7f:b1:d3:42:
e9:56:84:a2:25:20:b7:1f:bc:0e:b5:38:1d:c6:10:22:c8:b9:
f9:5f:71:fc:1a:31:57:20:f1:46:5d:c9:f5:6f:ed:34:54:4c:
3a:b0:19:c1:f2:85:52:40:1d:32:68:68:e9:11:3d:5e:a6:75:
5b:df:38:d7:91:15:b2:f7:22:ce:5f:d3:91:d0:df:e1:df:e1:
9c:65:73:44:c0:68:79:84:08:ac:29:db:ef:3f:35:56:a6:93:
cc:b9:0d:e9:4a:81:a4:f6:2d:42:a1:3c:51:04:84:ec:c2:40:
c2:e4:ea:e6:db:17:34:cb:4d:8c:5a:47:2e:86:cd:9f:32:3d:
3b:e2:38:19
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgIECd8gTzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
ODI4NGYxOGNkNDQ2MDRiZGQ2ZDA4ZjRkODc4ZGM2MTQ1NmM0MGZkMB4XDTIyMDUx
MDA1MTkwNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoM2QzOTI2ODM4ZDhi
MzIyYjk1ZTIyZmU5MjY2YTFhM2U2ZTVjNTZhOTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJx64qTQ06lrvjlY2m3tJ0nIC9Xyrk7UIwb8pBGW06ICQ2Hq
2yQ4zAb672cZZGBVGNv5fwS5rq2vuvBstZoWxhBryV8xpAh9lkdPWOtcqJdSpN/Y
XbV7/TfSEE4rnWc14qAgyTloEd3Cdoe8hjQgBXPNI0lQC7vJ8ZH/LL86OWxrd3yl
eozRPIUe08j7RraPwc65iVp4KFpQvdz82iEsV5GUpq1yTBEeNkNLecVjtfrtpxt6
4+fRaYcvJPwlzYOVacUa9tn9m1W0xpRfowWnnw6+5feLUYV8x6kabjOAZ0bNmhx6
SqVIeuvCGTFI81/InTxjAYTqqGwmKkXC8lJxqnkCAwEAAaOCAiMwggIfMB0GA1Ud
DgQWBBQ9OSaDjYsyK5XiL+kmaho+blxWqTAfBgNVHSMEGDAWgBTYKE8YzURgS91t
CPTYeNxhRWxA/TAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzJDaFBHTTFFWUV2ZGJRajAySGpjWVVWc1FQMC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNWIvMjY1MmNkLTdlY2YtNDllOC1hNGY4LWM3ODY5MTI4NTgyYy8x
L1BUa21nNDJMTWl1VjRpX3BKbW9hUG01Y1Zxay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNWIv
MjY1MmNkLTdlY2YtNDllOC1hNGY4LWM3ODY5MTI4NTgyYy8xLzJDaFBHTTFFWUV2
ZGJRajAySGpjWVVWc1FQMC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA5
BggrBgEFBQcBBwEB/wQqMCgwJgQCAAEwIAMEAC78AQMEAC78AwMEAC78BTAMAwQA
LvwHAwQALvwIMA0GCSqGSIb3DQEBCwUAA4IBAQBBH50sULTAa7RL4rHoSZ4kmSn4
5Nj/REXyse2D7kEVso8XKB5Tqsbga0X2zINChacEPZmlUcQSZh7fXOxszkjLIKVX
fJagsXHyhjdkhQw6yloAaSngdaq0LEHrWx/uBqUtyHkUiRMMGxZNbQRtSuW7gU2q
qXfBJeZnUX+x00LpVoSiJSC3H7wOtTgdxhAiyLn5X3H8GjFXIPFGXcn1b+00VEw6
sBnB8oVSQB0yaGjpET1epnVb3zjXkRWy9yLOX9OR0N/h3+GcZXNEwGh5hAisKdvv
PzVWppPMuQ3pSoGk9i1CoTxRBITswkDC5Orm2xc0y02MWkcuhs2fMj074jgZ
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:52:39 2023 by rpki-client on console-ams.rpki-client.org