Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/2652cd-7ecf-49e8-a4f8-c7869128582c/1/u6T5ZIOtlurRZQ698D3giLMX9rA.roa
File: u6T5ZIOtlurRZQ698D3giLMX9rA.roa (raw, json)
Hash identifier: XOIrkl5+ttk4yHqa1DwBFSNVeiu6F6hq1o+cXY0EclM=
Subject key identifier: BB:A4:F9:64:83:AD:96:EA:D1:65:0E:BD:F0:3D:E0:88:B3:17:F6:B0
Certificate issuer: /CN=d8284f18cd44604bdd6d08f4d878dc61456c40fd
Certificate serial: 01853486D9044FDCC5541B22B9C0BC51896F
Authority key identifier: D8:28:4F:18:CD:44:60:4B:DD:6D:08:F4:D8:78:DC:61:45:6C:40:FD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2ChPGM1EYEvdbQj02HjcYUVsQP0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5b/2652cd-7ecf-49e8-a4f8-c7869128582c/1/u6T5ZIOtlurRZQ698D3giLMX9rA.roa
Signing time: Wed 21 Dec 2022 11:52:10 +0000
ROA not before: Wed 21 Dec 2022 11:52:10 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 206774
IP address blocks: 46.252.1.0/24 maxlen: 24
46.252.3.0/24 maxlen: 24
46.252.9.0/24 maxlen: 24
46.252.8.0/24 maxlen: 24
46.252.5.0/24 maxlen: 24
46.252.10.0/24 maxlen: 24
46.252.7.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:34:86:d9:04:4f:dc:c5:54:1b:22:b9:c0:bc:51:89:6f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d8284f18cd44604bdd6d08f4d878dc61456c40fd
Validity
Not Before: Dec 21 11:52:10 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=bba4f96483ad96ead1650ebdf03de088b317f6b0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:be:0d:c5:9a:9b:aa:a8:d6:4e:27:82:05:90:
02:87:59:1e:26:63:bb:d3:f4:3c:81:be:d6:5f:77:
ac:fe:8e:79:48:a2:ad:ad:22:7a:4a:94:f8:ac:ea:
33:31:db:d6:ad:80:4e:1e:f5:ff:76:d4:c1:9c:47:
c9:b4:3c:0a:71:68:a9:c3:dd:a3:c6:c1:45:ea:59:
36:44:c1:43:ef:c2:b1:97:82:dc:eb:5b:03:d1:27:
62:bb:12:41:44:ad:8b:6d:4c:73:63:ac:dc:2e:d0:
d7:9b:78:a3:45:5b:c4:6f:73:f5:3f:40:34:b3:5a:
58:05:14:a7:6b:70:54:02:b6:12:96:bb:b1:d8:c3:
61:85:96:b4:fb:d7:48:ac:b9:d3:45:fb:63:1b:d9:
3e:42:8d:1d:63:a3:1b:a4:c6:4b:a4:04:36:97:42:
46:b7:ad:ac:31:2c:90:34:c4:6b:f5:e8:04:76:e1:
7b:c5:d7:ae:5d:f4:07:45:8c:5a:4a:c9:b4:0d:43:
80:44:72:0c:3d:e3:e9:25:2b:b3:7c:93:2e:2e:b9:
3a:59:04:ad:1d:a5:e5:08:60:71:23:b9:63:d5:ba:
6f:eb:99:86:4d:e6:f9:bb:7d:24:b7:d6:3d:e1:2f:
20:17:de:9f:26:72:6e:c1:48:19:30:48:57:6f:5e:
6c:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:A4:F9:64:83:AD:96:EA:D1:65:0E:BD:F0:3D:E0:88:B3:17:F6:B0
X509v3 Authority Key Identifier:
keyid:D8:28:4F:18:CD:44:60:4B:DD:6D:08:F4:D8:78:DC:61:45:6C:40:FD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2ChPGM1EYEvdbQj02HjcYUVsQP0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/2652cd-7ecf-49e8-a4f8-c7869128582c/1/u6T5ZIOtlurRZQ698D3giLMX9rA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/2652cd-7ecf-49e8-a4f8-c7869128582c/1/2ChPGM1EYEvdbQj02HjcYUVsQP0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.252.1.0/24
46.252.3.0/24
46.252.5.0/24
46.252.7.0-46.252.10.255
Signature Algorithm: sha256WithRSAEncryption
77:7f:77:20:1d:f5:05:00:d6:b6:ca:13:44:b1:d0:81:fc:f5:
44:0f:53:91:a4:4a:51:67:ab:1c:37:5d:3f:a8:31:af:47:d8:
b2:07:c2:99:8c:56:cf:d2:7c:be:8d:12:10:a2:c4:9f:ab:b8:
74:87:68:46:09:4c:10:57:4c:5e:cb:96:3f:73:5a:69:8d:4d:
3e:54:85:23:48:5d:6a:f8:73:59:11:f1:4e:93:ef:c2:16:8e:
06:9d:0f:a9:3f:6c:74:49:9f:f7:91:ac:7c:78:39:76:29:e2:
cf:eb:40:56:f0:d7:b5:36:a8:f5:87:51:57:cd:65:e1:77:5a:
6c:0c:cd:bf:a9:50:3a:91:51:c2:e3:31:d2:06:37:e4:60:86:
8c:c4:31:22:8d:55:5e:5f:8a:cb:b9:7b:92:58:f8:0e:9f:3c:
fc:56:d1:a7:72:97:14:47:75:05:cd:3f:74:68:83:00:e1:16:
0a:58:43:76:f0:94:2c:bc:b1:76:88:7a:7d:bd:4d:a0:a1:ba:
7c:b8:8a:ef:01:34:fe:3c:a2:91:3d:44:52:20:14:c2:b4:41:
fd:f3:ca:b8:36:91:be:a0:79:35:37:cc:3d:24:d3:0b:13:e2:
76:cd:6e:d1:e0:4f:bd:33:8d:ea:6e:c1:05:1a:8e:f4:8f:3e:
83:70:a8:31
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAYU0htkET9zFVBsiucC8UYlvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ4Mjg0ZjE4Y2Q0NDYwNGJkZDZkMDhmNGQ4NzhkYzYxNDU2
YzQwZmQwHhcNMjIxMjIxMTE1MjEwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYmE0Zjk2NDgzYWQ5NmVhZDE2NTBlYmRmMDNkZTA4OGIzMTdmNmIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg74NxZqbqqjWTieCBZACh1keJmO7
0/Q8gb7WX3es/o55SKKtrSJ6SpT4rOozMdvWrYBOHvX/dtTBnEfJtDwKcWipw92j
xsFF6lk2RMFD78Kxl4Lc61sD0SdiuxJBRK2LbUxzY6zcLtDXm3ijRVvEb3P1P0A0
s1pYBRSna3BUArYSlrux2MNhhZa0+9dIrLnTRftjG9k+Qo0dY6MbpMZLpAQ2l0JG
t62sMSyQNMRr9egEduF7xdeuXfQHRYxaSsm0DUOARHIMPePpJSuzfJMuLrk6WQSt
HaXlCGBxI7lj1bpv65mGTeb5u30kt9Y94S8gF96fJnJuwUgZMEhXb15sgQIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFLuk+WSDrZbq0WUOvfA94IizF/awMB8GA1UdIwQY
MBaAFNgoTxjNRGBL3W0I9Nh43GFFbED9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMkNoUEdNMUVZRXZkYlFqMDJIamNZVVZzUVAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi8yNjUyY2QtN2VjZi00OWU4LWE0Zjgt
Yzc4NjkxMjg1ODJjLzEvdTZUNVpJT3RsdXJSWlE2OThEM2dpTE1YOXJBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi8yNjUyY2QtN2VjZi00OWU4LWE0ZjgtYzc4NjkxMjg1ODJj
LzEvMkNoUEdNMUVZRXZkYlFqMDJIamNZVVZzUVAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQALvwBAwQA
LvwDAwQALvwFMAwDBAAu/AcDBAAu/AowDQYJKoZIhvcNAQELBQADggEBAHd/dyAd
9QUA1rbKE0Sx0IH89UQPU5GkSlFnqxw3XT+oMa9H2LIHwpmMVs/SfL6NEhCixJ+r
uHSHaEYJTBBXTF7Llj9zWmmNTT5UhSNIXWr4c1kR8U6T78IWjgadD6k/bHRJn/eR
rHx4OXYp4s/rQFbw17U2qPWHUVfNZeF3WmwMzb+pUDqRUcLjMdIGN+RghozEMSKN
VV5fisu5e5JY+A6fPPxW0adylxRHdQXNP3RogwDhFgpYQ3bwlCy8sXaIen29TaCh
uny4iu8BNP48opE9RFIgFMK0Qf3zyrg2kb6geTU3zD0k0wsT4nbNbtHgT70zjepu
wQUajvSPPoNwqDE=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:57 2023 by rpki-client on console-fra.rpki-client.org