Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5d/dcb6fb-0e86-4d34-adc3-d93fd49ae8ef/1/RgKeuaX-dtLLxpogy7seChhnslE.roa
File: RgKeuaX-dtLLxpogy7seChhnslE.roa (raw, json)
Hash identifier: QzO+jYOVT/AP8T+THGAz3A5jE+OG/H2Rk9Vyyb5ta0Y=
Subject key identifier: 46:02:9E:B9:A5:FE:76:D2:CB:C6:9A:20:CB:BB:1E:0A:18:67:B2:51
Certificate issuer: /CN=51f866f32b47c69d478ad95354e257e51a236a57
Certificate serial: 44A646DB
Authority key identifier: 51:F8:66:F3:2B:47:C6:9D:47:8A:D9:53:54:E2:57:E5:1A:23:6A:57
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ufhm8ytHxp1HitlTVOJX5Rojalc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5d/dcb6fb-0e86-4d34-adc3-d93fd49ae8ef/1/RgKeuaX-dtLLxpogy7seChhnslE.roa
Signing time: Sat 01 Jan 2022 11:57:19 +0000
ROA not before: Sat 01 Jan 2022 11:57:19 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 39288
IP address blocks: 158.255.92.0/22 maxlen: 22
193.138.118.0/24 maxlen: 24
46.21.208.0/20 maxlen: 20
46.21.208.0/21 maxlen: 21
46.21.216.0/21 maxlen: 21
94.232.152.0/22 maxlen: 22
94.232.152.0/21 maxlen: 21
158.255.88.0/21 maxlen: 21
158.255.88.0/22 maxlen: 22
94.232.156.0/22 maxlen: 22
2a02:2928::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1151747803 (0x44a646db)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=51f866f32b47c69d478ad95354e257e51a236a57
Validity
Not Before: Jan 1 11:57:19 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=46029eb9a5fe76d2cbc69a20cbbb1e0a1867b251
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:8d:bf:90:0d:f7:33:20:59:e0:f7:ac:5a:33:
d3:ed:72:43:a5:e9:b9:ea:b1:b6:d7:d7:23:93:8d:
46:67:5a:8a:db:ec:c7:a2:7d:1a:a7:3b:fd:bf:2f:
56:3d:e3:b7:4d:90:4f:2a:6d:1b:2b:ea:98:36:f2:
68:9c:74:2c:f9:8b:86:c6:ca:bb:3d:61:c1:f6:1d:
17:e3:8d:e5:13:93:38:ff:a9:21:04:e0:2a:2c:e4:
69:14:7c:95:69:97:7e:45:26:3d:7d:a9:9e:d0:87:
cb:16:86:c5:a3:67:70:0b:3c:6c:8f:3a:4e:63:55:
b3:58:a9:8c:f6:e8:f0:74:b4:16:77:f6:8a:4b:9e:
4e:97:c5:89:71:2e:3a:b8:6b:72:5c:0d:be:47:2b:
4a:d4:d2:c2:af:b2:ba:82:d5:e0:d4:2e:f9:1f:5f:
ca:bf:06:72:1c:d6:93:c1:ec:88:e6:65:92:46:fc:
99:4b:d1:30:60:94:2e:1f:af:a1:41:fe:54:45:bb:
d4:f4:61:79:f6:e2:90:9b:9f:2b:2e:e6:bb:1c:df:
d0:95:7c:6a:86:62:50:e8:72:67:ba:f0:3e:2d:35:
b5:89:7a:d1:d5:ff:0d:9a:71:eb:70:86:72:c2:3f:
d5:f3:b8:4c:ee:f7:13:2f:60:07:fc:f0:55:ee:10:
d5:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
46:02:9E:B9:A5:FE:76:D2:CB:C6:9A:20:CB:BB:1E:0A:18:67:B2:51
X509v3 Authority Key Identifier:
keyid:51:F8:66:F3:2B:47:C6:9D:47:8A:D9:53:54:E2:57:E5:1A:23:6A:57
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ufhm8ytHxp1HitlTVOJX5Rojalc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/dcb6fb-0e86-4d34-adc3-d93fd49ae8ef/1/RgKeuaX-dtLLxpogy7seChhnslE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/dcb6fb-0e86-4d34-adc3-d93fd49ae8ef/1/Ufhm8ytHxp1HitlTVOJX5Rojalc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.21.208.0/20
94.232.152.0/21
158.255.88.0/21
193.138.118.0/24
IPv6:
2a02:2928::/32
Signature Algorithm: sha256WithRSAEncryption
8f:83:34:91:40:a1:c5:f0:7a:0f:13:18:5b:0d:2e:f4:9d:d6:
fe:6b:f1:e7:86:2b:51:f9:fe:0a:d6:45:f5:68:0b:c6:1e:d5:
8d:51:5d:b7:59:c7:b8:3a:45:d4:d5:56:71:16:8f:af:36:73:
e8:f8:26:5a:77:3e:7d:d0:12:74:31:6d:66:71:41:c1:0a:35:
30:1d:06:bf:e8:68:71:e7:8f:fa:37:2b:f6:ab:ef:21:b2:fe:
d2:09:89:48:30:0c:ff:11:2a:f4:a8:e6:5c:d2:48:c2:01:f4:
c4:0d:de:d5:e4:e8:bf:03:06:3d:4b:5d:72:f2:dc:34:9a:5f:
36:c8:fa:4a:f7:f0:07:8a:4f:ed:46:1d:af:fa:ee:23:7b:94:
26:ff:0d:39:4c:37:43:3e:4d:6b:13:8d:a1:f5:48:d7:39:98:
76:95:72:24:9e:fb:3a:84:b2:39:95:a1:9b:5d:a7:7f:1d:a3:
05:f7:45:56:85:86:a1:30:7f:88:7e:77:3e:c0:6d:25:1b:4d:
3a:54:c9:f4:4d:0f:49:dd:22:56:13:7b:b5:f1:cd:61:c5:00:
0c:44:0d:32:cc:27:ef:a2:ec:5e:bc:50:f5:ea:5a:34:19:1b:
60:2d:4e:e4:5f:08:7c:21:c1:05:30:b5:e0:4b:bd:c7:4e:7e:
a0:65:5e:ff
-----BEGIN CERTIFICATE-----
MIIFEDCCA/igAwIBAgIERKZG2zANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg1
MWY4NjZmMzJiNDdjNjlkNDc4YWQ5NTM1NGUyNTdlNTFhMjM2YTU3MB4XDTIyMDEw
MTExNTcxOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNDYwMjllYjlhNWZl
NzZkMmNiYzY5YTIwY2JiYjFlMGExODY3YjI1MTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKKNv5AN9zMgWeD3rFoz0+1yQ6XpueqxttfXI5ONRmdaitvs
x6J9Gqc7/b8vVj3jt02QTyptGyvqmDbyaJx0LPmLhsbKuz1hwfYdF+ON5ROTOP+p
IQTgKizkaRR8lWmXfkUmPX2pntCHyxaGxaNncAs8bI86TmNVs1ipjPbo8HS0Fnf2
ikueTpfFiXEuOrhrclwNvkcrStTSwq+yuoLV4NQu+R9fyr8GchzWk8HsiOZlkkb8
mUvRMGCULh+voUH+VEW71PRhefbikJufKy7muxzf0JV8aoZiUOhyZ7rwPi01tYl6
0dX/DZpx63CGcsI/1fO4TO73Ey9gB/zwVe4Q1dECAwEAAaOCAiowggImMB0GA1Ud
DgQWBBRGAp65pf520svGmiDLux4KGGeyUTAfBgNVHSMEGDAWgBRR+GbzK0fGnUeK
2VNU4lflGiNqVzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1VmaG04eXRIeHAxSGl0bFRWT0pYNVJvamFsYy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNWQvZGNiNmZiLTBlODYtNGQzNC1hZGMzLWQ5M2ZkNDlhZThlZi8x
L1JnS2V1YVgtZHRMTHhwb2d5N3NlQ2hobnNsRS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNWQv
ZGNiNmZiLTBlODYtNGQzNC1hZGMzLWQ5M2ZkNDlhZThlZi8xL1VmaG04eXRIeHAx
SGl0bFRWT0pYNVJvamFsYy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBA
BggrBgEFBQcBBwEB/wQxMC8wHgQCAAEwGAMEBC4V0AMEA17omAMEA57/WAMEAMGK
djANBAIAAjAHAwUAKgIpKDANBgkqhkiG9w0BAQsFAAOCAQEAj4M0kUChxfB6DxMY
Ww0u9J3W/mvx54YrUfn+CtZF9WgLxh7VjVFdt1nHuDpF1NVWcRaPrzZz6PgmWnc+
fdASdDFtZnFBwQo1MB0Gv+hoceeP+jcr9qvvIbL+0gmJSDAM/xEq9KjmXNJIwgH0
xA3e1eTovwMGPUtdcvLcNJpfNsj6SvfwB4pP7UYdr/ruI3uUJv8NOUw3Qz5NaxON
ofVI1zmYdpVyJJ77OoSyOZWhm12nfx2jBfdFVoWGoTB/iH53PsBtJRtNOlTJ9E0P
Sd0iVhN7tfHNYcUADEQNMswn76LsXrxQ9epaNBkbYC1O5F8IfCHBBTC14Eu9x05+
oGVe/w==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:12:17 2024 by rpki-client on console-ams.rpki-client.org