Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/Q23mloppx5JqgRPmUl5L4Hx8JBM.roa
File: Q23mloppx5JqgRPmUl5L4Hx8JBM.roa (raw, json)
Hash identifier: DtKJWXa9RR2Pyk+9wNcQeNV6REA/nKnRS5AMo0sVihQ=
Subject key identifier: 43:6D:E6:96:8A:69:C7:92:6A:81:13:E6:52:5E:4B:E0:7C:7C:24:13
Certificate issuer: /CN=b72945f57103153a07854e74e227f2aec1c5f430
Certificate serial: 018547F476320698DB4E855CE070C8042358
Authority key identifier: B7:29:45:F5:71:03:15:3A:07:85:4E:74:E2:27:F2:AE:C1:C5:F4:30
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tylF9XEDFToHhU504ifyrsHF9DA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/Q23mloppx5JqgRPmUl5L4Hx8JBM.roa
Signing time: Sun 25 Dec 2022 06:24:41 +0000
ROA not before: Sun 25 Dec 2022 06:24:41 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 44889
IP address blocks: 212.16.64.0/19 maxlen: 24
46.38.140.0/24 maxlen: 24
46.38.150.0/24 maxlen: 24
212.16.72.0/24 maxlen: 25
212.80.0.0/19 maxlen: 24
212.80.2.0/24 maxlen: 24
212.80.20.0/23 maxlen: 23
46.38.129.0/24 maxlen: 24
46.38.131.0/24 maxlen: 24
2a00:7d80::/29 maxlen: 64
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:47:f4:76:32:06:98:db:4e:85:5c:e0:70:c8:04:23:58
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b72945f57103153a07854e74e227f2aec1c5f430
Validity
Not Before: Dec 25 06:24:41 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=436de6968a69c7926a8113e6525e4be07c7c2413
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:c6:ff:94:d3:c0:cf:f7:ad:9d:64:f6:5f:b6:
ee:ea:ce:f4:00:97:66:b1:ca:67:2b:b3:ea:8d:55:
b8:8e:6c:1d:01:aa:f4:46:14:b4:5e:db:b1:e5:c7:
8c:44:9d:b3:05:89:df:f8:5e:5d:cd:36:a1:8c:2b:
75:9d:f3:ce:03:bc:0b:28:fe:fa:a0:58:d0:ab:9d:
c9:5a:b8:dc:8b:a2:d5:36:a0:5b:9e:d4:06:25:3e:
05:bd:6e:11:4d:14:53:0b:69:dc:46:4b:b2:11:1d:
3b:aa:5e:52:65:6b:95:ed:85:04:c9:85:56:a3:f6:
cc:d9:f6:75:4d:89:14:b6:17:6e:66:a3:00:ba:31:
97:be:0b:37:85:9f:23:3d:82:cb:b4:b7:4c:10:5f:
d3:69:f6:9d:b8:1d:b7:33:c8:d8:28:19:d0:1d:9b:
90:0e:8b:6d:e0:08:a2:1d:32:db:98:fa:70:a5:b4:
01:a3:5d:a8:7a:02:5e:e1:52:ee:24:fe:38:b1:c0:
e5:27:21:d2:c6:89:cb:09:48:44:69:f9:2b:79:a5:
7d:d7:9f:c3:f7:9b:59:49:cd:1d:eb:16:e9:c8:76:
bc:3b:13:13:59:f6:56:49:a9:7c:2c:fb:78:1e:12:
a9:97:a5:d1:d2:c0:dc:28:97:2d:b8:12:ef:e1:64:
67:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:6D:E6:96:8A:69:C7:92:6A:81:13:E6:52:5E:4B:E0:7C:7C:24:13
X509v3 Authority Key Identifier:
keyid:B7:29:45:F5:71:03:15:3A:07:85:4E:74:E2:27:F2:AE:C1:C5:F4:30
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tylF9XEDFToHhU504ifyrsHF9DA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/Q23mloppx5JqgRPmUl5L4Hx8JBM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/tylF9XEDFToHhU504ifyrsHF9DA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.38.129.0/24
46.38.131.0/24
46.38.140.0/24
46.38.150.0/24
212.16.64.0/19
212.80.0.0/19
IPv6:
2a00:7d80::/29
Signature Algorithm: sha256WithRSAEncryption
24:cb:85:68:61:2f:7c:9e:92:25:dd:1c:45:71:dc:bf:65:48:
4c:83:c0:15:3e:0a:f7:56:f3:d3:e4:5d:d6:32:e9:01:c0:18:
a4:73:5f:8e:90:8b:fd:2b:a7:44:bd:5b:16:aa:b5:dd:0d:57:
d2:68:62:aa:30:68:04:e1:14:d9:42:67:67:8c:0f:67:59:a8:
ee:29:7f:f8:14:4d:bd:5b:90:dd:e3:a6:6e:6c:b8:df:63:68:
34:dc:42:47:31:ed:23:d0:f1:f8:cc:ad:4b:1d:1a:55:14:e8:
01:eb:3b:27:61:66:7d:8f:20:4a:6f:a8:56:74:38:5b:c1:6b:
55:dd:45:99:1c:2b:d1:82:56:8f:82:6c:e9:90:73:1b:f0:db:
c9:0a:67:cc:9c:ab:bc:b0:1d:d5:9e:14:ca:52:09:6f:4e:3d:
22:dd:33:1b:4a:63:f7:61:3f:1d:9e:96:0a:6c:03:57:47:3e:
c1:9e:cd:d5:56:cd:a8:bf:28:c7:77:1a:5e:13:ed:4f:62:03:
af:77:ee:71:45:50:43:fe:2f:a2:18:b1:70:94:fb:82:86:57:
cb:a3:43:5c:5e:32:c0:5f:f7:41:b1:05:6b:45:5e:69:ff:f6:
4c:33:1d:15:bb:dc:1b:c0:3c:69:6d:8b:e6:c2:f8:5e:19:2c:
ec:07:13:b2
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgISAYVH9HYyBpjbToVc4HDIBCNYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI3Mjk0NWY1NzEwMzE1M2EwNzg1NGU3NGUyMjdmMmFlYzFj
NWY0MzAwHhcNMjIxMjI1MDYyNDQxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MzZkZTY5NjhhNjljNzkyNmE4MTEzZTY1MjVlNGJlMDdjN2MyNDEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsMb/lNPAz/etnWT2X7bu6s70AJdm
scpnK7PqjVW4jmwdAar0RhS0Xtux5ceMRJ2zBYnf+F5dzTahjCt1nfPOA7wLKP76
oFjQq53JWrjci6LVNqBbntQGJT4FvW4RTRRTC2ncRkuyER07ql5SZWuV7YUEyYVW
o/bM2fZ1TYkUthduZqMAujGXvgs3hZ8jPYLLtLdMEF/TafaduB23M8jYKBnQHZuQ
Dott4AiiHTLbmPpwpbQBo12oegJe4VLuJP44scDlJyHSxonLCUhEafkreaV915/D
95tZSc0d6xbpyHa8OxMTWfZWSal8LPt4HhKpl6XR0sDcKJctuBLv4WRnPwIDAQAB
o4ICNjCCAjIwHQYDVR0OBBYEFENt5paKaceSaoET5lJeS+B8fCQTMB8GA1UdIwQY
MBaAFLcpRfVxAxU6B4VOdOIn8q7BxfQwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdHlsRjlYRURGVG9IaFU1MDRpZnlyc0hGOURBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MS81ZjY5MDYtM2ZiMC00ZGZmLThkMDEt
MmEwOWNjNTNhODA1LzEvUTIzbWxvcHB4NUpxZ1JQbVVsNUw0SHg4SkJNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MS81ZjY5MDYtM2ZiMC00ZGZmLThkMDEtMmEwOWNjNTNhODA1
LzEvdHlsRjlYRURGVG9IaFU1MDRpZnlyc0hGOURBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEwGCCsGAQUFBwEHAQH/BD0wOzAqBAIAATAkAwQALiaBAwQA
LiaDAwQALiaMAwQALiaWAwQF1BBAAwQF1FAAMA0EAgACMAcDBQMqAH2AMA0GCSqG
SIb3DQEBCwUAA4IBAQAky4VoYS98npIl3RxFcdy/ZUhMg8AVPgr3VvPT5F3WMukB
wBikc1+OkIv9K6dEvVsWqrXdDVfSaGKqMGgE4RTZQmdnjA9nWajuKX/4FE29W5Dd
46ZubLjfY2g03EJHMe0j0PH4zK1LHRpVFOgB6zsnYWZ9jyBKb6hWdDhbwWtV3UWZ
HCvRglaPgmzpkHMb8NvJCmfMnKu8sB3VnhTKUglvTj0i3TMbSmP3YT8dnpYKbANX
Rz7Bns3VVs2ovyjHdxpeE+1PYgOvd+5xRVBD/i+iGLFwlPuChlfLo0NcXjLAX/dB
sQVrRV5p//ZMMx0Vu9wbwDxpbYvmwvheGSzsBxOy
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:14:06 2024 by rpki-client on console-ams.rpki-client.org