Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/RIRL3rHbxFSEuAfvODhjIK8pD7w.roa
File: RIRL3rHbxFSEuAfvODhjIK8pD7w.roa (raw, json)
Hash identifier: SOLnk5P7iXkt7J3wWhNMpPB7NuVPwNFh/I+7/G9dDmk=
Subject key identifier: 44:84:4B:DE:B1:DB:C4:54:84:B8:07:EF:38:38:63:20:AF:29:0F:BC
Certificate issuer: /CN=b72945f57103153a07854e74e227f2aec1c5f430
Certificate serial: 018412FE6C2213AF2E827D65B63EB1C0069F
Authority key identifier: B7:29:45:F5:71:03:15:3A:07:85:4E:74:E2:27:F2:AE:C1:C5:F4:30
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tylF9XEDFToHhU504ifyrsHF9DA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/RIRL3rHbxFSEuAfvODhjIK8pD7w.roa
Signing time: Wed 26 Oct 2022 06:32:54 +0000
ROA not before: Wed 26 Oct 2022 06:32:54 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 44889
IP address blocks: 212.16.64.0/19 maxlen: 24
46.38.140.0/24 maxlen: 24
46.38.150.0/24 maxlen: 24
212.16.72.0/24 maxlen: 25
212.80.0.0/19 maxlen: 24
212.80.20.0/23 maxlen: 23
46.38.129.0/24 maxlen: 24
46.38.131.0/24 maxlen: 24
2a00:7d80::/29 maxlen: 64
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:12:fe:6c:22:13:af:2e:82:7d:65:b6:3e:b1:c0:06:9f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b72945f57103153a07854e74e227f2aec1c5f430
Validity
Not Before: Oct 26 06:32:54 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=44844bdeb1dbc45484b807ef38386320af290fbc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:e3:cc:e4:be:d2:84:44:6a:c2:81:0f:15:3e:
c4:97:1c:12:7e:61:a9:1b:59:db:ff:d9:4e:09:81:
41:6a:dd:2f:ae:57:53:d5:09:3f:1b:f4:0d:10:f9:
c7:7e:eb:93:de:12:5c:57:60:ae:87:4c:e9:54:50:
0c:63:13:3f:45:28:76:44:2e:99:fe:f8:89:41:02:
7b:4b:1c:72:4d:be:4f:ca:cd:54:97:ac:99:a3:42:
3e:45:2a:53:3b:69:1b:1e:0a:8e:63:58:e6:6d:96:
ae:89:97:02:3e:74:b9:f4:ff:87:63:c0:a2:a1:ff:
6c:91:58:57:a7:a2:39:5a:18:b8:21:70:77:1c:9e:
f9:b9:0d:d0:8a:6b:f3:e8:05:4a:ec:74:8b:a1:ab:
bd:81:5f:aa:b3:50:ff:e2:ac:5c:df:c8:88:7d:7f:
ef:f2:c6:5c:29:a8:bc:22:85:56:2a:8f:27:a0:cc:
3e:b9:94:11:05:53:9e:4e:3c:72:0f:d2:8e:79:51:
36:07:fe:4d:4c:dd:d7:f2:c6:3c:db:ee:b2:15:98:
fd:e6:dd:19:af:76:53:1c:ba:6d:f2:a7:dd:d7:47:
e3:91:f8:11:95:e9:e6:57:07:b4:b5:e9:cc:e8:1f:
0b:98:f4:54:65:69:f2:a9:c2:38:45:a7:e5:c0:8c:
27:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
44:84:4B:DE:B1:DB:C4:54:84:B8:07:EF:38:38:63:20:AF:29:0F:BC
X509v3 Authority Key Identifier:
keyid:B7:29:45:F5:71:03:15:3A:07:85:4E:74:E2:27:F2:AE:C1:C5:F4:30
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tylF9XEDFToHhU504ifyrsHF9DA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/RIRL3rHbxFSEuAfvODhjIK8pD7w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/tylF9XEDFToHhU504ifyrsHF9DA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.38.129.0/24
46.38.131.0/24
46.38.140.0/24
46.38.150.0/24
212.16.64.0/19
212.80.0.0/19
IPv6:
2a00:7d80::/29
Signature Algorithm: sha256WithRSAEncryption
a3:d7:84:80:3c:ce:dd:3a:a5:bd:df:45:ad:f1:5e:b7:e6:2b:
8b:a2:1f:88:54:d5:80:3c:13:2f:f0:bc:ef:11:72:9a:5b:ea:
e6:b3:8c:72:66:bf:f7:8c:38:b3:7a:31:3d:61:be:9e:6b:a7:
76:1e:6e:44:5e:3c:f0:1a:cf:2b:39:50:95:a0:e1:19:1d:f4:
be:f4:1a:a6:49:20:49:ae:c3:ea:43:4c:e1:b1:fe:95:16:c5:
26:fe:25:cf:2e:69:35:b3:82:de:79:69:b1:a5:70:39:73:61:
8c:57:76:02:76:5a:64:ce:8b:40:6c:98:f9:19:e8:e3:98:25:
64:dd:21:19:54:91:33:51:91:81:8d:f7:0c:83:4b:44:d0:77:
68:7d:eb:e6:52:60:ca:46:88:ca:cc:ac:6c:76:63:70:dd:b4:
01:42:8c:fd:ad:05:f1:55:8e:d9:ad:bf:d1:b4:0e:9e:77:72:
86:7e:cc:95:13:09:e9:e3:e2:c7:0b:02:f3:4b:ae:ef:bd:0d:
d7:2c:77:37:5f:e1:27:66:09:7c:83:0e:06:60:2e:93:a6:ad:
46:5b:89:62:51:5f:1e:d4:42:e3:87:6a:0c:35:f7:99:41:41:
31:96:b2:0e:91:a8:98:ac:c2:32:68:2a:a5:31:be:12:17:f7:
5b:1b:03:0a
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgISAYQS/mwiE68ugn1ltj6xwAafMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI3Mjk0NWY1NzEwMzE1M2EwNzg1NGU3NGUyMjdmMmFlYzFj
NWY0MzAwHhcNMjIxMDI2MDYzMjU0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NDg0NGJkZWIxZGJjNDU0ODRiODA3ZWYzODM4NjMyMGFmMjkwZmJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmuPM5L7ShERqwoEPFT7ElxwSfmGp
G1nb/9lOCYFBat0vrldT1Qk/G/QNEPnHfuuT3hJcV2Cuh0zpVFAMYxM/RSh2RC6Z
/viJQQJ7SxxyTb5Pys1Ul6yZo0I+RSpTO2kbHgqOY1jmbZauiZcCPnS59P+HY8Ci
of9skVhXp6I5Whi4IXB3HJ75uQ3Qimvz6AVK7HSLoau9gV+qs1D/4qxc38iIfX/v
8sZcKai8IoVWKo8noMw+uZQRBVOeTjxyD9KOeVE2B/5NTN3X8sY82+6yFZj95t0Z
r3ZTHLpt8qfd10fjkfgRlenmVwe0tenM6B8LmPRUZWnyqcI4RaflwIwnBQIDAQAB
o4ICNjCCAjIwHQYDVR0OBBYEFESES96x28RUhLgH7zg4YyCvKQ+8MB8GA1UdIwQY
MBaAFLcpRfVxAxU6B4VOdOIn8q7BxfQwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdHlsRjlYRURGVG9IaFU1MDRpZnlyc0hGOURBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MS81ZjY5MDYtM2ZiMC00ZGZmLThkMDEt
MmEwOWNjNTNhODA1LzEvUklSTDNySGJ4RlNFdUFmdk9EaGpJSzhwRDd3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MS81ZjY5MDYtM2ZiMC00ZGZmLThkMDEtMmEwOWNjNTNhODA1
LzEvdHlsRjlYRURGVG9IaFU1MDRpZnlyc0hGOURBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEwGCCsGAQUFBwEHAQH/BD0wOzAqBAIAATAkAwQALiaBAwQA
LiaDAwQALiaMAwQALiaWAwQF1BBAAwQF1FAAMA0EAgACMAcDBQMqAH2AMA0GCSqG
SIb3DQEBCwUAA4IBAQCj14SAPM7dOqW930Wt8V635iuLoh+IVNWAPBMv8LzvEXKa
W+rms4xyZr/3jDizejE9Yb6ea6d2Hm5EXjzwGs8rOVCVoOEZHfS+9BqmSSBJrsPq
Q0zhsf6VFsUm/iXPLmk1s4LeeWmxpXA5c2GMV3YCdlpkzotAbJj5GejjmCVk3SEZ
VJEzUZGBjfcMg0tE0HdofevmUmDKRojKzKxsdmNw3bQBQoz9rQXxVY7Zrb/RtA6e
d3KGfsyVEwnp4+LHCwLzS67vvQ3XLHc3X+EnZgl8gw4GYC6Tpq1GW4liUV8e1ELj
h2oMNfeZQUExlrIOkaiYrMIyaCqlMb4SF/dbGwMK
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:32:24 2024 by rpki-client on console-fra.rpki-client.org