Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/su2_9Eqtgaa_XlrY1gfpJaUMDOE.roa
File: su2_9Eqtgaa_XlrY1gfpJaUMDOE.roa (raw, json)
Hash identifier: kok4M5gkcXUjWgd6tFkhBd1p6dd8F5UCU6PYfNWtyfU=
Subject key identifier: B2:ED:BF:F4:4A:AD:81:A6:BF:5E:5A:D8:D6:07:E9:25:A5:0C:0C:E1
Certificate issuer: /CN=b72945f57103153a07854e74e227f2aec1c5f430
Certificate serial: 0182DEC0BCA6D56BDA08133AEFC2FB0039F9
Authority key identifier: B7:29:45:F5:71:03:15:3A:07:85:4E:74:E2:27:F2:AE:C1:C5:F4:30
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tylF9XEDFToHhU504ifyrsHF9DA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/su2_9Eqtgaa_XlrY1gfpJaUMDOE.roa
Signing time: Sat 27 Aug 2022 10:02:29 +0000
ROA not before: Sat 27 Aug 2022 10:02:29 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 44889
IP address blocks: 212.16.64.0/19 maxlen: 24
46.38.140.0/24 maxlen: 24
46.38.150.0/24 maxlen: 24
212.16.72.0/24 maxlen: 25
212.80.0.0/19 maxlen: 24
212.80.20.0/23 maxlen: 23
185.24.148.0/24 maxlen: 24
46.38.129.0/24 maxlen: 24
46.38.131.0/24 maxlen: 24
2a00:7d80::/29 maxlen: 64
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:de:c0:bc:a6:d5:6b:da:08:13:3a:ef:c2:fb:00:39:f9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b72945f57103153a07854e74e227f2aec1c5f430
Validity
Not Before: Aug 27 10:02:29 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=b2edbff44aad81a6bf5e5ad8d607e925a50c0ce1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:de:b5:cf:fb:a0:6b:b2:dc:7a:7c:8e:c0:a1:
c3:9b:a2:49:08:57:00:92:58:9e:df:c1:9f:e8:67:
af:9c:8d:14:63:d8:45:83:20:ef:e1:cf:2c:6e:33:
8c:26:29:70:52:93:c2:e5:c0:a3:15:7d:f4:35:d8:
0f:2c:74:23:95:8e:04:a7:b3:f2:d4:9d:42:8a:6f:
2f:a5:0f:4b:89:88:c4:3e:74:d5:89:ca:3f:01:04:
e8:8b:5c:79:db:24:79:1c:87:ec:d7:df:fb:e2:57:
fe:60:65:10:55:06:b9:0f:d5:24:09:ec:2a:36:7c:
c2:50:be:63:cc:18:67:94:70:61:e0:64:3e:a9:d0:
ab:c0:c5:f4:28:46:a4:75:52:09:bf:a3:ea:5f:43:
dd:1a:b3:9f:85:68:ba:a9:b2:1a:56:b9:01:6e:c1:
a3:28:69:8c:0d:01:8d:74:a7:fd:0b:10:df:b1:16:
11:50:a1:70:d8:6f:ad:46:23:dd:3c:d3:08:ff:52:
89:8c:e4:36:5d:64:4f:bb:a5:23:11:f2:76:68:e0:
3c:eb:ea:82:6e:55:0a:ae:8b:35:2e:b3:a6:20:23:
d2:99:8c:3f:d9:c5:0d:fe:00:aa:ec:82:66:3e:61:
1a:da:dc:89:14:c5:8b:2a:40:f9:c7:10:7c:e1:3e:
d9:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B2:ED:BF:F4:4A:AD:81:A6:BF:5E:5A:D8:D6:07:E9:25:A5:0C:0C:E1
X509v3 Authority Key Identifier:
keyid:B7:29:45:F5:71:03:15:3A:07:85:4E:74:E2:27:F2:AE:C1:C5:F4:30
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tylF9XEDFToHhU504ifyrsHF9DA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/su2_9Eqtgaa_XlrY1gfpJaUMDOE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/tylF9XEDFToHhU504ifyrsHF9DA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.38.129.0/24
46.38.131.0/24
46.38.140.0/24
46.38.150.0/24
185.24.148.0/24
212.16.64.0/19
212.80.0.0/19
IPv6:
2a00:7d80::/29
Signature Algorithm: sha256WithRSAEncryption
9b:e2:f8:f2:4c:54:29:dd:c6:21:ca:56:bf:8d:8c:23:2c:d3:
d8:3a:11:6b:ca:3d:f4:ae:aa:76:c4:e0:ef:8b:bb:09:4c:bf:
b1:7c:7a:b7:99:31:94:d4:74:9e:1f:f0:62:f3:9e:f5:b1:de:
c3:3e:02:21:d3:74:df:fd:34:7d:da:6d:d5:0b:f4:55:5e:45:
42:fb:95:dc:ab:df:e1:58:c1:fd:c3:75:26:4e:b0:66:23:5d:
6f:3d:14:b3:d8:50:1f:45:af:47:80:28:01:09:d9:64:4d:a1:
1f:34:fe:2b:3f:f8:25:67:a3:96:47:cf:25:fe:0d:bb:43:99:
fc:32:6b:ab:32:1b:94:4f:b1:3a:58:b6:c3:44:b9:b6:af:c5:
a4:c7:0f:3e:0e:04:08:40:64:00:88:a0:56:33:ba:9a:48:b3:
95:00:52:4c:0a:25:4c:65:8f:d9:54:31:43:2b:02:a0:6b:f0:
29:08:f3:a2:9b:e2:20:fa:9c:d3:72:b1:4c:a9:74:25:84:85:
a7:10:64:9d:e0:27:f0:26:0a:11:d4:b1:c6:86:f3:40:a9:ae:
1d:9b:63:e9:66:a4:d4:fa:f1:95:1a:27:7a:94:cb:1a:99:af:
49:a6:82:95:6d:9f:c4:8d:91:42:a6:71:1c:0a:76:59:f2:a3:
13:90:fb:62
-----BEGIN CERTIFICATE-----
MIIFMDCCBBigAwIBAgISAYLewLym1WvaCBM678L7ADn5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI3Mjk0NWY1NzEwMzE1M2EwNzg1NGU3NGUyMjdmMmFlYzFj
NWY0MzAwHhcNMjIwODI3MTAwMjI5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMmVkYmZmNDRhYWQ4MWE2YmY1ZTVhZDhkNjA3ZTkyNWE1MGMwY2UxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwd61z/uga7LcenyOwKHDm6JJCFcA
klie38Gf6GevnI0UY9hFgyDv4c8sbjOMJilwUpPC5cCjFX30NdgPLHQjlY4Ep7Py
1J1Cim8vpQ9LiYjEPnTVico/AQToi1x52yR5HIfs19/74lf+YGUQVQa5D9UkCewq
NnzCUL5jzBhnlHBh4GQ+qdCrwMX0KEakdVIJv6PqX0PdGrOfhWi6qbIaVrkBbsGj
KGmMDQGNdKf9CxDfsRYRUKFw2G+tRiPdPNMI/1KJjOQ2XWRPu6UjEfJ2aOA86+qC
blUKros1LrOmICPSmYw/2cUN/gCq7IJmPmEa2tyJFMWLKkD5xxB84T7ZrwIDAQAB
o4ICPDCCAjgwHQYDVR0OBBYEFLLtv/RKrYGmv15a2NYH6SWlDAzhMB8GA1UdIwQY
MBaAFLcpRfVxAxU6B4VOdOIn8q7BxfQwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdHlsRjlYRURGVG9IaFU1MDRpZnlyc0hGOURBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MS81ZjY5MDYtM2ZiMC00ZGZmLThkMDEt
MmEwOWNjNTNhODA1LzEvc3UyXzlFcXRnYWFfWGxyWTFnZnBKYVVNRE9FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MS81ZjY5MDYtM2ZiMC00ZGZmLThkMDEtMmEwOWNjNTNhODA1
LzEvdHlsRjlYRURGVG9IaFU1MDRpZnlyc0hGOURBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFIGCCsGAQUFBwEHAQH/BEMwQTAwBAIAATAqAwQALiaBAwQA
LiaDAwQALiaMAwQALiaWAwQAuRiUAwQF1BBAAwQF1FAAMA0EAgACMAcDBQMqAH2A
MA0GCSqGSIb3DQEBCwUAA4IBAQCb4vjyTFQp3cYhyla/jYwjLNPYOhFryj30rqp2
xODvi7sJTL+xfHq3mTGU1HSeH/Bi8571sd7DPgIh03Tf/TR92m3VC/RVXkVC+5Xc
q9/hWMH9w3UmTrBmI11vPRSz2FAfRa9HgCgBCdlkTaEfNP4rP/glZ6OWR88l/g27
Q5n8MmurMhuUT7E6WLbDRLm2r8Wkxw8+DgQIQGQAiKBWM7qaSLOVAFJMCiVMZY/Z
VDFDKwKga/ApCPOim+Ig+pzTcrFMqXQlhIWnEGSd4CfwJgoR1LHGhvNAqa4dm2Pp
ZqTU+vGVGid6lMsama9JpoKVbZ/EjZFCpnEcCnZZ8qMTkPti
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:14:07 2024 by rpki-client on console-ams.rpki-client.org