Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/xRPPFjR34HPFROc7zWJ6JMOMRAM.roa
File: xRPPFjR34HPFROc7zWJ6JMOMRAM.roa (raw, json)
Hash identifier: NfM3tDcyCk1uuIpqnarZdePDcyqezZAdI8zPLoDN42Q=
Subject key identifier: C5:13:CF:16:34:77:E0:73:C5:44:E7:3B:CD:62:7A:24:C3:8C:44:03
Certificate issuer: /CN=b72945f57103153a07854e74e227f2aec1c5f430
Certificate serial: 397C9E41
Authority key identifier: B7:29:45:F5:71:03:15:3A:07:85:4E:74:E2:27:F2:AE:C1:C5:F4:30
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tylF9XEDFToHhU504ifyrsHF9DA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/xRPPFjR34HPFROc7zWJ6JMOMRAM.roa
Signing time: Mon 28 Feb 2022 13:06:42 +0000
ROA not before: Mon 28 Feb 2022 13:06:42 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 44889
IP address blocks: 212.16.64.0/19 maxlen: 24
46.38.140.0/24 maxlen: 24
212.16.72.0/24 maxlen: 25
212.80.0.0/19 maxlen: 24
185.24.148.0/24 maxlen: 24
46.38.129.0/24 maxlen: 24
46.38.131.0/24 maxlen: 24
2a00:7d80::/29 maxlen: 64
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 964468289 (0x397c9e41)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b72945f57103153a07854e74e227f2aec1c5f430
Validity
Not Before: Feb 28 13:06:42 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=c513cf163477e073c544e73bcd627a24c38c4403
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:98:55:77:ec:b6:6d:c3:b6:7a:a0:12:b6:1a:
2b:39:cb:45:62:5b:b0:a0:e4:2d:9f:0a:cb:1f:bd:
cb:3f:a4:b4:28:d7:00:ea:1b:fe:10:79:9a:2f:c5:
2d:e1:60:53:ae:70:52:5b:49:c0:6d:33:7e:b3:d1:
00:d3:45:47:96:d1:75:c4:bd:5e:d5:f6:f1:80:35:
1d:70:67:5e:82:07:c2:f9:3f:3a:6b:91:29:97:7b:
ce:67:b7:6e:c9:d7:01:50:a9:0f:93:87:10:eb:5d:
1e:27:26:f0:f0:19:c1:39:67:13:a3:6f:1c:7d:ab:
37:2c:8e:2b:72:02:71:39:e0:66:90:39:fb:aa:59:
b8:9a:17:46:88:ae:19:cf:92:08:ae:3c:84:44:e7:
f1:be:f2:83:d8:3f:4e:94:9c:43:ca:1b:e5:ca:dc:
73:72:7b:02:af:f2:c0:8d:60:6a:be:aa:37:f2:7f:
88:d1:52:6b:2c:26:b0:e6:37:5f:83:04:5c:43:a9:
ac:d3:77:c4:6a:af:8c:a2:e8:6e:af:8d:ce:2e:0a:
57:94:77:de:7f:bd:db:2f:e0:f8:2d:b8:04:4c:be:
b4:45:67:f5:d3:87:1b:e1:da:bd:65:1c:ad:5b:84:
79:25:e5:ab:84:fe:03:32:80:52:87:41:a0:34:28:
f3:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:13:CF:16:34:77:E0:73:C5:44:E7:3B:CD:62:7A:24:C3:8C:44:03
X509v3 Authority Key Identifier:
keyid:B7:29:45:F5:71:03:15:3A:07:85:4E:74:E2:27:F2:AE:C1:C5:F4:30
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tylF9XEDFToHhU504ifyrsHF9DA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/xRPPFjR34HPFROc7zWJ6JMOMRAM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/tylF9XEDFToHhU504ifyrsHF9DA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.38.129.0/24
46.38.131.0/24
46.38.140.0/24
185.24.148.0/24
212.16.64.0/19
212.80.0.0/19
IPv6:
2a00:7d80::/29
Signature Algorithm: sha256WithRSAEncryption
0e:76:c3:b1:04:7a:82:17:92:ea:5e:e2:69:4b:e7:e6:84:cc:
49:7b:a6:68:ef:9f:b0:42:7f:25:50:7e:77:cc:6c:38:c3:f1:
ab:9e:6c:5c:ad:c1:bd:1a:82:cc:0d:9a:6e:09:ba:7e:8d:0f:
d4:97:fb:7c:bb:ed:cb:2d:2f:f6:d2:32:08:d2:a5:46:44:44:
9a:6f:8a:e8:45:a2:14:50:18:49:ab:43:c1:c6:08:6f:df:99:
aa:5c:df:34:da:60:78:52:da:40:78:a1:fa:97:2f:ac:c5:1b:
9b:43:8a:26:fd:bf:6b:dd:83:4a:1c:7b:95:19:49:0e:18:dc:
fb:f7:d5:9a:a2:10:af:b9:b8:a6:e8:74:09:1c:34:dd:0b:d5:
16:96:5f:bb:f1:2c:f4:2d:ac:13:81:19:86:bc:40:1f:21:b4:
ac:88:63:b9:e7:dc:54:a3:ce:2d:c3:1a:26:bb:14:39:a5:09:
0e:cf:cd:c1:01:85:55:84:22:4d:52:36:20:6b:dc:23:22:11:
fa:12:26:77:0d:bf:cd:7f:4a:09:94:73:d6:9d:c9:92:dc:02:
24:c7:47:0b:94:1d:12:66:d4:43:4b:64:28:55:35:33:3a:a7:
27:93:69:3d:a3:bc:0c:10:b0:c1:89:71:9c:3f:02:c5:17:ef:
74:88:17:ba
-----BEGIN CERTIFICATE-----
MIIFHDCCBASgAwIBAgIEOXyeQTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
NzI5NDVmNTcxMDMxNTNhMDc4NTRlNzRlMjI3ZjJhZWMxYzVmNDMwMB4XDTIyMDIy
ODEzMDY0MloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYzUxM2NmMTYzNDc3
ZTA3M2M1NDRlNzNiY2Q2MjdhMjRjMzhjNDQwMzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAL6YVXfstm3DtnqgErYaKznLRWJbsKDkLZ8Kyx+9yz+ktCjX
AOob/hB5mi/FLeFgU65wUltJwG0zfrPRANNFR5bRdcS9XtX28YA1HXBnXoIHwvk/
OmuRKZd7zme3bsnXAVCpD5OHEOtdHicm8PAZwTlnE6NvHH2rNyyOK3ICcTngZpA5
+6pZuJoXRoiuGc+SCK48hETn8b7yg9g/TpScQ8ob5crcc3J7Aq/ywI1gar6qN/J/
iNFSaywmsOY3X4MEXEOprNN3xGqvjKLobq+Nzi4KV5R33n+92y/g+C24BEy+tEVn
9dOHG+HavWUcrVuEeSXlq4T+AzKAUodBoDQo860CAwEAAaOCAjYwggIyMB0GA1Ud
DgQWBBTFE88WNHfgc8VE5zvNYnokw4xEAzAfBgNVHSMEGDAWgBS3KUX1cQMVOgeF
TnTiJ/KuwcX0MDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3R5bEY5WEVERlRvSGhVNTA0aWZ5cnNIRjlEQS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNjEvNWY2OTA2LTNmYjAtNGRmZi04ZDAxLTJhMDljYzUzYTgwNS8x
L3hSUFBGalIzNEhQRlJPYzd6V0o2Sk1PTVJBTS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNjEv
NWY2OTA2LTNmYjAtNGRmZi04ZDAxLTJhMDljYzUzYTgwNS8xL3R5bEY5WEVERlRv
SGhVNTA0aWZ5cnNIRjlEQS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBM
BggrBgEFBQcBBwEB/wQ9MDswKgQCAAEwJAMEAC4mgQMEAC4mgwMEAC4mjAMEALkY
lAMEBdQQQAMEBdRQADANBAIAAjAHAwUDKgB9gDANBgkqhkiG9w0BAQsFAAOCAQEA
DnbDsQR6gheS6l7iaUvn5oTMSXumaO+fsEJ/JVB+d8xsOMPxq55sXK3BvRqCzA2a
bgm6fo0P1Jf7fLvtyy0v9tIyCNKlRkREmm+K6EWiFFAYSatDwcYIb9+ZqlzfNNpg
eFLaQHih+pcvrMUbm0OKJv2/a92DShx7lRlJDhjc+/fVmqIQr7m4puh0CRw03QvV
FpZfu/Es9C2sE4EZhrxAHyG0rIhjuefcVKPOLcMaJrsUOaUJDs/NwQGFVYQiTVI2
IGvcIyIR+hImdw2/zX9KCZRz1p3JktwCJMdHC5QdEmbUQ0tkKFU1MzqnJ5NpPaO8
DBCwwYlxnD8CxRfvdIgXug==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:56:58 2023 by rpki-client on console-fra.rpki-client.org