Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/828652-addf-4fe8-9fe6-4b1f61653f3d/1/u5nahjO0W3kxxYFiqfsoY7KySEM.roa
File: u5nahjO0W3kxxYFiqfsoY7KySEM.roa (raw, json)
Hash identifier: LhejQCcPxdE/vnru0oAigLpTWzyUOSqlp1KwxgD0R8Y=
Subject key identifier: BB:99:DA:86:33:B4:5B:79:31:C5:81:62:A9:FB:28:63:B2:B2:48:43
Certificate issuer: /CN=13932782ee7758990404fa1ccfb09ec23a86123f
Certificate serial: 01853EBFE754C64223A931E78B966C01A467
Authority key identifier: 13:93:27:82:EE:77:58:99:04:04:FA:1C:CF:B0:9E:C2:3A:86:12:3F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/E5Mngu53WJkEBPocz7CewjqGEj8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/828652-addf-4fe8-9fe6-4b1f61653f3d/1/u5nahjO0W3kxxYFiqfsoY7KySEM.roa
Signing time: Fri 23 Dec 2022 11:30:42 +0000
ROA not before: Fri 23 Dec 2022 11:30:42 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2856
IP address blocks: 46.248.112.0/22 maxlen: 24
46.248.108.0/22 maxlen: 24
46.248.106.0/23 maxlen: 23
46.248.116.0/22 maxlen: 24
46.248.124.0/23 maxlen: 23
46.248.120.0/22 maxlen: 24
46.248.126.0/23 maxlen: 23
85.116.2.0/23 maxlen: 23
82.136.56.0/22 maxlen: 24
85.116.4.0/23 maxlen: 23
82.136.52.0/24 maxlen: 24
82.136.54.0/23 maxlen: 24
85.116.0.0/23 maxlen: 23
85.116.11.0/24 maxlen: 24
85.116.6.0/23 maxlen: 23
85.116.16.0/21 maxlen: 21
85.116.24.0/24 maxlen: 24
85.116.30.0/24 maxlen: 24
85.116.29.0/24 maxlen: 24
85.116.31.0/24 maxlen: 24
85.116.26.0/24 maxlen: 24
85.116.25.0/24 maxlen: 24
85.116.28.0/24 maxlen: 24
85.116.27.0/24 maxlen: 24
82.136.30.0/23 maxlen: 24
82.136.26.0/24 maxlen: 24
82.136.43.0/24 maxlen: 24
82.136.48.0/22 maxlen: 24
82.136.47.0/24 maxlen: 24
46.248.96.0/22 maxlen: 22
46.248.102.0/23 maxlen: 24
46.248.104.0/23 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:3e:bf:e7:54:c6:42:23:a9:31:e7:8b:96:6c:01:a4:67
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=13932782ee7758990404fa1ccfb09ec23a86123f
Validity
Not Before: Dec 23 11:30:42 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=bb99da8633b45b7931c58162a9fb2863b2b24843
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:56:05:8b:c3:c1:e2:10:fc:15:4b:13:c6:ef:
e4:65:dc:5f:fc:40:07:25:b6:c8:02:85:20:da:e4:
89:e7:5a:cf:e7:0d:b3:8d:3e:07:53:49:34:e4:6f:
5b:8f:74:cd:7a:63:36:c2:0a:14:cf:d6:7a:01:c0:
c9:ed:99:a7:b9:a4:6c:56:c5:c6:96:6d:91:b1:ee:
44:cf:d7:26:34:11:19:99:f4:f8:f6:c4:b9:27:bf:
a0:e1:ea:99:ab:27:19:1e:ff:12:72:95:4d:77:19:
47:5f:c7:cc:25:b6:2b:62:68:9e:85:3e:30:5f:f8:
23:0f:3f:5e:d3:9d:b4:2f:4a:9d:65:b0:85:a9:e9:
eb:8f:d3:6d:e5:b0:a6:c3:09:58:cf:f1:4c:e8:21:
8f:71:72:80:6f:c3:42:eb:9b:91:ff:9c:e3:ce:78:
f6:2a:48:9f:5d:17:4e:3b:8d:55:8e:a7:a2:03:00:
8b:22:16:ad:3f:91:52:a3:34:c9:34:96:b2:8b:2a:
96:68:e6:b1:4b:8b:a0:ab:67:f5:2e:8f:e6:d4:c6:
0b:93:e3:45:40:d7:d0:8d:68:15:dd:a4:c7:0a:e9:
d1:f4:e9:ab:52:ff:8e:8e:32:c5:77:5d:49:8c:07:
f9:46:c8:ab:e3:5c:90:a2:4a:1d:50:51:a6:0d:8c:
1e:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:99:DA:86:33:B4:5B:79:31:C5:81:62:A9:FB:28:63:B2:B2:48:43
X509v3 Authority Key Identifier:
keyid:13:93:27:82:EE:77:58:99:04:04:FA:1C:CF:B0:9E:C2:3A:86:12:3F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/E5Mngu53WJkEBPocz7CewjqGEj8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/828652-addf-4fe8-9fe6-4b1f61653f3d/1/u5nahjO0W3kxxYFiqfsoY7KySEM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/828652-addf-4fe8-9fe6-4b1f61653f3d/1/E5Mngu53WJkEBPocz7CewjqGEj8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.248.96.0/22
46.248.102.0-46.248.127.255
82.136.26.0/24
82.136.30.0/23
82.136.43.0/24
82.136.47.0-82.136.52.255
82.136.54.0-82.136.59.255
85.116.0.0/21
85.116.11.0/24
85.116.16.0/20
Signature Algorithm: sha256WithRSAEncryption
2f:11:42:ba:3f:22:72:6a:70:04:42:22:6c:b0:89:71:3b:d5:
83:88:1d:50:c6:d7:28:96:2b:dd:f6:9f:2c:c9:f0:c9:9b:99:
3f:8e:11:62:4d:be:d6:91:cf:0a:9c:29:e8:d5:97:d5:b8:a5:
43:eb:71:8b:d0:17:c0:19:44:2c:1f:2b:80:12:2f:08:02:55:
e6:e5:81:54:a6:85:45:2e:6e:07:85:8a:a0:f8:a8:ee:fc:00:
b1:31:37:a6:28:75:5e:54:76:09:49:0a:d6:14:49:fd:79:9c:
35:b0:5d:d4:3d:8d:1a:85:bc:93:3d:f1:2c:1e:f0:bc:25:9a:
d3:da:ac:2c:62:b1:67:61:41:e6:f0:0b:8b:5d:33:2e:e0:b5:
28:15:6e:a7:7b:7c:a2:67:20:6c:0f:84:10:34:ab:1e:28:32:
86:f9:d1:37:43:b0:2f:95:4a:07:50:f2:03:87:59:11:c6:b0:
6d:10:d3:b0:5c:00:53:3a:00:24:43:28:52:4e:da:e2:41:48:
a6:9d:2d:20:37:ec:5e:ef:24:c9:75:59:68:c4:cb:74:fa:83:
a3:4a:85:6d:b8:a2:e9:f2:b8:a5:b2:b9:90:dd:ab:45:17:62:
94:39:a8:79:88:52:e2:6c:3e:cb:f8:c1:d7:c5:2f:ef:9f:b1:
1c:3d:a4:cc
-----BEGIN CERTIFICATE-----
MIIFSzCCBDOgAwIBAgISAYU+v+dUxkIjqTHni5ZsAaRnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEzOTMyNzgyZWU3NzU4OTkwNDA0ZmExY2NmYjA5ZWMyM2E4
NjEyM2YwHhcNMjIxMjIzMTEzMDQyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYjk5ZGE4NjMzYjQ1Yjc5MzFjNTgxNjJhOWZiMjg2M2IyYjI0ODQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjFYFi8PB4hD8FUsTxu/kZdxf/EAH
JbbIAoUg2uSJ51rP5w2zjT4HU0k05G9bj3TNemM2wgoUz9Z6AcDJ7ZmnuaRsVsXG
lm2Rse5Ez9cmNBEZmfT49sS5J7+g4eqZqycZHv8ScpVNdxlHX8fMJbYrYmiehT4w
X/gjDz9e0520L0qdZbCFqenrj9Nt5bCmwwlYz/FM6CGPcXKAb8NC65uR/5zjznj2
KkifXRdOO41VjqeiAwCLIhatP5FSozTJNJayiyqWaOaxS4ugq2f1Lo/m1MYLk+NF
QNfQjWgV3aTHCunR9OmrUv+OjjLFd11JjAf5Rsir41yQokodUFGmDYweKQIDAQAB
o4ICVzCCAlMwHQYDVR0OBBYEFLuZ2oYztFt5McWBYqn7KGOyskhDMB8GA1UdIwQY
MBaAFBOTJ4Lud1iZBAT6HM+wnsI6hhI/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRTVNbmd1NTNXSmtFQlBvY3o3Q2V3anFHRWo4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS84Mjg2NTItYWRkZi00ZmU4LTlmZTYt
NGIxZjYxNjUzZjNkLzEvdTVuYWhqTzBXM2t4eFlGaXFmc29ZN0t5U0VNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS84Mjg2NTItYWRkZi00ZmU4LTlmZTYtNGIxZjYxNjUzZjNk
LzEvRTVNbmd1NTNXSmtFQlBvY3o3Q2V3anFHRWo4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMG0GCCsGAQUFBwEHAQH/BF4wXDBaBAIAATBUAwQCLvhgMAwD
BAEu+GYDBAcu+AADBABSiBoDBAFSiB4DBABSiCswDAMEAFKILwMEAFKINDAMAwQB
Uog2AwQCUog4AwQDVXQAAwQAVXQLAwQEVXQQMA0GCSqGSIb3DQEBCwUAA4IBAQAv
EUK6PyJyanAEQiJssIlxO9WDiB1Qxtcolivd9p8syfDJm5k/jhFiTb7Wkc8KnCno
1ZfVuKVD63GL0BfAGUQsHyuAEi8IAlXm5YFUpoVFLm4HhYqg+Kju/ACxMTemKHVe
VHYJSQrWFEn9eZw1sF3UPY0ahbyTPfEsHvC8JZrT2qwsYrFnYUHm8AuLXTMu4LUo
FW6ne3yiZyBsD4QQNKseKDKG+dE3Q7AvlUoHUPIDh1kRxrBtENOwXABTOgAkQyhS
TtriQUimnS0gN+xe7yTJdVloxMt0+oOjSoVtuKLp8rilsrmQ3atFF2KUOah5iFLi
bD7L+MHXxS/vn7EcPaTM
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:57:11 2023 by rpki-client on console-fra.rpki-client.org