Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/c16f55-b44d-40c3-9dac-cc2fafe3a8b4/1/T32bWGvicJ0XgYd_rQozsmcTwWk.roa
File: T32bWGvicJ0XgYd_rQozsmcTwWk.roa (raw, json)
Hash identifier: 9n+11X+F+oD5IUmsoMQvW4t9JqUxyClwcfXb+tVddN4=
Subject key identifier: 4F:7D:9B:58:6B:E2:70:9D:17:81:87:7F:AD:0A:33:B2:67:13:C1:69
Certificate issuer: /CN=5b698c4b612afee2cbb1cdd509e4f0246fbb80e1
Certificate serial: 1119B866
Authority key identifier: 5B:69:8C:4B:61:2A:FE:E2:CB:B1:CD:D5:09:E4:F0:24:6F:BB:80:E1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/W2mMS2Eq_uLLsc3VCeTwJG-7gOE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/c16f55-b44d-40c3-9dac-cc2fafe3a8b4/1/T32bWGvicJ0XgYd_rQozsmcTwWk.roa
Signing time: Sat 01 Jan 2022 14:04:42 +0000
ROA not before: Sat 01 Jan 2022 14:04:42 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 39650
IP address blocks: 176.221.70.0/24 maxlen: 24
176.221.68.0/24 maxlen: 24
46.32.21.0/24 maxlen: 24
46.32.23.0/24 maxlen: 24
46.32.26.0/24 maxlen: 24
46.32.27.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 286898278 (0x1119b866)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5b698c4b612afee2cbb1cdd509e4f0246fbb80e1
Validity
Not Before: Jan 1 14:04:42 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=4f7d9b586be2709d1781877fad0a33b26713c169
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:30:6e:c2:84:93:1f:36:db:4e:45:e5:1b:4d:
28:ee:92:2f:52:42:fb:1d:c8:53:29:53:dc:36:82:
45:3a:65:7a:fa:03:c3:00:3d:41:a1:95:1b:2d:a3:
5c:c6:5e:85:db:14:7c:2d:aa:f2:d4:b4:fc:9d:36:
bd:ae:49:39:09:c1:ae:69:6e:92:d6:66:d9:53:a1:
26:4f:76:06:ba:ea:46:43:8b:59:a7:01:78:4a:9c:
f9:83:ec:f9:eb:28:29:57:4d:31:00:f4:cb:bd:a9:
6b:06:d7:80:49:d8:2d:ca:8f:e2:f7:79:96:02:a8:
34:c6:59:90:dc:b7:de:37:3d:cf:27:d1:6b:9d:c6:
d3:d0:19:30:d4:c8:ce:cf:4a:0b:54:9b:f6:01:25:
c4:19:37:25:1b:fb:53:1f:f5:02:62:6b:28:75:fb:
96:60:a5:23:87:f2:80:dc:55:68:a3:a3:79:67:e3:
64:0b:e4:44:ff:33:d7:f3:85:80:ed:c0:08:17:62:
76:38:61:18:e8:a4:4e:ab:d5:13:4e:a1:b2:e7:72:
9b:2a:a1:97:d0:77:1a:9f:01:7f:28:c8:33:33:d2:
15:24:ec:4a:f3:ac:5b:3e:32:01:20:92:0a:71:c8:
90:a6:46:a8:81:41:fd:64:cf:80:29:bf:a6:66:47:
43:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4F:7D:9B:58:6B:E2:70:9D:17:81:87:7F:AD:0A:33:B2:67:13:C1:69
X509v3 Authority Key Identifier:
keyid:5B:69:8C:4B:61:2A:FE:E2:CB:B1:CD:D5:09:E4:F0:24:6F:BB:80:E1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/W2mMS2Eq_uLLsc3VCeTwJG-7gOE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/c16f55-b44d-40c3-9dac-cc2fafe3a8b4/1/T32bWGvicJ0XgYd_rQozsmcTwWk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/c16f55-b44d-40c3-9dac-cc2fafe3a8b4/1/W2mMS2Eq_uLLsc3VCeTwJG-7gOE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.32.21.0/24
46.32.23.0/24
46.32.26.0/23
176.221.68.0/24
176.221.70.0/24
Signature Algorithm: sha256WithRSAEncryption
88:ff:52:dc:00:19:fe:00:ba:4b:46:9d:45:9b:27:3c:10:c9:
b4:6f:75:13:1d:a3:b2:63:bd:04:5a:9f:73:3e:f5:98:36:59:
6a:5a:22:3b:0b:dc:8c:ed:4e:27:1c:1e:cb:1a:ae:02:32:28:
65:7c:1a:55:68:5d:36:bb:e3:70:57:f6:24:e8:04:88:0d:95:
34:ff:d9:60:5f:d1:52:d2:af:b8:2e:ec:f3:01:88:6b:5d:ed:
55:3a:3b:f3:b8:31:e0:f4:9a:55:48:2b:c7:04:c1:f3:82:69:
dc:73:62:25:f7:76:1a:ff:4f:ea:40:48:f7:f5:5e:c9:dd:fe:
7f:9f:51:a3:d0:2f:3f:3f:48:f2:6b:29:62:c6:64:52:2f:68:
9f:b9:0b:bd:ac:d1:cb:b3:33:85:6e:13:3a:33:72:6c:08:a0:
5b:52:dc:ba:3e:2f:a3:3c:4e:c1:bb:63:fd:f9:0f:b0:43:0d:
b3:04:6a:f1:52:60:84:6e:27:b9:a7:e5:b4:6f:82:df:b9:70:
a0:2b:cf:f3:37:18:b6:82:9c:f0:8a:74:9a:ad:ba:28:88:66:
04:b9:e6:9e:d6:da:7c:e3:36:96:b2:86:39:6e:41:22:45:9b:
be:de:68:65:d1:58:5a:a4:a4:29:e2:ed:d8:5d:80:6d:06:81:
20:36:49:d2
-----BEGIN CERTIFICATE-----
MIIFBzCCA++gAwIBAgIEERm4ZjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg1
YjY5OGM0YjYxMmFmZWUyY2JiMWNkZDUwOWU0ZjAyNDZmYmI4MGUxMB4XDTIyMDEw
MTE0MDQ0MloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNGY3ZDliNTg2YmUy
NzA5ZDE3ODE4NzdmYWQwYTMzYjI2NzEzYzE2OTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMMwbsKEkx82205F5RtNKO6SL1JC+x3IUylT3DaCRTplevoD
wwA9QaGVGy2jXMZehdsUfC2q8tS0/J02va5JOQnBrmluktZm2VOhJk92BrrqRkOL
WacBeEqc+YPs+esoKVdNMQD0y72pawbXgEnYLcqP4vd5lgKoNMZZkNy33jc9zyfR
a53G09AZMNTIzs9KC1Sb9gElxBk3JRv7Ux/1AmJrKHX7lmClI4fygNxVaKOjeWfj
ZAvkRP8z1/OFgO3ACBdidjhhGOikTqvVE06hsudymyqhl9B3Gp8BfyjIMzPSFSTs
SvOsWz4yASCSCnHIkKZGqIFB/WTPgCm/pmZHQ5sCAwEAAaOCAiEwggIdMB0GA1Ud
DgQWBBRPfZtYa+JwnReBh3+tCjOyZxPBaTAfBgNVHSMEGDAWgBRbaYxLYSr+4sux
zdUJ5PAkb7uA4TAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1cybU1TMkVxX3VMTHNjM1ZDZVR3SkctN2dPRS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNjUvYzE2ZjU1LWI0NGQtNDBjMy05ZGFjLWNjMmZhZmUzYThiNC8x
L1QzMmJXR3ZpY0owWGdZZF9yUW96c21jVHdXay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNjUv
YzE2ZjU1LWI0NGQtNDBjMy05ZGFjLWNjMmZhZmUzYThiNC8xL1cybU1TMkVxX3VM
THNjM1ZDZVR3SkctN2dPRS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA3
BggrBgEFBQcBBwEB/wQoMCYwJAQCAAEwHgMEAC4gFQMEAC4gFwMEAS4gGgMEALDd
RAMEALDdRjANBgkqhkiG9w0BAQsFAAOCAQEAiP9S3AAZ/gC6S0adRZsnPBDJtG91
Ex2jsmO9BFqfcz71mDZZaloiOwvcjO1OJxweyxquAjIoZXwaVWhdNrvjcFf2JOgE
iA2VNP/ZYF/RUtKvuC7s8wGIa13tVTo787gx4PSaVUgrxwTB84Jp3HNiJfd2Gv9P
6kBI9/Veyd3+f59Ro9AvPz9I8mspYsZkUi9on7kLvazRy7MzhW4TOjNybAigW1Lc
uj4vozxOwbtj/fkPsEMNswRq8VJghG4nuafltG+C37lwoCvP8zcYtoKc8Ip0mq26
KIhmBLnmntbafOM2lrKGOW5BIkWbvt5oZdFYWqSkKeLt2F2AbQaBIDZJ0g==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:15:06 2024 by rpki-client on console-ams.rpki-client.org