Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/69/e55e30-97c6-40e6-81b7-507011570ee6/1/uTU90Xi1gtnyX9NpIONwt-oYS4I.roa
File: uTU90Xi1gtnyX9NpIONwt-oYS4I.roa (raw, json)
Hash identifier: cO0RIgo5n+/IGNnB9MJt88oe8WBcDvWGmt9LiAtcWBQ=
Subject key identifier: B9:35:3D:D1:78:B5:82:D9:F2:5F:D3:69:20:E3:70:B7:EA:18:4B:82
Certificate issuer: /CN=a04845af1dc0087b274cee52a4a9e0880335435d
Certificate serial: 09586742
Authority key identifier: A0:48:45:AF:1D:C0:08:7B:27:4C:EE:52:A4:A9:E0:88:03:35:43:5D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oEhFrx3ACHsnTO5SpKngiAM1Q10.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/69/e55e30-97c6-40e6-81b7-507011570ee6/1/uTU90Xi1gtnyX9NpIONwt-oYS4I.roa
Signing time: Sat 01 Jan 2022 10:59:35 +0000
ROA not before: Sat 01 Jan 2022 10:59:35 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 42910
IP address blocks: 46.235.11.0/24 maxlen: 32
46.235.9.0/24 maxlen: 24
46.235.8.0/24 maxlen: 32
46.235.10.0/24 maxlen: 32
46.235.15.0/24 maxlen: 24
46.235.12.0/24 maxlen: 32
46.235.13.0/24 maxlen: 24
185.113.223.0/24 maxlen: 32
185.113.220.0/22 maxlen: 32
185.23.73.0/24 maxlen: 32
185.23.72.0/24 maxlen: 32
185.23.75.0/24 maxlen: 32
185.23.74.0/24 maxlen: 32
178.210.162.0/24 maxlen: 24
178.210.161.0/24 maxlen: 24
178.210.160.0/24 maxlen: 24
178.210.165.0/24 maxlen: 24
178.210.164.0/24 maxlen: 24
178.210.163.0/24 maxlen: 24
178.210.166.0/24 maxlen: 24
178.210.172.0/24 maxlen: 24
178.210.171.0/24 maxlen: 24
178.210.170.0/24 maxlen: 24
178.210.169.0/24 maxlen: 24
178.210.168.0/24 maxlen: 24
178.210.167.0/24 maxlen: 24
178.210.176.0/24 maxlen: 24
178.210.175.0/24 maxlen: 24
178.210.174.0/24 maxlen: 24
178.210.173.0/24 maxlen: 24
178.210.177.0/24 maxlen: 24
178.210.178.0/24 maxlen: 32
178.210.179.0/24 maxlen: 32
178.210.181.0/24 maxlen: 24
178.210.180.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 156788546 (0x9586742)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a04845af1dc0087b274cee52a4a9e0880335435d
Validity
Not Before: Jan 1 10:59:35 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=b9353dd178b582d9f25fd36920e370b7ea184b82
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:f3:9a:53:ab:36:5d:6d:99:f8:a3:c1:7e:fd:
6c:0f:8d:64:51:df:ae:c9:67:e6:e0:35:a3:e9:4b:
1c:49:45:61:04:ea:75:4a:3d:37:f6:8f:58:fe:82:
7a:17:15:25:58:bc:ae:4b:51:e2:f1:15:be:cd:7f:
14:e7:2e:81:1f:b1:fe:d3:ee:45:f0:5a:da:36:d9:
fe:44:c6:9b:e7:04:ec:0b:2a:6e:77:34:8a:87:74:
40:e1:2c:a0:64:c0:4c:5f:3d:0f:2f:ab:47:3d:cd:
07:0a:5d:fc:64:b1:c5:b8:29:09:f3:e6:0a:c6:e2:
78:20:f2:c8:49:82:4e:d0:05:6e:f8:8a:96:a3:0f:
8e:a5:62:4d:c1:8c:4d:ba:46:d4:2d:35:80:04:a0:
57:24:fa:57:59:41:d5:33:9b:4f:d8:42:8f:41:a2:
38:07:34:13:56:a5:a1:96:72:c6:e2:8d:86:d1:b6:
dc:4a:b1:75:0c:4d:c6:d5:e4:3d:3c:e3:0a:b8:44:
14:68:e8:0e:08:93:c9:86:06:0d:36:34:95:3d:c7:
39:da:08:50:2e:53:e1:d4:83:ae:a7:f9:ed:16:9c:
cb:c4:dd:f4:de:da:b3:4a:50:16:48:77:16:b9:f2:
28:1f:8d:78:9a:6d:2f:64:35:88:59:9b:7e:cc:45:
05:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:35:3D:D1:78:B5:82:D9:F2:5F:D3:69:20:E3:70:B7:EA:18:4B:82
X509v3 Authority Key Identifier:
keyid:A0:48:45:AF:1D:C0:08:7B:27:4C:EE:52:A4:A9:E0:88:03:35:43:5D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oEhFrx3ACHsnTO5SpKngiAM1Q10.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/69/e55e30-97c6-40e6-81b7-507011570ee6/1/uTU90Xi1gtnyX9NpIONwt-oYS4I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/69/e55e30-97c6-40e6-81b7-507011570ee6/1/oEhFrx3ACHsnTO5SpKngiAM1Q10.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.235.8.0-46.235.13.255
46.235.15.0/24
178.210.160.0-178.210.181.255
185.23.72.0/22
185.113.220.0/22
Signature Algorithm: sha256WithRSAEncryption
9f:bf:24:e7:1d:44:91:e8:d4:e5:e0:ef:b4:eb:65:8d:ff:4a:
5b:6c:14:4a:a7:91:29:1d:78:46:99:2a:a5:dd:33:b8:13:f4:
a8:ff:dd:67:a7:0d:66:3f:cb:7e:78:dd:5e:49:5b:b5:8f:bb:
70:d0:c5:58:ab:1d:9f:fb:d5:a4:50:9f:62:1e:43:ed:99:ef:
45:cd:81:9e:b0:14:b6:f8:d3:db:db:76:7e:26:51:fa:e1:3e:
d5:16:e6:53:4c:14:2c:c2:69:eb:0d:3d:c7:cf:d0:42:f6:9c:
c5:7f:97:4c:b9:bf:8f:90:13:11:e5:46:df:35:2e:bb:6e:ad:
85:22:a8:cb:4c:6e:fe:d6:79:8a:84:f7:e5:d2:e8:36:c8:b0:
c0:7a:37:7f:fb:40:9e:70:58:34:f2:56:83:ca:e1:e3:20:48:
77:b9:90:bf:98:1e:1d:66:2b:49:68:53:03:9f:59:c2:97:eb:
d4:83:92:06:3a:2c:20:41:d1:88:6b:bc:72:bb:fe:cd:11:ed:
c4:cc:3f:80:e8:9f:8c:14:1b:63:58:83:30:10:55:da:2c:76:
51:78:5e:a3:55:96:14:2c:49:c5:75:f3:bc:eb:2e:5d:50:29:
01:b1:63:32:b4:4e:c2:1c:0f:8f:99:c5:70:13:5c:56:57:08:
22:86:8e:85
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgIECVhnQjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
MDQ4NDVhZjFkYzAwODdiMjc0Y2VlNTJhNGE5ZTA4ODAzMzU0MzVkMB4XDTIyMDEw
MTEwNTkzNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYjkzNTNkZDE3OGI1
ODJkOWYyNWZkMzY5MjBlMzcwYjdlYTE4NGI4MjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAL/zmlOrNl1tmfijwX79bA+NZFHfrsln5uA1o+lLHElFYQTq
dUo9N/aPWP6CehcVJVi8rktR4vEVvs1/FOcugR+x/tPuRfBa2jbZ/kTGm+cE7Asq
bnc0iod0QOEsoGTATF89Dy+rRz3NBwpd/GSxxbgpCfPmCsbieCDyyEmCTtAFbviK
lqMPjqViTcGMTbpG1C01gASgVyT6V1lB1TObT9hCj0GiOAc0E1aloZZyxuKNhtG2
3EqxdQxNxtXkPTzjCrhEFGjoDgiTyYYGDTY0lT3HOdoIUC5T4dSDrqf57Racy8Td
9N7as0pQFkh3FrnyKB+NeJptL2Q1iFmbfsxFBXMCAwEAAaOCAjEwggItMB0GA1Ud
DgQWBBS5NT3ReLWC2fJf02kg43C36hhLgjAfBgNVHSMEGDAWgBSgSEWvHcAIeydM
7lKkqeCIAzVDXTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L29FaEZyeDNBQ0hzblRPNVNwS25naUFNMVExMC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNjkvZTU1ZTMwLTk3YzYtNDBlNi04MWI3LTUwNzAxMTU3MGVlNi8x
L3VUVTkwWGkxZ3RueVg5TnBJT053dC1vWVM0SS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNjkv
ZTU1ZTMwLTk3YzYtNDBlNi04MWI3LTUwNzAxMTU3MGVlNi8xL29FaEZyeDNBQ0hz
blRPNVNwS25naUFNMVExMC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBH
BggrBgEFBQcBBwEB/wQ4MDYwNAQCAAEwLjAMAwQDLusIAwQBLusMAwQALusPMAwD
BAWy0qADBAGy0rQDBAK5F0gDBAK5cdwwDQYJKoZIhvcNAQELBQADggEBAJ+/JOcd
RJHo1OXg77TrZY3/SltsFEqnkSkdeEaZKqXdM7gT9Kj/3WenDWY/y3543V5JW7WP
u3DQxVirHZ/71aRQn2IeQ+2Z70XNgZ6wFLb409vbdn4mUfrhPtUW5lNMFCzCaesN
PcfP0EL2nMV/l0y5v4+QExHlRt81LrturYUiqMtMbv7WeYqE9+XS6DbIsMB6N3/7
QJ5wWDTyVoPK4eMgSHe5kL+YHh1mK0loUwOfWcKX69SDkgY6LCBB0YhrvHK7/s0R
7cTMP4Don4wUG2NYgzAQVdosdlF4XqNVlhQsScV187zrLl1QKQGxYzK0TsIcD4+Z
xXATXFZXCCKGjoU=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:57:23 2023 by rpki-client on console-fra.rpki-client.org