Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/71/ac017c-ff29-43cf-a3d6-29f1beb2f282/1/IOxGCQjwlMKw5n5IBcoiDNMC3-w.roa
File: IOxGCQjwlMKw5n5IBcoiDNMC3-w.roa (raw, json)
Hash identifier: F0+bSXNdl7TtbHHW6p9H5gEKRl4zVT2ThAdemmLXN5I=
Subject key identifier: 20:EC:46:09:08:F0:94:C2:B0:E6:7E:48:05:CA:22:0C:D3:02:DF:EC
Certificate issuer: /CN=ed6da9e41686d21c12799c8e84b274aa8241508c
Certificate serial: 3893A75E
Authority key identifier: ED:6D:A9:E4:16:86:D2:1C:12:79:9C:8E:84:B2:74:AA:82:41:50:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7W2p5BaG0hwSeZyOhLJ0qoJBUIw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/71/ac017c-ff29-43cf-a3d6-29f1beb2f282/1/IOxGCQjwlMKw5n5IBcoiDNMC3-w.roa
Signing time: Sat 01 Jan 2022 10:05:25 +0000
ROA not before: Sat 01 Jan 2022 10:05:25 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 57543
IP address blocks: 46.143.216.0/21 maxlen: 21
46.143.224.0/21 maxlen: 21
46.143.232.0/22 maxlen: 22
46.143.236.0/23 maxlen: 23
46.143.238.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 949200734 (0x3893a75e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ed6da9e41686d21c12799c8e84b274aa8241508c
Validity
Not Before: Jan 1 10:05:25 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=20ec460908f094c2b0e67e4805ca220cd302dfec
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f6:cf:c9:46:02:5b:19:d7:b1:30:6d:d0:2a:0f:
0f:f7:fc:5d:d4:c1:5d:75:32:37:18:ea:8d:f0:67:
7b:37:94:40:94:13:6e:c0:73:71:b3:28:d6:41:33:
59:31:96:21:54:32:5d:24:f1:95:a1:35:78:f6:d0:
8e:e9:ec:4b:1e:48:b4:67:db:c1:b6:84:e0:c1:e6:
0c:60:56:19:63:b7:f7:2d:70:42:4d:5f:2b:ab:64:
b2:07:c2:74:53:27:56:bf:ee:ce:b0:0b:c1:b2:90:
08:06:e4:92:04:25:41:05:2b:3e:10:31:ea:65:4a:
05:7e:ea:59:51:5e:f9:36:76:7b:13:5b:bc:f6:ee:
af:ab:c3:68:48:98:41:5f:3f:19:1c:8f:40:e2:e6:
1d:42:32:6a:2f:fc:7e:6e:ec:e6:4e:89:87:85:d7:
2e:98:65:53:80:71:67:59:84:34:b3:7f:b2:67:92:
03:29:f1:85:1a:94:4c:06:87:bb:27:82:bf:39:f9:
80:1a:23:70:a0:cf:ab:f8:e2:00:71:65:4e:b9:e5:
ba:9b:5d:43:0d:10:82:a7:1c:b6:d2:92:08:b4:d2:
93:cf:6b:a4:20:25:43:6c:2f:2f:b4:70:53:44:1a:
c9:e4:54:96:3f:ca:c1:81:30:31:a1:c0:dd:bf:66:
ca:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:EC:46:09:08:F0:94:C2:B0:E6:7E:48:05:CA:22:0C:D3:02:DF:EC
X509v3 Authority Key Identifier:
keyid:ED:6D:A9:E4:16:86:D2:1C:12:79:9C:8E:84:B2:74:AA:82:41:50:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7W2p5BaG0hwSeZyOhLJ0qoJBUIw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/71/ac017c-ff29-43cf-a3d6-29f1beb2f282/1/IOxGCQjwlMKw5n5IBcoiDNMC3-w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/71/ac017c-ff29-43cf-a3d6-29f1beb2f282/1/7W2p5BaG0hwSeZyOhLJ0qoJBUIw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.143.216.0-46.143.239.255
Signature Algorithm: sha256WithRSAEncryption
28:0f:4d:bf:95:9e:13:7d:0a:e8:d5:93:e1:36:7d:89:cc:4e:
4c:e1:75:25:b0:b4:3d:1a:83:23:6e:f2:29:ec:1c:1f:e9:a0:
92:1c:47:cf:af:92:00:13:74:a2:16:61:36:89:63:15:07:f5:
12:bc:65:3a:0c:ff:e7:ba:23:a8:61:6d:3e:ea:48:12:f7:c1:
71:86:d5:a2:f7:c6:2c:c7:02:f3:69:de:8e:4a:c7:70:0e:aa:
f5:02:cc:dd:a3:b9:32:8a:a5:7a:1f:c7:e5:05:82:ae:f5:1c:
cc:a9:58:65:74:e8:0a:4f:b5:33:02:b3:80:9b:1f:2e:21:24:
4f:72:65:f4:fa:52:a2:5a:a0:83:83:56:05:c2:df:75:50:97:
a0:ce:35:fb:9c:df:d3:ef:aa:7b:f9:65:6b:18:4d:30:bb:d9:
ce:15:3e:38:d2:25:b7:0f:16:1d:67:b9:f2:83:e8:0d:2c:df:
c4:da:3a:5d:07:2f:87:9a:ae:72:5e:11:1c:53:b6:02:e1:87:
30:be:86:d8:77:ac:af:1c:a0:5e:54:34:32:37:f4:c6:60:a2:
0c:a5:ed:2e:b6:7a:e7:11:46:85:b7:81:0d:70:28:32:e1:77:
0b:a0:92:15:d3:ab:e0:44:c5:3a:0f:06:3c:0c:51:30:4d:32:
fe:9a:08:07
-----BEGIN CERTIFICATE-----
MIIE9zCCA9+gAwIBAgIEOJOnXjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhl
ZDZkYTllNDE2ODZkMjFjMTI3OTljOGU4NGIyNzRhYTgyNDE1MDhjMB4XDTIyMDEw
MTEwMDUyNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMjBlYzQ2MDkwOGYw
OTRjMmIwZTY3ZTQ4MDVjYTIyMGNkMzAyZGZlYzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAPbPyUYCWxnXsTBt0CoPD/f8XdTBXXUyNxjqjfBnezeUQJQT
bsBzcbMo1kEzWTGWIVQyXSTxlaE1ePbQjunsSx5ItGfbwbaE4MHmDGBWGWO39y1w
Qk1fK6tksgfCdFMnVr/uzrALwbKQCAbkkgQlQQUrPhAx6mVKBX7qWVFe+TZ2exNb
vPbur6vDaEiYQV8/GRyPQOLmHUIyai/8fm7s5k6Jh4XXLphlU4BxZ1mENLN/smeS
AynxhRqUTAaHuyeCvzn5gBojcKDPq/jiAHFlTrnluptdQw0QgqccttKSCLTSk89r
pCAlQ2wvL7RwU0QayeRUlj/KwYEwMaHA3b9mypMCAwEAAaOCAhEwggINMB0GA1Ud
DgQWBBQg7EYJCPCUwrDmfkgFyiIM0wLf7DAfBgNVHSMEGDAWgBTtbankFobSHBJ5
nI6EsnSqgkFQjDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzdXMnA1QmFHMGh3U2VaeU9oTEowcW9KQlVJdy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNzEvYWMwMTdjLWZmMjktNDNjZi1hM2Q2LTI5ZjFiZWIyZjI4Mi8x
L0lPeEdDUWp3bE1LdzVuNUlCY29pRE5NQzMtdy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzEv
YWMwMTdjLWZmMjktNDNjZi1hM2Q2LTI5ZjFiZWIyZjI4Mi8xLzdXMnA1QmFHMGh3
U2VaeU9oTEowcW9KQlVJdy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAn
BggrBgEFBQcBBwEB/wQYMBYwFAQCAAEwDjAMAwQDLo/YAwQELo/gMA0GCSqGSIb3
DQEBCwUAA4IBAQAoD02/lZ4TfQro1ZPhNn2JzE5M4XUlsLQ9GoMjbvIp7Bwf6aCS
HEfPr5IAE3SiFmE2iWMVB/USvGU6DP/nuiOoYW0+6kgS98FxhtWi98YsxwLzad6O
SsdwDqr1Aszdo7kyiqV6H8flBYKu9RzMqVhldOgKT7UzArOAmx8uISRPcmX0+lKi
WqCDg1YFwt91UJegzjX7nN/T76p7+WVrGE0wu9nOFT440iW3DxYdZ7nyg+gNLN/E
2jpdBy+Hmq5yXhEcU7YC4YcwvobYd6yvHKBeVDQyN/TGYKIMpe0utnrnEUaFt4EN
cCgy4XcLoJIV06vgRMU6DwY8DFEwTTL+mggH
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:01:29 2023 by rpki-client on console-ams.rpki-client.org