Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/71/ac017c-ff29-43cf-a3d6-29f1beb2f282/1/dUvnGvLk9Er2nYbVCh3EsQps9L8.roa
File: dUvnGvLk9Er2nYbVCh3EsQps9L8.roa (raw, json)
Hash identifier: IQe0c3qyqeSVMaXp5NzsswSuX4IfwCF4QhwDBvm4ehk=
Subject key identifier: 75:4B:E7:1A:F2:E4:F4:4A:F6:9D:86:D5:0A:1D:C4:B1:0A:6C:F4:BF
Certificate issuer: /CN=ed6da9e41686d21c12799c8e84b274aa8241508c
Certificate serial: 38901BF1
Authority key identifier: ED:6D:A9:E4:16:86:D2:1C:12:79:9C:8E:84:B2:74:AA:82:41:50:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7W2p5BaG0hwSeZyOhLJ0qoJBUIw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/71/ac017c-ff29-43cf-a3d6-29f1beb2f282/1/dUvnGvLk9Er2nYbVCh3EsQps9L8.roa
Signing time: Sat 01 Jan 2022 10:05:22 +0000
ROA not before: Sat 01 Jan 2022 10:05:22 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 0
IP address blocks: 46.143.206.0/24 maxlen: 24
46.143.205.0/24 maxlen: 24
46.143.204.0/22 maxlen: 22
46.143.204.0/24 maxlen: 24
109.122.240.0/22 maxlen: 22
109.122.244.0/22 maxlen: 22
109.122.248.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 948968433 (0x38901bf1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ed6da9e41686d21c12799c8e84b274aa8241508c
Validity
Not Before: Jan 1 10:05:22 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=754be71af2e4f44af69d86d50a1dc4b10a6cf4bf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:66:f8:ee:5a:cf:10:5f:89:87:a7:61:9c:35:
83:74:63:71:09:9f:bf:1d:9a:c1:51:a9:99:f2:15:
bc:6b:23:e1:3d:4d:00:85:9b:2c:56:80:83:11:f6:
b3:a2:13:e8:c3:c4:8a:a3:1b:04:5e:8a:bc:81:a1:
9b:47:30:45:fb:75:4f:38:1e:d7:84:12:f8:f6:09:
8d:63:b1:8a:5e:6f:ff:90:ef:b7:88:3d:e7:c4:51:
fb:6b:a1:27:e9:9a:0f:57:07:14:56:90:d8:54:0a:
1d:3c:37:13:6a:e5:6c:1c:98:da:4e:a2:3c:7c:de:
65:75:d7:98:0a:83:b7:7a:5c:29:bc:00:38:cd:32:
8a:21:75:10:43:1c:69:a0:bf:00:0d:da:0c:cb:31:
b5:53:9f:fe:27:1c:1f:c0:b5:2e:15:24:1b:f5:31:
af:70:7c:d4:d7:da:26:3b:e9:d1:39:b0:67:59:05:
bd:3b:1c:ae:8a:f6:b4:47:ed:6c:ad:43:d8:95:b9:
7a:7a:95:52:ac:a9:2d:4d:05:b3:3a:70:54:b6:5e:
5a:ea:f5:96:cb:98:e2:54:58:f4:6e:8a:2d:b3:75:
74:b5:74:08:9a:46:0e:d2:13:d6:4f:c5:8d:cd:d8:
a0:f3:89:97:fe:a0:f4:d6:a4:f4:06:05:40:65:05:
51:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:4B:E7:1A:F2:E4:F4:4A:F6:9D:86:D5:0A:1D:C4:B1:0A:6C:F4:BF
X509v3 Authority Key Identifier:
keyid:ED:6D:A9:E4:16:86:D2:1C:12:79:9C:8E:84:B2:74:AA:82:41:50:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7W2p5BaG0hwSeZyOhLJ0qoJBUIw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/71/ac017c-ff29-43cf-a3d6-29f1beb2f282/1/dUvnGvLk9Er2nYbVCh3EsQps9L8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/71/ac017c-ff29-43cf-a3d6-29f1beb2f282/1/7W2p5BaG0hwSeZyOhLJ0qoJBUIw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.143.204.0/22
109.122.240.0-109.122.251.255
Signature Algorithm: sha256WithRSAEncryption
7e:e7:02:7e:c5:f2:fd:b9:bb:b0:29:76:f3:0f:df:7f:11:d9:
64:a8:50:9e:c0:42:bc:ca:5b:24:19:cf:c3:79:b4:6d:57:19:
e6:b1:8a:da:8a:2a:2e:e2:74:f8:a1:db:5d:3d:c8:02:81:a6:
56:1e:88:40:91:48:b3:6c:e8:d4:fb:7d:d0:bf:38:8d:49:a6:
5c:d0:ac:d9:a6:bb:08:5e:25:ea:f0:98:b2:9c:9c:57:ff:c5:
ce:33:15:47:2e:e7:15:5a:f5:31:fe:bb:2a:5f:3b:6c:ed:a4:
22:05:ba:4c:a8:0c:37:44:61:d7:42:d3:30:3c:1f:de:94:e9:
02:f2:a2:bd:3c:33:29:35:86:bf:1e:52:72:f9:ff:76:7e:6c:
c1:7e:f6:11:38:68:09:9e:ae:c9:f4:7b:d0:c2:e8:bf:3c:f0:
5d:e1:ec:85:2e:32:2b:72:86:2a:70:4b:06:01:79:c1:62:74:
42:34:5f:83:86:c6:b5:83:78:0c:6a:c5:9c:06:8a:4d:e5:13:
68:84:04:56:b8:f3:ad:b2:06:fb:13:3d:ee:02:24:9e:92:58:
07:0f:4e:02:e4:eb:a0:83:de:87:e7:56:58:a3:34:fc:57:5f:
ca:70:02:03:93:6d:00:6c:fc:cc:3c:1e:ab:e7:fd:9c:6a:21:
7a:b2:b5:7d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgIEOJAb8TANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhl
ZDZkYTllNDE2ODZkMjFjMTI3OTljOGU4NGIyNzRhYTgyNDE1MDhjMB4XDTIyMDEw
MTEwMDUyMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNzU0YmU3MWFmMmU0
ZjQ0YWY2OWQ4NmQ1MGExZGM0YjEwYTZjZjRiZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJ1m+O5azxBfiYenYZw1g3RjcQmfvx2awVGpmfIVvGsj4T1N
AIWbLFaAgxH2s6IT6MPEiqMbBF6KvIGhm0cwRft1Tzge14QS+PYJjWOxil5v/5Dv
t4g958RR+2uhJ+maD1cHFFaQ2FQKHTw3E2rlbByY2k6iPHzeZXXXmAqDt3pcKbwA
OM0yiiF1EEMcaaC/AA3aDMsxtVOf/iccH8C1LhUkG/Uxr3B81NfaJjvp0TmwZ1kF
vTscror2tEftbK1D2JW5enqVUqypLU0FszpwVLZeWur1lsuY4lRY9G6KLbN1dLV0
CJpGDtIT1k/Fjc3YoPOJl/6g9Nak9AYFQGUFUTkCAwEAAaOCAhcwggITMB0GA1Ud
DgQWBBR1S+ca8uT0SvadhtUKHcSxCmz0vzAfBgNVHSMEGDAWgBTtbankFobSHBJ5
nI6EsnSqgkFQjDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzdXMnA1QmFHMGh3U2VaeU9oTEowcW9KQlVJdy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNzEvYWMwMTdjLWZmMjktNDNjZi1hM2Q2LTI5ZjFiZWIyZjI4Mi8x
L2RVdm5HdkxrOUVyMm5ZYlZDaDNFc1FwczlMOC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzEv
YWMwMTdjLWZmMjktNDNjZi1hM2Q2LTI5ZjFiZWIyZjI4Mi8xLzdXMnA1QmFHMGh3
U2VaeU9oTEowcW9KQlVJdy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAt
BggrBgEFBQcBBwEB/wQeMBwwGgQCAAEwFAMEAi6PzDAMAwQEbXrwAwQCbXr4MA0G
CSqGSIb3DQEBCwUAA4IBAQB+5wJ+xfL9ubuwKXbzD99/EdlkqFCewEK8ylskGc/D
ebRtVxnmsYraiiou4nT4odtdPcgCgaZWHohAkUizbOjU+33QvziNSaZc0KzZprsI
XiXq8JiynJxX/8XOMxVHLucVWvUx/rsqXzts7aQiBbpMqAw3RGHXQtMwPB/elOkC
8qK9PDMpNYa/HlJy+f92fmzBfvYROGgJnq7J9HvQwui/PPBd4eyFLjIrcoYqcEsG
AXnBYnRCNF+Dhsa1g3gMasWcBopN5RNohARWuPOtsgb7Ez3uAiSeklgHD04C5Oug
g96H51ZYozT8V1/KcAIDk20AbPzMPB6r5/2caiF6srV9
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:57:50 2023 by rpki-client on console-fra.rpki-client.org