Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7a/5a698d-998a-48ba-8dc5-333f0c99279e/1/liOh7uPfNjEOumiFXSBm3r2H5dY.roa
File: liOh7uPfNjEOumiFXSBm3r2H5dY.roa (raw, json)
Hash identifier: SZwxbRj8tp3d7mUsVJ0HIpghGBMBEJWXb7Aab2ASpNE=
Subject key identifier: 96:23:A1:EE:E3:DF:36:31:0E:BA:68:85:5D:20:66:DE:BD:87:E5:D6
Certificate issuer: /CN=66f90e75df98afb43019ce750350e769b99fbc13
Certificate serial: 38083789
Authority key identifier: 66:F9:0E:75:DF:98:AF:B4:30:19:CE:75:03:50:E7:69:B9:9F:BC:13
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZvkOdd-Yr7QwGc51A1DnabmfvBM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7a/5a698d-998a-48ba-8dc5-333f0c99279e/1/liOh7uPfNjEOumiFXSBm3r2H5dY.roa
Signing time: Sat 01 Jan 2022 04:03:25 +0000
ROA not before: Sat 01 Jan 2022 04:03:25 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 3356
IP address blocks: 46.23.240.0/20 maxlen: 20
46.23.242.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 940062601 (0x38083789)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=66f90e75df98afb43019ce750350e769b99fbc13
Validity
Not Before: Jan 1 04:03:25 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=9623a1eee3df36310eba68855d2066debd87e5d6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:5e:1d:96:db:59:8b:bd:3a:81:3f:65:7a:e4:
2b:34:c3:7f:59:af:6e:e9:bf:3d:59:7d:63:bf:93:
b0:f8:fa:1e:e1:34:98:45:8a:4f:58:2c:ef:36:59:
d8:a7:21:fc:91:55:2a:96:6a:33:4d:b0:cc:a6:17:
2c:67:7f:77:0e:97:28:e0:07:63:fb:49:e6:3d:b5:
5a:0f:49:74:f7:6d:12:90:eb:f8:0c:50:95:a4:62:
97:fe:99:64:0c:c1:6c:b9:cd:5b:88:76:fa:ec:33:
24:73:62:b6:bb:03:41:11:02:0b:6c:a7:15:dd:69:
54:fd:9f:34:eb:21:9f:17:ab:45:d7:ad:36:25:a9:
dc:b3:bc:f0:42:fa:7a:61:dc:84:4b:e3:12:0d:6e:
8f:7d:39:21:21:62:4b:28:45:34:c2:6d:64:d7:2f:
1e:31:37:23:29:34:e7:b1:54:1a:c3:72:6b:77:fa:
45:06:bb:1c:2b:c7:67:de:96:fd:16:b2:23:2c:a7:
c3:4b:f9:4f:ea:f9:b8:69:b2:47:aa:e1:40:70:85:
09:54:0e:42:45:cc:45:83:21:28:2f:be:e0:c1:72:
96:e3:dd:df:a3:9d:b0:2b:c8:75:5d:f6:1b:7a:b0:
55:05:2f:26:8a:27:43:97:e1:bb:08:15:ab:46:79:
87:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:23:A1:EE:E3:DF:36:31:0E:BA:68:85:5D:20:66:DE:BD:87:E5:D6
X509v3 Authority Key Identifier:
keyid:66:F9:0E:75:DF:98:AF:B4:30:19:CE:75:03:50:E7:69:B9:9F:BC:13
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZvkOdd-Yr7QwGc51A1DnabmfvBM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/5a698d-998a-48ba-8dc5-333f0c99279e/1/liOh7uPfNjEOumiFXSBm3r2H5dY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/5a698d-998a-48ba-8dc5-333f0c99279e/1/ZvkOdd-Yr7QwGc51A1DnabmfvBM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.23.240.0/20
Signature Algorithm: sha256WithRSAEncryption
09:c1:f4:9f:91:e2:11:bc:ff:8e:4b:29:75:1e:e9:40:7f:1f:
7c:8e:13:ab:04:57:87:8a:d4:55:60:51:cc:86:c0:48:b8:ed:
29:78:3c:2b:e7:15:d3:34:26:53:68:58:16:17:92:42:46:46:
67:59:03:6e:7f:2e:a5:6b:0d:86:f4:66:6c:a6:21:5a:f2:bc:
3b:38:6f:88:f1:d7:d2:d7:95:3d:2f:97:94:36:0b:88:8c:b4:
d4:d8:fd:40:74:36:c5:0e:04:2a:68:62:f0:72:3d:56:f3:52:
c9:cc:8f:02:d4:29:5c:bd:a9:b1:4a:a6:0a:85:3d:95:79:d9:
f1:b0:ee:8c:11:60:4f:ae:d9:9e:96:35:40:38:c6:5d:69:3e:
ca:b8:69:be:fa:0b:5a:e6:95:a6:4c:3b:cd:5a:5c:8f:05:8b:
5d:69:ee:6d:56:82:08:23:b5:f1:19:e2:f7:d5:fe:d1:58:f9:
28:2b:62:5d:90:1a:e6:d6:6a:50:48:49:f1:fb:83:1c:bb:ba:
09:14:02:77:15:fa:47:4e:a3:22:44:3b:53:bf:d1:e8:75:29:
d0:50:12:58:b8:fc:5d:72:4d:7a:a8:95:18:39:ff:0b:7b:10:
66:a0:72:ba:2c:e6:23:69:1d:b8:b9:4f:d3:0c:d8:0a:09:de:
7f:b7:a5:42
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEOAg3iTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
NmY5MGU3NWRmOThhZmI0MzAxOWNlNzUwMzUwZTc2OWI5OWZiYzEzMB4XDTIyMDEw
MTA0MDMyNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOTYyM2ExZWVlM2Rm
MzYzMTBlYmE2ODg1NWQyMDY2ZGViZDg3ZTVkNjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKheHZbbWYu9OoE/ZXrkKzTDf1mvbum/PVl9Y7+TsPj6HuE0
mEWKT1gs7zZZ2Kch/JFVKpZqM02wzKYXLGd/dw6XKOAHY/tJ5j21Wg9JdPdtEpDr
+AxQlaRil/6ZZAzBbLnNW4h2+uwzJHNitrsDQRECC2ynFd1pVP2fNOshnxerRdet
NiWp3LO88EL6emHchEvjEg1uj305ISFiSyhFNMJtZNcvHjE3Iyk057FUGsNya3f6
RQa7HCvHZ96W/RayIyynw0v5T+r5uGmyR6rhQHCFCVQOQkXMRYMhKC++4MFyluPd
36OdsCvIdV32G3qwVQUvJoonQ5fhuwgVq0Z5h9MCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSWI6Hu4982MQ66aIVdIGbevYfl1jAfBgNVHSMEGDAWgBRm+Q5135ivtDAZ
znUDUOdpuZ+8EzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1p2a09kZC1ZcjdRd0djNTFBMURuYWJtZnZCTS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvN2EvNWE2OThkLTk5OGEtNDhiYS04ZGM1LTMzM2YwYzk5Mjc5ZS8x
L2xpT2g3dVBmTmpFT3VtaUZYU0JtM3IySDVkWS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvN2Ev
NWE2OThkLTk5OGEtNDhiYS04ZGM1LTMzM2YwYzk5Mjc5ZS8xL1p2a09kZC1ZcjdR
d0djNTFBMURuYWJtZnZCTS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBC4X8DANBgkqhkiG9w0BAQsFAAOC
AQEACcH0n5HiEbz/jkspdR7pQH8ffI4TqwRXh4rUVWBRzIbASLjtKXg8K+cV0zQm
U2hYFheSQkZGZ1kDbn8upWsNhvRmbKYhWvK8OzhviPHX0teVPS+XlDYLiIy01Nj9
QHQ2xQ4EKmhi8HI9VvNSycyPAtQpXL2psUqmCoU9lXnZ8bDujBFgT67ZnpY1QDjG
XWk+yrhpvvoLWuaVpkw7zVpcjwWLXWnubVaCCCO18Rni99X+0Vj5KCtiXZAa5tZq
UEhJ8fuDHLu6CRQCdxX6R06jIkQ7U7/R6HUp0FASWLj8XXJNeqiVGDn/C3sQZqBy
uizmI2kduLlP0wzYCgnef7elQg==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:01:54 2023 by rpki-client on console-ams.rpki-client.org