Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7b/134b82-bcfb-445c-bd42-fc2a97b7d53e/1/SfMfug1jCj8ubMFEi-U-nb1sBAQ.roa
File: SfMfug1jCj8ubMFEi-U-nb1sBAQ.roa (raw, json)
Hash identifier: BnMpHJaHttrsWxVMODGLY1u9KBaajNddmQKLpxtzTII=
Subject key identifier: 49:F3:1F:BA:0D:63:0A:3F:2E:6C:C1:44:8B:E5:3E:9D:BD:6C:04:04
Certificate issuer: /CN=9b5895e7f6a6d4aba9c961f713b2e79715f021f0
Certificate serial: 0A9E82C4
Authority key identifier: 9B:58:95:E7:F6:A6:D4:AB:A9:C9:61:F7:13:B2:E7:97:15:F0:21:F0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/m1iV5_am1KupyWH3E7LnlxXwIfA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7b/134b82-bcfb-445c-bd42-fc2a97b7d53e/1/SfMfug1jCj8ubMFEi-U-nb1sBAQ.roa
Signing time: Sat 01 Jan 2022 06:05:59 +0000
ROA not before: Sat 01 Jan 2022 06:05:59 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 51825
IP address blocks: 46.31.96.0/24 maxlen: 24
46.31.97.0/24 maxlen: 24
46.31.98.0/24 maxlen: 24
46.31.98.0/23 maxlen: 23
46.31.96.0/21 maxlen: 21
46.31.96.0/23 maxlen: 23
46.31.102.0/23 maxlen: 23
46.31.103.0/24 maxlen: 24
46.31.100.0/23 maxlen: 23
46.31.99.0/24 maxlen: 24
46.31.100.0/24 maxlen: 24
46.31.101.0/24 maxlen: 24
46.31.102.0/24 maxlen: 24
185.24.204.0/22 maxlen: 22
185.24.204.0/23 maxlen: 23
185.24.205.0/24 maxlen: 24
185.24.206.0/24 maxlen: 24
185.24.206.0/23 maxlen: 23
185.24.204.0/24 maxlen: 24
185.24.207.0/24 maxlen: 24
2a02:5080::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 178160324 (0xa9e82c4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9b5895e7f6a6d4aba9c961f713b2e79715f021f0
Validity
Not Before: Jan 1 06:05:59 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=49f31fba0d630a3f2e6cc1448be53e9dbd6c0404
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:d8:f6:85:d6:a3:85:c2:03:54:f1:b5:df:f5:
f2:c0:44:72:08:1b:54:9b:f9:ff:37:a5:89:a6:ac:
60:13:10:eb:cb:6f:88:1b:70:03:93:8e:da:61:08:
a6:b3:c1:90:e1:8b:a6:cf:ab:c8:77:84:b6:4b:e5:
65:b1:65:dc:68:57:f3:95:f2:94:20:a9:71:ac:5e:
80:5b:88:b9:ba:2b:2e:88:1a:be:1b:4a:e8:73:65:
56:2e:29:3d:6f:6d:78:9b:ab:80:28:da:04:17:0f:
1f:eb:07:be:a1:77:d2:cf:ed:e4:c9:b3:05:68:7a:
b8:65:c6:4d:91:38:48:b9:6f:68:72:47:b2:4b:55:
cd:1f:da:54:01:9e:fa:e9:ed:c2:49:69:21:b0:6b:
68:da:e5:bf:96:99:b2:5c:8f:83:b8:8d:eb:7e:42:
49:9f:67:11:96:bc:93:cb:24:0c:8c:09:b7:18:65:
71:44:5d:ca:39:a4:fa:76:58:53:b5:ec:fb:dd:e8:
13:94:7c:bf:1f:a1:c3:bd:0c:15:69:78:3a:17:55:
5d:18:16:16:6f:68:ae:4d:7f:2b:ee:cc:88:51:35:
69:c0:8e:cc:bd:05:05:a5:17:60:ed:f7:f9:d8:5d:
2c:6a:6a:74:8c:13:06:9d:68:8f:8e:55:2a:03:0c:
e5:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
49:F3:1F:BA:0D:63:0A:3F:2E:6C:C1:44:8B:E5:3E:9D:BD:6C:04:04
X509v3 Authority Key Identifier:
keyid:9B:58:95:E7:F6:A6:D4:AB:A9:C9:61:F7:13:B2:E7:97:15:F0:21:F0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m1iV5_am1KupyWH3E7LnlxXwIfA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/134b82-bcfb-445c-bd42-fc2a97b7d53e/1/SfMfug1jCj8ubMFEi-U-nb1sBAQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/134b82-bcfb-445c-bd42-fc2a97b7d53e/1/m1iV5_am1KupyWH3E7LnlxXwIfA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.31.96.0/21
185.24.204.0/22
IPv6:
2a02:5080::/32
Signature Algorithm: sha256WithRSAEncryption
33:f8:24:af:c8:af:73:a5:ec:df:4c:ab:07:2f:3f:25:a7:c5:
91:8c:c5:af:eb:65:89:08:9d:bd:3b:17:37:fa:30:62:8a:a1:
de:7a:46:aa:5f:fc:37:eb:cd:0d:78:8a:09:0e:00:d2:21:d9:
d5:c4:a6:2e:b2:1f:08:4b:c7:50:c9:85:98:72:1f:9c:68:87:
7c:02:f9:18:cb:bb:67:2c:fb:a9:77:18:ad:1a:fa:24:71:55:
e5:13:53:02:4d:4b:77:b7:e4:33:30:32:1d:bd:46:50:9d:8c:
b7:34:4f:3c:ee:1d:92:34:49:c5:81:74:2f:ea:34:60:68:70:
88:d4:53:ea:3c:21:4a:57:10:f6:ed:94:ed:dc:b6:42:2b:4b:
13:89:f5:97:c4:36:1a:8d:a8:91:08:aa:8d:b1:2c:6e:23:c1:
60:f9:4a:ef:e0:9c:02:70:f5:5b:9b:4a:f8:d6:d0:c5:26:5a:
7a:5e:71:e0:77:52:3d:af:11:9a:a4:58:05:1e:44:de:c5:30:
34:c1:2b:e0:53:4b:a1:30:7a:f4:92:e0:28:b0:d7:30:1a:cb:
92:3e:18:0e:e3:d0:8e:86:49:fb:cb:30:95:d0:5a:1e:16:fc:
8d:be:0a:4d:dc:37:42:3a:66:0c:2a:52:2a:76:25:76:0c:e6:
b6:e1:f7:f4
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgIECp6CxDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
YjU4OTVlN2Y2YTZkNGFiYTljOTYxZjcxM2IyZTc5NzE1ZjAyMWYwMB4XDTIyMDEw
MTA2MDU1OVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNDlmMzFmYmEwZDYz
MGEzZjJlNmNjMTQ0OGJlNTNlOWRiZDZjMDQwNDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKnY9oXWo4XCA1Txtd/18sBEcggbVJv5/zeliaasYBMQ68tv
iBtwA5OO2mEIprPBkOGLps+ryHeEtkvlZbFl3GhX85XylCCpcaxegFuIuborLoga
vhtK6HNlVi4pPW9teJurgCjaBBcPH+sHvqF30s/t5MmzBWh6uGXGTZE4SLlvaHJH
sktVzR/aVAGe+untwklpIbBraNrlv5aZslyPg7iN635CSZ9nEZa8k8skDIwJtxhl
cURdyjmk+nZYU7Xs+93oE5R8vx+hw70MFWl4OhdVXRgWFm9ork1/K+7MiFE1acCO
zL0FBaUXYO33+dhdLGpqdIwTBp1oj45VKgMM5e8CAwEAAaOCAh4wggIaMB0GA1Ud
DgQWBBRJ8x+6DWMKPy5swUSL5T6dvWwEBDAfBgNVHSMEGDAWgBSbWJXn9qbUq6nJ
YfcTsueXFfAh8DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L20xaVY1X2FtMUt1cHlXSDNFN0xubHhYd0lmQS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvN2IvMTM0YjgyLWJjZmItNDQ1Yy1iZDQyLWZjMmE5N2I3ZDUzZS8x
L1NmTWZ1ZzFqQ2o4dWJNRkVpLVUtbmIxc0JBUS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvN2Iv
MTM0YjgyLWJjZmItNDQ1Yy1iZDQyLWZjMmE5N2I3ZDUzZS8xL20xaVY1X2FtMUt1
cHlXSDNFN0xubHhYd0lmQS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA0
BggrBgEFBQcBBwEB/wQlMCMwEgQCAAEwDAMEAy4fYAMEArkYzDANBAIAAjAHAwUA
KgJQgDANBgkqhkiG9w0BAQsFAAOCAQEAM/gkr8ivc6Xs30yrBy8/JafFkYzFr+tl
iQidvTsXN/owYoqh3npGql/8N+vNDXiKCQ4A0iHZ1cSmLrIfCEvHUMmFmHIfnGiH
fAL5GMu7Zyz7qXcYrRr6JHFV5RNTAk1Ld7fkMzAyHb1GUJ2MtzRPPO4dkjRJxYF0
L+o0YGhwiNRT6jwhSlcQ9u2U7dy2QitLE4n1l8Q2Go2okQiqjbEsbiPBYPlK7+Cc
AnD1W5tK+NbQxSZael5x4HdSPa8RmqRYBR5E3sUwNMEr4FNLoTB69JLgKLDXMBrL
kj4YDuPQjoZJ+8swldBaHhb8jb4KTdw3QjpmDCpSKnYldgzmtuH39A==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:58:19 2023 by rpki-client on console-fra.rpki-client.org