Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/86/4f4b20-5136-420b-b516-b6d64a003d9e/1/46vtXddH0EYc2bCvk0utwRZHhG0.roa
File: 46vtXddH0EYc2bCvk0utwRZHhG0.roa (raw, json)
Hash identifier: Qw/IiJmCUwHZ6qBMIYB/9+lJgNM1E4oTS3FgK4yaCEA=
Subject key identifier: E3:AB:ED:5D:D7:47:D0:46:1C:D9:B0:AF:93:4B:AD:C1:16:47:84:6D
Certificate issuer: /CN=416532420a21e42b8ad30da24ebf4347de95ef35
Certificate serial: 0183A1F278CCF5D2C089635A5A533C2E8EF2
Authority key identifier: 41:65:32:42:0A:21:E4:2B:8A:D3:0D:A2:4E:BF:43:47:DE:95:EF:35
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QWUyQgoh5CuK0w2iTr9DR96V7zU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/86/4f4b20-5136-420b-b516-b6d64a003d9e/1/46vtXddH0EYc2bCvk0utwRZHhG0.roa
Signing time: Tue 04 Oct 2022 07:42:45 +0000
ROA not before: Tue 04 Oct 2022 07:42:45 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 207645
IP address blocks: 194.120.133.0/24 maxlen: 24
2a0d:b100::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:a1:f2:78:cc:f5:d2:c0:89:63:5a:5a:53:3c:2e:8e:f2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=416532420a21e42b8ad30da24ebf4347de95ef35
Validity
Not Before: Oct 4 07:42:45 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=e3abed5dd747d0461cd9b0af934badc11647846d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:08:e1:58:2b:48:2d:f5:40:11:86:f4:31:a0:
78:c0:5d:64:64:08:3d:46:5d:83:8b:ff:5e:58:ac:
02:e5:66:2a:d4:70:e3:f7:e1:08:ae:7d:70:d0:74:
ad:49:08:1a:0a:a3:79:db:ca:e7:5d:6b:fe:87:85:
f0:c8:c8:0b:ae:35:e5:6f:a8:a5:e3:75:98:70:9d:
67:d0:da:25:b3:79:81:8b:7a:b6:ca:55:cf:5c:90:
cd:76:b3:e6:af:31:e0:8b:d8:f3:fb:6c:6f:7e:00:
f4:32:60:98:5b:dc:07:2d:be:a6:6d:08:1e:2c:2e:
cd:7c:c2:48:34:fa:a4:eb:25:c9:38:ff:f6:19:05:
9a:61:ab:76:65:05:81:88:3d:ee:8c:2c:1f:6c:05:
14:d1:a3:b9:7b:ce:d9:86:0b:2f:20:62:8b:e2:3c:
29:52:b1:2b:57:2f:a5:78:3b:65:da:82:50:1c:2e:
b0:21:22:fd:40:bd:4a:13:91:ac:f5:bd:61:8d:92:
02:5d:cc:8f:f1:3e:29:41:9a:1d:cf:d9:8a:49:31:
b7:10:bd:ec:32:a1:d1:a4:bf:1e:6b:81:b5:b0:8b:
0d:fa:e9:7b:d4:61:5a:76:a8:c7:fb:77:0e:5c:70:
33:9c:85:82:1d:43:ac:9e:a0:d6:49:31:90:e3:ea:
4f:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:AB:ED:5D:D7:47:D0:46:1C:D9:B0:AF:93:4B:AD:C1:16:47:84:6D
X509v3 Authority Key Identifier:
keyid:41:65:32:42:0A:21:E4:2B:8A:D3:0D:A2:4E:BF:43:47:DE:95:EF:35
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QWUyQgoh5CuK0w2iTr9DR96V7zU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/4f4b20-5136-420b-b516-b6d64a003d9e/1/46vtXddH0EYc2bCvk0utwRZHhG0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/86/4f4b20-5136-420b-b516-b6d64a003d9e/1/QWUyQgoh5CuK0w2iTr9DR96V7zU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.120.133.0/24
IPv6:
2a0d:b100::/29
Signature Algorithm: sha256WithRSAEncryption
17:f5:06:b8:f1:f8:2c:d9:6a:d8:ab:ce:af:af:b8:5d:ba:f9:
4b:3e:a1:d0:9d:68:5d:ae:8c:1c:f7:10:94:14:93:10:d1:f3:
42:a9:bf:f7:3a:df:a6:5c:a8:73:ae:e6:b5:e2:23:a0:5b:81:
0a:b4:74:46:d8:95:4c:84:84:6b:b5:78:5a:8c:ea:70:02:76:
87:89:06:a1:af:2e:e7:2e:76:5b:af:85:c7:39:6f:e2:5c:70:
00:a6:22:bf:da:df:13:3f:86:06:f4:1a:a3:18:9f:c9:a4:20:
27:a8:42:36:72:a9:22:28:e9:54:84:c2:48:03:7c:54:5f:d2:
d0:c6:78:53:b2:4a:5c:54:93:0d:66:2f:3f:6f:d0:c6:7e:02:
22:a9:9d:37:a0:79:22:e1:02:6d:f5:ee:bc:ab:58:51:6f:75:
ba:86:85:d8:45:7f:1f:8d:d3:2e:9c:84:e8:55:8d:f7:52:43:
16:e9:54:2d:55:5d:4a:ee:8a:30:9a:2e:38:ee:63:6a:bb:ab:
b8:df:4b:b2:dc:b4:90:df:d0:86:55:a2:e0:a2:51:8c:65:6e:
53:06:dc:5a:45:a8:11:6d:f0:60:e6:8c:be:97:64:11:f5:07:
3f:ee:c0:76:7d:6b:53:92:70:92:54:ed:69:0a:6d:e8:42:b6:
04:11:d1:81
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYOh8njM9dLAiWNaWlM8Lo7yMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQxNjUzMjQyMGEyMWU0MmI4YWQzMGRhMjRlYmY0MzQ3ZGU5
NWVmMzUwHhcNMjIxMDA0MDc0MjQ1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlM2FiZWQ1ZGQ3NDdkMDQ2MWNkOWIwYWY5MzRiYWRjMTE2NDc4NDZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3QjhWCtILfVAEYb0MaB4wF1kZAg9
Rl2Di/9eWKwC5WYq1HDj9+EIrn1w0HStSQgaCqN528rnXWv+h4XwyMgLrjXlb6il
43WYcJ1n0Nols3mBi3q2ylXPXJDNdrPmrzHgi9jz+2xvfgD0MmCYW9wHLb6mbQge
LC7NfMJINPqk6yXJOP/2GQWaYat2ZQWBiD3ujCwfbAUU0aO5e87ZhgsvIGKL4jwp
UrErVy+leDtl2oJQHC6wISL9QL1KE5Gs9b1hjZICXcyP8T4pQZodz9mKSTG3EL3s
MqHRpL8ea4G1sIsN+ul71GFadqjH+3cOXHAznIWCHUOsnqDWSTGQ4+pPpQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFOOr7V3XR9BGHNmwr5NLrcEWR4RtMB8GA1UdIwQY
MBaAFEFlMkIKIeQritMNok6/Q0fele81MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUVdVeVFnb2g1Q3VLMHcyaVRyOURSOTZWN3pVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ni80ZjRiMjAtNTEzNi00MjBiLWI1MTYt
YjZkNjRhMDAzZDllLzEvNDZ2dFhkZEgwRVljMmJDdmswdXR3UlpIaEcwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ni80ZjRiMjAtNTEzNi00MjBiLWI1MTYtYjZkNjRhMDAzZDll
LzEvUVdVeVFnb2g1Q3VLMHcyaVRyOURSOTZWN3pVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAwniFMA0E
AgACMAcDBQMqDbEAMA0GCSqGSIb3DQEBCwUAA4IBAQAX9Qa48fgs2WrYq86vr7hd
uvlLPqHQnWhdrowc9xCUFJMQ0fNCqb/3Ot+mXKhzrua14iOgW4EKtHRG2JVMhIRr
tXhajOpwAnaHiQahry7nLnZbr4XHOW/iXHAApiK/2t8TP4YG9BqjGJ/JpCAnqEI2
cqkiKOlUhMJIA3xUX9LQxnhTskpcVJMNZi8/b9DGfgIiqZ03oHki4QJt9e68q1hR
b3W6hoXYRX8fjdMunIToVY33UkMW6VQtVV1K7oowmi447mNqu6u430uy3LSQ39CG
VaLgolGMZW5TBtxaRagRbfBg5oy+l2QR9Qc/7sB2fWtTknCSVO1pCm3oQrYEEdGB
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:58:54 2023 by rpki-client on console-fra.rpki-client.org