Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/86/6c0bf7-5f13-44a2-9989-8c9581d96d8f/1/Q5AWaX0GJANO1K2NoQ3YyZuhA9s.roa
File: Q5AWaX0GJANO1K2NoQ3YyZuhA9s.roa (raw, json)
Hash identifier: zjtmAVGCkX8sF6Nj03RgftgMdwFyTww3t8iI4TH60H4=
Subject key identifier: 43:90:16:69:7D:06:24:03:4E:D4:AD:8D:A1:0D:D8:C9:9B:A1:03:DB
Certificate issuer: /CN=5885e884c2fc7a75d12dd1dea49ce2349c47067e
Certificate serial: 0182CB5D7546B81DD2C711539E372B3938F9
Authority key identifier: 58:85:E8:84:C2:FC:7A:75:D1:2D:D1:DE:A4:9C:E2:34:9C:47:06:7E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WIXohML8enXRLdHepJziNJxHBn4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/86/6c0bf7-5f13-44a2-9989-8c9581d96d8f/1/Q5AWaX0GJANO1K2NoQ3YyZuhA9s.roa
Signing time: Tue 23 Aug 2022 15:41:15 +0000
ROA not before: Tue 23 Aug 2022 15:41:15 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 49200
IP address blocks: 46.243.213.0/24 maxlen: 24
46.243.208.0/24 maxlen: 24
46.243.207.0/24 maxlen: 24
46.243.217.0/24 maxlen: 24
46.243.216.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:cb:5d:75:46:b8:1d:d2:c7:11:53:9e:37:2b:39:38:f9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5885e884c2fc7a75d12dd1dea49ce2349c47067e
Validity
Not Before: Aug 23 15:41:15 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=439016697d0624034ed4ad8da10dd8c99ba103db
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:09:26:23:a0:c8:38:d0:61:88:44:48:d2:6a:
63:21:29:c8:dd:8c:82:49:ed:58:3e:ad:c6:bd:ea:
fc:4d:d4:6f:ef:7d:e4:c7:63:22:e6:4a:80:3d:1f:
e9:9b:f6:35:1d:74:9c:c8:ad:ea:e2:0c:fc:dc:0e:
26:6f:35:8b:a4:35:87:f6:c8:c2:e1:57:df:e6:19:
cb:d5:1e:7c:cc:dc:12:45:be:cf:81:1b:ee:22:52:
b2:85:cc:33:fd:6e:6b:8e:67:a9:87:ba:1a:52:2a:
29:e5:4f:97:31:87:66:15:d6:14:a4:27:0e:0c:df:
3b:30:c1:db:f1:ad:6e:37:3c:09:8e:ac:f2:24:4b:
17:6a:b5:53:ee:42:55:6c:3d:53:9c:ea:59:f5:95:
de:ea:15:08:28:cb:24:ac:64:ad:98:d8:e4:37:7c:
45:51:4e:9e:79:d5:bb:d8:e3:64:7c:ad:e0:79:be:
38:71:29:fc:ca:f2:c1:14:e1:a9:7e:2c:65:5d:9e:
e7:17:5e:38:be:64:1a:b0:fe:41:75:36:74:4e:e1:
1b:a2:0b:ae:f8:4c:8d:17:24:0e:57:15:d3:85:ff:
f3:ea:0d:71:c2:1c:70:d7:7c:b9:32:33:68:10:6e:
32:88:70:21:9b:74:f0:14:7f:35:6e:49:9e:fb:0c:
5b:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:90:16:69:7D:06:24:03:4E:D4:AD:8D:A1:0D:D8:C9:9B:A1:03:DB
X509v3 Authority Key Identifier:
keyid:58:85:E8:84:C2:FC:7A:75:D1:2D:D1:DE:A4:9C:E2:34:9C:47:06:7E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WIXohML8enXRLdHepJziNJxHBn4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/6c0bf7-5f13-44a2-9989-8c9581d96d8f/1/Q5AWaX0GJANO1K2NoQ3YyZuhA9s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/86/6c0bf7-5f13-44a2-9989-8c9581d96d8f/1/WIXohML8enXRLdHepJziNJxHBn4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.243.207.0-46.243.208.255
46.243.213.0/24
46.243.216.0/23
Signature Algorithm: sha256WithRSAEncryption
a4:0b:54:74:22:d1:21:46:13:9a:0a:c2:a3:cd:26:4c:c5:13:
d1:b4:bc:43:74:c5:ec:a1:42:8e:24:1c:b9:ed:2f:08:4d:da:
19:33:f5:1d:9a:9a:c4:d8:49:27:94:83:e3:42:2b:5a:05:94:
f6:ed:a7:3c:e1:17:d0:33:cc:d4:fe:16:2f:dd:4a:d9:36:0d:
19:40:4f:43:8d:1a:52:2a:cd:ce:28:a8:c3:cf:02:16:a5:4a:
13:73:5a:56:e8:19:c3:19:c8:b9:f5:05:75:c2:ee:39:eb:62:
8c:e9:7b:44:44:04:63:9f:47:1b:8e:69:b5:a6:fc:60:d9:a8:
da:b0:6b:42:c8:ae:77:c9:2c:04:48:59:c4:1c:49:d9:85:87:
d9:a0:d2:b8:7c:7f:4a:4c:af:18:cf:fd:b5:5c:ac:ce:b9:f0:
53:5c:f2:39:46:3d:60:1c:fe:e1:44:7b:4b:b0:08:53:b1:fa:
80:0e:52:24:81:05:66:c5:56:8c:72:ac:8f:0f:44:c2:e1:93:
e9:d5:8a:14:35:ab:3b:71:03:f5:eb:28:3c:86:b4:11:64:f3:
a8:5f:ad:71:5f:63:64:69:36:99:f8:75:e2:24:cb:1b:f8:c4:
22:86:91:59:aa:c8:3d:57:43:c2:bf:54:4a:a5:c5:93:bc:88:
0c:d7:13:13
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYLLXXVGuB3SxxFTnjcrOTj5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU4ODVlODg0YzJmYzdhNzVkMTJkZDFkZWE0OWNlMjM0OWM0
NzA2N2UwHhcNMjIwODIzMTU0MTE1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MzkwMTY2OTdkMDYyNDAzNGVkNGFkOGRhMTBkZDhjOTliYTEwM2RiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAigkmI6DIONBhiERI0mpjISnI3YyC
Se1YPq3Gver8TdRv733kx2Mi5kqAPR/pm/Y1HXScyK3q4gz83A4mbzWLpDWH9sjC
4Vff5hnL1R58zNwSRb7PgRvuIlKyhcwz/W5rjmeph7oaUiop5U+XMYdmFdYUpCcO
DN87MMHb8a1uNzwJjqzyJEsXarVT7kJVbD1TnOpZ9ZXe6hUIKMskrGStmNjkN3xF
UU6eedW72ONkfK3geb44cSn8yvLBFOGpfixlXZ7nF144vmQasP5BdTZ0TuEboguu
+EyNFyQOVxXThf/z6g1xwhxw13y5MjNoEG4yiHAhm3TwFH81bkme+wxbSQIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFEOQFml9BiQDTtStjaEN2MmboQPbMB8GA1UdIwQY
MBaAFFiF6ITC/Hp10S3R3qSc4jScRwZ+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV0lYb2hNTDhlblhSTGRIZXBKemlOSnhIQm40LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ni82YzBiZjctNWYxMy00NGEyLTk5ODkt
OGM5NTgxZDk2ZDhmLzEvUTVBV2FYMEdKQU5PMUsyTm9RM1l5WnVoQTlzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ni82YzBiZjctNWYxMy00NGEyLTk5ODktOGM5NTgxZDk2ZDhm
LzEvV0lYb2hNTDhlblhSTGRIZXBKemlOSnhIQm40LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaMAwDBAAu888D
BAAu89ADBAAu89UDBAEu89gwDQYJKoZIhvcNAQELBQADggEBAKQLVHQi0SFGE5oK
wqPNJkzFE9G0vEN0xeyhQo4kHLntLwhN2hkz9R2amsTYSSeUg+NCK1oFlPbtpzzh
F9AzzNT+Fi/dStk2DRlAT0ONGlIqzc4oqMPPAhalShNzWlboGcMZyLn1BXXC7jnr
Yozpe0REBGOfRxuOabWm/GDZqNqwa0LIrnfJLARIWcQcSdmFh9mg0rh8f0pMrxjP
/bVcrM658FNc8jlGPWAc/uFEe0uwCFOx+oAOUiSBBWbFVoxyrI8PRMLhk+nVihQ1
qztxA/XrKDyGtBFk86hfrXFfY2RpNpn4deIkyxv4xCKGkVmqyD1XQ8K/VEqlxZO8
iAzXExM=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:37:38 2024 by rpki-client on console-fra.rpki-client.org