Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/86/ebd49f-f569-4152-b0b8-5e53c23b55b0/1/shUbKexkM3trvMioimgXmnM1rY0.roa
File: shUbKexkM3trvMioimgXmnM1rY0.roa (raw, json)
Hash identifier: jU2H97IeSh/ZT0Jq4vsP2wQWETBfekIJXRAblZJh60A=
Subject key identifier: B2:15:1B:29:EC:64:33:7B:6B:BC:C8:A8:8A:68:17:9A:73:35:AD:8D
Certificate issuer: /CN=ecf42776be532bd0575332855d8c42c4952ed931
Certificate serial: 340808DD
Authority key identifier: EC:F4:27:76:BE:53:2B:D0:57:53:32:85:5D:8C:42:C4:95:2E:D9:31
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7PQndr5TK9BXUzKFXYxCxJUu2TE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/86/ebd49f-f569-4152-b0b8-5e53c23b55b0/1/shUbKexkM3trvMioimgXmnM1rY0.roa
Signing time: Tue 03 May 2022 09:31:07 +0000
ROA not before: Tue 03 May 2022 09:31:07 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 20743
IP address blocks: 146.109.145.0/24 maxlen: 24
146.109.153.0/24 maxlen: 24
146.109.160.0/19 maxlen: 19
146.109.161.0/24 maxlen: 24
2a01:4642:100::/40 maxlen: 40
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 872941789 (0x340808dd)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ecf42776be532bd0575332855d8c42c4952ed931
Validity
Not Before: May 3 09:31:07 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=b2151b29ec64337b6bbcc8a88a68179a7335ad8d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:46:0b:11:ea:f5:ad:1c:28:4a:0a:b5:c0:f8:
21:b6:e0:12:88:a0:56:e9:ba:1e:f9:04:0a:6f:3c:
5a:10:99:7b:9f:78:ea:9c:f6:04:ec:20:11:48:8c:
51:63:b7:51:f5:28:17:fc:16:94:28:26:2b:a5:fe:
99:18:46:b1:60:0a:41:99:66:86:71:c7:69:f1:5f:
c0:43:5e:6e:c6:57:5c:64:31:90:0b:80:92:e8:18:
36:57:b0:7f:16:ee:df:1c:ba:f0:bd:93:a0:3f:66:
79:25:0b:96:60:45:34:0e:93:c4:aa:f6:a2:38:b7:
73:7f:c0:d6:77:c2:ac:ac:af:fa:49:b8:ac:7e:4e:
a6:ac:09:52:81:df:ce:a9:84:6d:04:57:53:92:75:
a0:6a:7f:1e:e1:ba:42:cc:cb:f6:0a:40:18:cd:67:
3d:3a:cd:13:09:8b:13:bc:02:70:b1:75:bd:7c:44:
47:f6:bd:54:e6:61:6f:ea:da:b1:ce:3d:bb:ee:c3:
50:5e:fe:d7:a1:12:69:1a:87:83:9f:a0:3d:d9:53:
8c:8a:7f:aa:bb:43:0d:1b:55:3d:61:6e:7e:75:ab:
b0:04:31:96:a4:e4:08:a1:eb:62:5c:f7:40:9d:5e:
e8:9e:5d:13:82:81:d3:5f:44:81:76:0e:45:70:81:
ed:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B2:15:1B:29:EC:64:33:7B:6B:BC:C8:A8:8A:68:17:9A:73:35:AD:8D
X509v3 Authority Key Identifier:
keyid:EC:F4:27:76:BE:53:2B:D0:57:53:32:85:5D:8C:42:C4:95:2E:D9:31
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7PQndr5TK9BXUzKFXYxCxJUu2TE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/ebd49f-f569-4152-b0b8-5e53c23b55b0/1/shUbKexkM3trvMioimgXmnM1rY0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/86/ebd49f-f569-4152-b0b8-5e53c23b55b0/1/7PQndr5TK9BXUzKFXYxCxJUu2TE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
146.109.145.0/24
146.109.153.0/24
146.109.160.0/19
IPv6:
2a01:4642:100::/40
Signature Algorithm: sha256WithRSAEncryption
4c:b3:31:f5:92:1b:4b:fa:21:4d:61:8c:c1:5b:5d:86:f2:65:
44:bd:12:39:39:f6:ff:c8:44:eb:eb:ca:86:4c:9e:b1:36:a6:
a7:23:3f:a8:f8:1b:c9:e3:0b:b4:2f:df:83:11:e7:70:15:34:
51:ab:a6:85:a0:e0:9c:b2:6f:95:32:8a:16:03:5f:e0:c9:7b:
66:43:f2:7e:3c:f8:5f:05:78:19:5e:ba:05:32:82:2f:39:43:
b6:4f:92:61:4a:3b:19:36:c4:3b:4f:ec:fe:e5:61:31:b1:5d:
62:66:23:fe:bf:6f:e5:8a:76:8f:4f:66:fc:8b:22:c9:d4:6e:
62:35:02:78:03:98:f3:e7:94:e2:25:b2:a5:63:f8:6b:ab:b2:
a4:f2:7d:02:1e:0d:38:e9:5e:d6:6b:f7:9b:1b:97:57:bc:81:
85:76:c4:5c:fb:4a:c6:2d:48:f9:86:05:02:07:76:06:45:0c:
bf:cf:00:d2:6c:05:62:44:f3:36:d0:87:b5:da:3c:da:8e:54:
d8:0e:7a:de:91:81:2e:22:b5:64:17:77:94:b5:0c:cf:aa:d3:
be:23:70:56:12:f0:31:fc:ec:db:8b:64:01:0a:f4:6f:1a:82:
a4:08:fe:9d:e4:a5:6d:9a:5c:69:83:25:28:02:9c:a6:3f:3b:
ae:bf:fe:1e
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgIENAgI3TANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhl
Y2Y0Mjc3NmJlNTMyYmQwNTc1MzMyODU1ZDhjNDJjNDk1MmVkOTMxMB4XDTIyMDUw
MzA5MzEwN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYjIxNTFiMjllYzY0
MzM3YjZiYmNjOGE4OGE2ODE3OWE3MzM1YWQ4ZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAI5GCxHq9a0cKEoKtcD4IbbgEoigVum6HvkECm88WhCZe594
6pz2BOwgEUiMUWO3UfUoF/wWlCgmK6X+mRhGsWAKQZlmhnHHafFfwENebsZXXGQx
kAuAkugYNlewfxbu3xy68L2ToD9meSULlmBFNA6TxKr2oji3c3/A1nfCrKyv+km4
rH5OpqwJUoHfzqmEbQRXU5J1oGp/HuG6QszL9gpAGM1nPTrNEwmLE7wCcLF1vXxE
R/a9VOZhb+rasc49u+7DUF7+16ESaRqHg5+gPdlTjIp/qrtDDRtVPWFufnWrsAQx
lqTkCKHrYlz3QJ1e6J5dE4KB019EgXYORXCB7akCAwEAAaOCAiUwggIhMB0GA1Ud
DgQWBBSyFRsp7GQze2u8yKiKaBeaczWtjTAfBgNVHSMEGDAWgBTs9Cd2vlMr0FdT
MoVdjELElS7ZMTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzdQUW5kcjVUSzlCWFV6S0ZYWXhDeEpVdTJURS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvODYvZWJkNDlmLWY1NjktNDE1Mi1iMGI4LTVlNTNjMjNiNTViMC8x
L3NoVWJLZXhrTTN0cnZNaW9pbWdYbW5NMXJZMC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvODYv
ZWJkNDlmLWY1NjktNDE1Mi1iMGI4LTVlNTNjMjNiNTViMC8xLzdQUW5kcjVUSzlC
WFV6S0ZYWXhDeEpVdTJURS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA7
BggrBgEFBQcBBwEB/wQsMCowGAQCAAEwEgMEAJJtkQMEAJJtmQMEBZJtoDAOBAIA
AjAIAwYAKgFGQgEwDQYJKoZIhvcNAQELBQADggEBAEyzMfWSG0v6IU1hjMFbXYby
ZUS9Ejk59v/IROvryoZMnrE2pqcjP6j4G8njC7Qv34MR53AVNFGrpoWg4Jyyb5Uy
ihYDX+DJe2ZD8n48+F8FeBleugUygi85Q7ZPkmFKOxk2xDtP7P7lYTGxXWJmI/6/
b+WKdo9PZvyLIsnUbmI1AngDmPPnlOIlsqVj+GursqTyfQIeDTjpXtZr95sbl1e8
gYV2xFz7SsYtSPmGBQIHdgZFDL/PANJsBWJE8zbQh7XaPNqOVNgOet6RgS4itWQX
d5S1DM+q074jcFYS8DH87NuLZAEK9G8agqQI/p3kpW2aXGmDJSgCnKY/O66//h4=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:58:57 2023 by rpki-client on console-fra.rpki-client.org