Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/98/82af7c-8606-4f9b-a052-4f3bea9fb95c/1/E3JzrIObucWrk8NhLcBQ2zZc_1s.roa
File: E3JzrIObucWrk8NhLcBQ2zZc_1s.roa (raw, json)
Hash identifier: LZc6C7ti02Sj15CpiOSCnsuRbG+XN0+VPHQ2XIPHHaw=
Subject key identifier: 13:72:73:AC:83:9B:B9:C5:AB:93:C3:61:2D:C0:50:DB:36:5C:FF:5B
Certificate issuer: /CN=34962ec776462b76e63ae8155bb27b9d8c7e7fde
Certificate serial: E679F3
Authority key identifier: 34:96:2E:C7:76:46:2B:76:E6:3A:E8:15:5B:B2:7B:9D:8C:7E:7F:DE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NJYux3ZGK3bmOugVW7J7nYx-f94.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/98/82af7c-8606-4f9b-a052-4f3bea9fb95c/1/E3JzrIObucWrk8NhLcBQ2zZc_1s.roa
Signing time: Sat 01 Jan 2022 07:03:05 +0000
ROA not before: Sat 01 Jan 2022 07:03:05 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 197522
IP address blocks: 46.149.176.0/24 maxlen: 24
46.149.177.0/24 maxlen: 24
46.149.178.0/24 maxlen: 24
46.149.179.0/24 maxlen: 24
46.149.176.0/20 maxlen: 20
46.149.180.0/24 maxlen: 24
46.149.181.0/24 maxlen: 24
46.149.182.0/24 maxlen: 24
46.149.183.0/24 maxlen: 24
46.149.184.0/24 maxlen: 24
46.149.185.0/24 maxlen: 24
46.149.186.0/24 maxlen: 24
46.149.189.0/24 maxlen: 24
46.149.190.0/24 maxlen: 24
46.149.191.0/24 maxlen: 24
46.149.187.0/24 maxlen: 24
46.149.188.0/24 maxlen: 24
2.57.204.0/22 maxlen: 22
2.57.204.0/24 maxlen: 24
2.57.205.0/24 maxlen: 24
2.57.206.0/24 maxlen: 24
2.57.207.0/24 maxlen: 24
2a09:dc46::/32 maxlen: 32
2a09:dc47::/32 maxlen: 32
2a09:dc44::/32 maxlen: 32
2a09:dc45::/32 maxlen: 32
2a09:dc42::/32 maxlen: 32
2a09:dc41::/32 maxlen: 32
2a09:dc40::/32 maxlen: 32
2a09:dc43::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 15104499 (0xe679f3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=34962ec776462b76e63ae8155bb27b9d8c7e7fde
Validity
Not Before: Jan 1 07:03:05 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=137273ac839bb9c5ab93c3612dc050db365cff5b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:5d:a7:44:97:d9:ea:79:14:74:12:e5:0f:5f:
94:42:42:3e:a4:c4:49:0d:14:44:cf:fb:1c:4d:f0:
26:e2:ee:b8:d7:0f:ac:91:11:e0:13:38:c5:bc:ae:
57:09:e3:0f:cc:56:60:bd:db:7f:b5:54:6e:a8:ad:
92:f2:1a:1d:5f:46:a7:a8:8c:d6:05:28:e0:3a:40:
6b:ec:98:c9:e2:cb:d1:59:56:b0:3c:bd:07:fe:bf:
26:41:f5:2e:2c:1c:3e:d2:3b:13:1c:8b:fd:95:ec:
4b:6a:69:54:02:12:bb:ea:cd:fa:c9:13:2d:95:a3:
d0:98:fc:f3:fc:98:3b:29:dc:9b:ff:65:c0:85:4c:
c1:49:9a:6b:d1:ae:91:1c:b5:ce:f7:bd:70:f0:d3:
33:53:f7:15:bc:b7:cb:91:d8:28:d5:a0:9a:de:dd:
34:6c:f0:a0:21:d7:c4:a6:51:54:28:85:5a:18:7d:
df:95:5e:72:01:40:07:a4:79:3e:b7:48:e1:2f:f3:
c8:bd:f5:49:8d:f3:fe:9a:f3:ee:44:61:44:69:b9:
49:1e:93:56:5a:38:6c:c5:95:a4:ef:1e:19:8f:5d:
fc:e5:45:9b:f4:20:97:06:03:a7:e8:28:6e:3c:5d:
8a:2f:f8:e0:7b:ba:00:ef:74:c5:cd:83:39:bf:b1:
35:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
13:72:73:AC:83:9B:B9:C5:AB:93:C3:61:2D:C0:50:DB:36:5C:FF:5B
X509v3 Authority Key Identifier:
keyid:34:96:2E:C7:76:46:2B:76:E6:3A:E8:15:5B:B2:7B:9D:8C:7E:7F:DE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NJYux3ZGK3bmOugVW7J7nYx-f94.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/98/82af7c-8606-4f9b-a052-4f3bea9fb95c/1/E3JzrIObucWrk8NhLcBQ2zZc_1s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/98/82af7c-8606-4f9b-a052-4f3bea9fb95c/1/NJYux3ZGK3bmOugVW7J7nYx-f94.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.57.204.0/22
46.149.176.0/20
IPv6:
2a09:dc40::/29
Signature Algorithm: sha256WithRSAEncryption
e7:d3:e6:a6:e4:ec:fa:2b:98:ae:4e:fd:a8:27:1a:a2:8e:35:
87:9b:74:ce:91:c8:9a:95:08:6d:ad:3f:f2:a8:fa:3a:fd:2b:
1c:1b:84:15:e4:13:63:5e:f2:f0:a7:ad:cf:69:de:e9:33:96:
39:96:93:a4:a8:74:b9:47:63:2f:ee:1f:bc:7b:b2:8a:eb:18:
0e:95:3e:71:09:03:31:b8:c5:4d:56:c3:4a:9d:64:c0:60:8a:
0d:4f:ab:c6:43:e7:fb:55:aa:7f:b3:eb:02:b9:28:cb:85:97:
94:16:bb:0a:68:97:62:7a:7b:a8:7b:11:bc:ea:37:11:b8:a1:
b5:5e:9c:d1:c3:61:63:a3:a1:bb:bf:35:da:45:33:2c:dc:04:
b7:49:d7:20:eb:1f:bd:b9:db:52:00:e6:75:5a:7a:74:73:76:
7b:66:2c:a1:f7:84:94:95:5c:e5:6f:dd:67:79:0b:b4:3d:19:
8c:69:96:87:d0:46:7c:cc:38:54:45:45:2c:1a:5e:92:c5:64:
78:4f:26:95:92:a7:c4:70:22:71:99:13:e6:40:7f:07:b8:cb:
ef:a6:8e:2b:29:f8:9d:07:7e:05:dd:69:7c:64:5d:43:c4:94:
4f:be:b9:4e:6d:a6:96:1c:04:dd:cd:f7:ec:5e:c7:e5:36:1a:
24:b9:4a:19
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgIEAOZ58zANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
NDk2MmVjNzc2NDYyYjc2ZTYzYWU4MTU1YmIyN2I5ZDhjN2U3ZmRlMB4XDTIyMDEw
MTA3MDMwNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMTM3MjczYWM4Mzli
YjljNWFiOTNjMzYxMmRjMDUwZGIzNjVjZmY1YjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALBdp0SX2ep5FHQS5Q9flEJCPqTESQ0URM/7HE3wJuLuuNcP
rJER4BM4xbyuVwnjD8xWYL3bf7VUbqitkvIaHV9Gp6iM1gUo4DpAa+yYyeLL0VlW
sDy9B/6/JkH1LiwcPtI7ExyL/ZXsS2ppVAISu+rN+skTLZWj0Jj88/yYOyncm/9l
wIVMwUmaa9GukRy1zve9cPDTM1P3Fby3y5HYKNWgmt7dNGzwoCHXxKZRVCiFWhh9
35VecgFAB6R5PrdI4S/zyL31SY3z/prz7kRhRGm5SR6TVlo4bMWVpO8eGY9d/OVF
m/QglwYDp+gobjxdii/44Hu6AO90xc2DOb+xNYcCAwEAAaOCAh4wggIaMB0GA1Ud
DgQWBBQTcnOsg5u5xauTw2EtwFDbNlz/WzAfBgNVHSMEGDAWgBQ0li7HdkYrduY6
6BVbsnudjH5/3jAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L05KWXV4M1pHSzNibU91Z1ZXN0o3bll4LWY5NC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOTgvODJhZjdjLTg2MDYtNGY5Yi1hMDUyLTRmM2JlYTlmYjk1Yy8x
L0UzSnpySU9idWNXcms4TmhMY0JRMnpaY18xcy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOTgv
ODJhZjdjLTg2MDYtNGY5Yi1hMDUyLTRmM2JlYTlmYjk1Yy8xL05KWXV4M1pHSzNi
bU91Z1ZXN0o3bll4LWY5NC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA0
BggrBgEFBQcBBwEB/wQlMCMwEgQCAAEwDAMEAgI5zAMEBC6VsDANBAIAAjAHAwUD
KgncQDANBgkqhkiG9w0BAQsFAAOCAQEA59PmpuTs+iuYrk79qCcaoo41h5t0zpHI
mpUIba0/8qj6Ov0rHBuEFeQTY17y8Ketz2ne6TOWOZaTpKh0uUdjL+4fvHuyiusY
DpU+cQkDMbjFTVbDSp1kwGCKDU+rxkPn+1Wqf7PrArkoy4WXlBa7CmiXYnp7qHsR
vOo3EbihtV6c0cNhY6Ohu7812kUzLNwEt0nXIOsfvbnbUgDmdVp6dHN2e2YsofeE
lJVc5W/dZ3kLtD0ZjGmWh9BGfMw4VEVFLBpeksVkeE8mlZKnxHAicZkT5kB/B7jL
76aOKyn4nQd+Bd1pfGRdQ8SUT765Tm2mlhwE3c337F7H5TYaJLlKGQ==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:59:47 2023 by rpki-client on console-fra.rpki-client.org