Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9b/f59fe3-956e-4937-858d-eec416a886f7/1/bhS9jqwzH45NrmvCbv4xvf_tqE4.roa
File: bhS9jqwzH45NrmvCbv4xvf_tqE4.roa (raw, json)
Hash identifier: STm/rtQIxzMZJYluyV/FeAGYwazA8vm+aACXH55FiOY=
Subject key identifier: 6E:14:BD:8E:AC:33:1F:8E:4D:AE:6B:C2:6E:FE:31:BD:FF:ED:A8:4E
Certificate issuer: /CN=3af7710df8add64bb9688e0f4581bea67e402c66
Certificate serial: 01839D031789E547E979DBCABFB4BE5C0563
Authority key identifier: 3A:F7:71:0D:F8:AD:D6:4B:B9:68:8E:0F:45:81:BE:A6:7E:40:2C:66
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OvdxDfit1ku5aI4PRYG-pn5ALGY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9b/f59fe3-956e-4937-858d-eec416a886f7/1/bhS9jqwzH45NrmvCbv4xvf_tqE4.roa
Signing time: Mon 03 Oct 2022 08:42:48 +0000
ROA not before: Mon 03 Oct 2022 08:42:48 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 203639
IP address blocks: 185.155.186.0/24 maxlen: 24
185.155.187.0/24 maxlen: 24
46.21.23.0/24 maxlen: 24
46.21.22.0/24 maxlen: 24
46.21.30.0/24 maxlen: 24
46.21.28.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:9d:03:17:89:e5:47:e9:79:db:ca:bf:b4:be:5c:05:63
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3af7710df8add64bb9688e0f4581bea67e402c66
Validity
Not Before: Oct 3 08:42:48 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=6e14bd8eac331f8e4dae6bc26efe31bdffeda84e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:fb:e9:22:68:d3:73:04:73:f7:66:75:dd:c6:
85:55:18:fc:ff:3e:6b:03:2b:76:1f:1d:13:eb:78:
7e:7d:80:3b:cd:57:3b:ed:cb:ba:b3:1f:26:11:74:
4a:61:ca:bd:6e:2a:cf:35:ba:3f:35:a4:e0:78:28:
af:7e:5b:e6:8b:a5:c1:ab:4a:ab:ca:c4:f5:2f:44:
25:9a:a5:74:dc:0b:6f:41:7f:46:47:10:05:aa:12:
17:84:b9:63:56:a3:fe:5e:1c:d0:63:32:d0:48:93:
51:5f:3d:85:13:41:3f:f1:26:2a:ef:89:12:e0:4b:
84:62:9d:f3:ac:6c:df:1f:33:fa:75:7e:02:46:bb:
e4:35:8c:38:dc:56:0c:04:70:54:9a:5b:9c:f0:fd:
d5:ac:20:6d:06:ac:10:1b:a7:68:92:04:a6:8e:f4:
1f:de:51:78:29:cc:f5:9c:ae:11:78:76:18:98:83:
d7:7c:1d:15:dd:68:aa:f2:a7:c5:04:d2:09:89:dc:
5f:b8:2b:14:c3:f9:a5:87:2e:6e:ab:e2:a6:34:88:
2b:5b:39:58:1e:08:be:37:68:61:6b:8f:e2:2f:0d:
16:0c:a5:f9:3b:05:5f:68:32:bc:f8:4f:10:50:1a:
a9:2b:4c:c4:17:c1:63:e6:30:b2:6b:47:ac:e9:39:
fb:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:14:BD:8E:AC:33:1F:8E:4D:AE:6B:C2:6E:FE:31:BD:FF:ED:A8:4E
X509v3 Authority Key Identifier:
keyid:3A:F7:71:0D:F8:AD:D6:4B:B9:68:8E:0F:45:81:BE:A6:7E:40:2C:66
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OvdxDfit1ku5aI4PRYG-pn5ALGY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/f59fe3-956e-4937-858d-eec416a886f7/1/bhS9jqwzH45NrmvCbv4xvf_tqE4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/f59fe3-956e-4937-858d-eec416a886f7/1/OvdxDfit1ku5aI4PRYG-pn5ALGY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.21.22.0/23
46.21.28.0/24
46.21.30.0/24
185.155.186.0/23
Signature Algorithm: sha256WithRSAEncryption
38:45:ff:95:a8:0a:08:54:9b:20:34:c2:9c:bc:be:fd:77:3c:
03:3d:b6:72:6a:6a:0d:92:86:c5:d9:df:dc:68:83:43:b4:09:
13:b4:39:c4:6b:63:f3:1e:e2:1d:e1:d1:dd:12:a0:13:5f:e5:
9c:48:65:89:d7:f4:33:77:fd:59:a5:0d:a2:0a:ee:3b:92:e8:
aa:27:a5:23:46:ca:65:c7:09:db:3d:70:b1:61:87:03:e6:4f:
01:3c:f2:0f:15:ab:06:27:79:9a:37:72:26:9c:c9:16:50:53:
e6:29:93:80:0e:63:64:06:0d:fc:2c:f1:73:4e:cb:b7:08:54:
ed:52:46:cb:de:dc:f1:8c:bd:21:9f:ff:6d:ce:ee:2a:28:b5:
54:0e:a9:02:1e:14:ff:18:64:3c:54:c4:6e:88:4b:e3:a3:d9:
66:3f:73:a9:a2:9c:15:b3:6a:fc:be:b1:8e:ea:53:f6:bc:be:
27:8c:b1:1c:f6:62:02:b0:1b:d1:e4:92:3a:fa:84:d0:38:9c:
99:7c:59:ad:12:2e:b2:ea:45:ab:bb:27:76:4a:70:30:6c:d9:
ef:a2:1e:45:ea:63:85:65:ea:d3:8b:99:65:c0:7a:38:50:71:
45:67:36:88:ee:ec:21:a7:2f:7f:ff:dd:36:d9:f8:a8:69:6b:
bb:10:d4:3e
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYOdAxeJ5UfpedvKv7S+XAVjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhZjc3MTBkZjhhZGQ2NGJiOTY4OGUwZjQ1ODFiZWE2N2U0
MDJjNjYwHhcNMjIxMDAzMDg0MjQ4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZTE0YmQ4ZWFjMzMxZjhlNGRhZTZiYzI2ZWZlMzFiZGZmZWRhODRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgvvpImjTcwRz92Z13caFVRj8/z5r
Ayt2Hx0T63h+fYA7zVc77cu6sx8mEXRKYcq9birPNbo/NaTgeCivflvmi6XBq0qr
ysT1L0QlmqV03AtvQX9GRxAFqhIXhLljVqP+XhzQYzLQSJNRXz2FE0E/8SYq74kS
4EuEYp3zrGzfHzP6dX4CRrvkNYw43FYMBHBUmluc8P3VrCBtBqwQG6dokgSmjvQf
3lF4Kcz1nK4ReHYYmIPXfB0V3Wiq8qfFBNIJidxfuCsUw/mlhy5uq+KmNIgrWzlY
Hgi+N2hha4/iLw0WDKX5OwVfaDK8+E8QUBqpK0zEF8Fj5jCya0es6Tn74wIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFG4UvY6sMx+OTa5rwm7+Mb3/7ahOMB8GA1UdIwQY
MBaAFDr3cQ34rdZLuWiOD0WBvqZ+QCxmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT3ZkeERmaXQxa3U1YUk0UFJZRy1wbjVBTEdZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yi9mNTlmZTMtOTU2ZS00OTM3LTg1OGQt
ZWVjNDE2YTg4NmY3LzEvYmhTOWpxd3pINDVOcm12Q2J2NHh2Zl90cUU0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yi9mNTlmZTMtOTU2ZS00OTM3LTg1OGQtZWVjNDE2YTg4NmY3
LzEvT3ZkeERmaXQxa3U1YUk0UFJZRy1wbjVBTEdZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQBLhUWAwQA
LhUcAwQALhUeAwQBuZu6MA0GCSqGSIb3DQEBCwUAA4IBAQA4Rf+VqAoIVJsgNMKc
vL79dzwDPbZyamoNkobF2d/caINDtAkTtDnEa2PzHuId4dHdEqATX+WcSGWJ1/Qz
d/1ZpQ2iCu47kuiqJ6UjRsplxwnbPXCxYYcD5k8BPPIPFasGJ3maN3ImnMkWUFPm
KZOADmNkBg38LPFzTsu3CFTtUkbL3tzxjL0hn/9tzu4qKLVUDqkCHhT/GGQ8VMRu
iEvjo9lmP3OpopwVs2r8vrGO6lP2vL4njLEc9mICsBvR5JI6+oTQOJyZfFmtEi6y
6kWruyd2SnAwbNnvoh5F6mOFZerTi5llwHo4UHFFZzaI7uwhpy9//9022fioaWu7
ENQ+
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:03:45 2023 by rpki-client on console-ams.rpki-client.org