Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a3/1f9e6c-e6b8-4ad4-9941-f46f9d674f6c/1/PSpRMoH9wfRBOQCKnYLJ9jSlWLk.roa
File: PSpRMoH9wfRBOQCKnYLJ9jSlWLk.roa (raw, json)
Hash identifier: ogz+LeH4MCEx392bIBChZOBIAcOhlev9ac1keYdOPbs=
Subject key identifier: 3D:2A:51:32:81:FD:C1:F4:41:39:00:8A:9D:82:C9:F6:34:A5:58:B9
Certificate issuer: /CN=719e59b5017bfe634411949eff2d70ba0a07c540
Certificate serial: 018286F11207D430B2EF090F67DE16C484B4
Authority key identifier: 71:9E:59:B5:01:7B:FE:63:44:11:94:9E:FF:2D:70:BA:0A:07:C5:40
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cZ5ZtQF7_mNEEZSe_y1wugoHxUA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a3/1f9e6c-e6b8-4ad4-9941-f46f9d674f6c/1/PSpRMoH9wfRBOQCKnYLJ9jSlWLk.roa
Signing time: Wed 10 Aug 2022 08:48:41 +0000
ROA not before: Wed 10 Aug 2022 08:48:41 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 16509
IP address blocks: 46.28.58.0/24 maxlen: 24
46.28.59.0/24 maxlen: 24
46.28.63.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:86:f1:12:07:d4:30:b2:ef:09:0f:67:de:16:c4:84:b4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=719e59b5017bfe634411949eff2d70ba0a07c540
Validity
Not Before: Aug 10 08:48:41 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=3d2a513281fdc1f44139008a9d82c9f634a558b9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:eb:bb:30:e7:9f:64:06:05:c1:ce:a7:eb:78:
0e:3c:82:50:60:c5:26:0c:23:8b:0c:4b:fd:83:67:
de:e6:88:6b:c4:4d:88:30:95:c3:0d:c6:18:3d:f9:
1a:3e:3a:7b:5f:b1:7c:26:49:31:33:82:81:f2:14:
41:ab:1c:4d:ec:05:52:7f:5b:86:b4:40:38:b3:94:
54:79:a1:85:bc:ca:d5:79:d3:a8:06:d2:38:14:70:
fc:c1:0e:10:1c:c5:c7:8a:7c:cc:45:82:e0:0d:3a:
23:73:15:e8:3a:73:35:e8:89:42:97:ec:8a:ed:ec:
cd:ec:2d:07:8d:ea:09:03:80:01:da:de:1d:dd:78:
7c:35:30:d6:1c:69:ed:58:c9:02:14:43:74:26:3f:
04:ca:7d:b5:da:93:73:1d:5c:78:46:31:5d:89:32:
d9:08:73:f5:60:8e:61:39:83:58:19:6e:67:39:f1:
4e:9d:5f:cd:32:02:80:82:ea:e6:37:2a:7f:70:d9:
59:bc:2a:b7:50:4c:15:ee:d3:0c:ff:33:8b:bc:c2:
b4:1f:bc:6f:63:8f:fe:b5:68:5a:d4:39:48:dc:18:
29:09:76:bf:0e:09:1b:03:6d:e6:d6:cd:b4:03:f5:
02:22:42:63:09:e5:30:aa:b9:7f:db:86:ce:46:42:
85:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:2A:51:32:81:FD:C1:F4:41:39:00:8A:9D:82:C9:F6:34:A5:58:B9
X509v3 Authority Key Identifier:
keyid:71:9E:59:B5:01:7B:FE:63:44:11:94:9E:FF:2D:70:BA:0A:07:C5:40
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cZ5ZtQF7_mNEEZSe_y1wugoHxUA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/1f9e6c-e6b8-4ad4-9941-f46f9d674f6c/1/PSpRMoH9wfRBOQCKnYLJ9jSlWLk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/1f9e6c-e6b8-4ad4-9941-f46f9d674f6c/1/cZ5ZtQF7_mNEEZSe_y1wugoHxUA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.28.58.0/23
46.28.63.0/24
Signature Algorithm: sha256WithRSAEncryption
8d:20:55:f0:c6:a4:18:85:d8:a2:5a:de:7c:b3:a3:ec:08:f5:
ed:11:9f:95:c2:cf:05:23:97:08:1c:af:66:62:d6:36:cf:01:
d4:47:37:1f:67:20:a0:d3:91:dd:4d:80:e7:d2:75:a3:f5:20:
27:43:8c:68:9c:0e:9d:64:fa:c6:83:01:a9:ca:d3:a3:87:31:
63:0c:02:1b:c5:63:23:64:47:33:80:ca:a0:58:f8:92:c5:a9:
a2:5b:7f:f0:73:7a:f1:d8:c4:b1:df:f6:63:88:8f:39:dc:e7:
24:2d:a5:fd:8f:0b:96:c7:9f:d2:4f:fe:73:4c:ec:a5:56:c4:
99:9c:87:a6:b0:9a:5b:80:d8:26:8f:9e:d5:ea:49:04:4c:8f:
5c:87:9b:6e:64:62:1a:86:8f:f7:f8:e7:e0:42:95:50:be:0a:
06:bf:80:8f:64:93:ce:f5:d0:36:5b:98:c5:df:6f:95:7c:da:
9a:23:35:14:8e:c4:8f:bd:cc:f6:24:3c:dc:6f:41:f9:20:0a:
35:24:6d:9b:c0:eb:8e:de:fe:ef:e4:3a:9c:de:08:e3:2e:cf:
da:cf:2f:9f:96:a8:24:60:0f:13:e1:24:98:5b:3b:db:10:d7:
ea:9d:68:83:97:8d:df:ec:79:01:c5:2f:04:a6:a2:b9:2f:23:
57:25:6c:c0
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYKG8RIH1DCy7wkPZ94WxIS0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcxOWU1OWI1MDE3YmZlNjM0NDExOTQ5ZWZmMmQ3MGJhMGEw
N2M1NDAwHhcNMjIwODEwMDg0ODQxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZDJhNTEzMjgxZmRjMWY0NDEzOTAwOGE5ZDgyYzlmNjM0YTU1OGI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhuu7MOefZAYFwc6n63gOPIJQYMUm
DCOLDEv9g2fe5ohrxE2IMJXDDcYYPfkaPjp7X7F8JkkxM4KB8hRBqxxN7AVSf1uG
tEA4s5RUeaGFvMrVedOoBtI4FHD8wQ4QHMXHinzMRYLgDTojcxXoOnM16IlCl+yK
7ezN7C0HjeoJA4AB2t4d3Xh8NTDWHGntWMkCFEN0Jj8Eyn212pNzHVx4RjFdiTLZ
CHP1YI5hOYNYGW5nOfFOnV/NMgKAgurmNyp/cNlZvCq3UEwV7tMM/zOLvMK0H7xv
Y4/+tWha1DlI3BgpCXa/DgkbA23m1s20A/UCIkJjCeUwqrl/24bORkKFPQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFD0qUTKB/cH0QTkAip2CyfY0pVi5MB8GA1UdIwQY
MBaAFHGeWbUBe/5jRBGUnv8tcLoKB8VAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY1o1WnRRRjdfbU5FRVpTZV95MXd1Z29IeFVBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMy8xZjllNmMtZTZiOC00YWQ0LTk5NDEt
ZjQ2ZjlkNjc0ZjZjLzEvUFNwUk1vSDl3ZlJCT1FDS25ZTEo5alNsV0xrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMy8xZjllNmMtZTZiOC00YWQ0LTk5NDEtZjQ2ZjlkNjc0ZjZj
LzEvY1o1WnRRRjdfbU5FRVpTZV95MXd1Z29IeFVBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBLhw6AwQA
Lhw/MA0GCSqGSIb3DQEBCwUAA4IBAQCNIFXwxqQYhdiiWt58s6PsCPXtEZ+Vws8F
I5cIHK9mYtY2zwHURzcfZyCg05HdTYDn0nWj9SAnQ4xonA6dZPrGgwGpytOjhzFj
DAIbxWMjZEczgMqgWPiSxamiW3/wc3rx2MSx3/ZjiI853OckLaX9jwuWx5/ST/5z
TOylVsSZnIemsJpbgNgmj57V6kkETI9ch5tuZGIaho/3+OfgQpVQvgoGv4CPZJPO
9dA2W5jF32+VfNqaIzUUjsSPvcz2JDzcb0H5IAo1JG2bwOuO3v7v5Dqc3gjjLs/a
zy+flqgkYA8T4SSYWzvbENfqnWiDl43f7HkBxS8EpqK5LyNXJWzA
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:48:10 2024 by rpki-client on console-fra.rpki-client.org