Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a9/b207d1-8b7b-4e27-8370-a796501e77a1/1/6NjBHZaOAXajAsZeg6gKZEGSbME.roa
File: 6NjBHZaOAXajAsZeg6gKZEGSbME.roa (raw, json)
Hash identifier: k+M74MGk0dSayviu5Gx4p7Dcx/URrTFopzQFgxFSUpw=
Subject key identifier: E8:D8:C1:1D:96:8E:01:76:A3:02:C6:5E:83:A8:0A:64:41:92:6C:C1
Certificate issuer: /CN=d2fa2a70003880d7561612a3c0a12602ce3541a4
Certificate serial: 08333A57
Authority key identifier: D2:FA:2A:70:00:38:80:D7:56:16:12:A3:C0:A1:26:02:CE:35:41:A4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0voqcAA4gNdWFhKjwKEmAs41QaQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a9/b207d1-8b7b-4e27-8370-a796501e77a1/1/6NjBHZaOAXajAsZeg6gKZEGSbME.roa
Signing time: Sat 01 Jan 2022 13:03:47 +0000
ROA not before: Sat 01 Jan 2022 13:03:47 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 213192
IP address blocks: 46.235.40.0/21 maxlen: 21
83.150.232.0/22 maxlen: 22
83.150.235.0/24 maxlen: 24
2a00:d640::/32 maxlen: 32
2a00:d641::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 137574999 (0x8333a57)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d2fa2a70003880d7561612a3c0a12602ce3541a4
Validity
Not Before: Jan 1 13:03:47 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=e8d8c11d968e0176a302c65e83a80a6441926cc1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:c7:f4:0f:09:86:b1:9e:92:1d:9d:44:a5:7b:
dc:4c:26:71:aa:f7:86:5d:75:79:57:df:fb:30:35:
11:3e:8c:df:9c:c0:14:46:f1:b7:3d:14:d7:a7:e7:
4d:f3:32:5f:b0:5a:93:9b:87:47:15:e0:1b:d1:03:
cb:82:0e:86:15:fc:2c:24:8e:6a:c4:de:11:26:2b:
d5:b3:b8:01:f1:74:67:5a:e3:4e:79:7a:8d:ab:fe:
c6:08:17:73:3f:8c:db:52:35:72:b5:6e:ac:26:d1:
f2:70:12:24:a6:f6:d9:8f:f9:7b:f3:1f:fc:be:60:
8e:f5:39:81:e3:88:78:4d:89:9a:5f:52:19:26:08:
3d:7f:af:e8:94:b4:a1:7a:ab:2c:3c:0f:ea:07:ef:
bd:81:de:7d:47:89:8e:5a:53:23:bb:1b:37:b2:7d:
7f:80:75:6e:68:31:d5:38:16:cf:36:d4:50:e6:44:
c6:9a:69:08:95:1e:58:d9:af:0c:0e:f5:07:4f:b5:
04:7a:03:ff:ce:58:7f:b6:f7:3b:f4:b9:22:86:55:
cc:f6:32:83:7d:99:e7:0f:a8:22:32:af:36:db:c4:
58:b9:e8:46:6f:6c:8d:58:e8:46:20:54:98:1f:77:
bd:90:ed:f7:49:03:d6:2b:d4:cb:4d:97:1c:29:b1:
b4:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E8:D8:C1:1D:96:8E:01:76:A3:02:C6:5E:83:A8:0A:64:41:92:6C:C1
X509v3 Authority Key Identifier:
keyid:D2:FA:2A:70:00:38:80:D7:56:16:12:A3:C0:A1:26:02:CE:35:41:A4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0voqcAA4gNdWFhKjwKEmAs41QaQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/b207d1-8b7b-4e27-8370-a796501e77a1/1/6NjBHZaOAXajAsZeg6gKZEGSbME.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/b207d1-8b7b-4e27-8370-a796501e77a1/1/0voqcAA4gNdWFhKjwKEmAs41QaQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.235.40.0/21
83.150.232.0/22
IPv6:
2a00:d640::/31
Signature Algorithm: sha256WithRSAEncryption
40:12:de:ed:bf:ba:c4:9d:c8:ca:9b:42:41:52:d5:84:2d:2d:
f9:03:ae:95:39:95:1e:bb:3d:f0:32:23:9c:b3:b2:a6:75:89:
d7:34:9b:83:6f:cd:af:64:ed:c2:1b:34:bd:a5:6b:9b:2d:83:
31:58:85:bf:10:13:ca:8c:ef:ef:9b:4c:ee:0b:8d:8e:1d:3e:
78:11:50:ae:de:07:81:6a:9c:ce:39:30:2c:0c:80:c6:8f:a3:
c0:02:ca:5a:2f:2a:03:99:ff:fb:f9:e2:cc:fd:a2:c5:bf:b2:
38:54:26:36:f5:78:89:1b:22:34:0f:46:b8:1f:22:f8:e9:ed:
e3:e2:ad:33:67:89:a5:09:2e:a4:72:43:99:9d:e5:4b:1b:91:
7b:5e:22:87:df:d4:2a:8a:da:a5:c2:f2:6a:18:34:f4:2d:88:
f4:6b:b3:20:fd:75:96:76:51:eb:c1:b6:c2:0d:3f:88:1d:fb:
43:40:10:ed:1e:d9:20:12:42:28:4c:f0:9d:f5:4b:f7:8b:7c:
61:5c:45:55:b2:3b:40:4a:a1:47:c5:0a:55:2b:88:0e:15:e9:
5e:d4:01:ea:f9:d7:03:ae:6b:75:bf:79:b7:a5:c5:5c:0b:b9:
6d:62:aa:6a:0b:0b:fa:36:ae:03:6f:c1:de:24:2f:66:f4:28:
a1:2e:24:e5
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgIECDM6VzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
MmZhMmE3MDAwMzg4MGQ3NTYxNjEyYTNjMGExMjYwMmNlMzU0MWE0MB4XDTIyMDEw
MTEzMDM0N1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZThkOGMxMWQ5Njhl
MDE3NmEzMDJjNjVlODNhODBhNjQ0MTkyNmNjMTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANzH9A8JhrGekh2dRKV73Ewmcar3hl11eVff+zA1ET6M35zA
FEbxtz0U16fnTfMyX7Bak5uHRxXgG9EDy4IOhhX8LCSOasTeESYr1bO4AfF0Z1rj
Tnl6jav+xggXcz+M21I1crVurCbR8nASJKb22Y/5e/Mf/L5gjvU5geOIeE2Jml9S
GSYIPX+v6JS0oXqrLDwP6gfvvYHefUeJjlpTI7sbN7J9f4B1bmgx1TgWzzbUUOZE
xpppCJUeWNmvDA71B0+1BHoD/85Yf7b3O/S5IoZVzPYyg32Z5w+oIjKvNtvEWLno
Rm9sjVjoRiBUmB93vZDt90kD1ivUy02XHCmxtEsCAwEAAaOCAh4wggIaMB0GA1Ud
DgQWBBTo2MEdlo4BdqMCxl6DqApkQZJswTAfBgNVHSMEGDAWgBTS+ipwADiA11YW
EqPAoSYCzjVBpDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzB2b3FjQUE0Z05kV0ZoS2p3S0VtQXM0MVFhUS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYTkvYjIwN2QxLThiN2ItNGUyNy04MzcwLWE3OTY1MDFlNzdhMS8x
LzZOakJIWmFPQVhhakFzWmVnNmdLWkVHU2JNRS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYTkv
YjIwN2QxLThiN2ItNGUyNy04MzcwLWE3OTY1MDFlNzdhMS8xLzB2b3FjQUE0Z05k
V0ZoS2p3S0VtQXM0MVFhUS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA0
BggrBgEFBQcBBwEB/wQlMCMwEgQCAAEwDAMEAy7rKAMEAlOW6DANBAIAAjAHAwUB
KgDWQDANBgkqhkiG9w0BAQsFAAOCAQEAQBLe7b+6xJ3IyptCQVLVhC0t+QOulTmV
Hrs98DIjnLOypnWJ1zSbg2/Nr2Ttwhs0vaVrmy2DMViFvxATyozv75tM7guNjh0+
eBFQrt4HgWqczjkwLAyAxo+jwALKWi8qA5n/+/nizP2ixb+yOFQmNvV4iRsiNA9G
uB8i+Ont4+KtM2eJpQkupHJDmZ3lSxuRe14ih9/UKorapcLyahg09C2I9GuzIP11
lnZR68G2wg0/iB37Q0AQ7R7ZIBJCKEzwnfVL94t8YVxFVbI7QEqhR8UKVSuIDhXp
XtQB6vnXA65rdb95t6XFXAu5bWKqagsL+jauA2/B3iQvZvQooS4k5Q==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:01:57 2023 by rpki-client on console-fra.rpki-client.org