Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a9/d34fa2-3a37-4308-b783-5857f1c17624/1/ChN7t7P8GRQGl7hsQ_P7R00O6s8.roa
File: ChN7t7P8GRQGl7hsQ_P7R00O6s8.roa (raw, json)
Hash identifier: 7BTiSmO1YZk4gL52L8Lbg79zN7ypwU0odvxy661ERrI=
Subject key identifier: 0A:13:7B:B7:B3:FC:19:14:06:97:B8:6C:43:F3:FB:47:4D:0E:EA:CF
Certificate issuer: /CN=d4cf0fbd5f6e1759903cc69de0dc4ea24c1f83df
Certificate serial: 048210B2
Authority key identifier: D4:CF:0F:BD:5F:6E:17:59:90:3C:C6:9D:E0:DC:4E:A2:4C:1F:83:DF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1M8PvV9uF1mQPMad4NxOokwfg98.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a9/d34fa2-3a37-4308-b783-5857f1c17624/1/ChN7t7P8GRQGl7hsQ_P7R00O6s8.roa
Signing time: Wed 23 Feb 2022 09:36:04 +0000
ROA not before: Wed 23 Feb 2022 09:36:04 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 40994
IP address blocks: 46.102.157.0/24 maxlen: 24
46.102.156.0/24 maxlen: 24
31.14.17.0/24 maxlen: 24
94.177.8.0/24 maxlen: 24
86.106.182.0/24 maxlen: 24
2a0d:f302::/32 maxlen: 32
2a0d:f301::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 75632818 (0x48210b2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d4cf0fbd5f6e1759903cc69de0dc4ea24c1f83df
Validity
Not Before: Feb 23 09:36:04 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=0a137bb7b3fc19140697b86c43f3fb474d0eeacf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:70:ae:8e:6f:17:82:1d:7d:c7:86:13:47:62:
f6:ed:6a:88:97:bb:55:eb:4c:9e:5a:c2:2c:1b:ea:
ad:37:48:62:56:0d:40:0d:27:44:0f:84:c5:ee:31:
a3:e8:9e:8b:9d:91:b5:61:fb:95:0c:a6:08:25:b7:
00:8c:f3:7c:74:e1:a5:06:13:2d:02:aa:69:48:b9:
7a:2d:1a:c8:0f:7d:8e:eb:57:b6:2f:97:04:f9:08:
16:28:da:63:e1:8c:5e:be:98:88:c1:73:90:77:3f:
0b:1e:4c:77:40:88:8b:26:44:2f:16:6a:4f:83:62:
73:f9:70:c1:bb:67:da:de:56:5f:10:f4:78:59:f9:
40:7e:c4:9e:b3:24:7d:ee:8b:ba:1b:2c:95:4f:5c:
09:fb:0a:14:aa:28:1b:db:2e:9a:dd:bc:d3:df:5e:
0d:8f:f0:8c:24:e3:37:22:b3:89:04:85:a1:d2:20:
1f:e8:b8:67:89:95:36:72:be:54:8c:b8:a7:5c:cd:
e7:16:c3:03:c0:3e:ce:34:3e:86:e1:bd:67:d2:98:
82:4c:9b:b5:75:42:7b:8a:0d:4f:23:b4:f2:43:7a:
13:fe:11:f0:40:e6:12:a3:92:9c:16:d0:fb:3f:8f:
93:50:6a:e5:69:db:76:f8:1b:28:f8:c1:d4:52:ed:
1e:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:13:7B:B7:B3:FC:19:14:06:97:B8:6C:43:F3:FB:47:4D:0E:EA:CF
X509v3 Authority Key Identifier:
keyid:D4:CF:0F:BD:5F:6E:17:59:90:3C:C6:9D:E0:DC:4E:A2:4C:1F:83:DF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1M8PvV9uF1mQPMad4NxOokwfg98.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/d34fa2-3a37-4308-b783-5857f1c17624/1/ChN7t7P8GRQGl7hsQ_P7R00O6s8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/d34fa2-3a37-4308-b783-5857f1c17624/1/1M8PvV9uF1mQPMad4NxOokwfg98.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.14.17.0/24
46.102.156.0/23
86.106.182.0/24
94.177.8.0/24
IPv6:
2a0d:f301::/48
2a0d:f302::/32
Signature Algorithm: sha256WithRSAEncryption
3e:cc:38:3f:e9:04:c0:58:b0:75:1e:ee:14:43:08:4b:e8:06:
56:c3:97:a2:79:02:9f:6d:d5:6c:a2:82:15:cf:6a:c8:57:ea:
c9:01:17:ef:98:33:d3:48:6a:89:c5:4b:b9:0f:7a:aa:e9:a0:
bb:31:61:38:26:4c:1d:5b:fb:0b:b6:42:dd:7e:46:5e:a1:04:
de:2c:fb:20:08:f6:22:9d:7d:02:7b:af:1b:bb:d3:f4:e8:47:
dd:09:2e:8e:d1:1f:97:2f:84:aa:0e:6c:dc:f1:fa:cd:1b:f7:
67:1e:c3:cd:2f:5f:6d:68:ec:84:97:10:8b:d9:04:29:60:59:
a7:0b:5c:0f:15:6a:48:07:83:54:6c:d5:46:a0:ec:c0:3d:cd:
ae:9a:80:8e:a0:6b:c5:b5:50:c6:fb:a4:3d:6b:99:e7:5e:d3:
84:45:e8:33:e1:2b:d2:8f:d9:69:2a:29:60:ae:4d:5c:51:37:
a3:7b:da:49:08:7d:69:62:eb:13:7e:f7:8c:d6:c4:32:fa:e9:
37:9f:7a:89:45:68:34:0f:fa:1e:b9:a4:b0:95:0b:74:86:b3:
b4:33:3b:cc:af:6e:9b:fd:49:fb:7d:54:c9:fd:de:27:06:2a:
c2:b1:fb:36:f3:a9:76:9d:dd:02:a7:07:d6:eb:42:6c:7c:64:
86:b0:7f:87
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgIEBIIQsjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
NGNmMGZiZDVmNmUxNzU5OTAzY2M2OWRlMGRjNGVhMjRjMWY4M2RmMB4XDTIyMDIy
MzA5MzYwNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMGExMzdiYjdiM2Zj
MTkxNDA2OTdiODZjNDNmM2ZiNDc0ZDBlZWFjZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAK5wro5vF4IdfceGE0di9u1qiJe7VetMnlrCLBvqrTdIYlYN
QA0nRA+Exe4xo+iei52RtWH7lQymCCW3AIzzfHThpQYTLQKqaUi5ei0ayA99jutX
ti+XBPkIFijaY+GMXr6YiMFzkHc/Cx5Md0CIiyZELxZqT4Nic/lwwbtn2t5WXxD0
eFn5QH7EnrMkfe6LuhsslU9cCfsKFKooG9sumt28099eDY/wjCTjNyKziQSFodIg
H+i4Z4mVNnK+VIy4p1zN5xbDA8A+zjQ+huG9Z9KYgkybtXVCe4oNTyO08kN6E/4R
8EDmEqOSnBbQ+z+Pk1Bq5WnbdvgbKPjB1FLtHi0CAwEAAaOCAjMwggIvMB0GA1Ud
DgQWBBQKE3u3s/wZFAaXuGxD8/tHTQ7qzzAfBgNVHSMEGDAWgBTUzw+9X24XWZA8
xp3g3E6iTB+D3zAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzFNOFB2Vjl1RjFtUVBNYWQ0TnhPb2t3Zmc5OC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYTkvZDM0ZmEyLTNhMzctNDMwOC1iNzgzLTU4NTdmMWMxNzYyNC8x
L0NoTjd0N1A4R1JRR2w3aHNRX1A3UjAwTzZzOC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYTkv
ZDM0ZmEyLTNhMzctNDMwOC1iNzgzLTU4NTdmMWMxNzYyNC8xLzFNOFB2Vjl1RjFt
UVBNYWQ0TnhPb2t3Zmc5OC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBJ
BggrBgEFBQcBBwEB/wQ6MDgwHgQCAAEwGAMEAB8OEQMEAS5mnAMEAFZqtgMEAF6x
CDAWBAIAAjAQAwcAKg3zAQAAAwUAKg3zAjANBgkqhkiG9w0BAQsFAAOCAQEAPsw4
P+kEwFiwdR7uFEMIS+gGVsOXonkCn23VbKKCFc9qyFfqyQEX75gz00hqicVLuQ96
qumguzFhOCZMHVv7C7ZC3X5GXqEE3iz7IAj2Ip19AnuvG7vT9OhH3QkujtEfly+E
qg5s3PH6zRv3Zx7DzS9fbWjshJcQi9kEKWBZpwtcDxVqSAeDVGzVRqDswD3NrpqA
jqBrxbVQxvukPWuZ517ThEXoM+Er0o/ZaSopYK5NXFE3o3vaSQh9aWLrE373jNbE
MvrpN596iUVoNA/6HrmksJULdIaztDM7zK9um/1J+31Uyf3eJwYqwrH7NvOpdp3d
AqcH1utCbHxkhrB/hw==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:01:57 2023 by rpki-client on console-fra.rpki-client.org