Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a9/d34fa2-3a37-4308-b783-5857f1c17624/1/bPI17DtFCyq2TSnnviGg1mfr5So.roa
File: bPI17DtFCyq2TSnnviGg1mfr5So.roa (raw, json)
Hash identifier: lklTL213zGH6dkPTGcNHeJ8v8XfxD5ucn4YwvIK7+mk=
Subject key identifier: 6C:F2:35:EC:3B:45:0B:2A:B6:4D:29:E7:BE:21:A0:D6:67:EB:E5:2A
Certificate issuer: /CN=d4cf0fbd5f6e1759903cc69de0dc4ea24c1f83df
Certificate serial: 046BAE5C
Authority key identifier: D4:CF:0F:BD:5F:6E:17:59:90:3C:C6:9D:E0:DC:4E:A2:4C:1F:83:DF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1M8PvV9uF1mQPMad4NxOokwfg98.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a9/d34fa2-3a37-4308-b783-5857f1c17624/1/bPI17DtFCyq2TSnnviGg1mfr5So.roa
Signing time: Tue 15 Feb 2022 08:37:59 +0000
ROA not before: Tue 15 Feb 2022 08:37:59 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 40994
IP address blocks: 46.102.157.0/24 maxlen: 24
46.102.156.0/24 maxlen: 24
31.14.17.0/24 maxlen: 24
94.177.8.0/23 maxlen: 24
86.106.182.0/24 maxlen: 24
2a0d:f302::/32 maxlen: 32
2a0d:f301::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 74165852 (0x46bae5c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d4cf0fbd5f6e1759903cc69de0dc4ea24c1f83df
Validity
Not Before: Feb 15 08:37:59 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=6cf235ec3b450b2ab64d29e7be21a0d667ebe52a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:7d:1d:2e:cc:24:37:5a:18:e6:9d:72:5b:6c:
74:cd:c3:d9:d7:de:e6:37:8d:46:73:e6:1b:5e:04:
81:70:07:79:97:86:ed:da:a5:0f:1b:99:c4:aa:98:
7d:76:b0:5c:1b:5c:96:12:c2:ed:63:2a:ba:78:27:
c7:04:1f:10:02:5a:ff:89:80:3a:31:51:79:04:42:
82:d4:53:dc:28:61:99:1c:bf:10:f3:e9:35:4c:cf:
cf:90:d8:d7:08:8f:49:a3:85:9f:4b:c8:c1:69:61:
17:62:78:1d:6c:ce:49:6e:51:5b:5b:09:8b:54:16:
17:14:79:64:09:9c:a7:b3:8e:5b:86:24:dc:44:1d:
59:55:1e:c6:68:c1:82:e2:17:ca:59:59:cb:b4:e3:
14:35:4d:9b:cf:d7:2d:2e:68:4e:97:1d:26:42:e0:
be:0c:7b:e0:41:5f:47:d1:32:88:f4:98:32:e6:0b:
d0:49:38:f7:a3:3e:80:fc:88:51:cd:8a:7e:92:ea:
da:3e:64:ba:93:64:59:46:88:20:98:9e:01:22:72:
2e:bc:3e:01:4d:0e:35:48:67:d3:06:cf:5f:73:46:
e0:e1:aa:80:26:31:39:f6:bf:47:c2:e8:7c:92:f0:
a0:d0:ca:38:70:09:9c:14:2a:07:85:21:d8:e2:a4:
e6:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:F2:35:EC:3B:45:0B:2A:B6:4D:29:E7:BE:21:A0:D6:67:EB:E5:2A
X509v3 Authority Key Identifier:
keyid:D4:CF:0F:BD:5F:6E:17:59:90:3C:C6:9D:E0:DC:4E:A2:4C:1F:83:DF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1M8PvV9uF1mQPMad4NxOokwfg98.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/d34fa2-3a37-4308-b783-5857f1c17624/1/bPI17DtFCyq2TSnnviGg1mfr5So.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/d34fa2-3a37-4308-b783-5857f1c17624/1/1M8PvV9uF1mQPMad4NxOokwfg98.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.14.17.0/24
46.102.156.0/23
86.106.182.0/24
94.177.8.0/23
IPv6:
2a0d:f301::/48
2a0d:f302::/32
Signature Algorithm: sha256WithRSAEncryption
97:e2:b4:ee:d0:e3:17:63:3e:a7:e6:92:15:f1:0d:ea:9f:ac:
34:53:a5:fb:75:a1:0f:09:b0:74:13:ca:0f:47:da:43:76:db:
1a:88:0d:b8:68:7a:f9:8f:c8:94:28:ea:ab:8f:92:3e:62:a5:
52:19:8a:78:11:5f:4c:5b:39:b8:b6:b6:c9:63:b0:02:1e:f8:
e3:18:e2:a5:a5:e1:e0:0a:69:82:86:19:76:c9:5d:4c:f1:54:
4b:bb:ce:15:67:c9:9f:66:bd:f7:68:67:8b:3a:58:75:b3:11:
29:f6:3c:cf:50:62:cb:8d:27:f5:5c:73:1d:73:94:06:ff:ac:
bb:57:dd:5f:36:09:ca:70:0a:97:92:4e:d0:6d:b5:ba:68:ee:
cc:69:b0:14:77:8e:ac:71:14:51:3d:a8:24:ed:ef:8a:47:39:
13:74:88:df:96:8e:ae:6c:c4:e5:f1:42:ad:c7:33:30:42:9a:
32:10:69:57:13:f1:4f:1b:31:59:1a:bf:26:94:f3:04:12:26:
53:83:82:13:ca:6b:ab:55:20:21:0f:3c:95:00:4d:36:d8:d7:
17:9c:21:dd:85:c8:ee:d1:0d:5a:90:76:55:13:2f:41:38:31:
3b:f8:ce:3b:25:ab:25:af:db:8a:8c:7c:33:8d:98:01:da:fd:
27:c0:87:c2
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgIEBGuuXDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
NGNmMGZiZDVmNmUxNzU5OTAzY2M2OWRlMGRjNGVhMjRjMWY4M2RmMB4XDTIyMDIx
NTA4Mzc1OVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNmNmMjM1ZWMzYjQ1
MGIyYWI2NGQyOWU3YmUyMWEwZDY2N2ViZTUyYTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAK59HS7MJDdaGOadcltsdM3D2dfe5jeNRnPmG14EgXAHeZeG
7dqlDxuZxKqYfXawXBtclhLC7WMqungnxwQfEAJa/4mAOjFReQRCgtRT3ChhmRy/
EPPpNUzPz5DY1wiPSaOFn0vIwWlhF2J4HWzOSW5RW1sJi1QWFxR5ZAmcp7OOW4Yk
3EQdWVUexmjBguIXyllZy7TjFDVNm8/XLS5oTpcdJkLgvgx74EFfR9EyiPSYMuYL
0Ek496M+gPyIUc2KfpLq2j5kupNkWUaIIJieASJyLrw+AU0ONUhn0wbPX3NG4OGq
gCYxOfa/R8LofJLwoNDKOHAJnBQqB4Uh2OKk5rUCAwEAAaOCAjMwggIvMB0GA1Ud
DgQWBBRs8jXsO0ULKrZNKee+IaDWZ+vlKjAfBgNVHSMEGDAWgBTUzw+9X24XWZA8
xp3g3E6iTB+D3zAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzFNOFB2Vjl1RjFtUVBNYWQ0TnhPb2t3Zmc5OC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYTkvZDM0ZmEyLTNhMzctNDMwOC1iNzgzLTU4NTdmMWMxNzYyNC8x
L2JQSTE3RHRGQ3lxMlRTbm52aUdnMW1mcjVTby5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYTkv
ZDM0ZmEyLTNhMzctNDMwOC1iNzgzLTU4NTdmMWMxNzYyNC8xLzFNOFB2Vjl1RjFt
UVBNYWQ0TnhPb2t3Zmc5OC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBJ
BggrBgEFBQcBBwEB/wQ6MDgwHgQCAAEwGAMEAB8OEQMEAS5mnAMEAFZqtgMEAV6x
CDAWBAIAAjAQAwcAKg3zAQAAAwUAKg3zAjANBgkqhkiG9w0BAQsFAAOCAQEAl+K0
7tDjF2M+p+aSFfEN6p+sNFOl+3WhDwmwdBPKD0faQ3bbGogNuGh6+Y/IlCjqq4+S
PmKlUhmKeBFfTFs5uLa2yWOwAh744xjipaXh4AppgoYZdsldTPFUS7vOFWfJn2a9
92hnizpYdbMRKfY8z1Biy40n9VxzHXOUBv+su1fdXzYJynAKl5JO0G21umjuzGmw
FHeOrHEUUT2oJO3vikc5E3SI35aOrmzE5fFCrcczMEKaMhBpVxPxTxsxWRq/JpTz
BBImU4OCE8prq1UgIQ88lQBNNtjXF5wh3YXI7tENWpB2VRMvQTgxO/jOOyWrJa/b
iox8M42YAdr9J8CHwg==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:01:57 2023 by rpki-client on console-fra.rpki-client.org