Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ac/572ec8-7456-4e55-b776-d8ece26afec0/1/4aB6VDlc-17gqiSg8NatiinYwB0.roa
File: 4aB6VDlc-17gqiSg8NatiinYwB0.roa (raw, json)
Hash identifier: T4xGcvkdRQRiDqwDcjg+0HRnueBxS0u5pVmdz3o1uC8=
Subject key identifier: E1:A0:7A:54:39:5C:FB:5E:E0:AA:24:A0:F0:D6:AD:8A:29:D8:C0:1D
Certificate issuer: /CN=e3e46e2c4016a8d7392c8574134fd4793b9415a4
Certificate serial: 02734C32
Authority key identifier: E3:E4:6E:2C:40:16:A8:D7:39:2C:85:74:13:4F:D4:79:3B:94:15:A4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4-RuLEAWqNc5LIV0E0_UeTuUFaQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ac/572ec8-7456-4e55-b776-d8ece26afec0/1/4aB6VDlc-17gqiSg8NatiinYwB0.roa
Signing time: Sat 01 Jan 2022 15:02:16 +0000
ROA not before: Sat 01 Jan 2022 15:02:16 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 31726
IP address blocks: 46.228.48.0/20 maxlen: 20
185.229.228.0/22 maxlen: 22
77.95.72.0/21 maxlen: 21
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 41110578 (0x2734c32)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e3e46e2c4016a8d7392c8574134fd4793b9415a4
Validity
Not Before: Jan 1 15:02:16 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=e1a07a54395cfb5ee0aa24a0f0d6ad8a29d8c01d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:0e:8b:ce:db:f9:a9:07:cf:98:58:0a:cb:38:
a3:a6:08:d8:c6:55:a2:00:fd:81:8e:b3:06:6e:03:
d6:cd:74:15:af:d8:ad:c7:91:0c:a2:9d:76:2a:0f:
dc:53:c1:74:85:7a:d0:16:c1:fd:fd:40:6d:58:69:
2e:cc:4f:c0:12:4f:60:97:90:bc:37:84:aa:72:59:
b2:4b:bb:b2:cd:bd:b9:06:cc:78:9a:1b:d3:fc:db:
ee:ac:7e:59:e1:f6:49:ce:bb:51:f8:f9:8f:21:87:
17:b8:a0:ff:7d:34:42:9f:8c:2e:b3:f1:50:f6:1c:
ff:ab:8d:cb:51:c2:fc:9c:48:4f:ae:47:fe:6b:5c:
c2:e1:0a:52:4b:b0:47:c3:c8:2b:65:6c:fc:bf:69:
dc:db:cf:e3:a7:02:45:93:7a:bd:37:be:c1:f0:37:
02:9f:d7:a2:09:95:75:f6:40:04:95:66:02:b5:6d:
f7:11:dd:aa:8b:da:b6:e9:f7:83:7c:4c:46:31:56:
04:61:1a:e5:22:40:d9:73:34:07:a2:de:82:59:3a:
a5:ca:d5:77:1a:c3:e3:fe:ca:c2:d4:ba:fc:7d:1d:
eb:c4:6b:54:50:de:75:c4:33:4e:6e:bd:91:b1:5a:
7b:c2:d7:f0:23:64:bb:0d:cc:b0:b0:1c:55:52:3d:
b9:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:A0:7A:54:39:5C:FB:5E:E0:AA:24:A0:F0:D6:AD:8A:29:D8:C0:1D
X509v3 Authority Key Identifier:
keyid:E3:E4:6E:2C:40:16:A8:D7:39:2C:85:74:13:4F:D4:79:3B:94:15:A4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4-RuLEAWqNc5LIV0E0_UeTuUFaQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/572ec8-7456-4e55-b776-d8ece26afec0/1/4aB6VDlc-17gqiSg8NatiinYwB0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/572ec8-7456-4e55-b776-d8ece26afec0/1/4-RuLEAWqNc5LIV0E0_UeTuUFaQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.228.48.0/20
77.95.72.0/21
185.229.228.0/22
Signature Algorithm: sha256WithRSAEncryption
41:7b:4f:f0:bd:c4:41:bf:db:c7:71:87:d0:90:88:c8:de:56:
19:ae:8f:65:24:c7:87:7a:42:e9:1d:44:c9:e3:f4:b6:41:a2:
33:49:88:03:bf:ca:48:3c:c6:b6:66:37:cc:9a:39:f6:0a:55:
f0:ea:f5:10:5b:9b:56:3b:d5:db:ee:80:51:ce:2a:c9:ef:74:
ce:76:76:51:f6:0a:81:77:4c:80:a5:82:da:fd:6f:72:c7:5a:
13:27:ea:f9:53:32:c2:dd:e3:35:03:ee:00:70:2b:89:c2:26:
db:16:4e:e4:3f:fb:d2:f4:eb:e2:a5:f4:1e:d1:92:2c:0d:49:
15:9d:94:ff:b0:22:33:02:13:4e:46:8b:6c:52:fc:d7:fd:00:
74:5e:31:91:75:f7:56:a9:27:d7:f0:1c:fa:e9:a2:09:0e:de:
12:3d:c9:c4:a1:5b:78:22:ab:75:b0:72:b6:fa:c3:ef:b4:47:
e6:aa:c1:eb:62:73:64:78:b7:f6:4d:0a:cc:1b:64:dd:93:5e:
1a:6e:a0:8a:53:01:e7:c4:48:b7:a4:58:52:98:a4:19:5e:7c:
4b:70:52:2f:68:08:2e:ff:2b:f6:44:35:5b:6c:2e:61:1d:85:
68:56:22:59:27:ba:ba:78:0d:4c:0c:28:cf:6d:12:42:a8:5b:
9a:51:86:e2
-----BEGIN CERTIFICATE-----
MIIE+zCCA+OgAwIBAgIEAnNMMjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhl
M2U0NmUyYzQwMTZhOGQ3MzkyYzg1NzQxMzRmZDQ3OTNiOTQxNWE0MB4XDTIyMDEw
MTE1MDIxNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZTFhMDdhNTQzOTVj
ZmI1ZWUwYWEyNGEwZjBkNmFkOGEyOWQ4YzAxZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMMOi87b+akHz5hYCss4o6YI2MZVogD9gY6zBm4D1s10Fa/Y
rceRDKKddioP3FPBdIV60BbB/f1AbVhpLsxPwBJPYJeQvDeEqnJZsku7ss29uQbM
eJob0/zb7qx+WeH2Sc67Ufj5jyGHF7ig/300Qp+MLrPxUPYc/6uNy1HC/JxIT65H
/mtcwuEKUkuwR8PIK2Vs/L9p3NvP46cCRZN6vTe+wfA3Ap/XogmVdfZABJVmArVt
9xHdqovatun3g3xMRjFWBGEa5SJA2XM0B6Leglk6pcrVdxrD4/7KwtS6/H0d68Rr
VFDedcQzTm69kbFae8LX8CNkuw3MsLAcVVI9uWcCAwEAAaOCAhUwggIRMB0GA1Ud
DgQWBBThoHpUOVz7XuCqJKDw1q2KKdjAHTAfBgNVHSMEGDAWgBTj5G4sQBao1zks
hXQTT9R5O5QVpDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzQtUnVMRUFXcU5jNUxJVjBFMF9VZVR1VUZhUS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYWMvNTcyZWM4LTc0NTYtNGU1NS1iNzc2LWQ4ZWNlMjZhZmVjMC8x
LzRhQjZWRGxjLTE3Z3FpU2c4TmF0aWluWXdCMC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYWMv
NTcyZWM4LTc0NTYtNGU1NS1iNzc2LWQ4ZWNlMjZhZmVjMC8xLzQtUnVMRUFXcU5j
NUxJVjBFMF9VZVR1VUZhUS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAr
BggrBgEFBQcBBwEB/wQcMBowGAQCAAEwEgMEBC7kMAMEA01fSAMEArnl5DANBgkq
hkiG9w0BAQsFAAOCAQEAQXtP8L3EQb/bx3GH0JCIyN5WGa6PZSTHh3pC6R1EyeP0
tkGiM0mIA7/KSDzGtmY3zJo59gpV8Or1EFubVjvV2+6AUc4qye90znZ2UfYKgXdM
gKWC2v1vcsdaEyfq+VMywt3jNQPuAHAricIm2xZO5D/70vTr4qX0HtGSLA1JFZ2U
/7AiMwITTkaLbFL81/0AdF4xkXX3Vqkn1/Ac+umiCQ7eEj3JxKFbeCKrdbBytvrD
77RH5qrB62JzZHi39k0KzBtk3ZNeGm6gilMB58RIt6RYUpikGV58S3BSL2gILv8r
9kQ1W2wuYR2FaFYiWSe6ungNTAwoz20SQqhbmlGG4g==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:06:01 2023 by rpki-client on console-ams.rpki-client.org