Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/2c9320-38d9-4604-ad92-1c7b2b91d308/1/LQngYTvy9z_1YLrtl_eOzO03AQ8.roa
File: LQngYTvy9z_1YLrtl_eOzO03AQ8.roa (raw, json)
Hash identifier: 126TTxy6t8bIYY6o6TOrdteyzZ+/vC3iJLW5Kq2tV6I=
Subject key identifier: 2D:09:E0:61:3B:F2:F7:3F:F5:60:BA:ED:97:F7:8E:CC:ED:37:01:0F
Certificate issuer: /CN=c1233861207a230564ef36f11e0157344731e3f9
Certificate serial: 340E3BD8
Authority key identifier: C1:23:38:61:20:7A:23:05:64:EF:36:F1:1E:01:57:34:47:31:E3:F9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wSM4YSB6IwVk7zbxHgFXNEcx4_k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b8/2c9320-38d9-4604-ad92-1c7b2b91d308/1/LQngYTvy9z_1YLrtl_eOzO03AQ8.roa
Signing time: Sat 01 Jan 2022 04:02:39 +0000
ROA not before: Sat 01 Jan 2022 04:02:39 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 16273
IP address blocks: 46.228.130.0/23 maxlen: 23
46.228.128.0/23 maxlen: 24
46.228.128.0/24 maxlen: 24
46.228.129.0/24 maxlen: 24
46.228.132.0/23 maxlen: 23
46.228.134.0/23 maxlen: 24
46.228.141.0/24 maxlen: 24
46.228.143.0/24 maxlen: 24
193.110.108.0/23 maxlen: 23
193.110.108.0/24 maxlen: 24
2a03:7800:a00::/40 maxlen: 40
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 873348056 (0x340e3bd8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c1233861207a230564ef36f11e0157344731e3f9
Validity
Not Before: Jan 1 04:02:39 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=2d09e0613bf2f73ff560baed97f78ecced37010f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:1c:90:6c:4f:b5:86:bf:7a:a8:07:bd:74:03:
ca:c5:df:8d:1d:be:19:75:e8:70:12:33:fa:ac:bd:
4a:e6:80:89:cc:6e:c7:39:6b:48:7b:6f:2f:c1:c0:
84:ae:32:b7:49:78:b8:b6:98:54:1f:89:52:6b:e2:
c8:d6:9d:64:99:22:fa:69:9a:a7:6b:df:a2:1d:78:
65:9d:38:65:cc:ad:09:ed:69:61:26:4b:a2:04:ab:
63:10:55:70:61:f4:2a:32:cf:dc:35:b6:af:0f:c3:
23:17:6a:36:af:24:bb:2a:4e:a6:d1:4f:82:de:48:
a2:43:f2:33:ba:ef:dd:06:2c:a3:4c:2f:a4:e4:0a:
52:78:4c:02:df:4c:62:9c:82:9d:42:da:69:c0:44:
a8:a1:1a:eb:04:d0:d2:d4:93:50:58:cf:36:24:2e:
15:49:22:70:ed:8d:2d:20:e7:dc:d9:6e:6d:f7:85:
a7:b4:24:6f:3f:f6:e7:5d:95:24:77:e3:a9:ca:49:
bc:31:f2:45:56:49:1b:b2:a0:89:a0:64:f0:81:26:
52:88:3b:48:9a:86:23:28:87:59:57:76:03:4e:16:
d1:e6:18:ba:25:f7:1e:5a:0d:dd:a2:78:16:88:79:
57:b0:9d:d5:70:d5:bd:cb:d0:55:92:0b:70:cf:79:
7f:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:09:E0:61:3B:F2:F7:3F:F5:60:BA:ED:97:F7:8E:CC:ED:37:01:0F
X509v3 Authority Key Identifier:
keyid:C1:23:38:61:20:7A:23:05:64:EF:36:F1:1E:01:57:34:47:31:E3:F9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wSM4YSB6IwVk7zbxHgFXNEcx4_k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/2c9320-38d9-4604-ad92-1c7b2b91d308/1/LQngYTvy9z_1YLrtl_eOzO03AQ8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/2c9320-38d9-4604-ad92-1c7b2b91d308/1/wSM4YSB6IwVk7zbxHgFXNEcx4_k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.228.128.0/21
46.228.141.0/24
46.228.143.0/24
193.110.108.0/23
IPv6:
2a03:7800:a00::/40
Signature Algorithm: sha256WithRSAEncryption
5c:81:43:02:3c:d1:73:cd:33:2c:8e:e0:58:25:3a:62:59:19:
7e:df:66:3d:f9:6c:07:00:7f:b4:17:65:ff:f8:5f:9c:26:f6:
92:83:f7:58:c9:ef:d4:37:4b:e6:75:3e:ed:9a:35:3d:d2:d8:
4d:d5:a3:06:e7:fd:7f:53:36:46:11:06:ae:48:f0:1a:f0:3c:
29:e6:2d:2e:d8:ce:93:28:f9:44:b9:8a:e2:33:55:0f:de:81:
a3:40:46:15:f6:c6:76:30:d4:30:98:28:ac:13:60:2a:5a:ed:
0e:9c:07:e5:55:f9:20:35:8c:da:f1:c3:e9:fb:35:29:3b:bf:
71:71:09:05:a1:4b:c4:a7:d6:f3:2c:15:e7:da:15:cf:53:fc:
71:0e:f0:9f:1c:b9:43:6b:1a:77:03:5c:e9:32:67:2c:7e:77:
57:84:07:ed:ae:06:9e:04:59:c4:3b:76:8f:60:f0:12:0e:d9:
8b:77:49:a2:d7:66:df:10:e5:b6:7b:f5:f2:da:7d:b7:38:43:
0d:84:ad:60:b3:ff:09:21:bd:fe:e5:51:8c:5d:2e:74:83:6a:
47:cc:cc:1a:5d:fa:7f:ee:45:ef:90:4b:17:23:c8:39:d0:75:
1c:b0:d2:e2:64:ac:ec:0a:f1:bb:00:3d:8f:91:bd:81:a2:f9:
0c:37:e4:69
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgIENA472DANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhj
MTIzMzg2MTIwN2EyMzA1NjRlZjM2ZjExZTAxNTczNDQ3MzFlM2Y5MB4XDTIyMDEw
MTA0MDIzOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMmQwOWUwNjEzYmYy
ZjczZmY1NjBiYWVkOTdmNzhlY2NlZDM3MDEwZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOAckGxPtYa/eqgHvXQDysXfjR2+GXXocBIz+qy9SuaAicxu
xzlrSHtvL8HAhK4yt0l4uLaYVB+JUmviyNadZJki+mmap2vfoh14ZZ04ZcytCe1p
YSZLogSrYxBVcGH0KjLP3DW2rw/DIxdqNq8kuypOptFPgt5IokPyM7rv3QYso0wv
pOQKUnhMAt9MYpyCnULaacBEqKEa6wTQ0tSTUFjPNiQuFUkicO2NLSDn3NlubfeF
p7Qkbz/2512VJHfjqcpJvDHyRVZJG7KgiaBk8IEmUog7SJqGIyiHWVd2A04W0eYY
uiX3HloN3aJ4Foh5V7Cd1XDVvcvQVZILcM95fy8CAwEAAaOCAiswggInMB0GA1Ud
DgQWBBQtCeBhO/L3P/Vguu2X947M7TcBDzAfBgNVHSMEGDAWgBTBIzhhIHojBWTv
NvEeAVc0RzHj+TAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3dTTTRZU0I2SXdWazd6YnhIZ0ZYTkVjeDRfay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYjgvMmM5MzIwLTM4ZDktNDYwNC1hZDkyLTFjN2IyYjkxZDMwOC8x
L0xRbmdZVHZ5OXpfMVlMcnRsX2VPek8wM0FROC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjgv
MmM5MzIwLTM4ZDktNDYwNC1hZDkyLTFjN2IyYjkxZDMwOC8xL3dTTTRZU0I2SXdW
azd6YnhIZ0ZYTkVjeDRfay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBB
BggrBgEFBQcBBwEB/wQyMDAwHgQCAAEwGAMEAy7kgAMEAC7kjQMEAC7kjwMEAcFu
bDAOBAIAAjAIAwYAKgN4AAowDQYJKoZIhvcNAQELBQADggEBAFyBQwI80XPNMyyO
4FglOmJZGX7fZj35bAcAf7QXZf/4X5wm9pKD91jJ79Q3S+Z1Pu2aNT3S2E3Vowbn
/X9TNkYRBq5I8BrwPCnmLS7YzpMo+US5iuIzVQ/egaNARhX2xnYw1DCYKKwTYCpa
7Q6cB+VV+SA1jNrxw+n7NSk7v3FxCQWhS8Sn1vMsFefaFc9T/HEO8J8cuUNrGncD
XOkyZyx+d1eEB+2uBp4EWcQ7do9g8BIO2Yt3SaLXZt8Q5bZ79fLafbc4Qw2ErWCz
/wkhvf7lUYxdLnSDakfMzBpd+n/uRe+QSxcjyDnQdRyw0uJkrOwK8bsAPY+RvYGi
+Qw35Gk=
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:02:44 2023 by rpki-client on console-fra.rpki-client.org