Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/2c9320-38d9-4604-ad92-1c7b2b91d308/1/MQ-5Rjrn-ozo0IDLUf1xO6u_Sxc.roa
File: MQ-5Rjrn-ozo0IDLUf1xO6u_Sxc.roa (raw, json)
Hash identifier: EA9e1/qiM8NJopgIUSQLMORuR3GyozeyE38C0g801mk=
Subject key identifier: 31:0F:B9:46:3A:E7:FA:8C:E8:D0:80:CB:51:FD:71:3B:AB:BF:4B:17
Certificate issuer: /CN=c1233861207a230564ef36f11e0157344731e3f9
Certificate serial: 018ABB9C9B673B3D5378CA644229980077DD
Authority key identifier: C1:23:38:61:20:7A:23:05:64:EF:36:F1:1E:01:57:34:47:31:E3:F9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wSM4YSB6IwVk7zbxHgFXNEcx4_k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b8/2c9320-38d9-4604-ad92-1c7b2b91d308/1/MQ-5Rjrn-ozo0IDLUf1xO6u_Sxc.roa
Signing time: Fri 22 Sep 2023 06:38:37 +0000
ROA not before: Fri 22 Sep 2023 06:38:37 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 16509
IP address blocks: 46.228.131.0/24 maxlen: 24
46.228.136.0/23 maxlen: 24
46.228.135.0/24 maxlen: 24
46.228.140.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:bb:9c:9b:67:3b:3d:53:78:ca:64:42:29:98:00:77:dd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c1233861207a230564ef36f11e0157344731e3f9
Validity
Not Before: Sep 22 06:38:37 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=310fb9463ae7fa8ce8d080cb51fd713babbf4b17
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:a1:09:45:5f:e0:a7:27:53:e9:0c:72:ac:3a:
fe:1e:6c:d6:83:78:eb:1d:b5:e9:af:c3:3e:6a:86:
a2:6d:36:d0:84:a8:fc:7d:f1:f2:52:9e:ef:c0:ed:
21:e6:40:35:35:55:ba:8f:61:e1:63:68:f5:e9:06:
c2:df:3b:96:e3:a5:97:45:b5:fe:ea:09:7f:1a:62:
28:0d:08:33:5b:29:5e:fe:1b:b5:ff:f2:33:22:db:
73:0a:5e:4f:41:74:55:cb:87:e9:bd:bc:ab:9b:d6:
47:09:db:72:f9:72:71:11:b4:40:cb:6a:6a:2b:f4:
21:44:41:13:ed:41:bf:26:cd:d8:51:d4:6f:bd:01:
d3:46:ad:87:1c:96:f6:e4:94:db:23:4a:1e:a1:40:
ad:6c:b4:7b:2c:3b:32:e6:09:df:0d:07:99:65:03:
01:95:aa:13:96:22:ca:0d:b4:f4:50:06:20:67:86:
e5:a2:b7:fd:e3:ae:86:b8:d3:40:90:9b:66:06:15:
0f:d5:64:b1:1b:3d:ca:b5:30:37:ce:08:da:4d:15:
a8:16:a6:eb:82:28:1f:e5:46:bf:7f:f8:44:74:b0:
d1:7e:32:ad:60:68:1b:50:4a:c4:8a:2f:22:74:ec:
b1:cf:23:7f:64:87:f7:ef:09:7f:0e:e6:31:d3:8b:
2f:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:0F:B9:46:3A:E7:FA:8C:E8:D0:80:CB:51:FD:71:3B:AB:BF:4B:17
X509v3 Authority Key Identifier:
keyid:C1:23:38:61:20:7A:23:05:64:EF:36:F1:1E:01:57:34:47:31:E3:F9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wSM4YSB6IwVk7zbxHgFXNEcx4_k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/2c9320-38d9-4604-ad92-1c7b2b91d308/1/MQ-5Rjrn-ozo0IDLUf1xO6u_Sxc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/2c9320-38d9-4604-ad92-1c7b2b91d308/1/wSM4YSB6IwVk7zbxHgFXNEcx4_k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.228.131.0/24
46.228.135.0-46.228.137.255
46.228.140.0/24
Signature Algorithm: sha256WithRSAEncryption
23:17:44:77:d4:10:82:1f:82:0c:64:b1:92:b5:53:7d:3e:00:
89:94:1e:87:d7:da:53:d0:fc:75:2d:20:30:de:2e:ba:83:56:
a4:b8:31:23:f1:50:b7:c0:3b:40:0e:b7:84:47:41:58:d2:7e:
64:12:fb:d7:dc:c6:b5:bb:85:e4:c4:33:1d:8f:ae:52:7b:37:
8b:a8:bd:63:aa:31:a6:6e:11:bd:5b:fb:58:fa:47:03:9a:c0:
cc:86:d4:96:e4:8d:e4:b3:da:6b:d0:72:f7:aa:fb:ae:ea:47:
f9:23:ea:ad:10:5f:6a:98:33:02:eb:1d:50:c3:87:ca:e0:51:
48:74:26:ef:f6:8e:d4:29:97:bb:68:a7:45:cb:16:68:d1:9c:
b6:29:da:e3:86:75:f1:1d:fa:dc:8c:4f:5c:30:5d:36:76:05:
5e:87:41:dc:89:01:8f:1f:f9:bb:fa:35:35:c5:79:ae:49:10:
b5:04:f0:8f:27:14:89:2b:0b:9b:3e:30:91:37:0f:46:6d:18:
44:40:d1:17:cb:5c:af:16:3e:bf:41:a4:0c:5d:cb:69:ea:b3:
a3:f5:b3:2e:4c:84:c6:a3:c5:70:b0:2b:21:b1:2e:e4:74:73:
7a:b7:42:af:45:99:0a:42:b4:cf:75:23:53:fc:b3:e7:f2:bb:
09:a6:b3:e9
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYq7nJtnOz1TeMpkQimYAHfdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMxMjMzODYxMjA3YTIzMDU2NGVmMzZmMTFlMDE1NzM0NDcz
MWUzZjkwHhcNMjMwOTIyMDYzODM3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMTBmYjk0NjNhZTdmYThjZThkMDgwY2I1MWZkNzEzYmFiYmY0YjE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlKEJRV/gpydT6QxyrDr+HmzWg3jr
HbXpr8M+aoaibTbQhKj8ffHyUp7vwO0h5kA1NVW6j2HhY2j16QbC3zuW46WXRbX+
6gl/GmIoDQgzWyle/hu1//IzIttzCl5PQXRVy4fpvbyrm9ZHCdty+XJxEbRAy2pq
K/QhREET7UG/Js3YUdRvvQHTRq2HHJb25JTbI0oeoUCtbLR7LDsy5gnfDQeZZQMB
laoTliLKDbT0UAYgZ4blorf9466GuNNAkJtmBhUP1WSxGz3KtTA3zgjaTRWoFqbr
gigf5Ua/f/hEdLDRfjKtYGgbUErEii8idOyxzyN/ZIf37wl/DuYx04sv0wIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFDEPuUY65/qM6NCAy1H9cTurv0sXMB8GA1UdIwQY
MBaAFMEjOGEgeiMFZO828R4BVzRHMeP5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd1NNNFlTQjZJd1ZrN3pieEhnRlhORWN4NF9rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOC8yYzkzMjAtMzhkOS00NjA0LWFkOTIt
MWM3YjJiOTFkMzA4LzEvTVEtNVJqcm4tb3pvMElETFVmMXhPNnVfU3hjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOC8yYzkzMjAtMzhkOS00NjA0LWFkOTItMWM3YjJiOTFkMzA4
LzEvd1NNNFlTQjZJd1ZrN3pieEhnRlhORWN4NF9rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQALuSDMAwD
BAAu5IcDBAEu5IgDBAAu5IwwDQYJKoZIhvcNAQELBQADggEBACMXRHfUEIIfggxk
sZK1U30+AImUHofX2lPQ/HUtIDDeLrqDVqS4MSPxULfAO0AOt4RHQVjSfmQS+9fc
xrW7heTEMx2PrlJ7N4uovWOqMaZuEb1b+1j6RwOawMyG1JbkjeSz2mvQcveq+67q
R/kj6q0QX2qYMwLrHVDDh8rgUUh0Ju/2jtQpl7top0XLFmjRnLYp2uOGdfEd+tyM
T1wwXTZ2BV6HQdyJAY8f+bv6NTXFea5JELUE8I8nFIkrC5s+MJE3D0ZtGERA0RfL
XK8WPr9BpAxdy2nqs6P1sy5MhMajxXCwKyGxLuR0c3q3Qq9FmQpCtM91I1P8s+fy
uwmms+k=
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:19:05 2025 by rpki-client