Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/6d5d75-4d1e-4697-b1d3-36e344abc9d3/1/du9CDXkwBqS4YJrhE9tsYTVUg3E.roa
File: du9CDXkwBqS4YJrhE9tsYTVUg3E.roa (raw, json)
Hash identifier: rAGKVYEQEBIwDua5uRDEI/gYARZmW3Rh9KnB9HBMDsM=
Subject key identifier: 76:EF:42:0D:79:30:06:A4:B8:60:9A:E1:13:DB:6C:61:35:54:83:71
Certificate issuer: /CN=e37ee1eced19f8a0a3a635bfaa264293e3437795
Certificate serial: 3478FC83
Authority key identifier: E3:7E:E1:EC:ED:19:F8:A0:A3:A6:35:BF:AA:26:42:93:E3:43:77:95
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/437h7O0Z-KCjpjW_qiZCk-NDd5U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b8/6d5d75-4d1e-4697-b1d3-36e344abc9d3/1/du9CDXkwBqS4YJrhE9tsYTVUg3E.roa
Signing time: Mon 10 Jan 2022 00:47:48 +0000
ROA not before: Mon 10 Jan 2022 00:47:48 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 208485
IP address blocks: 46.32.167.0/24 maxlen: 24
46.32.168.0/24 maxlen: 24
46.32.181.0/24 maxlen: 24
46.32.180.0/24 maxlen: 24
46.32.186.0/24 maxlen: 24
46.32.185.0/24 maxlen: 24
46.32.183.0/24 maxlen: 24
46.32.182.0/24 maxlen: 24
46.32.184.0/24 maxlen: 24
46.32.187.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 880344195 (0x3478fc83)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e37ee1eced19f8a0a3a635bfaa264293e3437795
Validity
Not Before: Jan 10 00:47:48 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=76ef420d793006a4b8609ae113db6c6135548371
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:49:1e:d6:31:9e:06:b1:17:86:55:a9:74:47:
94:97:3c:1d:33:d6:68:d2:81:b1:f2:26:b4:47:f1:
90:8c:a5:08:8e:59:f8:dc:6d:31:c0:fb:40:6e:ee:
03:22:15:47:e4:83:16:d3:28:03:26:e1:24:23:89:
b2:a1:81:97:56:9a:88:cb:48:66:f8:80:e6:4c:c0:
35:10:07:5e:b6:3f:30:79:88:77:a9:ea:3d:b5:4d:
83:49:d2:65:1a:98:3b:45:d8:4d:bb:f2:7f:76:90:
df:1e:cd:61:c6:8d:db:08:f5:a2:5b:db:b3:ed:73:
3d:e4:07:64:50:17:8d:02:01:11:fd:7d:92:7a:bd:
09:76:d1:1a:e2:eb:b7:91:3d:4a:7f:0d:2c:c5:75:
fb:a2:cc:59:7b:a0:a2:7b:11:ff:ce:05:c3:3a:af:
06:d4:bc:71:fe:fa:16:32:5e:10:a0:e7:73:5a:46:
05:8b:64:88:3a:ef:57:14:14:8b:52:17:b7:a7:6c:
9e:6d:70:3f:ce:90:38:2a:d3:96:b3:4c:f6:6c:c5:
b4:e5:74:9e:df:ba:c7:2a:86:fc:b5:f6:ee:59:af:
57:e4:79:18:f6:1e:a8:21:e1:44:da:97:42:18:9e:
48:50:3a:da:15:85:69:0f:4a:ce:b0:c3:ff:e6:f3:
fa:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:EF:42:0D:79:30:06:A4:B8:60:9A:E1:13:DB:6C:61:35:54:83:71
X509v3 Authority Key Identifier:
keyid:E3:7E:E1:EC:ED:19:F8:A0:A3:A6:35:BF:AA:26:42:93:E3:43:77:95
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/437h7O0Z-KCjpjW_qiZCk-NDd5U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/6d5d75-4d1e-4697-b1d3-36e344abc9d3/1/du9CDXkwBqS4YJrhE9tsYTVUg3E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/6d5d75-4d1e-4697-b1d3-36e344abc9d3/1/437h7O0Z-KCjpjW_qiZCk-NDd5U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.32.167.0-46.32.168.255
46.32.180.0-46.32.187.255
Signature Algorithm: sha256WithRSAEncryption
3a:63:12:e5:72:ca:20:2e:a3:b5:10:d7:e1:2c:cd:f7:21:e9:
71:91:d4:7e:3b:62:5b:bf:bd:91:c5:a0:00:1e:5e:8c:1c:b7:
f5:9b:cb:3e:fb:25:e7:26:7f:79:7e:1f:00:f7:f3:a7:48:bb:
7d:1c:7e:9e:1c:f2:8f:4c:2e:f1:e0:42:7d:50:88:b7:34:f8:
2a:df:75:80:22:f6:af:85:8d:ba:c5:6f:4b:9e:84:5d:d0:9e:
6f:11:ab:6b:8b:41:35:cf:f5:b2:14:a4:c8:42:38:b8:d8:a3:
5e:c0:30:d6:a2:0a:0a:f7:91:8f:66:3e:f8:c2:2b:62:44:97:
df:3b:18:47:3b:bf:be:e3:26:13:6d:b9:56:30:f4:cb:bf:76:
27:cd:ed:97:d2:00:42:0c:1c:59:bc:a9:48:99:05:4d:08:df:
0f:91:d9:83:cb:e0:52:b5:46:d2:a7:40:0a:76:ea:a7:29:5a:
cb:91:a0:f3:21:d6:80:49:12:89:08:8c:3c:b8:12:e2:2a:cc:
6d:42:b9:07:3c:6a:85:c6:db:a9:2f:9a:e5:d3:37:f5:ad:41:
8e:3a:6d:7d:f5:47:21:b2:ee:d3:0c:0a:40:34:ee:5d:6d:4f:
fd:13:ea:42:eb:1d:94:05:e8:80:1e:4d:45:b6:07:43:05:b6:
6d:02:91:fe
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgIENHj8gzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhl
MzdlZTFlY2VkMTlmOGEwYTNhNjM1YmZhYTI2NDI5M2UzNDM3Nzk1MB4XDTIyMDEx
MDAwNDc0OFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNzZlZjQyMGQ3OTMw
MDZhNGI4NjA5YWUxMTNkYjZjNjEzNTU0ODM3MTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAL9JHtYxngaxF4ZVqXRHlJc8HTPWaNKBsfImtEfxkIylCI5Z
+NxtMcD7QG7uAyIVR+SDFtMoAybhJCOJsqGBl1aaiMtIZviA5kzANRAHXrY/MHmI
d6nqPbVNg0nSZRqYO0XYTbvyf3aQ3x7NYcaN2wj1olvbs+1zPeQHZFAXjQIBEf19
knq9CXbRGuLrt5E9Sn8NLMV1+6LMWXugonsR/84FwzqvBtS8cf76FjJeEKDnc1pG
BYtkiDrvVxQUi1IXt6dsnm1wP86QOCrTlrNM9mzFtOV0nt+6xyqG/LX27lmvV+R5
GPYeqCHhRNqXQhieSFA62hWFaQ9KzrDD/+bz+qUCAwEAAaOCAh8wggIbMB0GA1Ud
DgQWBBR270INeTAGpLhgmuET22xhNVSDcTAfBgNVHSMEGDAWgBTjfuHs7Rn4oKOm
Nb+qJkKT40N3lTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzQzN2g3TzBaLUtDanBqV19xaVpDay1ORGQ1VS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYjgvNmQ1ZDc1LTRkMWUtNDY5Ny1iMWQzLTM2ZTM0NGFiYzlkMy8x
L2R1OUNEWGt3QnFTNFlKcmhFOXRzWVRWVWczRS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjgv
NmQ1ZDc1LTRkMWUtNDY5Ny1iMWQzLTM2ZTM0NGFiYzlkMy8xLzQzN2g3TzBaLUtD
anBqV19xaVpDay1ORGQ1VS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA1
BggrBgEFBQcBBwEB/wQmMCQwIgQCAAEwHDAMAwQALiCnAwQALiCoMAwDBAIuILQD
BAIuILgwDQYJKoZIhvcNAQELBQADggEBADpjEuVyyiAuo7UQ1+Eszfch6XGR1H47
Ylu/vZHFoAAeXowct/Wbyz77Jecmf3l+HwD386dIu30cfp4c8o9MLvHgQn1QiLc0
+CrfdYAi9q+FjbrFb0uehF3Qnm8Rq2uLQTXP9bIUpMhCOLjYo17AMNaiCgr3kY9m
PvjCK2JEl987GEc7v77jJhNtuVYw9Mu/difN7ZfSAEIMHFm8qUiZBU0I3w+R2YPL
4FK1RtKnQAp26qcpWsuRoPMh1oBJEokIjDy4EuIqzG1CuQc8aoXG26kvmuXTN/Wt
QY46bX31RyGy7tMMCkA07l1tT/0T6kLrHZQF6IAeTUW2B0MFtm0Ckf4=
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:02:45 2023 by rpki-client on console-fra.rpki-client.org