Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/6d5d75-4d1e-4697-b1d3-36e344abc9d3/1/xUzE85BocZembOH6h6y-0_XWH_0.roa
File: xUzE85BocZembOH6h6y-0_XWH_0.roa (raw, json)
Hash identifier: Zty19lNmQU54TujFVSRUWAZoudonT+4Xhwsagt+Hmhs=
Subject key identifier: C5:4C:C4:F3:90:68:71:97:A6:6C:E1:FA:87:AC:BE:D3:F5:D6:1F:FD
Certificate issuer: /CN=e37ee1eced19f8a0a3a635bfaa264293e3437795
Certificate serial: 35AE8DDC
Authority key identifier: E3:7E:E1:EC:ED:19:F8:A0:A3:A6:35:BF:AA:26:42:93:E3:43:77:95
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/437h7O0Z-KCjpjW_qiZCk-NDd5U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b8/6d5d75-4d1e-4697-b1d3-36e344abc9d3/1/xUzE85BocZembOH6h6y-0_XWH_0.roa
Signing time: Wed 11 May 2022 21:52:04 +0000
ROA not before: Wed 11 May 2022 21:52:04 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 203622
IP address blocks: 46.32.166.0/24 maxlen: 24
46.32.165.0/24 maxlen: 24
46.32.164.0/24 maxlen: 24
46.32.160.0/24 maxlen: 24
46.32.162.0/24 maxlen: 24
46.32.161.0/24 maxlen: 24
46.32.167.0/24 maxlen: 24
46.32.170.0/24 maxlen: 24
46.32.171.0/24 maxlen: 24
46.32.177.0/24 maxlen: 24
46.32.179.0/24 maxlen: 24
46.32.178.0/24 maxlen: 24
46.32.176.0/24 maxlen: 24
46.32.191.0/24 maxlen: 24
46.32.188.0/24 maxlen: 24
46.32.190.0/24 maxlen: 24
46.32.189.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 900632028 (0x35ae8ddc)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e37ee1eced19f8a0a3a635bfaa264293e3437795
Validity
Not Before: May 11 21:52:04 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=c54cc4f390687197a66ce1fa87acbed3f5d61ffd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f9:94:dd:f0:87:26:bf:61:6a:03:de:68:37:28:
59:8d:b4:32:55:13:bb:38:0d:3f:66:c6:7e:fa:2b:
02:36:28:3d:95:78:3f:e0:63:c9:d7:c3:24:0c:35:
47:48:8d:6e:8a:4b:fd:9a:ab:a0:c7:44:22:c1:5e:
18:7b:fa:b0:2a:56:82:d9:f5:7c:2b:73:50:78:56:
da:37:96:b7:7f:31:97:fd:00:ae:c0:29:e7:c4:c3:
1b:1b:b8:27:e0:aa:b1:f5:b7:78:d7:05:29:19:17:
6b:a9:74:86:62:5a:f3:ea:4f:8f:cd:b5:1b:54:af:
1c:d0:ea:da:88:ad:37:67:36:70:96:05:41:3f:9e:
95:a8:da:5f:ed:31:61:a4:38:d9:7e:23:a0:7f:98:
17:3a:92:4d:64:91:d6:5e:d8:77:65:3e:91:8d:25:
20:9d:00:b9:7e:55:fb:1f:c5:87:07:89:08:96:b1:
b9:67:8e:a5:3f:b0:85:02:70:22:1c:f9:0b:86:39:
cb:8d:5a:9e:2d:42:ec:c0:57:61:1c:05:fb:ad:78:
66:4a:fd:e8:08:82:61:f1:38:9b:87:53:68:ab:84:
3b:3f:5c:c0:81:0c:af:76:c0:36:51:e3:09:89:14:
70:a7:2b:50:16:6e:7d:ad:57:ba:7b:5b:f9:fb:6b:
c9:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:4C:C4:F3:90:68:71:97:A6:6C:E1:FA:87:AC:BE:D3:F5:D6:1F:FD
X509v3 Authority Key Identifier:
keyid:E3:7E:E1:EC:ED:19:F8:A0:A3:A6:35:BF:AA:26:42:93:E3:43:77:95
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/437h7O0Z-KCjpjW_qiZCk-NDd5U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/6d5d75-4d1e-4697-b1d3-36e344abc9d3/1/xUzE85BocZembOH6h6y-0_XWH_0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/6d5d75-4d1e-4697-b1d3-36e344abc9d3/1/437h7O0Z-KCjpjW_qiZCk-NDd5U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.32.160.0-46.32.162.255
46.32.164.0/22
46.32.170.0/23
46.32.176.0/22
46.32.188.0/22
Signature Algorithm: sha256WithRSAEncryption
0d:30:b3:19:dc:a7:9f:c1:61:80:f1:f1:b0:8d:9f:99:6f:e8:
e6:cc:e6:7f:16:a7:36:7a:89:65:ac:90:7a:20:fd:19:f6:a6:
4d:d6:29:85:5e:79:4a:ea:ca:4f:5f:f6:b6:dd:f5:68:4a:92:
b5:d8:12:89:8b:7a:0d:20:34:7d:59:af:69:fc:0e:fd:2b:13:
df:ba:ae:05:99:c8:bf:26:91:14:2b:33:12:d4:ca:7f:1f:60:
35:64:01:32:26:f5:c8:b1:37:5a:e4:0d:83:6c:71:a9:2c:ba:
30:f7:01:4b:cf:2f:b6:a6:71:86:a7:4d:3b:63:2a:61:2e:55:
d4:3d:e9:0d:12:fa:7f:8e:30:4c:3b:aa:c4:c2:81:c0:88:73:
3b:81:02:a7:6b:21:3d:c8:1c:84:a5:4c:4c:c4:45:93:2e:99:
c8:04:18:fa:35:af:89:ba:9e:81:c1:7d:65:fc:4f:e5:5a:2e:
ae:d2:1e:80:d2:49:1f:ce:5e:5a:54:8f:f0:e8:1d:84:fd:e4:
92:31:a9:c6:08:0c:8d:40:70:9b:24:06:c8:19:3e:fe:3f:60:
3c:e8:01:71:03:32:79:c0:d0:d5:7b:9e:05:a4:cf:b3:58:99:
fa:1c:2f:fe:6b:ba:8c:69:db:23:a2:48:16:fe:09:03:98:14:
8d:0e:a3:0f
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgIENa6N3DANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhl
MzdlZTFlY2VkMTlmOGEwYTNhNjM1YmZhYTI2NDI5M2UzNDM3Nzk1MB4XDTIyMDUx
MTIxNTIwNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYzU0Y2M0ZjM5MDY4
NzE5N2E2NmNlMWZhODdhY2JlZDNmNWQ2MWZmZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAPmU3fCHJr9hagPeaDcoWY20MlUTuzgNP2bGfvorAjYoPZV4
P+BjydfDJAw1R0iNbopL/ZqroMdEIsFeGHv6sCpWgtn1fCtzUHhW2jeWt38xl/0A
rsAp58TDGxu4J+CqsfW3eNcFKRkXa6l0hmJa8+pPj821G1SvHNDq2oitN2c2cJYF
QT+elajaX+0xYaQ42X4joH+YFzqSTWSR1l7Yd2U+kY0lIJ0AuX5V+x/FhweJCJax
uWeOpT+whQJwIhz5C4Y5y41ani1C7MBXYRwF+614Zkr96AiCYfE4m4dTaKuEOz9c
wIEMr3bANlHjCYkUcKcrUBZufa1Xuntb+ftryRUCAwEAAaOCAikwggIlMB0GA1Ud
DgQWBBTFTMTzkGhxl6Zs4fqHrL7T9dYf/TAfBgNVHSMEGDAWgBTjfuHs7Rn4oKOm
Nb+qJkKT40N3lTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzQzN2g3TzBaLUtDanBqV19xaVpDay1ORGQ1VS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYjgvNmQ1ZDc1LTRkMWUtNDY5Ny1iMWQzLTM2ZTM0NGFiYzlkMy8x
L3hVekU4NUJvY1plbWJPSDZoNnktMF9YV0hfMC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjgv
NmQ1ZDc1LTRkMWUtNDY5Ny1iMWQzLTM2ZTM0NGFiYzlkMy8xLzQzN2g3TzBaLUtD
anBqV19xaVpDay1ORGQ1VS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA/
BggrBgEFBQcBBwEB/wQwMC4wLAQCAAEwJjAMAwQFLiCgAwQALiCiAwQCLiCkAwQB
LiCqAwQCLiCwAwQCLiC8MA0GCSqGSIb3DQEBCwUAA4IBAQANMLMZ3KefwWGA8fGw
jZ+Zb+jmzOZ/Fqc2eollrJB6IP0Z9qZN1imFXnlK6spPX/a23fVoSpK12BKJi3oN
IDR9Wa9p/A79KxPfuq4Fmci/JpEUKzMS1Mp/H2A1ZAEyJvXIsTda5A2DbHGpLLow
9wFLzy+2pnGGp007YyphLlXUPekNEvp/jjBMO6rEwoHAiHM7gQKnayE9yByEpUxM
xEWTLpnIBBj6Na+Jup6BwX1l/E/lWi6u0h6A0kkfzl5aVI/w6B2E/eSSManGCAyN
QHCbJAbIGT7+P2A86AFxAzJ5wNDVe54FpM+zWJn6HC/+a7qMadsjokgW/gkDmBSN
DqMP
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:51:32 2025 by rpki-client