Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bf/8a149c-e7df-46e5-91a7-98e4e7afaabb/1/cZ6431lig6kGqhHnRXDGQQY0JuQ.roa
File: cZ6431lig6kGqhHnRXDGQQY0JuQ.roa (raw, json)
Hash identifier: 9IPFkcS2lE4ehueDvGS2O15hxnQtga6nAa+IP3zVQn8=
Subject key identifier: 71:9E:B8:DF:59:62:83:A9:06:AA:11:E7:45:70:C6:41:06:34:26:E4
Certificate issuer: /CN=d0f38ffa201e952d65b65b68b2ddfaa278669fb8
Certificate serial: 014E673C
Authority key identifier: D0:F3:8F:FA:20:1E:95:2D:65:B6:5B:68:B2:DD:FA:A2:78:66:9F:B8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0POP-iAelS1ltltost36onhmn7g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bf/8a149c-e7df-46e5-91a7-98e4e7afaabb/1/cZ6431lig6kGqhHnRXDGQQY0JuQ.roa
Signing time: Sat 01 Jan 2022 01:54:04 +0000
ROA not before: Sat 01 Jan 2022 01:54:04 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 49392
IP address blocks: 46.254.110.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 21915452 (0x14e673c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d0f38ffa201e952d65b65b68b2ddfaa278669fb8
Validity
Not Before: Jan 1 01:54:04 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=719eb8df596283a906aa11e74570c641063426e4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:ce:bf:14:1c:d8:29:f5:c9:bd:67:97:39:c2:
94:cc:a3:d9:ff:a7:b1:e4:e9:f8:2f:ea:d6:cf:40:
07:03:c0:42:0c:7d:f1:ce:d1:bd:c9:9a:a8:c5:81:
0c:09:b3:f7:f9:01:72:8b:f8:61:2c:3c:a0:d0:e2:
3f:ab:d3:2d:85:22:74:e4:71:ed:1e:64:c2:70:18:
5c:7c:5b:27:2a:a7:2c:5a:05:14:53:5d:28:f2:21:
e2:ec:94:83:60:20:92:02:0e:82:aa:1a:7e:5c:72:
2c:10:ce:df:40:1f:1c:ec:4b:95:24:ef:fb:4c:44:
37:46:0d:01:a4:e2:8a:13:ba:d6:33:57:5f:72:71:
5f:55:4a:78:eb:91:1c:55:9d:f7:9d:66:e3:d7:63:
5d:3f:4e:d3:b3:45:3f:ea:ea:55:10:68:dc:7c:de:
99:e1:a0:88:e9:00:e9:8d:74:08:10:bd:e9:b4:05:
1a:5d:c5:28:93:5e:22:c3:52:30:21:c3:fc:6c:2d:
1b:ad:db:5b:dd:e7:4d:15:8c:31:48:09:db:23:33:
27:ba:ed:e7:e5:7f:88:7c:ca:35:88:42:e5:66:4c:
ee:d4:df:a7:f1:13:79:3b:eb:9f:46:fd:da:10:2c:
1f:f5:05:08:8c:9d:bb:21:12:0c:c2:d7:1e:97:8f:
02:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:9E:B8:DF:59:62:83:A9:06:AA:11:E7:45:70:C6:41:06:34:26:E4
X509v3 Authority Key Identifier:
keyid:D0:F3:8F:FA:20:1E:95:2D:65:B6:5B:68:B2:DD:FA:A2:78:66:9F:B8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0POP-iAelS1ltltost36onhmn7g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/8a149c-e7df-46e5-91a7-98e4e7afaabb/1/cZ6431lig6kGqhHnRXDGQQY0JuQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/8a149c-e7df-46e5-91a7-98e4e7afaabb/1/0POP-iAelS1ltltost36onhmn7g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.254.110.0/24
Signature Algorithm: sha256WithRSAEncryption
11:9f:be:5d:5e:a2:59:76:a3:c2:6f:1b:95:43:7d:9e:82:70:
35:c7:b8:5a:54:6a:00:ed:fa:43:82:26:72:00:3e:04:d0:7f:
dc:dc:16:39:3b:d2:a7:58:63:96:4c:c2:e4:5c:be:b2:8c:73:
f7:e9:ab:25:03:28:d4:f3:9d:a1:ef:51:4f:a2:18:fb:e5:4d:
d8:8d:18:be:1f:b6:ea:a8:24:cd:b4:7e:bb:75:1c:29:e4:26:
b0:88:6c:81:78:9b:ea:b7:f6:f9:f6:33:5a:61:11:c9:8d:1f:
53:77:ad:fb:12:d8:64:88:46:c1:c4:7c:28:54:3a:29:0a:db:
8a:c3:4b:8b:20:41:65:63:46:88:d2:57:d4:98:d5:11:c8:a8:
71:88:91:3c:81:25:84:44:88:da:f1:72:55:fd:11:bf:33:d9:
bf:9d:75:ce:52:f7:98:89:33:bc:a8:57:fd:fe:a4:13:9c:b6:
fe:7b:f4:d8:d0:8d:0b:c1:03:7a:65:b0:0f:67:fc:c6:b1:9e:
4f:0e:e8:19:fc:d5:f1:81:fe:de:87:11:9e:3c:10:90:dc:a9:
b4:8f:99:1f:b6:71:03:72:5b:e2:bb:20:81:7d:52:ad:40:76:
7e:9e:bf:40:7f:a8:e6:8a:02:30:b7:83:86:6f:cc:65:4c:43:
88:1d:88:6a
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAU5nPDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
MGYzOGZmYTIwMWU5NTJkNjViNjViNjhiMmRkZmFhMjc4NjY5ZmI4MB4XDTIyMDEw
MTAxNTQwNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNzE5ZWI4ZGY1OTYy
ODNhOTA2YWExMWU3NDU3MGM2NDEwNjM0MjZlNDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJPOvxQc2Cn1yb1nlznClMyj2f+nseTp+C/q1s9ABwPAQgx9
8c7RvcmaqMWBDAmz9/kBcov4YSw8oNDiP6vTLYUidORx7R5kwnAYXHxbJyqnLFoF
FFNdKPIh4uyUg2AgkgIOgqoaflxyLBDO30AfHOxLlSTv+0xEN0YNAaTiihO61jNX
X3JxX1VKeOuRHFWd951m49djXT9O07NFP+rqVRBo3HzemeGgiOkA6Y10CBC96bQF
Gl3FKJNeIsNSMCHD/GwtG63bW93nTRWMMUgJ2yMzJ7rt5+V/iHzKNYhC5WZM7tTf
p/ETeTvrn0b92hAsH/UFCIyduyESDMLXHpePAtECAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRxnrjfWWKDqQaqEedFcMZBBjQm5DAfBgNVHSMEGDAWgBTQ84/6IB6VLWW2
W2iy3fqieGafuDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzBQT1AtaUFlbFMxbHRsdG9zdDM2b25obW43Zy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYmYvOGExNDljLWU3ZGYtNDZlNS05MWE3LTk4ZTRlN2FmYWFiYi8x
L2NaNjQzMWxpZzZrR3FoSG5SWERHUVFZMEp1US5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYmYv
OGExNDljLWU3ZGYtNDZlNS05MWE3LTk4ZTRlN2FmYWFiYi8xLzBQT1AtaUFlbFMx
bHRsdG9zdDM2b25obW43Zy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAC7+bjANBgkqhkiG9w0BAQsFAAOC
AQEAEZ++XV6iWXajwm8blUN9noJwNce4WlRqAO36Q4ImcgA+BNB/3NwWOTvSp1hj
lkzC5Fy+soxz9+mrJQMo1POdoe9RT6IY++VN2I0Yvh+26qgkzbR+u3UcKeQmsIhs
gXib6rf2+fYzWmERyY0fU3et+xLYZIhGwcR8KFQ6KQrbisNLiyBBZWNGiNJX1JjV
EciocYiRPIElhESI2vFyVf0RvzPZv511zlL3mIkzvKhX/f6kE5y2/nv02NCNC8ED
emWwD2f8xrGeTw7oGfzV8YH+3ocRnjwQkNyptI+ZH7ZxA3Jb4rsggX1SrUB2fp6/
QH+o5ooCMLeDhm/MZUxDiB2Iag==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:07:07 2023 by rpki-client on console-ams.rpki-client.org