Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d7/6becb0-18fd-4add-bb41-2e1c0af4faa4/1/tgXCT6dSTiMFgtb8VbbW1bFCthg.roa
File: tgXCT6dSTiMFgtb8VbbW1bFCthg.roa (raw, json)
Hash identifier: 1vh5Tu5Kk9lGChZmWvepchZhXOyOB646crOazjRKhyA=
Subject key identifier: B6:05:C2:4F:A7:52:4E:23:05:82:D6:FC:55:B6:D6:D5:B1:42:B6:18
Certificate issuer: /CN=0f6363d428b7915c108825f09706004b8ea3d4b5
Certificate serial: 0183D03CEE72EB52B151A10D9970313FCA9B
Authority key identifier: 0F:63:63:D4:28:B7:91:5C:10:88:25:F0:97:06:00:4B:8E:A3:D4:B5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/D2Nj1Ci3kVwQiCXwlwYAS46j1LU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d7/6becb0-18fd-4add-bb41-2e1c0af4faa4/1/tgXCT6dSTiMFgtb8VbbW1bFCthg.roa
Signing time: Thu 13 Oct 2022 07:26:37 +0000
ROA not before: Thu 13 Oct 2022 07:26:37 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 47537
IP address blocks: 46.28.44.0/24 maxlen: 24
46.28.45.0/24 maxlen: 24
46.28.46.0/24 maxlen: 24
46.28.47.0/24 maxlen: 24
91.208.12.0/24 maxlen: 24
37.143.0.0/24 maxlen: 24
37.143.1.0/24 maxlen: 24
37.143.2.0/24 maxlen: 24
37.143.3.0/24 maxlen: 24
2a02:2d00:21::/48 maxlen: 48
2a02:2d00:1::/48 maxlen: 48
2a02:2d00:30::/48 maxlen: 48
2a02:2d00:20::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:d0:3c:ee:72:eb:52:b1:51:a1:0d:99:70:31:3f:ca:9b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0f6363d428b7915c108825f09706004b8ea3d4b5
Validity
Not Before: Oct 13 07:26:37 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=b605c24fa7524e230582d6fc55b6d6d5b142b618
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:c4:39:9f:33:87:26:95:c4:c0:a2:99:85:65:
f5:91:62:5e:e6:63:14:1d:59:db:8c:2f:d6:da:43:
c9:bf:64:85:70:e9:ab:00:7a:c6:81:df:45:fc:35:
7c:7c:e7:b2:32:5a:18:cd:f1:8c:28:b2:a9:37:3f:
df:a2:0f:a3:ae:70:f9:99:62:80:4f:60:c3:34:6d:
0d:8f:b2:61:b6:2b:4e:cf:33:4e:e5:38:77:8e:38:
3e:9d:fc:15:44:fd:57:ba:88:3e:25:fc:65:e1:6c:
9c:17:a8:02:e8:28:bd:ef:9f:52:dc:6e:f5:95:56:
97:4b:b1:55:4b:69:b3:cf:05:5a:0c:8d:de:18:e0:
90:26:60:92:c3:b0:47:46:f2:48:cb:b1:7e:12:70:
0c:01:dc:ea:bd:9e:9e:e0:f6:ec:b7:9c:3c:c9:64:
2f:54:5d:20:f3:9f:52:cd:52:5d:2b:73:fe:c3:45:
40:b3:38:a5:c9:02:a9:cd:d9:ce:ff:03:18:6f:ec:
9c:34:bb:34:51:c4:19:a0:50:22:82:23:fa:52:4f:
65:f8:47:c1:4c:20:25:69:f5:73:bd:33:91:94:7d:
98:9c:6f:04:ca:6e:64:2a:ce:1d:8d:78:a7:75:ac:
36:2d:a8:21:45:89:70:46:2c:88:68:74:cd:4a:2a:
45:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:05:C2:4F:A7:52:4E:23:05:82:D6:FC:55:B6:D6:D5:B1:42:B6:18
X509v3 Authority Key Identifier:
keyid:0F:63:63:D4:28:B7:91:5C:10:88:25:F0:97:06:00:4B:8E:A3:D4:B5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/D2Nj1Ci3kVwQiCXwlwYAS46j1LU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/6becb0-18fd-4add-bb41-2e1c0af4faa4/1/tgXCT6dSTiMFgtb8VbbW1bFCthg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/6becb0-18fd-4add-bb41-2e1c0af4faa4/1/D2Nj1Ci3kVwQiCXwlwYAS46j1LU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.143.0.0/22
46.28.44.0/22
91.208.12.0/24
IPv6:
2a02:2d00:1::/48
2a02:2d00:20::/47
2a02:2d00:30::/48
Signature Algorithm: sha256WithRSAEncryption
7b:82:55:0e:a4:ad:7b:b9:92:4f:c4:9b:1b:7b:af:4f:05:cb:
fd:82:73:b5:41:f0:69:b7:37:5f:ef:7d:6c:6c:00:13:2d:49:
65:b7:ad:ab:79:dd:1b:1f:6d:76:a7:bb:8f:cc:74:cd:9b:b1:
d5:f6:08:f1:b0:93:a3:57:f3:96:01:21:83:a2:3c:b2:6d:f8:
37:c7:7c:0d:09:af:40:5f:6c:d6:53:8a:c5:c9:ee:85:4c:dd:
d4:4d:1a:79:a8:48:57:7c:40:e0:8e:33:23:dd:b6:3e:19:17:
ba:d2:47:63:e0:02:49:f8:29:bd:18:b5:fd:b0:ac:c1:08:2f:
7b:80:6f:1b:a4:ad:7f:4b:32:b6:08:d8:47:ee:b3:33:64:74:
c9:8f:cc:47:8e:eb:03:17:33:82:13:d5:af:fb:b8:94:6d:d2:
83:c8:c4:30:f6:19:97:89:cf:fb:7f:7f:0a:75:87:e6:d6:31:
04:a9:d8:78:b4:ed:b0:1c:69:20:eb:2b:f1:71:b7:0d:59:7d:
e2:ac:62:32:ad:b0:d5:97:e4:19:16:a8:67:cd:39:6c:6c:30:
48:df:d4:72:1d:e7:44:60:8d:02:e7:60:4c:69:d7:b6:fd:3c:
85:71:c5:82:8e:33:cd:98:14:45:d0:43:ec:60:2d:64:2e:53:
09:b7:43:4c
-----BEGIN CERTIFICATE-----
MIIFLDCCBBSgAwIBAgISAYPQPO5y61KxUaENmXAxP8qbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBmNjM2M2Q0MjhiNzkxNWMxMDg4MjVmMDk3MDYwMDRiOGVh
M2Q0YjUwHhcNMjIxMDEzMDcyNjM3WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNjA1YzI0ZmE3NTI0ZTIzMDU4MmQ2ZmM1NWI2ZDZkNWIxNDJiNjE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAicQ5nzOHJpXEwKKZhWX1kWJe5mMU
HVnbjC/W2kPJv2SFcOmrAHrGgd9F/DV8fOeyMloYzfGMKLKpNz/fog+jrnD5mWKA
T2DDNG0Nj7JhtitOzzNO5Th3jjg+nfwVRP1Xuog+Jfxl4WycF6gC6Ci9759S3G71
lVaXS7FVS2mzzwVaDI3eGOCQJmCSw7BHRvJIy7F+EnAMAdzqvZ6e4Pbst5w8yWQv
VF0g859SzVJdK3P+w0VAszilyQKpzdnO/wMYb+ycNLs0UcQZoFAigiP6Uk9l+EfB
TCAlafVzvTORlH2YnG8Eym5kKs4djXindaw2LaghRYlwRiyIaHTNSipFBQIDAQAB
o4ICODCCAjQwHQYDVR0OBBYEFLYFwk+nUk4jBYLW/FW21tWxQrYYMB8GA1UdIwQY
MBaAFA9jY9Qot5FcEIgl8JcGAEuOo9S1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRDJOajFDaTNrVndRaUNYd2x3WUFTNDZqMUxVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNy82YmVjYjAtMThmZC00YWRkLWJiNDEt
MmUxYzBhZjRmYWE0LzEvdGdYQ1Q2ZFNUaU1GZ3RiOFZiYlcxYkZDdGhnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNy82YmVjYjAtMThmZC00YWRkLWJiNDEtMmUxYzBhZjRmYWE0
LzEvRDJOajFDaTNrVndRaUNYd2x3WUFTNDZqMUxVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME4GCCsGAQUFBwEHAQH/BD8wPTAYBAIAATASAwQCJY8AAwQC
LhwsAwQAW9AMMCEEAgACMBsDBwAqAi0AAAEDBwEqAi0AACADBwAqAi0AADAwDQYJ
KoZIhvcNAQELBQADggEBAHuCVQ6krXu5kk/Emxt7r08Fy/2Cc7VB8Gm3N1/vfWxs
ABMtSWW3rat53RsfbXanu4/MdM2bsdX2CPGwk6NX85YBIYOiPLJt+DfHfA0Jr0Bf
bNZTisXJ7oVM3dRNGnmoSFd8QOCOMyPdtj4ZF7rSR2PgAkn4Kb0Ytf2wrMEIL3uA
bxukrX9LMrYI2EfuszNkdMmPzEeO6wMXM4IT1a/7uJRt0oPIxDD2GZeJz/t/fwp1
h+bWMQSp2Hi07bAcaSDrK/Fxtw1ZfeKsYjKtsNWX5BkWqGfNOWxsMEjf1HId50Rg
jQLnYExp17b9PIVxxYKOM82YFEXQQ+xgLWQuUwm3Q0w=
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:08:33 2023 by rpki-client on console-ams.rpki-client.org