Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e0/8cac0c-3426-4f07-af20-cbb95183b27a/1/ulfDNktBcJAzAE0qz8K4hnSbBes.roa
File: ulfDNktBcJAzAE0qz8K4hnSbBes.roa (raw, json)
Hash identifier: i2mAzcvNVVX0BI75qYFZ3wtGXIz5H3qEe6xPtZYgjTE=
Subject key identifier: BA:57:C3:36:4B:41:70:90:33:00:4D:2A:CF:C2:B8:86:74:9B:05:EB
Certificate issuer: /CN=a36d0ae5e2fbffcce08770ebc20c216b9fbf9485
Certificate serial: 27005912
Authority key identifier: A3:6D:0A:E5:E2:FB:FF:CC:E0:87:70:EB:C2:0C:21:6B:9F:BF:94:85
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/o20K5eL7_8zgh3Drwgwha5-_lIU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e0/8cac0c-3426-4f07-af20-cbb95183b27a/1/ulfDNktBcJAzAE0qz8K4hnSbBes.roa
Signing time: Sat 01 Jan 2022 15:00:41 +0000
ROA not before: Sat 01 Jan 2022 15:00:41 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 57865
IP address blocks: 46.191.185.0/24 maxlen: 24
46.191.184.0/21 maxlen: 21
46.191.184.0/22 maxlen: 22
46.191.184.0/24 maxlen: 24
46.191.184.0/23 maxlen: 23
46.191.186.0/24 maxlen: 24
46.191.186.0/23 maxlen: 23
46.191.188.0/24 maxlen: 24
46.191.188.0/23 maxlen: 23
46.191.190.0/24 maxlen: 24
46.191.190.0/23 maxlen: 23
46.191.187.0/24 maxlen: 24
46.191.189.0/24 maxlen: 24
46.191.191.0/24 maxlen: 24
46.191.188.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 654334226 (0x27005912)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a36d0ae5e2fbffcce08770ebc20c216b9fbf9485
Validity
Not Before: Jan 1 15:00:41 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=ba57c3364b41709033004d2acfc2b886749b05eb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:39:a7:b7:16:16:0c:68:89:c6:d2:85:80:bf:
c4:47:6a:dc:ad:a6:24:f2:a4:dd:57:50:47:49:c8:
3a:b2:12:dc:3b:69:47:81:d8:e3:f2:76:ae:41:6d:
62:9a:a6:9e:9f:da:81:3e:ea:f9:5e:fa:62:d0:bc:
8d:56:30:ed:92:5a:3e:b6:49:d1:09:ba:cc:86:bd:
ba:c6:c7:fd:3d:ec:ba:94:ec:fa:54:3e:b8:42:b7:
f0:fb:16:65:4b:79:fc:5b:3c:aa:c8:2f:b5:93:02:
bb:fe:98:f2:d9:ad:db:eb:cf:c3:32:ca:b8:47:7d:
c1:e3:e7:05:01:27:ed:4c:00:60:8c:b5:c1:65:5a:
92:80:6f:02:24:0e:03:be:8d:08:73:54:e9:d6:da:
f4:a2:62:0f:1f:b8:bd:64:50:fd:d3:a0:14:0c:4b:
ee:8a:b2:70:e9:3d:9e:b7:fc:ad:22:fe:45:c7:40:
33:37:50:d2:ef:74:c8:4c:ed:1c:62:0d:bb:97:55:
09:3c:e4:3a:e9:d3:06:3a:ba:2b:f8:f9:01:76:ff:
ab:e3:a9:cb:54:7d:81:63:1a:c5:07:ef:38:22:6c:
72:63:4a:8e:57:ce:42:71:d4:48:80:51:0c:36:f2:
2b:93:98:7b:1c:32:d0:66:0e:93:25:8a:52:d6:07:
45:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:57:C3:36:4B:41:70:90:33:00:4D:2A:CF:C2:B8:86:74:9B:05:EB
X509v3 Authority Key Identifier:
keyid:A3:6D:0A:E5:E2:FB:FF:CC:E0:87:70:EB:C2:0C:21:6B:9F:BF:94:85
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/o20K5eL7_8zgh3Drwgwha5-_lIU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/8cac0c-3426-4f07-af20-cbb95183b27a/1/ulfDNktBcJAzAE0qz8K4hnSbBes.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/8cac0c-3426-4f07-af20-cbb95183b27a/1/o20K5eL7_8zgh3Drwgwha5-_lIU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.191.184.0/21
Signature Algorithm: sha256WithRSAEncryption
14:44:05:a4:e8:6d:4e:84:60:b9:29:06:88:d7:20:01:5c:5e:
39:92:82:98:47:fe:06:68:1a:80:87:76:a3:6d:9d:36:fc:84:
e9:84:cf:66:20:5e:9a:1a:09:4a:2f:d9:9e:30:9b:9d:4f:da:
c3:88:0d:37:ab:49:aa:11:ed:fc:6a:f2:1b:49:49:e4:b8:36:
be:e5:64:2b:cf:2d:34:27:7b:31:ec:2e:90:cf:ce:e6:cc:9e:
46:aa:b3:49:39:2e:e0:b3:61:ae:66:f5:33:9b:12:a9:23:fe:
3c:87:28:a5:1b:cf:72:10:3c:f8:70:6b:7c:42:55:ba:67:d6:
92:b8:16:6f:11:82:58:b3:3a:6d:e1:91:15:a0:f3:09:8a:68:
fa:32:51:1d:4b:6e:66:bd:4b:a4:79:43:77:64:f7:af:11:47:
c2:08:7d:84:a6:63:ca:bd:4d:9c:88:28:06:54:55:7a:5c:5c:
f5:39:6c:93:87:49:b9:d9:0e:9c:c9:2f:06:0b:3f:6d:4e:dc:
79:c5:66:c9:0d:9e:ec:cd:6b:6b:d2:b8:10:32:3d:8c:2c:1c:
df:c9:39:22:98:98:09:bc:65:ff:be:15:22:c4:07:83:77:1f:
c7:2c:8b:a7:6e:80:f0:d4:ef:eb:36:53:25:39:15:26:9c:ba:
c4:b4:b1:0e
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEJwBZEjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
MzZkMGFlNWUyZmJmZmNjZTA4NzcwZWJjMjBjMjE2YjlmYmY5NDg1MB4XDTIyMDEw
MTE1MDA0MVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYmE1N2MzMzY0YjQx
NzA5MDMzMDA0ZDJhY2ZjMmI4ODY3NDliMDVlYjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJE5p7cWFgxoicbShYC/xEdq3K2mJPKk3VdQR0nIOrIS3Dtp
R4HY4/J2rkFtYpqmnp/agT7q+V76YtC8jVYw7ZJaPrZJ0Qm6zIa9usbH/T3supTs
+lQ+uEK38PsWZUt5/Fs8qsgvtZMCu/6Y8tmt2+vPwzLKuEd9wePnBQEn7UwAYIy1
wWVakoBvAiQOA76NCHNU6dba9KJiDx+4vWRQ/dOgFAxL7oqycOk9nrf8rSL+RcdA
MzdQ0u90yEztHGINu5dVCTzkOunTBjq6K/j5AXb/q+Opy1R9gWMaxQfvOCJscmNK
jlfOQnHUSIBRDDbyK5OYexwy0GYOkyWKUtYHRU0CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBS6V8M2S0FwkDMATSrPwriGdJsF6zAfBgNVHSMEGDAWgBSjbQrl4vv/zOCH
cOvCDCFrn7+UhTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L28yMEs1ZUw3Xzh6Z2gzRHJ3Z3doYTUtX2xJVS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZTAvOGNhYzBjLTM0MjYtNGYwNy1hZjIwLWNiYjk1MTgzYjI3YS8x
L3VsZkROa3RCY0pBekFFMHF6OEs0aG5TYkJlcy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZTAv
OGNhYzBjLTM0MjYtNGYwNy1hZjIwLWNiYjk1MTgzYjI3YS8xL28yMEs1ZUw3Xzh6
Z2gzRHJ3Z3doYTUtX2xJVS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAy6/uDANBgkqhkiG9w0BAQsFAAOC
AQEAFEQFpOhtToRguSkGiNcgAVxeOZKCmEf+BmgagId2o22dNvyE6YTPZiBemhoJ
Si/ZnjCbnU/aw4gNN6tJqhHt/GryG0lJ5Lg2vuVkK88tNCd7MewukM/O5syeRqqz
STku4LNhrmb1M5sSqSP+PIcopRvPchA8+HBrfEJVumfWkrgWbxGCWLM6beGRFaDz
CYpo+jJRHUtuZr1LpHlDd2T3rxFHwgh9hKZjyr1NnIgoBlRVelxc9Tlsk4dJudkO
nMkvBgs/bU7cecVmyQ2e7M1ra9K4EDI9jCwc38k5IpiYCbxl/74VIsQHg3cfxyyL
p26A8NTv6zZTJTkVJpy6xLSxDg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:56:53 2024 by rpki-client on console-fra.rpki-client.org