Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/7bbb91-c5b0-4d0b-925b-09be5989d0ac/1/fdRsOJPpOALULiaXd9xmCz7XsRE.roa
File: fdRsOJPpOALULiaXd9xmCz7XsRE.roa (raw, json)
Hash identifier: D0xRAx+W+qXr7WaH7hH+nsTL1+txdhrX2/jfT2B5zgY=
Subject key identifier: 7D:D4:6C:38:93:E9:38:02:D4:2E:26:97:77:DC:66:0B:3E:D7:B1:11
Certificate issuer: /CN=4edc689bb22d09475574f41c0e5d97c045930928
Certificate serial: 30708A4B
Authority key identifier: 4E:DC:68:9B:B2:2D:09:47:55:74:F4:1C:0E:5D:97:C0:45:93:09:28
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ttxom7ItCUdVdPQcDl2XwEWTCSg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e2/7bbb91-c5b0-4d0b-925b-09be5989d0ac/1/fdRsOJPpOALULiaXd9xmCz7XsRE.roa
Signing time: Sat 01 Jan 2022 05:02:23 +0000
ROA not before: Sat 01 Jan 2022 05:02:23 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 39884
IP address blocks: 46.31.224.0/21 maxlen: 24
185.75.92.0/22 maxlen: 22
195.189.172.0/23 maxlen: 23
2a03:8e00::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 812681803 (0x30708a4b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4edc689bb22d09475574f41c0e5d97c045930928
Validity
Not Before: Jan 1 05:02:23 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=7dd46c3893e93802d42e269777dc660b3ed7b111
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:fd:49:ab:ec:63:94:49:f3:0d:22:18:28:7d:
74:16:92:7f:82:63:07:d6:11:34:91:ed:33:54:70:
3b:a8:14:ae:45:33:7b:f3:39:d3:c1:76:e8:2c:8f:
eb:2a:bc:ba:c3:26:c0:d3:36:65:07:0c:b3:9e:7a:
b8:9e:a7:5b:03:3f:b3:61:59:97:ff:ef:40:23:87:
0f:65:d5:9e:1e:a6:ef:4c:9b:15:24:f4:d4:a6:d1:
fd:14:bc:d8:e4:5a:7b:5c:38:cd:8f:b5:e7:2c:01:
a2:e6:d1:a1:39:27:54:6f:30:c0:b4:d3:e0:5c:62:
ad:d4:d3:e3:ca:c6:fc:36:60:2d:c6:b0:35:c0:cc:
72:1e:d3:c8:fe:b6:dc:b0:ae:7e:8e:41:1b:21:8d:
55:3f:06:13:8d:f7:0a:67:cd:22:76:5f:af:21:f7:
a0:1b:86:af:68:5f:c6:c8:9f:4f:17:6d:7d:53:0d:
01:a2:d7:5e:da:85:f1:54:82:4d:ec:53:14:5a:30:
b1:da:22:55:fc:eb:fd:32:af:d1:8f:c4:fe:99:b4:
a1:37:99:3e:5c:af:d1:da:10:aa:51:4b:96:13:98:
a6:8a:bc:65:1b:40:6e:86:73:82:8f:3b:2f:9d:fd:
5c:fd:ff:67:6e:99:98:a6:2a:6b:22:87:db:b8:a4:
49:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7D:D4:6C:38:93:E9:38:02:D4:2E:26:97:77:DC:66:0B:3E:D7:B1:11
X509v3 Authority Key Identifier:
keyid:4E:DC:68:9B:B2:2D:09:47:55:74:F4:1C:0E:5D:97:C0:45:93:09:28
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ttxom7ItCUdVdPQcDl2XwEWTCSg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/7bbb91-c5b0-4d0b-925b-09be5989d0ac/1/fdRsOJPpOALULiaXd9xmCz7XsRE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/7bbb91-c5b0-4d0b-925b-09be5989d0ac/1/Ttxom7ItCUdVdPQcDl2XwEWTCSg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.31.224.0/21
185.75.92.0/22
195.189.172.0/23
IPv6:
2a03:8e00::/32
Signature Algorithm: sha256WithRSAEncryption
4b:ea:05:fa:2c:1e:b2:10:17:e4:4f:c4:09:13:0a:e7:26:90:
bf:ae:1f:86:f4:28:e8:25:88:ff:60:f8:2a:31:39:c9:7a:74:
c4:5b:0e:c4:bc:f2:34:02:6d:71:c2:12:e9:43:47:bc:4d:08:
19:42:10:50:58:14:01:4c:21:c5:b0:eb:2d:b5:80:4f:d5:31:
b5:b4:56:f0:79:a7:7e:75:5d:2e:55:ff:b8:28:f8:07:22:02:
f2:12:32:11:24:13:f8:fa:d6:49:8a:01:2e:89:a3:fb:be:e6:
3c:68:26:2c:1f:a6:19:b0:3a:74:33:6d:a2:5a:bf:95:a7:e7:
55:18:7d:01:d9:78:f8:6f:52:87:32:21:59:9a:a6:ce:63:3d:
cf:41:e7:5e:03:a3:dc:14:1e:a9:35:69:88:e4:dc:29:3e:bc:
39:b2:f4:0a:c6:cf:2d:a5:12:e5:81:ae:67:a4:a9:7a:1e:ba:
10:04:bf:27:63:c4:55:74:d3:65:9c:f2:3c:a6:a7:ac:b6:64:
c0:72:61:f3:52:49:b3:fa:54:3e:2b:90:af:ad:02:a3:8f:10:
cc:3a:b4:6f:c0:6b:9d:62:24:a7:9c:73:2d:14:b4:87:46:5b:
23:6d:93:bc:dc:6f:13:27:37:49:e1:71:c5:07:80:92:d9:b7:
ce:4e:bc:96
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgIEMHCKSzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0
ZWRjNjg5YmIyMmQwOTQ3NTU3NGY0MWMwZTVkOTdjMDQ1OTMwOTI4MB4XDTIyMDEw
MTA1MDIyM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoN2RkNDZjMzg5M2U5
MzgwMmQ0MmUyNjk3NzdkYzY2MGIzZWQ3YjExMTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANT9SavsY5RJ8w0iGCh9dBaSf4JjB9YRNJHtM1RwO6gUrkUz
e/M508F26CyP6yq8usMmwNM2ZQcMs556uJ6nWwM/s2FZl//vQCOHD2XVnh6m70yb
FST01KbR/RS82ORae1w4zY+15ywBoubRoTknVG8wwLTT4FxirdTT48rG/DZgLcaw
NcDMch7TyP623LCufo5BGyGNVT8GE433CmfNInZfryH3oBuGr2hfxsifTxdtfVMN
AaLXXtqF8VSCTexTFFowsdoiVfzr/TKv0Y/E/pm0oTeZPlyv0doQqlFLlhOYpoq8
ZRtAboZzgo87L539XP3/Z26ZmKYqayKH27ikSd8CAwEAAaOCAiQwggIgMB0GA1Ud
DgQWBBR91Gw4k+k4AtQuJpd33GYLPtexETAfBgNVHSMEGDAWgBRO3Gibsi0JR1V0
9BwOXZfARZMJKDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1R0eG9tN0l0Q1VkVmRQUWNEbDJYd0VXVENTZy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZTIvN2JiYjkxLWM1YjAtNGQwYi05MjViLTA5YmU1OTg5ZDBhYy8x
L2ZkUnNPSlBwT0FMVUxpYVhkOXhtQ3o3WHNSRS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZTIv
N2JiYjkxLWM1YjAtNGQwYi05MjViLTA5YmU1OTg5ZDBhYy8xL1R0eG9tN0l0Q1Vk
VmRQUWNEbDJYd0VXVENTZy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA6
BggrBgEFBQcBBwEB/wQrMCkwGAQCAAEwEgMEAy4f4AMEArlLXAMEAcO9rDANBAIA
AjAHAwUAKgOOADANBgkqhkiG9w0BAQsFAAOCAQEAS+oF+iweshAX5E/ECRMK5yaQ
v64fhvQo6CWI/2D4KjE5yXp0xFsOxLzyNAJtccIS6UNHvE0IGUIQUFgUAUwhxbDr
LbWAT9UxtbRW8HmnfnVdLlX/uCj4ByIC8hIyESQT+PrWSYoBLomj+77mPGgmLB+m
GbA6dDNtolq/lafnVRh9Adl4+G9ShzIhWZqmzmM9z0HnXgOj3BQeqTVpiOTcKT68
ObL0CsbPLaUS5YGuZ6Speh66EAS/J2PEVXTTZZzyPKanrLZkwHJh81JJs/pUPiuQ
r60Co48QzDq0b8BrnWIkp5xzLRS0h0ZbI22TvNxvEyc3SeFxxQeAktm3zk68lg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:57:07 2024 by rpki-client on console-fra.rpki-client.org