Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e6/622981-9650-4271-92ca-7cfef4276a0f/1/4MKPgGeljHqR2uUCEIC-75DTGDw.roa
File: 4MKPgGeljHqR2uUCEIC-75DTGDw.roa (raw, json)
Hash identifier: WMYyvgt1F0WMO1OI5RyPwY/JXbAlJ6+iU7tSivCUH80=
Subject key identifier: E0:C2:8F:80:67:A5:8C:7A:91:DA:E5:02:10:80:BE:EF:90:D3:18:3C
Certificate issuer: /CN=5588f197f97e8900755544e810cddef9d90fbc41
Certificate serial: 08FEAB1F
Authority key identifier: 55:88:F1:97:F9:7E:89:00:75:55:44:E8:10:CD:DE:F9:D9:0F:BC:41
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VYjxl_l-iQB1VUToEM3e-dkPvEE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e6/622981-9650-4271-92ca-7cfef4276a0f/1/4MKPgGeljHqR2uUCEIC-75DTGDw.roa
Signing time: Sat 26 Feb 2022 04:39:00 +0000
ROA not before: Sat 26 Feb 2022 04:39:00 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 1239
IP address blocks: 46.232.80.0/20 maxlen: 22
46.3.72.0/21 maxlen: 21
46.3.208.0/21 maxlen: 21
46.232.112.0/20 maxlen: 22
149.126.192.0/18 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 150907679 (0x8feab1f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5588f197f97e8900755544e810cddef9d90fbc41
Validity
Not Before: Feb 26 04:39:00 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=e0c28f8067a58c7a91dae5021080beef90d3183c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:48:7c:88:87:b5:4b:ff:74:75:e1:61:b4:db:
4c:43:1d:3b:75:a8:bd:23:2f:56:18:fa:52:eb:2c:
cd:e6:47:3f:ee:bf:6f:47:de:9f:5e:cb:dc:e5:72:
08:ca:35:cd:d3:29:ec:d4:d3:82:b8:9b:fa:9d:59:
09:36:9c:2a:fc:5f:f8:37:5b:25:0d:e2:b4:86:79:
d3:b2:4e:cd:cc:31:89:b7:49:c8:d3:b5:e9:41:d0:
04:d3:18:df:e6:52:cc:f7:fe:4e:33:07:4a:67:3d:
03:f8:13:66:bf:13:40:11:93:62:6f:95:8e:e9:a3:
f6:37:9b:ce:6e:26:c2:d2:33:a3:4c:b3:50:58:8d:
aa:71:82:30:1c:d3:c3:24:95:ca:21:a7:82:c1:0f:
87:b8:3b:b6:a4:ff:bf:1a:2d:66:26:74:c0:8a:99:
a8:af:4c:39:9c:76:9a:48:7f:67:b7:fc:6c:5b:73:
81:b5:16:ca:78:e1:7c:aa:eb:f6:0b:25:78:a1:13:
8e:4a:f5:1c:e7:4e:09:9e:a3:8c:00:34:c4:ab:df:
bc:98:35:16:b3:2c:c6:1a:ac:7d:3d:71:57:c1:f7:
b9:ee:5c:ef:f0:fd:61:23:87:d8:04:31:9f:8a:a1:
0f:bf:63:f5:f0:8a:cd:07:92:c5:d3:d0:cf:ae:12:
a2:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:C2:8F:80:67:A5:8C:7A:91:DA:E5:02:10:80:BE:EF:90:D3:18:3C
X509v3 Authority Key Identifier:
keyid:55:88:F1:97:F9:7E:89:00:75:55:44:E8:10:CD:DE:F9:D9:0F:BC:41
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VYjxl_l-iQB1VUToEM3e-dkPvEE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/622981-9650-4271-92ca-7cfef4276a0f/1/4MKPgGeljHqR2uUCEIC-75DTGDw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/622981-9650-4271-92ca-7cfef4276a0f/1/VYjxl_l-iQB1VUToEM3e-dkPvEE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.3.72.0/21
46.3.208.0/21
46.232.80.0/20
46.232.112.0/20
149.126.192.0/18
Signature Algorithm: sha256WithRSAEncryption
85:6e:33:62:ec:64:ec:aa:33:1d:ea:ed:e7:83:95:e2:50:64:
d8:3c:e5:72:60:05:ef:a3:48:be:57:27:ef:3c:36:05:cf:ae:
d0:8d:78:f0:07:fa:e1:b5:97:bf:be:2f:ca:e4:f3:39:1a:a1:
46:04:78:ee:32:87:fc:dc:8b:0a:5f:71:1f:c4:a0:79:de:48:
92:68:34:27:ea:5a:09:0c:27:06:de:97:46:31:dd:0d:0f:49:
60:e8:a9:4b:ad:1c:ab:9e:e5:eb:89:42:d6:db:1d:80:5f:d5:
75:76:96:c0:5c:f9:2b:1f:0c:22:cb:bc:e2:da:a5:80:f5:7e:
34:8c:d5:5e:b0:39:5a:59:b0:2b:48:d9:17:df:46:1d:78:9e:
8f:e1:41:f8:7d:5a:4e:5a:d0:42:5f:3b:90:b6:2b:fe:3a:25:
bd:b1:dc:3c:7a:89:aa:cd:3b:d3:c5:67:a8:df:02:2b:e1:c4:
27:4f:0b:72:8d:c5:db:11:31:41:21:b8:83:6e:bd:52:33:6d:
98:cd:f1:7f:ac:31:a9:3a:ba:94:62:4e:f3:d1:8e:42:bf:6c:
1f:e3:bc:1d:ff:d8:4f:69:ee:df:fe:b0:b0:4a:f5:90:ad:77:
1d:6b:a4:91:9e:02:a6:ff:49:16:a3:75:bd:21:cb:fa:b0:f4:
9f:0f:d7:85
-----BEGIN CERTIFICATE-----
MIIFBzCCA++gAwIBAgIECP6rHzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg1
NTg4ZjE5N2Y5N2U4OTAwNzU1NTQ0ZTgxMGNkZGVmOWQ5MGZiYzQxMB4XDTIyMDIy
NjA0MzkwMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZTBjMjhmODA2N2E1
OGM3YTkxZGFlNTAyMTA4MGJlZWY5MGQzMTgzYzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOZIfIiHtUv/dHXhYbTbTEMdO3WovSMvVhj6UusszeZHP+6/
b0fen17L3OVyCMo1zdMp7NTTgrib+p1ZCTacKvxf+DdbJQ3itIZ507JOzcwxibdJ
yNO16UHQBNMY3+ZSzPf+TjMHSmc9A/gTZr8TQBGTYm+Vjumj9jebzm4mwtIzo0yz
UFiNqnGCMBzTwySVyiGngsEPh7g7tqT/vxotZiZ0wIqZqK9MOZx2mkh/Z7f8bFtz
gbUWynjhfKrr9gsleKETjkr1HOdOCZ6jjAA0xKvfvJg1FrMsxhqsfT1xV8H3ue5c
7/D9YSOH2AQxn4qhD79j9fCKzQeSxdPQz64SossCAwEAAaOCAiEwggIdMB0GA1Ud
DgQWBBTgwo+AZ6WMepHa5QIQgL7vkNMYPDAfBgNVHSMEGDAWgBRViPGX+X6JAHVV
ROgQzd752Q+8QTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1ZZanhsX2wtaVFCMVZVVG9FTTNlLWRrUHZFRS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZTYvNjIyOTgxLTk2NTAtNDI3MS05MmNhLTdjZmVmNDI3NmEwZi8x
LzRNS1BnR2VsakhxUjJ1VUNFSUMtNzVEVEdEdy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZTYv
NjIyOTgxLTk2NTAtNDI3MS05MmNhLTdjZmVmNDI3NmEwZi8xL1ZZanhsX2wtaVFC
MVZVVG9FTTNlLWRrUHZFRS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA3
BggrBgEFBQcBBwEB/wQoMCYwJAQCAAEwHgMEAy4DSAMEAy4D0AMEBC7oUAMEBC7o
cAMEBpV+wDANBgkqhkiG9w0BAQsFAAOCAQEAhW4zYuxk7KozHert54OV4lBk2Dzl
cmAF76NIvlcn7zw2Bc+u0I148Af64bWXv74vyuTzORqhRgR47jKH/NyLCl9xH8Sg
ed5Ikmg0J+paCQwnBt6XRjHdDQ9JYOipS60cq57l64lC1tsdgF/VdXaWwFz5Kx8M
Isu84tqlgPV+NIzVXrA5WlmwK0jZF99GHXiej+FB+H1aTlrQQl87kLYr/jolvbHc
PHqJqs0708VnqN8CK+HEJ08Lco3F2xExQSG4g269UjNtmM3xf6wxqTq6lGJO89GO
Qr9sH+O8Hf/YT2nu3/6wsEr1kK13HWukkZ4Cpv9JFqN1vSHL+rD0nw/XhQ==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:05:35 2023 by rpki-client on console-fra.rpki-client.org