Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e6/622981-9650-4271-92ca-7cfef4276a0f/1/CUZ1u3VKUj0wgP7_JU1a98crfFg.roa
File: CUZ1u3VKUj0wgP7_JU1a98crfFg.roa (raw, json)
Hash identifier: nvRnPtY+LjFv2V61mLsuvSG58ebtsyJJvsmwdPvKSng=
Subject key identifier: 09:46:75:BB:75:4A:52:3D:30:80:FE:FF:25:4D:5A:F7:C7:2B:7C:58
Certificate issuer: /CN=5588f197f97e8900755544e810cddef9d90fbc41
Certificate serial: 0182C46D5909DCBF150275052A548E923C53
Authority key identifier: 55:88:F1:97:F9:7E:89:00:75:55:44:E8:10:CD:DE:F9:D9:0F:BC:41
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VYjxl_l-iQB1VUToEM3e-dkPvEE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e6/622981-9650-4271-92ca-7cfef4276a0f/1/CUZ1u3VKUj0wgP7_JU1a98crfFg.roa
Signing time: Mon 22 Aug 2022 07:21:16 +0000
ROA not before: Mon 22 Aug 2022 07:21:16 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 996
IP address blocks: 46.232.64.0/21 maxlen: 22
149.126.246.0/24 maxlen: 24
149.126.243.0/24 maxlen: 24
149.126.244.0/24 maxlen: 24
149.126.245.0/24 maxlen: 24
149.126.242.0/24 maxlen: 24
149.126.253.0/24 maxlen: 24
149.126.250.0/24 maxlen: 24
149.126.252.0/24 maxlen: 24
149.126.247.0/24 maxlen: 24
149.126.248.0/24 maxlen: 24
149.126.249.0/24 maxlen: 24
149.126.255.0/24 maxlen: 24
149.126.198.0/24 maxlen: 24
149.126.195.0/24 maxlen: 24
149.126.196.0/24 maxlen: 24
149.126.193.0/24 maxlen: 24
149.126.204.0/24 maxlen: 24
149.126.205.0/24 maxlen: 24
149.126.206.0/24 maxlen: 24
149.126.201.0/24 maxlen: 24
149.126.202.0/24 maxlen: 24
149.126.213.0/24 maxlen: 24
149.126.208.0/24 maxlen: 24
149.126.210.0/24 maxlen: 24
149.126.214.0/24 maxlen: 24
149.126.225.0/24 maxlen: 24
149.126.226.0/24 maxlen: 24
149.126.224.0/24 maxlen: 24
149.126.229.0/24 maxlen: 24
149.126.230.0/24 maxlen: 24
149.126.231.0/24 maxlen: 24
149.126.228.0/24 maxlen: 24
46.3.156.0/24 maxlen: 24
46.3.157.0/24 maxlen: 24
46.3.160.0/22 maxlen: 22
46.3.134.0/24 maxlen: 24
46.3.135.0/24 maxlen: 24
46.3.254.0/24 maxlen: 24
46.3.255.0/24 maxlen: 24
46.3.205.0/24 maxlen: 24
46.3.200.0/24 maxlen: 24
46.3.201.0/24 maxlen: 24
46.3.253.0/24 maxlen: 24
46.3.249.0/24 maxlen: 24
46.3.250.0/24 maxlen: 24
46.3.251.0/24 maxlen: 24
46.3.252.0/24 maxlen: 24
46.3.248.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:c4:6d:59:09:dc:bf:15:02:75:05:2a:54:8e:92:3c:53
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5588f197f97e8900755544e810cddef9d90fbc41
Validity
Not Before: Aug 22 07:21:16 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=094675bb754a523d3080feff254d5af7c72b7c58
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:d5:c2:92:8b:d8:1a:89:78:01:56:9f:57:04:
ae:1d:2f:aa:38:1f:b6:dd:77:14:a3:0a:65:46:99:
8a:f3:5e:15:0d:72:4c:f5:25:b0:d1:5a:bf:3f:d3:
5f:aa:b2:20:35:ab:fa:2e:6e:a2:3c:01:1c:b5:5e:
46:9a:d0:a5:0b:aa:5b:f7:8b:3c:38:f1:bc:98:00:
6d:76:30:d1:88:fd:6b:4d:22:a4:56:e6:0a:a7:20:
2d:b7:71:f7:75:b2:e2:b4:9e:61:4b:44:91:4f:41:
1f:24:ca:24:08:f0:0f:f1:77:d3:b2:a7:d7:0e:4c:
91:c1:58:1d:0b:1f:1c:67:f6:a1:c2:3b:c7:2d:a5:
79:b4:62:6e:29:62:2b:bb:1e:d3:ad:ae:bd:a3:73:
76:fe:64:39:6d:bb:e3:c7:48:be:fa:33:f1:04:0c:
db:17:81:d3:73:e4:97:f5:90:c5:7f:e6:19:79:c4:
9b:30:53:65:8d:6e:cc:f9:21:d5:d7:1e:39:e5:5f:
c5:ad:6f:94:91:39:4f:0c:33:c4:71:e8:1e:18:49:
88:fb:ad:19:40:6d:80:55:38:0c:d4:31:70:6d:00:
ec:2a:dd:b2:8f:76:b7:ae:73:92:40:24:52:bb:84:
de:ff:a9:9b:47:76:78:4e:07:40:a3:ac:5b:be:81:
23:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:46:75:BB:75:4A:52:3D:30:80:FE:FF:25:4D:5A:F7:C7:2B:7C:58
X509v3 Authority Key Identifier:
keyid:55:88:F1:97:F9:7E:89:00:75:55:44:E8:10:CD:DE:F9:D9:0F:BC:41
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VYjxl_l-iQB1VUToEM3e-dkPvEE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/622981-9650-4271-92ca-7cfef4276a0f/1/CUZ1u3VKUj0wgP7_JU1a98crfFg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/622981-9650-4271-92ca-7cfef4276a0f/1/VYjxl_l-iQB1VUToEM3e-dkPvEE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.3.134.0/23
46.3.156.0/23
46.3.160.0/22
46.3.200.0/23
46.3.205.0/24
46.3.248.0/21
46.232.64.0/21
149.126.193.0/24
149.126.195.0-149.126.196.255
149.126.198.0/24
149.126.201.0-149.126.202.255
149.126.204.0-149.126.206.255
149.126.208.0/24
149.126.210.0/24
149.126.213.0-149.126.214.255
149.126.224.0-149.126.226.255
149.126.228.0/22
149.126.242.0-149.126.250.255
149.126.252.0/23
149.126.255.0/24
Signature Algorithm: sha256WithRSAEncryption
81:ff:e9:2f:44:ab:05:28:af:bd:98:04:9b:12:0f:59:9c:50:
f5:4d:bf:84:fb:22:6e:24:b0:df:d9:16:fc:75:19:90:17:8e:
e1:75:9d:e9:e9:1b:1d:f6:b5:60:2c:b5:5c:a4:00:ac:3b:60:
f9:48:d6:36:f8:f9:a2:f6:cf:88:b4:8a:59:98:fc:61:31:64:
b0:b6:2f:ef:ba:77:46:72:fe:8c:f6:21:d5:87:b2:63:9e:f5:
26:ff:bf:6e:fc:bc:91:43:31:e4:6b:32:43:f0:18:23:51:79:
b6:24:ff:5f:85:2d:43:44:76:78:f4:72:95:e6:53:a3:0c:6b:
81:39:3f:4e:d0:64:77:e5:88:55:68:86:fc:74:fd:40:36:59:
86:d0:1c:73:2c:61:68:bf:67:4f:78:e3:77:40:1a:9f:20:e8:
ff:2b:c6:e0:02:e6:39:a5:ea:0f:69:88:49:9c:3d:68:c4:e1:
e2:0a:a6:f3:f0:97:ee:c4:bf:68:f9:f9:62:ea:51:c2:93:cc:
e1:34:92:27:e3:85:c1:41:66:3c:88:d6:6f:c6:b0:95:54:50:
02:4c:01:d3:73:41:1f:7d:7b:5b:21:07:4c:2f:5c:1a:41:66:
a9:7f:bc:84:37:12:6e:37:93:86:da:c5:ce:32:81:fa:80:d1:
2c:e6:f0:9b
-----BEGIN CERTIFICATE-----
MIIFpDCCBIygAwIBAgISAYLEbVkJ3L8VAnUFKlSOkjxTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU1ODhmMTk3Zjk3ZTg5MDA3NTU1NDRlODEwY2RkZWY5ZDkw
ZmJjNDEwHhcNMjIwODIyMDcyMTE2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOTQ2NzViYjc1NGE1MjNkMzA4MGZlZmYyNTRkNWFmN2M3MmI3YzU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjNXCkovYGol4AVafVwSuHS+qOB+2
3XcUowplRpmK814VDXJM9SWw0Vq/P9NfqrIgNav6Lm6iPAEctV5GmtClC6pb94s8
OPG8mABtdjDRiP1rTSKkVuYKpyAtt3H3dbLitJ5hS0SRT0EfJMokCPAP8XfTsqfX
DkyRwVgdCx8cZ/ahwjvHLaV5tGJuKWIrux7Tra69o3N2/mQ5bbvjx0i++jPxBAzb
F4HTc+SX9ZDFf+YZecSbMFNljW7M+SHV1x455V/FrW+UkTlPDDPEcegeGEmI+60Z
QG2AVTgM1DFwbQDsKt2yj3a3rnOSQCRSu4Te/6mbR3Z4TgdAo6xbvoEjuwIDAQAB
o4ICsDCCAqwwHQYDVR0OBBYEFAlGdbt1SlI9MID+/yVNWvfHK3xYMB8GA1UdIwQY
MBaAFFWI8Zf5fokAdVVE6BDN3vnZD7xBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVllqeGxfbC1pUUIxVlVUb0VNM2UtZGtQdkVFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNi82MjI5ODEtOTY1MC00MjcxLTkyY2Et
N2NmZWY0Mjc2YTBmLzEvQ1VaMXUzVktVajB3Z1A3X0pVMWE5OGNyZkZnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNi82MjI5ODEtOTY1MC00MjcxLTkyY2EtN2NmZWY0Mjc2YTBm
LzEvVllqeGxfbC1pUUIxVlVUb0VNM2UtZGtQdkVFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHFBggrBgEFBQcBBwEB/wSBtTCBsjCBrwQCAAEwgagDBAEu
A4YDBAEuA5wDBAIuA6ADBAEuA8gDBAAuA80DBAMuA/gDBAMu6EADBACVfsEwDAME
AJV+wwMEAJV+xAMEAJV+xjAMAwQAlX7JAwQAlX7KMAwDBAKVfswDBACVfs4DBACV
ftADBACVftIwDAMEAJV+1QMEAJV+1jAMAwQFlX7gAwQAlX7iAwQClX7kMAwDBAGV
fvIDBACVfvoDBAGVfvwDBACVfv8wDQYJKoZIhvcNAQELBQADggEBAIH/6S9EqwUo
r72YBJsSD1mcUPVNv4T7Im4ksN/ZFvx1GZAXjuF1nenpGx32tWAstVykAKw7YPlI
1jb4+aL2z4i0ilmY/GExZLC2L++6d0Zy/oz2IdWHsmOe9Sb/v278vJFDMeRrMkPw
GCNRebYk/1+FLUNEdnj0cpXmU6MMa4E5P07QZHfliFVohvx0/UA2WYbQHHMsYWi/
Z09443dAGp8g6P8rxuAC5jml6g9piEmcPWjE4eIKpvPwl+7Ev2j5+WLqUcKTzOE0
kifjhcFBZjyI1m/GsJVUUAJMAdNzQR99e1shB0wvXBpBZql/vIQ3Em43k4baxc4y
gfqA0Szm8Js=
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:09:29 2023 by rpki-client on console-ams.rpki-client.org