Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e6/622981-9650-4271-92ca-7cfef4276a0f/1/G8undXa3yEaWmN1_33LdGW-5ows.roa
File: G8undXa3yEaWmN1_33LdGW-5ows.roa (raw, json)
Hash identifier: yScY+PI/+rHYID2tJmRDqnS0PdxDXdtXeVbQNrT7I8M=
Subject key identifier: 1B:CB:A7:75:76:B7:C8:46:96:98:DD:7F:DF:72:DD:19:6F:B9:A3:0B
Certificate issuer: /CN=5588f197f97e8900755544e810cddef9d90fbc41
Certificate serial: 09BFB062
Authority key identifier: 55:88:F1:97:F9:7E:89:00:75:55:44:E8:10:CD:DE:F9:D9:0F:BC:41
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VYjxl_l-iQB1VUToEM3e-dkPvEE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e6/622981-9650-4271-92ca-7cfef4276a0f/1/G8undXa3yEaWmN1_33LdGW-5ows.roa
Signing time: Wed 11 May 2022 13:09:45 +0000
ROA not before: Wed 11 May 2022 13:09:45 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 3257
IP address blocks: 46.232.72.0/21 maxlen: 21
46.232.80.0/20 maxlen: 20
46.232.96.0/20 maxlen: 20
46.232.20.0/22 maxlen: 22
46.232.24.0/21 maxlen: 21
46.232.32.0/20 maxlen: 20
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 163557474 (0x9bfb062)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5588f197f97e8900755544e810cddef9d90fbc41
Validity
Not Before: May 11 13:09:45 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=1bcba77576b7c8469698dd7fdf72dd196fb9a30b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:f8:6f:b3:e6:d9:92:a6:25:27:80:9d:bd:06:
9d:dd:39:eb:01:33:45:5a:86:18:67:79:54:be:3e:
fa:76:ca:50:ea:29:5d:16:82:52:36:80:94:47:fb:
c5:bd:a4:dc:a4:d8:c9:5c:2e:11:d1:56:16:64:96:
07:d5:5e:0f:72:ac:1a:06:d4:f5:e3:2f:05:45:9e:
c6:d7:d6:ac:b5:00:32:38:75:99:70:2b:02:82:f9:
81:a1:fc:35:cd:fa:b6:63:c5:28:f2:cd:ac:1e:3f:
39:4f:56:75:44:3b:b0:06:d9:4a:f5:21:a6:cc:54:
e9:1b:88:6c:44:ee:a3:1c:42:54:b2:56:2d:be:d7:
70:55:8c:84:44:8f:80:b4:71:9b:f0:a2:f1:0e:f8:
89:43:14:c6:e5:0c:e0:06:1a:a3:19:42:d1:49:43:
04:21:29:6d:3a:5f:bc:bc:46:5f:03:91:d2:c0:82:
dc:d7:53:0f:28:bb:64:76:f6:8e:40:e5:f1:39:59:
19:94:ae:2b:67:d2:40:6c:cc:d7:ed:bb:be:96:00:
9a:bb:04:58:f8:bd:3b:1f:87:f1:22:63:d7:90:40:
4f:3b:8c:86:b5:cc:0b:00:6f:2f:84:3f:83:dc:5c:
43:b0:ed:c0:55:ce:ca:9e:3b:c8:60:86:21:5a:7c:
56:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1B:CB:A7:75:76:B7:C8:46:96:98:DD:7F:DF:72:DD:19:6F:B9:A3:0B
X509v3 Authority Key Identifier:
keyid:55:88:F1:97:F9:7E:89:00:75:55:44:E8:10:CD:DE:F9:D9:0F:BC:41
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VYjxl_l-iQB1VUToEM3e-dkPvEE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/622981-9650-4271-92ca-7cfef4276a0f/1/G8undXa3yEaWmN1_33LdGW-5ows.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/622981-9650-4271-92ca-7cfef4276a0f/1/VYjxl_l-iQB1VUToEM3e-dkPvEE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.232.20.0-46.232.47.255
46.232.72.0-46.232.111.255
Signature Algorithm: sha256WithRSAEncryption
5b:d1:1e:a9:47:aa:56:c8:dd:ef:5a:1f:68:09:5c:7a:01:b2:
f0:87:70:c3:35:0a:0c:79:3b:f1:82:d1:ec:e6:ad:a5:28:11:
d8:8f:45:de:92:1a:10:5f:fa:11:e4:35:9d:37:e5:61:98:3c:
08:b5:db:5d:59:96:a2:aa:2a:6d:f5:1b:3b:c7:5d:aa:ea:c7:
c9:72:cc:73:c4:de:22:be:6a:30:40:34:71:50:f3:b1:71:25:
30:6c:4e:e0:f2:db:f3:cf:dd:0f:eb:a7:5a:a3:8d:4f:ef:d1:
cb:14:08:bd:93:a2:00:96:34:62:0f:a9:8d:27:20:da:09:ae:
3c:bf:7f:64:f8:08:d6:fc:7d:e2:be:66:a2:9b:bd:e2:8c:53:
94:85:9a:88:bc:16:da:49:9b:3f:a8:a4:de:7d:8a:e7:c5:c4:
90:98:0a:07:06:44:c4:b3:cd:1f:2e:cc:93:00:4b:06:f6:fa:
6b:1c:b3:b0:72:01:1d:5e:96:26:06:fa:b2:bd:17:67:c9:ea:
91:0a:32:bf:2b:28:7e:05:5f:0a:c7:72:62:0b:b0:85:80:29:
df:24:5a:e3:1d:16:cd:b0:36:c5:74:2b:82:0f:ab:bc:05:ff:
64:10:f8:4e:71:0b:9c:02:a1:c6:5e:42:aa:ef:62:86:ca:ab:
25:e0:a6:06
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgIECb+wYjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg1
NTg4ZjE5N2Y5N2U4OTAwNzU1NTQ0ZTgxMGNkZGVmOWQ5MGZiYzQxMB4XDTIyMDUx
MTEzMDk0NVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMWJjYmE3NzU3NmI3
Yzg0Njk2OThkZDdmZGY3MmRkMTk2ZmI5YTMwYjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJL4b7Pm2ZKmJSeAnb0Gnd056wEzRVqGGGd5VL4++nbKUOop
XRaCUjaAlEf7xb2k3KTYyVwuEdFWFmSWB9VeD3KsGgbU9eMvBUWextfWrLUAMjh1
mXArAoL5gaH8Nc36tmPFKPLNrB4/OU9WdUQ7sAbZSvUhpsxU6RuIbETuoxxCVLJW
Lb7XcFWMhESPgLRxm/Ci8Q74iUMUxuUM4AYaoxlC0UlDBCEpbTpfvLxGXwOR0sCC
3NdTDyi7ZHb2jkDl8TlZGZSuK2fSQGzM1+27vpYAmrsEWPi9Ox+H8SJj15BATzuM
hrXMCwBvL4Q/g9xcQ7DtwFXOyp47yGCGIVp8VlECAwEAAaOCAh8wggIbMB0GA1Ud
DgQWBBQby6d1drfIRpaY3X/fct0Zb7mjCzAfBgNVHSMEGDAWgBRViPGX+X6JAHVV
ROgQzd752Q+8QTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1ZZanhsX2wtaVFCMVZVVG9FTTNlLWRrUHZFRS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZTYvNjIyOTgxLTk2NTAtNDI3MS05MmNhLTdjZmVmNDI3NmEwZi8x
L0c4dW5kWGEzeUVhV21OMV8zM0xkR1ctNW93cy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZTYv
NjIyOTgxLTk2NTAtNDI3MS05MmNhLTdjZmVmNDI3NmEwZi8xL1ZZanhsX2wtaVFC
MVZVVG9FTTNlLWRrUHZFRS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA1
BggrBgEFBQcBBwEB/wQmMCQwIgQCAAEwHDAMAwQCLugUAwQELuggMAwDBAMu6EgD
BAQu6GAwDQYJKoZIhvcNAQELBQADggEBAFvRHqlHqlbI3e9aH2gJXHoBsvCHcMM1
Cgx5O/GC0ezmraUoEdiPRd6SGhBf+hHkNZ035WGYPAi1211ZlqKqKm31GzvHXarq
x8lyzHPE3iK+ajBANHFQ87FxJTBsTuDy2/PP3Q/rp1qjjU/v0csUCL2TogCWNGIP
qY0nINoJrjy/f2T4CNb8feK+ZqKbveKMU5SFmoi8FtpJmz+opN59iufFxJCYCgcG
RMSzzR8uzJMASwb2+mscs7ByAR1eliYG+rK9F2fJ6pEKMr8rKH4FXwrHcmILsIWA
Kd8kWuMdFs2wNsV0K4IPq7wF/2QQ+E5xC5wCocZeQqrvYobKqyXgpgY=
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:05:35 2023 by rpki-client on console-fra.rpki-client.org