Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e6/622981-9650-4271-92ca-7cfef4276a0f/1/TdyQK0byewp8L8ObLx1CdrkW0Zo.roa
File: TdyQK0byewp8L8ObLx1CdrkW0Zo.roa (raw, json)
Hash identifier: sW++d9WE3K7FkAdKH9JcGZrGZLOPzE/Sa5ZeMmPUIDU=
Subject key identifier: 4D:DC:90:2B:46:F2:7B:0A:7C:2F:C3:9B:2F:1D:42:76:B9:16:D1:9A
Certificate issuer: /CN=5588f197f97e8900755544e810cddef9d90fbc41
Certificate serial: 01823C58B7ACD213C2F81C1BE437311D87A6
Authority key identifier: 55:88:F1:97:F9:7E:89:00:75:55:44:E8:10:CD:DE:F9:D9:0F:BC:41
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VYjxl_l-iQB1VUToEM3e-dkPvEE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e6/622981-9650-4271-92ca-7cfef4276a0f/1/TdyQK0byewp8L8ObLx1CdrkW0Zo.roa
Signing time: Tue 26 Jul 2022 21:10:23 +0000
ROA not before: Tue 26 Jul 2022 21:10:23 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 399587
IP address blocks: 46.3.164.0/22 maxlen: 24
46.3.96.0/20 maxlen: 24
46.3.120.0/21 maxlen: 22
80.243.128.0/21 maxlen: 24
46.232.64.0/21 maxlen: 24
46.232.64.0/22 maxlen: 24
46.3.48.0/20 maxlen: 20
46.3.72.0/21 maxlen: 21
46.3.80.0/21 maxlen: 22
46.3.86.0/23 maxlen: 24
46.3.208.0/21 maxlen: 21
46.3.216.0/22 maxlen: 24
46.3.216.0/21 maxlen: 22
46.3.222.0/24 maxlen: 24
46.232.20.0/22 maxlen: 24
46.3.224.0/21 maxlen: 22
46.3.20.0/22 maxlen: 24
46.3.32.0/19 maxlen: 24
46.3.32.0/20 maxlen: 20
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:3c:58:b7:ac:d2:13:c2:f8:1c:1b:e4:37:31:1d:87:a6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5588f197f97e8900755544e810cddef9d90fbc41
Validity
Not Before: Jul 26 21:10:23 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=4ddc902b46f27b0a7c2fc39b2f1d4276b916d19a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:de:22:19:dd:19:db:5a:26:5f:c4:cc:43:4b:
dd:06:95:ab:8f:3b:d3:d6:9d:06:49:e3:5a:1e:18:
7a:ec:bc:0d:d3:ca:d8:b5:17:41:13:0b:e3:2c:9c:
ee:1f:30:6e:31:30:a7:c0:ae:71:65:6c:f3:47:42:
be:11:9c:60:97:cf:7c:82:45:8c:f6:9d:8d:ab:4b:
5f:e2:e9:ba:f4:c3:19:13:f6:82:c1:30:47:66:1d:
02:c5:f2:cb:d1:cc:f6:e4:b1:b6:22:d6:53:3b:96:
c6:83:85:86:2e:29:46:7f:7c:d4:a0:86:6b:47:f2:
25:06:ce:26:98:69:f9:dd:50:8d:09:31:d8:e5:06:
4e:16:e4:07:d3:a4:49:d6:94:88:59:3a:59:1e:9a:
a4:ff:2b:36:d9:33:d1:e6:3b:e2:1d:a1:60:a6:8f:
97:c3:85:bd:d5:ee:7b:26:10:f9:f6:49:fa:aa:bf:
46:b2:51:a6:8e:27:d9:1f:ad:10:36:ea:e3:db:6f:
f5:61:59:b4:84:9f:96:53:de:e6:f7:01:f1:3f:ec:
c5:b5:39:42:b7:f9:45:f8:1e:d4:60:0d:43:4a:69:
b2:93:f4:49:a0:f8:2a:c7:47:b9:b4:94:14:89:8f:
9b:66:f6:b8:27:0e:84:6c:0b:ad:56:83:74:59:6d:
fb:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:DC:90:2B:46:F2:7B:0A:7C:2F:C3:9B:2F:1D:42:76:B9:16:D1:9A
X509v3 Authority Key Identifier:
keyid:55:88:F1:97:F9:7E:89:00:75:55:44:E8:10:CD:DE:F9:D9:0F:BC:41
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VYjxl_l-iQB1VUToEM3e-dkPvEE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/622981-9650-4271-92ca-7cfef4276a0f/1/TdyQK0byewp8L8ObLx1CdrkW0Zo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/622981-9650-4271-92ca-7cfef4276a0f/1/VYjxl_l-iQB1VUToEM3e-dkPvEE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.3.20.0/22
46.3.32.0/19
46.3.72.0-46.3.87.255
46.3.96.0/20
46.3.120.0/21
46.3.164.0/22
46.3.208.0-46.3.231.255
46.232.20.0/22
46.232.64.0/21
80.243.128.0/21
Signature Algorithm: sha256WithRSAEncryption
23:b5:50:bc:c2:99:1e:f4:79:30:18:2f:2e:69:fe:91:9b:71:
a9:ea:84:66:62:e8:f5:a8:59:5f:70:26:52:f8:77:07:30:50:
b4:d0:79:15:a1:71:53:5d:d3:41:5e:1d:4d:5a:bf:36:86:3b:
27:dc:89:45:28:86:c2:39:c4:17:66:68:48:da:9e:3d:e6:e6:
b0:5f:32:5a:78:7a:6e:f8:d5:b7:a6:98:3f:ef:65:aa:07:61:
c6:5d:a0:bc:16:67:e2:53:89:e1:2d:a0:4f:5c:64:80:b1:b3:
63:0c:8e:a7:51:af:1e:3e:8a:4c:c1:60:cb:a0:53:57:c1:ed:
ba:35:6f:b0:7d:69:52:67:fc:f6:2a:88:1d:40:bb:87:f3:2f:
a1:a6:2e:06:ae:b1:d2:81:e6:f9:dc:eb:bb:69:a3:1e:76:3f:
0a:37:d0:72:2b:66:6a:43:77:0e:98:12:f2:46:2d:5d:3c:55:
b4:0e:c9:cf:e6:50:c6:3f:66:b6:7d:2b:a0:90:5d:bb:1b:c9:
df:da:10:01:c0:02:4f:ef:85:64:f5:db:45:e6:75:5c:8c:26:
f7:42:79:b4:91:39:99:b7:07:44:97:16:4d:b6:67:f8:e2:1b:
be:e4:b2:ef:b1:e1:03:9b:52:8c:f5:af:8a:e6:3b:b8:cf:ba:
8d:b3:95:06
-----BEGIN CERTIFICATE-----
MIIFQzCCBCugAwIBAgISAYI8WLes0hPC+Bwb5DcxHYemMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU1ODhmMTk3Zjk3ZTg5MDA3NTU1NDRlODEwY2RkZWY5ZDkw
ZmJjNDEwHhcNMjIwNzI2MjExMDIzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZGRjOTAyYjQ2ZjI3YjBhN2MyZmMzOWIyZjFkNDI3NmI5MTZkMTlhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApt4iGd0Z21omX8TMQ0vdBpWrjzvT
1p0GSeNaHhh67LwN08rYtRdBEwvjLJzuHzBuMTCnwK5xZWzzR0K+EZxgl898gkWM
9p2Nq0tf4um69MMZE/aCwTBHZh0CxfLL0cz25LG2ItZTO5bGg4WGLilGf3zUoIZr
R/IlBs4mmGn53VCNCTHY5QZOFuQH06RJ1pSIWTpZHpqk/ys22TPR5jviHaFgpo+X
w4W91e57JhD59kn6qr9GslGmjifZH60QNurj22/1YVm0hJ+WU97m9wHxP+zFtTlC
t/lF+B7UYA1DSmmyk/RJoPgqx0e5tJQUiY+bZva4Jw6EbAutVoN0WW37ZQIDAQAB
o4ICTzCCAkswHQYDVR0OBBYEFE3ckCtG8nsKfC/Dmy8dQna5FtGaMB8GA1UdIwQY
MBaAFFWI8Zf5fokAdVVE6BDN3vnZD7xBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVllqeGxfbC1pUUIxVlVUb0VNM2UtZGtQdkVFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNi82MjI5ODEtOTY1MC00MjcxLTkyY2Et
N2NmZWY0Mjc2YTBmLzEvVGR5UUswYnlld3A4TDhPYkx4MUNkcmtXMFpvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNi82MjI5ODEtOTY1MC00MjcxLTkyY2EtN2NmZWY0Mjc2YTBm
LzEvVllqeGxfbC1pUUIxVlVUb0VNM2UtZGtQdkVFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGUGCCsGAQUFBwEHAQH/BFYwVDBSBAIAATBMAwQCLgMUAwQF
LgMgMAwDBAMuA0gDBAMuA1ADBAQuA2ADBAMuA3gDBAIuA6QwDAMEBC4D0AMEAy4D
4AMEAi7oFAMEAy7oQAMEA1DzgDANBgkqhkiG9w0BAQsFAAOCAQEAI7VQvMKZHvR5
MBgvLmn+kZtxqeqEZmLo9ahZX3AmUvh3BzBQtNB5FaFxU13TQV4dTVq/NoY7J9yJ
RSiGwjnEF2ZoSNqePebmsF8yWnh6bvjVt6aYP+9lqgdhxl2gvBZn4lOJ4S2gT1xk
gLGzYwyOp1GvHj6KTMFgy6BTV8HtujVvsH1pUmf89iqIHUC7h/MvoaYuBq6x0oHm
+dzru2mjHnY/CjfQcitmakN3DpgS8kYtXTxVtA7Jz+ZQxj9mtn0roJBduxvJ39oQ
AcACT++FZPXbReZ1XIwm90J5tJE5mbcHRJcWTbZn+OIbvuSy77HhA5tSjPWviuY7
uM+6jbOVBg==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:09:29 2023 by rpki-client on console-ams.rpki-client.org