Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e6/622981-9650-4271-92ca-7cfef4276a0f/1/XYwvZqTgOmCpagF7jRonq6YgtxQ.roa
File: XYwvZqTgOmCpagF7jRonq6YgtxQ.roa (raw, json)
Hash identifier: U+ObVDBfkt7fee+CQxKpNGUIKA/EbYiSWT8To45d0fc=
Subject key identifier: 5D:8C:2F:66:A4:E0:3A:60:A9:6A:01:7B:8D:1A:27:AB:A6:20:B7:14
Certificate issuer: /CN=5588f197f97e8900755544e810cddef9d90fbc41
Certificate serial: 09C3E5B5
Authority key identifier: 55:88:F1:97:F9:7E:89:00:75:55:44:E8:10:CD:DE:F9:D9:0F:BC:41
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VYjxl_l-iQB1VUToEM3e-dkPvEE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e6/622981-9650-4271-92ca-7cfef4276a0f/1/XYwvZqTgOmCpagF7jRonq6YgtxQ.roa
Signing time: Fri 13 May 2022 05:13:02 +0000
ROA not before: Fri 13 May 2022 05:13:02 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 1239
IP address blocks: 46.232.72.0/21 maxlen: 24
46.232.80.0/20 maxlen: 22
46.232.96.0/20 maxlen: 24
46.3.208.0/21 maxlen: 21
46.232.112.0/20 maxlen: 22
149.126.192.0/18 maxlen: 22
46.3.220.0/23 maxlen: 23
46.3.116.0/22 maxlen: 22
46.3.230.0/23 maxlen: 23
46.3.120.0/21 maxlen: 21
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 163833269 (0x9c3e5b5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5588f197f97e8900755544e810cddef9d90fbc41
Validity
Not Before: May 13 05:13:02 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=5d8c2f66a4e03a60a96a017b8d1a27aba620b714
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:77:05:08:4c:0d:40:c7:3f:1b:2f:27:e3:2e:
c4:50:b6:f9:45:b3:7a:2a:23:53:96:ca:41:3b:03:
b8:50:2b:74:a6:a9:cf:92:1a:89:e7:5b:5e:fc:9e:
3e:32:1e:35:74:63:65:20:2b:20:3d:e2:fe:02:02:
58:bc:16:4b:b5:2a:5d:65:9b:6b:f1:fe:87:b8:96:
77:16:bd:d5:de:69:69:08:56:28:33:bd:76:a6:d3:
31:4a:28:dc:b2:ab:42:7a:cd:64:55:13:e6:c8:04:
25:83:a4:06:c6:63:81:89:d2:fe:89:90:6d:00:e7:
b9:01:0f:88:15:b3:85:b2:f1:4a:ec:94:c3:0c:ea:
06:1d:bb:a8:8a:03:6d:4d:aa:ea:69:23:72:0b:f1:
b4:01:3c:37:d2:50:9a:28:20:4b:8a:62:2c:49:b6:
48:a1:ed:55:92:00:e0:5c:d6:b7:90:e7:74:a9:7c:
36:ea:26:13:d0:d8:28:50:35:ca:14:87:53:4f:1f:
a2:53:a5:4b:b5:bf:35:9c:e0:fe:3a:b2:53:8f:a3:
4e:c7:94:aa:cd:0a:ef:31:d0:da:00:26:4c:2c:7d:
1d:c2:8a:1a:2e:17:94:83:95:71:0b:50:26:a7:bc:
fb:9a:1f:dc:35:d9:af:f2:db:bc:05:13:1f:c4:4d:
57:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:8C:2F:66:A4:E0:3A:60:A9:6A:01:7B:8D:1A:27:AB:A6:20:B7:14
X509v3 Authority Key Identifier:
keyid:55:88:F1:97:F9:7E:89:00:75:55:44:E8:10:CD:DE:F9:D9:0F:BC:41
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VYjxl_l-iQB1VUToEM3e-dkPvEE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/622981-9650-4271-92ca-7cfef4276a0f/1/XYwvZqTgOmCpagF7jRonq6YgtxQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/622981-9650-4271-92ca-7cfef4276a0f/1/VYjxl_l-iQB1VUToEM3e-dkPvEE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.3.116.0-46.3.127.255
46.3.208.0/21
46.3.220.0/23
46.3.230.0/23
46.232.72.0-46.232.127.255
149.126.192.0/18
Signature Algorithm: sha256WithRSAEncryption
5e:dc:14:e8:d4:60:52:e6:e4:c7:89:90:3c:76:85:0d:c9:9b:
2f:f3:c3:8c:c0:4e:08:a6:27:6c:b5:8e:a6:fa:3e:7e:bd:02:
f8:ef:1d:a2:b2:9c:a0:19:cc:bf:98:23:a7:2a:6d:01:24:64:
49:56:f1:ab:e7:63:a6:b7:ab:c3:b6:a5:32:20:ad:d0:34:67:
bd:ef:24:a0:7b:92:b2:12:c0:ff:0e:3d:78:d8:e4:20:42:85:
3d:90:2d:1c:3e:87:0b:44:ab:42:1c:d3:9a:81:ad:05:f8:a6:
96:94:d6:ba:d2:c0:b5:67:c9:48:43:74:ef:66:04:f7:87:c3:
34:5f:6c:dc:2c:2b:ff:b5:d8:41:aa:d7:1d:c7:e0:81:5b:6f:
8a:91:47:d8:4a:74:79:9a:ff:98:cd:b3:a7:50:b7:e5:e6:b1:
ec:8b:c3:ed:f3:a6:a2:3d:67:58:42:49:18:86:b8:ce:20:3a:
5b:a4:7e:8b:0f:57:02:65:83:4a:5f:b3:ea:50:1d:ba:f0:a1:
db:de:56:0f:69:9e:63:5f:bc:f2:01:48:95:73:7d:ec:70:53:
7f:f6:8a:b8:b7:9a:59:e3:13:c3:0b:57:cc:98:11:0b:3c:33:
b4:0b:37:d8:36:26:59:c8:b4:dc:39:f8:0b:e5:51:8f:2b:69:
94:30:84:5b
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgIECcPltTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg1
NTg4ZjE5N2Y5N2U4OTAwNzU1NTQ0ZTgxMGNkZGVmOWQ5MGZiYzQxMB4XDTIyMDUx
MzA1MTMwMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNWQ4YzJmNjZhNGUw
M2E2MGE5NmEwMTdiOGQxYTI3YWJhNjIwYjcxNDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAK93BQhMDUDHPxsvJ+MuxFC2+UWzeiojU5bKQTsDuFArdKap
z5IaiedbXvyePjIeNXRjZSArID3i/gICWLwWS7UqXWWba/H+h7iWdxa91d5paQhW
KDO9dqbTMUoo3LKrQnrNZFUT5sgEJYOkBsZjgYnS/omQbQDnuQEPiBWzhbLxSuyU
wwzqBh27qIoDbU2q6mkjcgvxtAE8N9JQmiggS4piLEm2SKHtVZIA4FzWt5DndKl8
NuomE9DYKFA1yhSHU08folOlS7W/NZzg/jqyU4+jTseUqs0K7zHQ2gAmTCx9HcKK
Gi4XlIOVcQtQJqe8+5of3DXZr/LbvAUTH8RNV6cCAwEAAaOCAjcwggIzMB0GA1Ud
DgQWBBRdjC9mpOA6YKlqAXuNGierpiC3FDAfBgNVHSMEGDAWgBRViPGX+X6JAHVV
ROgQzd752Q+8QTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1ZZanhsX2wtaVFCMVZVVG9FTTNlLWRrUHZFRS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZTYvNjIyOTgxLTk2NTAtNDI3MS05MmNhLTdjZmVmNDI3NmEwZi8x
L1hZd3ZacVRnT21DcGFnRjdqUm9ucTZZZ3R4US5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZTYv
NjIyOTgxLTk2NTAtNDI3MS05MmNhLTdjZmVmNDI3NmEwZi8xL1ZZanhsX2wtaVFC
MVZVVG9FTTNlLWRrUHZFRS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBN
BggrBgEFBQcBBwEB/wQ+MDwwOgQCAAEwNDAMAwQCLgN0AwQHLgMAAwQDLgPQAwQB
LgPcAwQBLgPmMAwDBAMu6EgDBAcu6AADBAaVfsAwDQYJKoZIhvcNAQELBQADggEB
AF7cFOjUYFLm5MeJkDx2hQ3Jmy/zw4zATgimJ2y1jqb6Pn69AvjvHaKynKAZzL+Y
I6cqbQEkZElW8avnY6a3q8O2pTIgrdA0Z73vJKB7krISwP8OPXjY5CBChT2QLRw+
hwtEq0Ic05qBrQX4ppaU1rrSwLVnyUhDdO9mBPeHwzRfbNwsK/+12EGq1x3H4IFb
b4qRR9hKdHma/5jNs6dQt+XmseyLw+3zpqI9Z1hCSRiGuM4gOlukfosPVwJlg0pf
s+pQHbrwodveVg9pnmNfvPIBSJVzfexwU3/2iri3mlnjE8MLV8yYEQs8M7QLN9g2
JlnItNw5+AvlUY8raZQwhFs=
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:09:29 2023 by rpki-client on console-ams.rpki-client.org