Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e6/622981-9650-4271-92ca-7cfef4276a0f/1/gdXk0T22k7uQJdRsyD6PtViiza0.roa
File: gdXk0T22k7uQJdRsyD6PtViiza0.roa (raw, json)
Hash identifier: JVHTSvK6Cq/kQ5lnk3qrdK56YvaPcl6kMYsk8VdO8sM=
Subject key identifier: 81:D5:E4:D1:3D:B6:93:BB:90:25:D4:6C:C8:3E:8F:B5:58:A2:CD:AD
Certificate issuer: /CN=5588f197f97e8900755544e810cddef9d90fbc41
Certificate serial: 09424A57
Authority key identifier: 55:88:F1:97:F9:7E:89:00:75:55:44:E8:10:CD:DE:F9:D9:0F:BC:41
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VYjxl_l-iQB1VUToEM3e-dkPvEE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e6/622981-9650-4271-92ca-7cfef4276a0f/1/gdXk0T22k7uQJdRsyD6PtViiza0.roa
Signing time: Fri 25 Mar 2022 12:53:02 +0000
ROA not before: Fri 25 Mar 2022 12:53:02 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 399587
IP address blocks: 46.3.72.0/21 maxlen: 21
46.3.80.0/21 maxlen: 22
46.3.208.0/21 maxlen: 21
46.3.216.0/21 maxlen: 22
46.3.224.0/21 maxlen: 22
46.3.120.0/21 maxlen: 22
46.3.32.0/19 maxlen: 22
46.3.32.0/20 maxlen: 20
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 155339351 (0x9424a57)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5588f197f97e8900755544e810cddef9d90fbc41
Validity
Not Before: Mar 25 12:53:02 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=81d5e4d13db693bb9025d46cc83e8fb558a2cdad
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:7e:e3:13:9b:44:da:5d:51:d4:d8:1d:fc:38:
18:67:08:ca:48:0a:22:39:b9:8c:e8:aa:53:c9:54:
23:87:70:5e:fc:15:55:75:81:67:87:3d:16:91:0d:
7e:df:4b:a8:10:6c:12:b8:1a:40:10:e3:64:ab:d3:
9d:d0:a0:be:fd:99:47:30:d0:41:7f:05:e5:0e:9e:
43:ad:89:6a:70:eb:41:fd:78:84:db:ff:11:2e:04:
f9:68:bf:a5:38:df:d0:18:48:ff:01:7b:f2:41:6d:
e3:d8:d7:7c:49:be:d4:6e:b1:ce:4d:0d:73:18:57:
f6:f2:44:97:de:cd:45:4c:39:f5:86:62:22:77:61:
9a:97:8b:68:d4:dc:c5:2a:42:5f:8c:15:3b:a0:c5:
6f:a3:18:a1:42:a7:0a:38:48:50:f2:cd:aa:96:2d:
a5:f5:c7:57:d4:f1:94:5d:36:87:61:74:e1:ae:07:
96:da:64:1f:2a:77:72:a2:6d:54:6e:96:49:09:84:
c5:81:6a:98:7c:cd:e7:d5:6c:5b:00:28:ce:e3:50:
1e:a2:e1:c2:ac:11:f0:a6:9d:aa:ca:04:e1:fd:6b:
f4:4b:3c:8e:3f:27:8d:34:84:3c:53:c7:b4:68:63:
96:21:49:b7:5c:47:64:b0:96:83:95:4c:87:5f:15:
ac:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
81:D5:E4:D1:3D:B6:93:BB:90:25:D4:6C:C8:3E:8F:B5:58:A2:CD:AD
X509v3 Authority Key Identifier:
keyid:55:88:F1:97:F9:7E:89:00:75:55:44:E8:10:CD:DE:F9:D9:0F:BC:41
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VYjxl_l-iQB1VUToEM3e-dkPvEE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/622981-9650-4271-92ca-7cfef4276a0f/1/gdXk0T22k7uQJdRsyD6PtViiza0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/622981-9650-4271-92ca-7cfef4276a0f/1/VYjxl_l-iQB1VUToEM3e-dkPvEE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.3.32.0/19
46.3.72.0-46.3.87.255
46.3.120.0/21
46.3.208.0-46.3.231.255
Signature Algorithm: sha256WithRSAEncryption
04:ab:61:d4:cc:50:4e:5a:68:61:0e:32:29:41:23:99:12:87:
fb:e9:62:eb:3b:32:e3:10:74:07:5a:ef:52:a9:26:43:87:07:
11:65:cf:40:70:35:86:03:48:6f:f5:7c:b9:f8:a5:85:51:1e:
d8:d1:89:b3:71:7e:d8:e2:d1:4e:40:8a:6c:ab:f6:c3:39:5e:
ef:03:c6:3d:66:73:7d:2c:d2:13:a6:5e:c3:6c:25:5b:71:7c:
a3:60:ea:68:4f:57:b2:e3:1f:c4:cd:91:da:64:ec:a0:9b:2b:
86:64:20:a9:5c:ba:89:b2:19:21:7a:60:e2:e9:e2:16:2a:ed:
a8:8a:de:a5:2b:d4:2c:74:6f:08:c7:8a:3b:58:9a:ce:3d:83:
e2:24:ab:cf:c2:c0:8c:73:75:ed:47:29:0e:e5:50:11:4f:91:
eb:8e:75:d0:50:48:c0:7d:69:ae:5a:01:1d:2a:22:fd:ef:86:
e7:6e:a1:0a:a5:ba:96:9d:a0:09:84:82:a3:f0:8d:6e:e8:77:
f5:4e:77:0f:e6:84:57:26:b8:42:24:6b:02:d1:8f:0d:77:bc:
6b:0c:6e:dc:b3:5d:71:fb:45:13:64:6e:57:dc:b3:8d:3d:6e:
01:6f:f0:14:d1:62:9f:55:45:53:0a:52:1b:9e:55:4f:e8:10:
f3:16:e8:f1
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgIECUJKVzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg1
NTg4ZjE5N2Y5N2U4OTAwNzU1NTQ0ZTgxMGNkZGVmOWQ5MGZiYzQxMB4XDTIyMDMy
NTEyNTMwMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoODFkNWU0ZDEzZGI2
OTNiYjkwMjVkNDZjYzgzZThmYjU1OGEyY2RhZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJZ+4xObRNpdUdTYHfw4GGcIykgKIjm5jOiqU8lUI4dwXvwV
VXWBZ4c9FpENft9LqBBsErgaQBDjZKvTndCgvv2ZRzDQQX8F5Q6eQ62JanDrQf14
hNv/ES4E+Wi/pTjf0BhI/wF78kFt49jXfEm+1G6xzk0NcxhX9vJEl97NRUw59YZi
IndhmpeLaNTcxSpCX4wVO6DFb6MYoUKnCjhIUPLNqpYtpfXHV9TxlF02h2F04a4H
ltpkHyp3cqJtVG6WSQmExYFqmHzN59VsWwAozuNQHqLhwqwR8KadqsoE4f1r9Es8
jj8njTSEPFPHtGhjliFJt1xHZLCWg5VMh18VrGUCAwEAAaOCAiswggInMB0GA1Ud
DgQWBBSB1eTRPbaTu5Al1GzIPo+1WKLNrTAfBgNVHSMEGDAWgBRViPGX+X6JAHVV
ROgQzd752Q+8QTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1ZZanhsX2wtaVFCMVZVVG9FTTNlLWRrUHZFRS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZTYvNjIyOTgxLTk2NTAtNDI3MS05MmNhLTdjZmVmNDI3NmEwZi8x
L2dkWGswVDIyazd1UUpkUnN5RDZQdFZpaXphMC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZTYv
NjIyOTgxLTk2NTAtNDI3MS05MmNhLTdjZmVmNDI3NmEwZi8xL1ZZanhsX2wtaVFC
MVZVVG9FTTNlLWRrUHZFRS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBB
BggrBgEFBQcBBwEB/wQyMDAwLgQCAAEwKAMEBS4DIDAMAwQDLgNIAwQDLgNQAwQD
LgN4MAwDBAQuA9ADBAMuA+AwDQYJKoZIhvcNAQELBQADggEBAASrYdTMUE5aaGEO
MilBI5kSh/vpYus7MuMQdAda71KpJkOHBxFlz0BwNYYDSG/1fLn4pYVRHtjRibNx
ftji0U5Aimyr9sM5Xu8Dxj1mc30s0hOmXsNsJVtxfKNg6mhPV7LjH8TNkdpk7KCb
K4ZkIKlcuomyGSF6YOLp4hYq7aiK3qUr1Cx0bwjHijtYms49g+Ikq8/CwIxzde1H
KQ7lUBFPkeuOddBQSMB9aa5aAR0qIv3vhuduoQqlupadoAmEgqPwjW7od/VOdw/m
hFcmuEIkawLRjw13vGsMbtyzXXH7RRNkblfcs409bgFv8BTRYp9VRVMKUhueVU/o
EPMW6PE=
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:09:29 2023 by rpki-client on console-ams.rpki-client.org