Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e6/622981-9650-4271-92ca-7cfef4276a0f/1/iWuutEo9u-FzAPoTVtUPQh0WRP0.roa
File: iWuutEo9u-FzAPoTVtUPQh0WRP0.roa (raw, json)
Hash identifier: DLm4FZm+otj8sQ4MwtzYVxyGMUlSv3mtf7HmHKJnth4=
Subject key identifier: 89:6B:AE:B4:4A:3D:BB:E1:73:00:FA:13:56:D5:0F:42:1D:16:44:FD
Certificate issuer: /CN=5588f197f97e8900755544e810cddef9d90fbc41
Certificate serial: 0184E344841507F82DCBF0BE53B08223C639
Authority key identifier: 55:88:F1:97:F9:7E:89:00:75:55:44:E8:10:CD:DE:F9:D9:0F:BC:41
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VYjxl_l-iQB1VUToEM3e-dkPvEE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e6/622981-9650-4271-92ca-7cfef4276a0f/1/iWuutEo9u-FzAPoTVtUPQh0WRP0.roa
Signing time: Mon 05 Dec 2022 17:10:29 +0000
ROA not before: Mon 05 Dec 2022 17:10:29 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 399989
IP address blocks: 46.3.48.0/20 maxlen: 20
46.232.64.0/21 maxlen: 24
46.3.64.0/22 maxlen: 24
46.232.80.0/20 maxlen: 20
46.3.68.0/22 maxlen: 24
46.3.80.0/21 maxlen: 21
46.3.4.0/22 maxlen: 24
46.232.24.0/21 maxlen: 21
46.3.16.0/22 maxlen: 24
46.232.32.0/20 maxlen: 20
46.3.24.0/22 maxlen: 24
46.3.32.0/20 maxlen: 20
46.3.157.0/24 maxlen: 24
46.3.156.0/24 maxlen: 24
46.3.188.0/22 maxlen: 24
46.3.92.0/22 maxlen: 24
46.3.96.0/20 maxlen: 20
46.3.120.0/21 maxlen: 21
46.3.135.0/24 maxlen: 24
149.126.251.0/24 maxlen: 24
149.126.253.0/24 maxlen: 24
149.126.255.0/24 maxlen: 24
149.126.254.0/24 maxlen: 24
46.3.200.0/24 maxlen: 24
149.126.200.0/24 maxlen: 24
149.126.203.0/24 maxlen: 24
46.3.216.0/21 maxlen: 21
46.3.224.0/21 maxlen: 21
46.3.224.0/22 maxlen: 24
149.126.215.0/24 maxlen: 24
46.3.250.0/24 maxlen: 24
46.3.252.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:e3:44:84:15:07:f8:2d:cb:f0:be:53:b0:82:23:c6:39
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5588f197f97e8900755544e810cddef9d90fbc41
Validity
Not Before: Dec 5 17:10:29 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=896baeb44a3dbbe17300fa1356d50f421d1644fd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:24:5e:54:07:27:8f:c1:e0:b5:94:ec:27:6b:
da:de:a9:a6:4f:d9:77:4e:9f:bb:53:62:6f:0a:12:
b9:c6:4f:35:d1:a3:a8:a7:4f:14:17:66:09:4c:c9:
1f:d7:22:39:26:0f:e8:af:93:13:37:39:e2:de:37:
08:ba:a3:25:d3:55:a3:1f:b6:ec:9d:bf:2e:35:05:
4e:9b:ec:90:b6:1d:b0:9f:23:9d:0c:d0:34:e8:f8:
7f:e3:c4:09:f7:6a:25:d2:ad:59:1c:c9:65:8f:fb:
6d:e8:5d:9c:22:50:46:2b:82:32:79:55:c8:25:5b:
16:95:b8:96:c2:3b:aa:4c:a1:b5:f5:94:7e:5b:dd:
1a:af:b8:af:96:d4:48:c4:b4:27:e0:b2:b3:f6:01:
65:36:d8:20:36:ba:ca:14:c1:96:5c:25:d9:5c:d6:
6e:66:39:d2:f9:b6:2c:c6:f1:17:3f:73:06:8b:e1:
2a:76:b6:55:ce:2a:b9:45:73:92:8a:23:04:af:6d:
56:01:1d:27:c0:c3:48:cf:2b:bf:f0:13:80:d0:04:
5b:a0:1b:06:4b:52:9f:77:db:69:a9:9e:ff:90:15:
fc:7a:6f:80:64:86:11:82:83:69:ba:f5:c2:ab:1b:
a7:dd:b2:f8:2a:b1:f3:a0:03:da:bc:96:e9:57:dd:
63:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:6B:AE:B4:4A:3D:BB:E1:73:00:FA:13:56:D5:0F:42:1D:16:44:FD
X509v3 Authority Key Identifier:
keyid:55:88:F1:97:F9:7E:89:00:75:55:44:E8:10:CD:DE:F9:D9:0F:BC:41
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VYjxl_l-iQB1VUToEM3e-dkPvEE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/622981-9650-4271-92ca-7cfef4276a0f/1/iWuutEo9u-FzAPoTVtUPQh0WRP0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/622981-9650-4271-92ca-7cfef4276a0f/1/VYjxl_l-iQB1VUToEM3e-dkPvEE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.3.4.0/22
46.3.16.0/22
46.3.24.0/22
46.3.32.0-46.3.71.255
46.3.80.0/21
46.3.92.0-46.3.111.255
46.3.120.0/21
46.3.135.0/24
46.3.156.0/23
46.3.188.0/22
46.3.200.0/24
46.3.216.0-46.3.231.255
46.3.250.0/24
46.3.252.0/24
46.232.24.0-46.232.47.255
46.232.64.0/21
46.232.80.0/20
149.126.200.0/24
149.126.203.0/24
149.126.215.0/24
149.126.251.0/24
149.126.253.0-149.126.255.255
Signature Algorithm: sha256WithRSAEncryption
8e:3a:36:b8:79:23:0c:c2:c7:1c:b4:2d:85:94:72:e7:a2:fa:
ba:19:36:ee:b7:74:36:39:46:49:67:ae:e6:05:b1:ae:0c:49:
4e:ff:b5:fc:16:d0:ee:17:db:e2:d7:3e:d4:be:bc:f6:22:e1:
90:ff:93:9c:a4:3f:84:6d:37:79:1b:0c:2a:02:aa:be:0e:8b:
e2:a2:4e:fa:11:97:9e:51:bb:6f:b8:62:1f:65:be:2a:a9:53:
78:b6:12:2c:f1:af:2c:2b:09:1a:7a:bf:93:56:98:40:57:74:
30:6d:55:38:fd:61:46:7a:2b:b9:a1:eb:6a:5c:ca:b3:2c:87:
33:72:07:14:a0:a8:a1:4f:bc:24:49:55:14:09:89:f2:05:e1:
0b:b4:6b:41:62:96:3d:d2:8d:40:6b:15:93:53:25:38:bd:3f:
44:34:87:6c:2a:f0:3c:ca:4e:61:69:a6:0f:3f:1f:7e:ce:03:
5d:40:34:98:6f:56:20:02:18:fb:ed:01:94:9f:2f:b5:1d:5e:
f4:87:91:c4:6f:0d:e5:c4:86:63:3b:7a:e5:b6:36:9c:fa:d9:
71:91:b8:07:a0:89:15:80:af:31:d5:d6:d0:bb:48:b1:bd:2e:
7b:ef:e8:4b:8e:ce:f4:87:15:04:f3:5c:3e:99:95:ea:90:c4:
e7:ae:16:04
-----BEGIN CERTIFICATE-----
MIIFpzCCBI+gAwIBAgISAYTjRIQVB/gty/C+U7CCI8Y5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU1ODhmMTk3Zjk3ZTg5MDA3NTU1NDRlODEwY2RkZWY5ZDkw
ZmJjNDEwHhcNMjIxMjA1MTcxMDI5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OTZiYWViNDRhM2RiYmUxNzMwMGZhMTM1NmQ1MGY0MjFkMTY0NGZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgyReVAcnj8HgtZTsJ2va3qmmT9l3
Tp+7U2JvChK5xk810aOop08UF2YJTMkf1yI5Jg/or5MTNzni3jcIuqMl01WjH7bs
nb8uNQVOm+yQth2wnyOdDNA06Ph/48QJ92ol0q1ZHMllj/tt6F2cIlBGK4IyeVXI
JVsWlbiWwjuqTKG19ZR+W90ar7ivltRIxLQn4LKz9gFlNtggNrrKFMGWXCXZXNZu
ZjnS+bYsxvEXP3MGi+EqdrZVziq5RXOSiiMEr21WAR0nwMNIzyu/8BOA0ARboBsG
S1Kfd9tpqZ7/kBX8em+AZIYRgoNpuvXCqxun3bL4KrHzoAPavJbpV91jMQIDAQAB
o4ICszCCAq8wHQYDVR0OBBYEFIlrrrRKPbvhcwD6E1bVD0IdFkT9MB8GA1UdIwQY
MBaAFFWI8Zf5fokAdVVE6BDN3vnZD7xBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVllqeGxfbC1pUUIxVlVUb0VNM2UtZGtQdkVFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNi82MjI5ODEtOTY1MC00MjcxLTkyY2Et
N2NmZWY0Mjc2YTBmLzEvaVd1dXRFbzl1LUZ6QVBvVFZ0VVBRaDBXUlAwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNi82MjI5ODEtOTY1MC00MjcxLTkyY2EtN2NmZWY0Mjc2YTBm
LzEvVllqeGxfbC1pUUIxVlVUb0VNM2UtZGtQdkVFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHIBggrBgEFBQcBBwEB/wSBuDCBtTCBsgQCAAEwgasDBAIu
AwQDBAIuAxADBAIuAxgwDAMEBS4DIAMEAy4DQAMEAy4DUDAMAwQCLgNcAwQELgNg
AwQDLgN4AwQALgOHAwQBLgOcAwQCLgO8AwQALgPIMAwDBAMuA9gDBAMuA+ADBAAu
A/oDBAAuA/wwDAMEAy7oGAMEBC7oIAMEAy7oQAMEBC7oUAMEAJV+yAMEAJV+ywME
AJV+1wMEAJV++zALAwQAlX79AwMAlX4wDQYJKoZIhvcNAQELBQADggEBAI46Nrh5
IwzCxxy0LYWUcuei+roZNu63dDY5RklnruYFsa4MSU7/tfwW0O4X2+LXPtS+vPYi
4ZD/k5ykP4RtN3kbDCoCqr4Oi+KiTvoRl55Ru2+4Yh9lviqpU3i2EizxrywrCRp6
v5NWmEBXdDBtVTj9YUZ6K7mh62pcyrMshzNyBxSgqKFPvCRJVRQJifIF4Qu0a0Fi
lj3SjUBrFZNTJTi9P0Q0h2wq8DzKTmFppg8/H37OA11ANJhvViACGPvtAZSfL7Ud
XvSHkcRvDeXEhmM7euW2Npz62XGRuAegiRWArzHV1tC7SLG9Lnvv6EuOzvSHFQTz
XD6ZleqQxOeuFgQ=
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:05:36 2023 by rpki-client on console-fra.rpki-client.org