Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e6/622981-9650-4271-92ca-7cfef4276a0f/1/nKdYnVh1qtRXo-WpxSkXEChWZyE.roa
File: nKdYnVh1qtRXo-WpxSkXEChWZyE.roa (raw, json)
Hash identifier: grifuglQeiC3wH0HxFJFZTSRCol2J+W+CpFJPn8TThE=
Subject key identifier: 9C:A7:58:9D:58:75:AA:D4:57:A3:E5:A9:C5:29:17:10:28:56:67:21
Certificate issuer: /CN=5588f197f97e8900755544e810cddef9d90fbc41
Certificate serial: 094998B4
Authority key identifier: 55:88:F1:97:F9:7E:89:00:75:55:44:E8:10:CD:DE:F9:D9:0F:BC:41
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VYjxl_l-iQB1VUToEM3e-dkPvEE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e6/622981-9650-4271-92ca-7cfef4276a0f/1/nKdYnVh1qtRXo-WpxSkXEChWZyE.roa
Signing time: Mon 28 Mar 2022 08:51:43 +0000
ROA not before: Mon 28 Mar 2022 08:51:43 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 57494
IP address blocks: 80.243.128.0/22 maxlen: 22
80.243.136.0/23 maxlen: 23
80.243.140.0/23 maxlen: 23
46.3.64.0/22 maxlen: 22
46.3.68.0/22 maxlen: 22
46.232.2.0/23 maxlen: 23
46.232.4.0/22 maxlen: 22
46.3.24.0/22 maxlen: 22
46.3.168.0/22 maxlen: 22
46.3.172.0/22 maxlen: 22
46.3.176.0/22 maxlen: 22
46.3.180.0/22 maxlen: 22
46.3.184.0/22 maxlen: 22
46.3.188.0/24 maxlen: 24
46.3.188.0/22 maxlen: 22
46.3.192.0/22 maxlen: 22
46.3.192.0/23 maxlen: 23
46.3.196.0/22 maxlen: 22
46.3.140.0/22 maxlen: 22
46.3.206.0/23 maxlen: 23
46.3.223.0/24 maxlen: 24
46.3.228.0/23 maxlen: 23
149.126.216.0/22 maxlen: 22
149.126.220.0/22 maxlen: 22
149.126.232.0/22 maxlen: 22
149.126.236.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 155818164 (0x94998b4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5588f197f97e8900755544e810cddef9d90fbc41
Validity
Not Before: Mar 28 08:51:43 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=9ca7589d5875aad457a3e5a9c529171028566721
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:c6:db:78:f0:fe:3a:4a:77:fa:0a:83:59:fc:
57:28:2b:c5:1f:42:d6:3d:a4:de:aa:f1:24:0b:ae:
b5:cf:d5:7d:cd:9e:5a:01:a5:07:8f:f0:8c:ad:c7:
5f:0e:4f:a5:1c:2d:ff:a1:e4:fc:ea:73:84:46:3b:
e7:54:61:3e:c7:93:9e:8e:d0:da:37:69:56:68:8f:
8f:a0:9f:25:64:82:d9:b3:ae:ff:78:19:df:4f:a1:
67:ae:84:e4:8a:1f:c6:bb:6d:46:f5:c8:e2:5c:a4:
9a:73:ca:fa:94:81:6a:14:0c:48:9a:bd:a6:98:3e:
57:4d:d1:03:5d:cd:42:7d:e8:8d:9f:1e:ae:28:87:
7a:75:b8:17:7b:80:84:82:7a:df:82:1f:5a:38:2a:
a8:74:35:83:aa:de:20:3d:30:1f:d8:99:39:34:e1:
fe:b3:85:8c:38:cc:a1:4b:f6:a1:61:5b:df:7a:ba:
e2:74:68:db:25:33:a7:53:b7:b8:84:ca:0e:83:b3:
f6:df:bc:4e:45:64:65:87:2f:f8:67:53:ec:1c:04:
9e:12:03:0a:c9:d2:71:0a:ab:6f:a9:c4:55:fe:bb:
9f:fc:6f:00:3a:f9:9e:07:e5:cc:c8:ff:e0:8d:58:
da:26:88:7f:51:39:dd:84:8c:c6:d6:59:08:75:c6:
bd:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:A7:58:9D:58:75:AA:D4:57:A3:E5:A9:C5:29:17:10:28:56:67:21
X509v3 Authority Key Identifier:
keyid:55:88:F1:97:F9:7E:89:00:75:55:44:E8:10:CD:DE:F9:D9:0F:BC:41
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VYjxl_l-iQB1VUToEM3e-dkPvEE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/622981-9650-4271-92ca-7cfef4276a0f/1/nKdYnVh1qtRXo-WpxSkXEChWZyE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/622981-9650-4271-92ca-7cfef4276a0f/1/VYjxl_l-iQB1VUToEM3e-dkPvEE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.3.24.0/22
46.3.64.0/21
46.3.140.0/22
46.3.168.0-46.3.199.255
46.3.206.0/23
46.3.223.0/24
46.3.228.0/23
46.232.2.0-46.232.7.255
80.243.128.0/22
80.243.136.0/23
80.243.140.0/23
149.126.216.0/21
149.126.232.0/21
Signature Algorithm: sha256WithRSAEncryption
8c:0d:85:58:8e:4f:b6:e0:9e:ae:53:07:67:8f:53:17:09:35:
85:d8:c2:fc:bf:15:d9:b3:2e:cb:de:5b:a5:dd:2a:4e:0c:1e:
be:43:52:f4:25:8d:46:4a:79:9a:9c:24:6b:ab:ab:33:34:54:
f6:b4:dd:e8:9f:df:ea:df:4b:99:68:b4:a0:1a:e5:7f:ce:46:
95:79:f7:ed:0b:09:05:6c:35:89:fb:a8:9e:d9:07:be:48:df:
23:83:e6:ba:0e:10:5e:a2:46:c4:33:19:9d:ef:df:a7:e0:d6:
bc:9b:78:15:92:1c:7f:d9:c8:1f:c1:67:f3:05:bb:8a:5c:f9:
5d:cc:55:47:e7:21:a0:c5:33:59:dc:01:40:18:11:8f:c6:e4:
02:66:e9:41:cb:a8:08:44:54:5e:7f:49:4a:fb:76:65:93:7e:
d1:52:1a:c0:18:45:0b:c2:52:0e:18:27:c8:1e:d0:4c:40:45:
6f:b4:00:d7:75:14:1b:d2:89:d6:61:01:f9:c8:b5:7c:28:92:
d7:70:28:a5:e2:bc:df:b8:c5:54:d1:85:3a:1f:d6:b2:94:67:
50:78:ab:f7:5b:83:a1:ff:13:8a:a6:88:1c:4d:d6:6e:b6:05:
46:1d:96:aa:e1:95:a9:df:b4:9f:13:72:51:fb:8c:9e:9e:33:
39:a4:c2:fc
-----BEGIN CERTIFICATE-----
MIIFRzCCBC+gAwIBAgIECUmYtDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg1
NTg4ZjE5N2Y5N2U4OTAwNzU1NTQ0ZTgxMGNkZGVmOWQ5MGZiYzQxMB4XDTIyMDMy
ODA4NTE0M1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOWNhNzU4OWQ1ODc1
YWFkNDU3YTNlNWE5YzUyOTE3MTAyODU2NjcyMTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJvG23jw/jpKd/oKg1n8VygrxR9C1j2k3qrxJAuutc/Vfc2e
WgGlB4/wjK3HXw5PpRwt/6Hk/OpzhEY751RhPseTno7Q2jdpVmiPj6CfJWSC2bOu
/3gZ30+hZ66E5IofxrttRvXI4lykmnPK+pSBahQMSJq9ppg+V03RA13NQn3ojZ8e
riiHenW4F3uAhIJ634IfWjgqqHQ1g6reID0wH9iZOTTh/rOFjDjMoUv2oWFb33q6
4nRo2yUzp1O3uITKDoOz9t+8TkVkZYcv+GdT7BwEnhIDCsnScQqrb6nEVf67n/xv
ADr5ngflzMj/4I1Y2iaIf1E53YSMxtZZCHXGvcUCAwEAAaOCAmEwggJdMB0GA1Ud
DgQWBBScp1idWHWq1Fej5anFKRcQKFZnITAfBgNVHSMEGDAWgBRViPGX+X6JAHVV
ROgQzd752Q+8QTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1ZZanhsX2wtaVFCMVZVVG9FTTNlLWRrUHZFRS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZTYvNjIyOTgxLTk2NTAtNDI3MS05MmNhLTdjZmVmNDI3NmEwZi8x
L25LZFluVmgxcXRSWG8tV3B4U2tYRUNoV1p5RS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZTYv
NjIyOTgxLTk2NTAtNDI3MS05MmNhLTdjZmVmNDI3NmEwZi8xL1ZZanhsX2wtaVFC
MVZVVG9FTTNlLWRrUHZFRS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjB3
BggrBgEFBQcBBwEB/wRoMGYwZAQCAAEwXgMEAi4DGAMEAy4DQAMEAi4DjDAMAwQD
LgOoAwQDLgPAAwQBLgPOAwQALgPfAwQBLgPkMAwDBAEu6AIDBAMu6AADBAJQ84AD
BAFQ84gDBAFQ84wDBAOVftgDBAOVfugwDQYJKoZIhvcNAQELBQADggEBAIwNhViO
T7bgnq5TB2ePUxcJNYXYwvy/FdmzLsveW6XdKk4MHr5DUvQljUZKeZqcJGurqzM0
VPa03eif3+rfS5lotKAa5X/ORpV59+0LCQVsNYn7qJ7ZB75I3yOD5roOEF6iRsQz
GZ3v36fg1rybeBWSHH/ZyB/BZ/MFu4pc+V3MVUfnIaDFM1ncAUAYEY/G5AJm6UHL
qAhEVF5/SUr7dmWTftFSGsAYRQvCUg4YJ8ge0ExARW+0ANd1FBvSidZhAfnItXwo
ktdwKKXivN+4xVTRhTof1rKUZ1B4q/dbg6H/E4qmiBxN1m62BUYdlqrhlanftJ8T
clH7jJ6eMzmkwvw=
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:05:36 2023 by rpki-client on console-fra.rpki-client.org