Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e6/622981-9650-4271-92ca-7cfef4276a0f/1/o-r40yFG6pST2mfDMuvcF9D0QCA.roa
File: o-r40yFG6pST2mfDMuvcF9D0QCA.roa (raw, json)
Hash identifier: zH8VH/KW2zsCP13YfVCSW2S56gaA2pmuryLiKYVEjng=
Subject key identifier: A3:EA:F8:D3:21:46:EA:94:93:DA:67:C3:32:EB:DC:17:D0:F4:40:20
Certificate issuer: /CN=5588f197f97e8900755544e810cddef9d90fbc41
Certificate serial: 0184E31054A2003AD1FD58DAF971D81017D0
Authority key identifier: 55:88:F1:97:F9:7E:89:00:75:55:44:E8:10:CD:DE:F9:D9:0F:BC:41
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VYjxl_l-iQB1VUToEM3e-dkPvEE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e6/622981-9650-4271-92ca-7cfef4276a0f/1/o-r40yFG6pST2mfDMuvcF9D0QCA.roa
Signing time: Mon 05 Dec 2022 16:13:28 +0000
ROA not before: Mon 05 Dec 2022 16:13:28 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 57494
IP address blocks: 46.3.168.0/22 maxlen: 22
46.3.172.0/22 maxlen: 22
46.3.176.0/22 maxlen: 22
46.3.180.0/22 maxlen: 22
46.3.184.0/22 maxlen: 22
46.3.188.0/24 maxlen: 24
46.3.192.0/22 maxlen: 22
46.3.192.0/23 maxlen: 23
46.3.196.0/22 maxlen: 22
80.243.128.0/22 maxlen: 22
80.243.136.0/23 maxlen: 23
46.3.140.0/22 maxlen: 22
80.243.140.0/23 maxlen: 23
46.3.88.0/22 maxlen: 22
46.232.2.0/23 maxlen: 23
46.232.4.0/22 maxlen: 22
46.3.206.0/23 maxlen: 23
46.3.223.0/24 maxlen: 24
46.3.228.0/23 maxlen: 23
149.126.216.0/22 maxlen: 22
149.126.220.0/22 maxlen: 22
149.126.232.0/22 maxlen: 22
149.126.236.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:e3:10:54:a2:00:3a:d1:fd:58:da:f9:71:d8:10:17:d0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5588f197f97e8900755544e810cddef9d90fbc41
Validity
Not Before: Dec 5 16:13:28 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a3eaf8d32146ea9493da67c332ebdc17d0f44020
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:be:93:3c:2e:a0:8d:df:49:23:e3:6c:e3:5b:
6d:ec:29:99:db:45:10:21:a3:2f:a5:e6:4f:ba:0b:
5f:91:60:75:fd:5a:bd:a9:ae:4f:20:28:9e:f2:7b:
07:9e:4b:bd:36:f7:14:14:53:63:a7:ae:9a:d5:2c:
3f:84:eb:6f:63:89:ca:0d:1f:55:10:05:41:f4:f5:
ad:30:ed:47:4d:0e:5a:77:4e:95:bb:9a:cb:ce:8e:
5d:bd:d1:d3:ef:de:e5:7d:ac:40:98:5c:3a:7f:58:
96:df:b4:88:40:00:55:bf:69:42:a6:23:9c:3a:d1:
04:b0:4c:5c:9f:5a:fb:8c:7e:34:9a:1c:7d:af:af:
f1:0d:fd:ac:72:04:7d:1e:45:ec:c0:3f:6e:4d:bf:
c5:2a:ae:4f:d2:17:af:bc:e4:70:14:c9:76:0e:6b:
37:5a:1e:25:80:e3:1c:cc:13:3e:ff:7f:73:52:d5:
88:ee:ce:43:38:cc:8e:81:94:7b:71:fe:e2:c8:03:
d4:4d:11:c8:37:10:15:fe:3e:b3:8b:3b:3f:e5:38:
5f:db:f4:bf:b1:99:22:12:1a:83:00:32:ae:7e:18:
c4:8a:ca:60:be:81:41:3b:14:83:21:99:d1:72:16:
f9:7b:4a:59:3c:30:a3:b6:9a:47:64:a8:02:c7:ca:
94:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:EA:F8:D3:21:46:EA:94:93:DA:67:C3:32:EB:DC:17:D0:F4:40:20
X509v3 Authority Key Identifier:
keyid:55:88:F1:97:F9:7E:89:00:75:55:44:E8:10:CD:DE:F9:D9:0F:BC:41
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VYjxl_l-iQB1VUToEM3e-dkPvEE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/622981-9650-4271-92ca-7cfef4276a0f/1/o-r40yFG6pST2mfDMuvcF9D0QCA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/622981-9650-4271-92ca-7cfef4276a0f/1/VYjxl_l-iQB1VUToEM3e-dkPvEE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.3.88.0/22
46.3.140.0/22
46.3.168.0-46.3.188.255
46.3.192.0/21
46.3.206.0/23
46.3.223.0/24
46.3.228.0/23
46.232.2.0-46.232.7.255
80.243.128.0/22
80.243.136.0/23
80.243.140.0/23
149.126.216.0/21
149.126.232.0/21
Signature Algorithm: sha256WithRSAEncryption
50:6c:e8:83:88:6e:f4:74:67:f1:f0:d2:b8:ed:b1:33:93:a6:
84:2b:a4:4e:30:d0:e6:88:1b:f5:ba:53:71:cd:06:b8:eb:78:
89:95:25:b1:77:11:b4:17:b7:bf:52:31:ee:41:a8:e1:9f:64:
0f:cf:b1:c1:74:4e:ae:44:40:b9:61:41:bf:1e:72:bb:bc:ae:
e7:c7:74:a8:3a:1d:02:f8:06:92:1d:42:35:17:a8:f5:15:96:
4e:7b:cb:5d:12:db:43:b4:64:6a:5b:46:04:21:91:e5:b5:ce:
a7:ad:e8:de:ac:a4:04:19:d8:cc:a7:dd:26:b5:20:6a:80:b1:
03:fa:a0:a7:47:52:06:c2:7a:0f:33:38:5f:a4:68:4c:b0:84:
97:17:c6:99:d2:6d:86:2c:56:bb:fd:d4:e4:bf:cd:cb:3e:72:
ea:82:e8:05:0c:8f:9a:1a:92:76:81:73:d0:d2:5c:22:69:24:
e2:6f:d1:8b:a0:94:90:93:e4:95:71:b2:0b:18:47:3e:49:2e:
77:67:c1:1b:b9:cb:85:3a:5c:95:fa:c0:32:d8:97:5e:20:77:
46:78:db:a9:d2:2c:83:6c:28:ff:c4:15:b7:39:c4:a3:58:02:
6b:d9:44:eb:d9:e2:35:05:cb:cb:66:c6:82:1a:0f:74:ba:8c:
77:cb:12:c2
-----BEGIN CERTIFICATE-----
MIIFVTCCBD2gAwIBAgISAYTjEFSiADrR/Vja+XHYEBfQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU1ODhmMTk3Zjk3ZTg5MDA3NTU1NDRlODEwY2RkZWY5ZDkw
ZmJjNDEwHhcNMjIxMjA1MTYxMzI4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhM2VhZjhkMzIxNDZlYTk0OTNkYTY3YzMzMmViZGMxN2QwZjQ0MDIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp76TPC6gjd9JI+Ns41tt7CmZ20UQ
IaMvpeZPugtfkWB1/Vq9qa5PICie8nsHnku9NvcUFFNjp66a1Sw/hOtvY4nKDR9V
EAVB9PWtMO1HTQ5ad06Vu5rLzo5dvdHT797lfaxAmFw6f1iW37SIQABVv2lCpiOc
OtEEsExcn1r7jH40mhx9r6/xDf2scgR9HkXswD9uTb/FKq5P0hevvORwFMl2Dms3
Wh4lgOMczBM+/39zUtWI7s5DOMyOgZR7cf7iyAPUTRHINxAV/j6zizs/5Thf2/S/
sZkiEhqDADKufhjEispgvoFBOxSDIZnRchb5e0pZPDCjtppHZKgCx8qU7QIDAQAB
o4ICYTCCAl0wHQYDVR0OBBYEFKPq+NMhRuqUk9pnwzLr3BfQ9EAgMB8GA1UdIwQY
MBaAFFWI8Zf5fokAdVVE6BDN3vnZD7xBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVllqeGxfbC1pUUIxVlVUb0VNM2UtZGtQdkVFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNi82MjI5ODEtOTY1MC00MjcxLTkyY2Et
N2NmZWY0Mjc2YTBmLzEvby1yNDB5Rkc2cFNUMm1mRE11dmNGOUQwUUNBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNi82MjI5ODEtOTY1MC00MjcxLTkyY2EtN2NmZWY0Mjc2YTBm
LzEvVllqeGxfbC1pUUIxVlVUb0VNM2UtZGtQdkVFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHcGCCsGAQUFBwEHAQH/BGgwZjBkBAIAATBeAwQCLgNYAwQC
LgOMMAwDBAMuA6gDBAAuA7wDBAMuA8ADBAEuA84DBAAuA98DBAEuA+QwDAMEAS7o
AgMEAy7oAAMEAlDzgAMEAVDziAMEAVDzjAMEA5V+2AMEA5V+6DANBgkqhkiG9w0B
AQsFAAOCAQEAUGzog4hu9HRn8fDSuO2xM5OmhCukTjDQ5ogb9bpTcc0GuOt4iZUl
sXcRtBe3v1Ix7kGo4Z9kD8+xwXROrkRAuWFBvx5yu7yu58d0qDodAvgGkh1CNReo
9RWWTnvLXRLbQ7RkaltGBCGR5bXOp63o3qykBBnYzKfdJrUgaoCxA/qgp0dSBsJ6
DzM4X6RoTLCElxfGmdJthixWu/3U5L/Nyz5y6oLoBQyPmhqSdoFz0NJcImkk4m/R
i6CUkJPklXGyCxhHPkkud2fBG7nLhTpclfrAMtiXXiB3RnjbqdIsg2wo/8QVtznE
o1gCa9lE69niNQXLy2bGghoPdLqMd8sSwg==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:05:36 2023 by rpki-client on console-fra.rpki-client.org