Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e6/622981-9650-4271-92ca-7cfef4276a0f/1/ohATRtAQKA0SIaDFPxyJgxQmVmg.roa
File: ohATRtAQKA0SIaDFPxyJgxQmVmg.roa (raw, json)
Hash identifier: +MBpzlfagK0yQzFCycNNgiXGZ5NPTOeZ9BTwWtHlVD0=
Subject key identifier: A2:10:13:46:D0:10:28:0D:12:21:A0:C5:3F:1C:89:83:14:26:56:68
Certificate issuer: /CN=5588f197f97e8900755544e810cddef9d90fbc41
Certificate serial: 0184B8BF89DA9DA8AE4E14C5FA4641A5F6A3
Authority key identifier: 55:88:F1:97:F9:7E:89:00:75:55:44:E8:10:CD:DE:F9:D9:0F:BC:41
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VYjxl_l-iQB1VUToEM3e-dkPvEE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e6/622981-9650-4271-92ca-7cfef4276a0f/1/ohATRtAQKA0SIaDFPxyJgxQmVmg.roa
Signing time: Sun 27 Nov 2022 11:01:11 +0000
ROA not before: Sun 27 Nov 2022 11:01:11 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 996
IP address blocks: 46.3.160.0/22 maxlen: 22
46.3.134.0/24 maxlen: 24
46.3.254.0/24 maxlen: 24
46.3.255.0/24 maxlen: 24
149.126.246.0/24 maxlen: 24
149.126.243.0/24 maxlen: 24
149.126.244.0/24 maxlen: 24
149.126.245.0/24 maxlen: 24
149.126.242.0/24 maxlen: 24
149.126.250.0/24 maxlen: 24
149.126.252.0/24 maxlen: 24
149.126.247.0/24 maxlen: 24
149.126.248.0/24 maxlen: 24
149.126.249.0/24 maxlen: 24
46.3.205.0/24 maxlen: 24
46.3.201.0/24 maxlen: 24
149.126.198.0/24 maxlen: 24
149.126.195.0/24 maxlen: 24
149.126.196.0/24 maxlen: 24
149.126.193.0/24 maxlen: 24
149.126.204.0/24 maxlen: 24
149.126.205.0/24 maxlen: 24
149.126.206.0/24 maxlen: 24
149.126.201.0/24 maxlen: 24
149.126.202.0/24 maxlen: 24
149.126.213.0/24 maxlen: 24
149.126.208.0/24 maxlen: 24
149.126.210.0/24 maxlen: 24
149.126.214.0/24 maxlen: 24
149.126.225.0/24 maxlen: 24
149.126.226.0/24 maxlen: 24
149.126.224.0/24 maxlen: 24
149.126.229.0/24 maxlen: 24
149.126.230.0/24 maxlen: 24
149.126.231.0/24 maxlen: 24
149.126.228.0/24 maxlen: 24
46.3.253.0/24 maxlen: 24
46.3.249.0/24 maxlen: 24
46.3.251.0/24 maxlen: 24
46.3.248.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:b8:bf:89:da:9d:a8:ae:4e:14:c5:fa:46:41:a5:f6:a3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5588f197f97e8900755544e810cddef9d90fbc41
Validity
Not Before: Nov 27 11:01:11 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a2101346d010280d1221a0c53f1c898314265668
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:42:ec:fa:90:ec:36:07:93:52:6b:67:7f:03:
4d:04:32:e6:b1:79:ea:26:52:50:b7:48:4c:11:b1:
e4:3f:5d:70:5c:18:c7:ea:5b:c2:5e:13:c5:58:7b:
51:e9:2d:ea:ee:e8:80:07:2b:91:3d:60:95:47:b0:
a3:cb:87:63:af:b0:43:0c:33:84:2d:61:12:5e:7b:
ac:2b:69:f7:a4:86:87:d4:e2:43:d1:42:67:4c:6e:
ab:fa:2d:82:5a:83:24:ba:b6:04:25:c7:72:52:b4:
02:93:16:50:8a:0d:50:5f:3c:64:54:06:dd:30:66:
48:6c:ad:ff:b6:03:d0:a9:3a:e3:a4:d8:47:fd:c8:
cd:55:c1:64:af:cf:6b:f1:c4:f0:06:6d:e4:f9:ae:
2a:ed:ec:aa:77:38:4a:f9:21:4b:b4:31:9a:6e:90:
ef:a7:ed:c9:48:6e:5e:28:bc:01:54:d3:33:48:cd:
c9:f1:d7:ed:cd:60:b3:6b:1c:8e:6c:66:6e:0c:b9:
66:7a:1a:f1:21:aa:0f:2d:0e:8b:53:92:72:48:e4:
f6:02:99:be:3b:29:fc:6a:5f:43:4a:58:2a:f0:38:
a6:d0:9e:85:30:dd:56:ce:12:ed:25:68:b0:3c:79:
93:88:d8:9c:08:95:43:88:93:e4:6f:ef:ca:17:b7:
56:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:10:13:46:D0:10:28:0D:12:21:A0:C5:3F:1C:89:83:14:26:56:68
X509v3 Authority Key Identifier:
keyid:55:88:F1:97:F9:7E:89:00:75:55:44:E8:10:CD:DE:F9:D9:0F:BC:41
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VYjxl_l-iQB1VUToEM3e-dkPvEE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/622981-9650-4271-92ca-7cfef4276a0f/1/ohATRtAQKA0SIaDFPxyJgxQmVmg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/622981-9650-4271-92ca-7cfef4276a0f/1/VYjxl_l-iQB1VUToEM3e-dkPvEE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.3.134.0/24
46.3.160.0/22
46.3.201.0/24
46.3.205.0/24
46.3.248.0/23
46.3.251.0/24
46.3.253.0-46.3.255.255
149.126.193.0/24
149.126.195.0-149.126.196.255
149.126.198.0/24
149.126.201.0-149.126.202.255
149.126.204.0-149.126.206.255
149.126.208.0/24
149.126.210.0/24
149.126.213.0-149.126.214.255
149.126.224.0-149.126.226.255
149.126.228.0/22
149.126.242.0-149.126.250.255
149.126.252.0/24
Signature Algorithm: sha256WithRSAEncryption
4c:af:2f:fa:b4:39:66:b9:cf:f9:ee:d6:17:c6:4d:73:45:83:
03:a1:61:83:66:79:f8:b5:ae:31:c8:19:68:ca:22:d4:05:5d:
fb:f8:51:8b:c6:f0:54:34:e8:f9:6f:36:fd:b0:91:22:2b:4e:
2d:dc:67:88:78:c2:ef:f9:3e:3e:bd:49:0d:72:f7:19:e0:ef:
b3:eb:44:ea:2a:f8:87:8f:d9:d9:db:2f:4d:f7:9f:6f:c0:c3:
0a:7a:6e:18:38:c4:e4:fe:91:e0:9c:3a:0e:63:40:0e:cf:5f:
6e:b4:8f:a5:70:16:cc:80:7e:fb:ee:1a:49:f0:72:e0:17:86:
81:85:8e:3f:01:ce:b3:1f:80:3c:68:8d:3e:52:47:b8:54:15:
85:49:70:38:b7:af:0c:f8:02:8a:31:6e:9f:83:1c:7d:08:a2:
39:39:a6:1d:02:1e:3c:d0:92:7d:1d:f0:93:e0:27:c7:24:01:
2a:9b:c8:3f:63:f8:86:45:ef:99:93:e8:e0:05:e2:d7:ad:b9:
18:00:89:96:73:a5:f0:42:87:16:02:07:36:70:4d:4f:f3:b0:
85:8d:c7:53:1c:ef:9c:f0:a2:c0:62:e2:f1:3f:39:34:30:41:
4f:01:f9:d6:d2:91:89:ca:3f:aa:a8:59:c6:98:29:49:11:b4:
4d:84:aa:ea
-----BEGIN CERTIFICATE-----
MIIFpTCCBI2gAwIBAgISAYS4v4nanaiuThTF+kZBpfajMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU1ODhmMTk3Zjk3ZTg5MDA3NTU1NDRlODEwY2RkZWY5ZDkw
ZmJjNDEwHhcNMjIxMTI3MTEwMTExWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMjEwMTM0NmQwMTAyODBkMTIyMWEwYzUzZjFjODk4MzE0MjY1NjY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAskLs+pDsNgeTUmtnfwNNBDLmsXnq
JlJQt0hMEbHkP11wXBjH6lvCXhPFWHtR6S3q7uiAByuRPWCVR7Cjy4djr7BDDDOE
LWESXnusK2n3pIaH1OJD0UJnTG6r+i2CWoMkurYEJcdyUrQCkxZQig1QXzxkVAbd
MGZIbK3/tgPQqTrjpNhH/cjNVcFkr89r8cTwBm3k+a4q7eyqdzhK+SFLtDGabpDv
p+3JSG5eKLwBVNMzSM3J8dftzWCzaxyObGZuDLlmehrxIaoPLQ6LU5JySOT2Apm+
Oyn8al9DSlgq8Dim0J6FMN1WzhLtJWiwPHmTiNicCJVDiJPkb+/KF7dWFwIDAQAB
o4ICsTCCAq0wHQYDVR0OBBYEFKIQE0bQECgNEiGgxT8ciYMUJlZoMB8GA1UdIwQY
MBaAFFWI8Zf5fokAdVVE6BDN3vnZD7xBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVllqeGxfbC1pUUIxVlVUb0VNM2UtZGtQdkVFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNi82MjI5ODEtOTY1MC00MjcxLTkyY2Et
N2NmZWY0Mjc2YTBmLzEvb2hBVFJ0QVFLQTBTSWFERlB4eUpneFFtVm1nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNi82MjI5ODEtOTY1MC00MjcxLTkyY2EtN2NmZWY0Mjc2YTBm
LzEvVllqeGxfbC1pUUIxVlVUb0VNM2UtZGtQdkVFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHGBggrBgEFBQcBBwEB/wSBtjCBszCBsAQCAAEwgakDBAAu
A4YDBAIuA6ADBAAuA8kDBAAuA80DBAEuA/gDBAAuA/swCwMEAC4D/QMDAi4AAwQA
lX7BMAwDBACVfsMDBACVfsQDBACVfsYwDAMEAJV+yQMEAJV+yjAMAwQClX7MAwQA
lX7OAwQAlX7QAwQAlX7SMAwDBACVftUDBACVftYwDAMEBZV+4AMEAJV+4gMEApV+
5DAMAwQBlX7yAwQAlX76AwQAlX78MA0GCSqGSIb3DQEBCwUAA4IBAQBMry/6tDlm
uc/57tYXxk1zRYMDoWGDZnn4ta4xyBloyiLUBV37+FGLxvBUNOj5bzb9sJEiK04t
3GeIeMLv+T4+vUkNcvcZ4O+z60TqKviHj9nZ2y9N959vwMMKem4YOMTk/pHgnDoO
Y0AOz19utI+lcBbMgH777hpJ8HLgF4aBhY4/Ac6zH4A8aI0+Uke4VBWFSXA4t68M
+AKKMW6fgxx9CKI5OaYdAh480JJ9HfCT4CfHJAEqm8g/Y/iGRe+Zk+jgBeLXrbkY
AImWc6XwQocWAgc2cE1P87CFjcdTHO+c8KLAYuLxPzk0MEFPAfnW0pGJyj+qqFnG
mClJEbRNhKrq
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:09:29 2023 by rpki-client on console-ams.rpki-client.org