Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e6/622981-9650-4271-92ca-7cfef4276a0f/1/r2VTNqz1Zbm7o1-Njn9gCVe_lOs.roa
File: r2VTNqz1Zbm7o1-Njn9gCVe_lOs.roa (raw, json)
Hash identifier: DhhqNRNXp2aNT2Tt5pdnE+Lhml2B2niXCxERpeQl5gc=
Subject key identifier: AF:65:53:36:AC:F5:65:B9:BB:A3:5F:8D:8E:7F:60:09:57:BF:94:EB
Certificate issuer: /CN=5588f197f97e8900755544e810cddef9d90fbc41
Certificate serial: 08C2C71D
Authority key identifier: 55:88:F1:97:F9:7E:89:00:75:55:44:E8:10:CD:DE:F9:D9:0F:BC:41
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VYjxl_l-iQB1VUToEM3e-dkPvEE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e6/622981-9650-4271-92ca-7cfef4276a0f/1/r2VTNqz1Zbm7o1-Njn9gCVe_lOs.roa
Signing time: Mon 31 Jan 2022 18:53:17 +0000
ROA not before: Mon 31 Jan 2022 18:53:17 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2914
IP address blocks: 46.3.152.0/22 maxlen: 22
46.3.160.0/20 maxlen: 20
46.3.176.0/20 maxlen: 20
46.3.96.0/19 maxlen: 19
46.232.64.0/19 maxlen: 19
46.232.64.0/18 maxlen: 18
46.3.64.0/20 maxlen: 20
46.3.80.0/22 maxlen: 22
46.3.80.0/20 maxlen: 20
46.232.96.0/19 maxlen: 19
46.232.0.0/18 maxlen: 18
46.232.0.0/19 maxlen: 19
46.232.0.0/24 maxlen: 24
46.232.0.0/17 maxlen: 17
46.3.216.0/21 maxlen: 21
46.232.16.0/22 maxlen: 22
46.3.224.0/22 maxlen: 22
46.3.16.0/22 maxlen: 22
46.3.12.0/22 maxlen: 22
46.232.32.0/19 maxlen: 19
46.3.32.0/19 maxlen: 19
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 146982685 (0x8c2c71d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5588f197f97e8900755544e810cddef9d90fbc41
Validity
Not Before: Jan 31 18:53:17 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=af655336acf565b9bba35f8d8e7f600957bf94eb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:f3:d1:14:59:20:a7:34:48:60:61:ba:73:65:
0d:c4:a0:0b:e1:4c:53:c7:c1:6f:24:78:4f:22:19:
a7:94:05:de:61:6d:b3:a6:86:7c:09:68:1c:9e:b8:
0b:0c:8b:13:92:ae:0a:71:3d:d7:49:74:bf:1c:df:
7f:e5:17:50:63:6a:8c:dc:3c:28:dd:79:16:a1:c9:
7a:2f:01:42:81:39:7a:53:72:9f:94:c5:42:01:0a:
11:56:c6:9c:47:1e:3c:9d:70:f6:0a:be:4b:79:60:
7a:a0:3c:4f:f8:0b:87:49:c3:64:c0:18:f5:90:39:
3c:60:16:e3:85:ec:d9:3b:c3:d5:2e:a3:8e:8d:c5:
f0:2b:c7:9e:1b:86:e3:d1:c9:ad:18:76:90:9e:50:
d4:ad:f5:59:dc:89:ff:08:ba:3a:06:d7:e3:1d:e4:
b0:ce:f2:26:e7:67:43:5a:68:c3:8e:15:47:3f:aa:
47:10:b0:cb:a0:52:8f:95:ac:5a:d9:6c:c9:0a:da:
f9:c2:65:0f:98:58:88:1e:0c:a2:e5:8b:e4:7d:a3:
a6:60:6a:60:74:19:5e:d3:f4:5c:f8:99:e0:20:ba:
48:6a:ab:77:6a:b2:5a:45:d1:fe:7a:2e:9a:a3:42:
ff:02:c8:53:93:ef:64:a1:30:4e:4e:2f:c5:37:93:
bf:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:65:53:36:AC:F5:65:B9:BB:A3:5F:8D:8E:7F:60:09:57:BF:94:EB
X509v3 Authority Key Identifier:
keyid:55:88:F1:97:F9:7E:89:00:75:55:44:E8:10:CD:DE:F9:D9:0F:BC:41
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VYjxl_l-iQB1VUToEM3e-dkPvEE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/622981-9650-4271-92ca-7cfef4276a0f/1/r2VTNqz1Zbm7o1-Njn9gCVe_lOs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/622981-9650-4271-92ca-7cfef4276a0f/1/VYjxl_l-iQB1VUToEM3e-dkPvEE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.3.12.0-46.3.19.255
46.3.32.0-46.3.127.255
46.3.152.0/22
46.3.160.0/19
46.3.216.0-46.3.227.255
46.232.0.0/17
Signature Algorithm: sha256WithRSAEncryption
01:d3:fc:ed:61:e1:bb:d5:b4:36:16:75:ed:27:04:2f:91:08:
10:71:ba:5e:fe:3d:ee:a6:ff:21:b6:5b:b3:3c:df:62:69:6d:
99:a9:2a:52:75:6f:f6:a0:95:91:8e:63:3c:83:b0:3d:41:56:
af:eb:ca:9c:63:ee:1a:d0:88:ec:f1:c0:64:43:2b:35:c3:b1:
b1:42:3a:2a:4c:1e:cd:95:b2:49:79:02:b9:f8:12:cf:86:81:
23:e7:6a:35:52:60:08:67:cb:4b:74:3a:f6:7a:c1:4e:47:57:
85:d0:dc:67:e6:e1:44:10:85:dd:dc:4d:54:78:b4:cb:91:c9:
b5:78:08:bb:50:5f:4c:1e:bd:05:db:36:b8:9e:ff:1b:3c:73:
10:62:12:06:0c:b6:75:2c:93:9c:a9:d6:26:74:ed:22:af:44:
33:66:db:66:8c:df:ba:13:ad:29:fb:4f:da:c6:c9:e1:43:de:
2b:9b:2e:20:e9:5c:0a:ad:22:bf:9f:56:90:95:bc:90:26:27:
08:c1:3d:e0:a5:69:96:ff:52:59:db:c3:13:21:c7:ef:08:67:
90:e3:09:f1:fd:a3:f8:9f:1a:b8:e0:18:de:d3:45:8b:d9:e4:
43:28:ce:2e:fd:c9:1c:ca:48:59:77:17:ec:37:71:e7:a1:be:
fc:ac:72:b6
-----BEGIN CERTIFICATE-----
MIIFJTCCBA2gAwIBAgIECMLHHTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg1
NTg4ZjE5N2Y5N2U4OTAwNzU1NTQ0ZTgxMGNkZGVmOWQ5MGZiYzQxMB4XDTIyMDEz
MTE4NTMxN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYWY2NTUzMzZhY2Y1
NjViOWJiYTM1ZjhkOGU3ZjYwMDk1N2JmOTRlYjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANXz0RRZIKc0SGBhunNlDcSgC+FMU8fBbyR4TyIZp5QF3mFt
s6aGfAloHJ64CwyLE5KuCnE910l0vxzff+UXUGNqjNw8KN15FqHJei8BQoE5elNy
n5TFQgEKEVbGnEcePJ1w9gq+S3lgeqA8T/gLh0nDZMAY9ZA5PGAW44Xs2TvD1S6j
jo3F8CvHnhuG49HJrRh2kJ5Q1K31WdyJ/wi6OgbX4x3ksM7yJudnQ1pow44VRz+q
RxCwy6BSj5WsWtlsyQra+cJlD5hYiB4MouWL5H2jpmBqYHQZXtP0XPiZ4CC6SGqr
d2qyWkXR/noumqNC/wLIU5PvZKEwTk4vxTeTvxcCAwEAAaOCAj8wggI7MB0GA1Ud
DgQWBBSvZVM2rPVlubujX42Of2AJV7+U6zAfBgNVHSMEGDAWgBRViPGX+X6JAHVV
ROgQzd752Q+8QTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1ZZanhsX2wtaVFCMVZVVG9FTTNlLWRrUHZFRS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZTYvNjIyOTgxLTk2NTAtNDI3MS05MmNhLTdjZmVmNDI3NmEwZi8x
L3IyVlROcXoxWmJtN28xLU5qbjlnQ1ZlX2xPcy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZTYv
NjIyOTgxLTk2NTAtNDI3MS05MmNhLTdjZmVmNDI3NmEwZi8xL1ZZanhsX2wtaVFC
MVZVVG9FTTNlLWRrUHZFRS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBV
BggrBgEFBQcBBwEB/wRGMEQwQgQCAAEwPDAMAwQCLgMMAwQCLgMQMAwDBAUuAyAD
BAcuAwADBAIuA5gDBAUuA6AwDAMEAy4D2AMEAi4D4AMEBy7oADANBgkqhkiG9w0B
AQsFAAOCAQEAAdP87WHhu9W0NhZ17ScEL5EIEHG6Xv497qb/IbZbszzfYmltmakq
UnVv9qCVkY5jPIOwPUFWr+vKnGPuGtCI7PHAZEMrNcOxsUI6KkwezZWySXkCufgS
z4aBI+dqNVJgCGfLS3Q69nrBTkdXhdDcZ+bhRBCF3dxNVHi0y5HJtXgIu1BfTB69
Bds2uJ7/GzxzEGISBgy2dSyTnKnWJnTtIq9EM2bbZozfuhOtKftP2sbJ4UPeK5su
IOlcCq0iv59WkJW8kCYnCME94KVplv9SWdvDEyHH7whnkOMJ8f2j+J8auOAY3tNF
i9nkQyjOLv3JHMpIWXcX7Ddx56G+/Kxytg==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:09:29 2023 by rpki-client on console-ams.rpki-client.org