Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e6/622981-9650-4271-92ca-7cfef4276a0f/1/s2IlUz2Uv-lA-_TUHfC2J1EhgfE.roa
File: s2IlUz2Uv-lA-_TUHfC2J1EhgfE.roa (raw, json)
Hash identifier: Oi8bgaUzy/L5ONgO4lUdN+7djsCGTxibc1ffLXn/BbU=
Subject key identifier: B3:62:25:53:3D:94:BF:E9:40:FB:F4:D4:1D:F0:B6:27:51:21:81:F1
Certificate issuer: /CN=5588f197f97e8900755544e810cddef9d90fbc41
Certificate serial: 018241A846CBE7291C1E835F554ECCC6BCC5
Authority key identifier: 55:88:F1:97:F9:7E:89:00:75:55:44:E8:10:CD:DE:F9:D9:0F:BC:41
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VYjxl_l-iQB1VUToEM3e-dkPvEE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e6/622981-9650-4271-92ca-7cfef4276a0f/1/s2IlUz2Uv-lA-_TUHfC2J1EhgfE.roa
Signing time: Wed 27 Jul 2022 21:55:23 +0000
ROA not before: Wed 27 Jul 2022 21:55:23 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 399989
IP address blocks: 46.3.48.0/20 maxlen: 20
46.232.80.0/20 maxlen: 20
46.3.80.0/21 maxlen: 21
46.3.96.0/20 maxlen: 20
46.3.216.0/21 maxlen: 21
46.3.224.0/21 maxlen: 21
46.232.24.0/21 maxlen: 21
46.3.120.0/21 maxlen: 21
46.232.32.0/20 maxlen: 20
46.3.32.0/20 maxlen: 20
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:41:a8:46:cb:e7:29:1c:1e:83:5f:55:4e:cc:c6:bc:c5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5588f197f97e8900755544e810cddef9d90fbc41
Validity
Not Before: Jul 27 21:55:23 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=b36225533d94bfe940fbf4d41df0b627512181f1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:32:95:27:67:33:ef:96:8b:84:39:04:db:0a:
c7:eb:0a:37:29:0f:9e:a8:a5:69:9d:3c:0e:b8:6b:
37:ff:d5:63:18:e0:38:2e:b7:5d:d2:46:64:78:ee:
3b:40:f9:2e:3f:a9:74:9d:d1:1d:4f:02:f3:38:17:
b6:f7:6f:38:db:88:af:69:56:10:e3:52:85:7c:39:
ba:01:c5:c5:fd:2d:05:e3:12:88:7d:2a:db:0f:20:
0a:20:7c:47:da:4e:72:fd:c9:00:e7:a4:11:73:e9:
e5:4f:40:38:0b:75:b5:10:bd:20:9e:3d:50:85:dd:
a1:76:8c:31:a0:58:49:62:87:03:c9:64:0d:80:cd:
ef:e6:ce:f2:19:55:0d:cd:f2:2e:03:c2:af:3b:d5:
8a:f6:ee:0a:75:60:89:41:bc:d9:93:8f:67:3a:a3:
a5:2b:7f:7b:39:04:bf:3e:b4:12:e1:6e:73:09:62:
a6:8f:23:b6:35:53:80:c6:e2:ce:ab:ba:89:7e:cb:
93:45:fa:dd:67:b9:4c:65:f1:e2:a3:e1:4c:3c:f0:
78:e9:14:36:ec:a6:88:64:96:9d:41:10:ca:db:97:
9d:93:7e:56:ce:45:35:86:91:67:e7:9a:6d:91:29:
86:62:f9:7e:f7:ea:44:a3:18:d6:78:dd:fc:57:73:
67:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:62:25:53:3D:94:BF:E9:40:FB:F4:D4:1D:F0:B6:27:51:21:81:F1
X509v3 Authority Key Identifier:
keyid:55:88:F1:97:F9:7E:89:00:75:55:44:E8:10:CD:DE:F9:D9:0F:BC:41
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VYjxl_l-iQB1VUToEM3e-dkPvEE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/622981-9650-4271-92ca-7cfef4276a0f/1/s2IlUz2Uv-lA-_TUHfC2J1EhgfE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/622981-9650-4271-92ca-7cfef4276a0f/1/VYjxl_l-iQB1VUToEM3e-dkPvEE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.3.32.0/19
46.3.80.0/21
46.3.96.0/20
46.3.120.0/21
46.3.216.0-46.3.231.255
46.232.24.0-46.232.47.255
46.232.80.0/20
Signature Algorithm: sha256WithRSAEncryption
1f:cb:4f:ec:8d:cb:26:e6:20:cd:22:5e:90:99:af:a1:9e:e3:
e6:9e:d2:a1:3c:51:9f:e1:88:c0:53:32:e5:d3:27:0a:c6:b7:
25:6e:11:72:ac:90:00:e1:44:28:89:ae:c3:27:44:b0:bb:a9:
2d:3f:d3:23:ac:c0:c7:25:7a:84:f1:94:ae:82:e8:2e:fa:51:
1a:84:3d:cf:ae:df:ad:ce:a1:c8:00:9b:8d:de:15:0b:66:2d:
23:89:c9:ee:7b:4b:58:89:7a:a3:82:e8:fd:aa:7f:18:2f:01:
77:a6:86:cc:7c:96:00:7f:a3:04:82:67:4a:e5:40:3d:d9:72:
86:de:05:3d:9c:e8:ba:d0:a4:f4:fb:1a:fa:2d:0b:3b:78:d0:
da:77:2f:4e:91:be:f5:e5:54:c1:eb:9a:1c:19:0a:ca:18:fc:
a4:6d:87:97:fc:9a:0a:96:98:88:67:24:74:bf:ad:4c:4c:87:
ce:a8:ba:0e:34:18:ad:3a:22:6b:89:5b:93:27:d3:80:00:06:
74:5e:08:01:48:63:1d:dd:09:55:49:c1:93:28:50:f1:2b:17:
c4:27:f9:7d:fc:9c:39:1b:13:ea:47:d0:24:b6:3e:5c:89:ba:
c1:91:1d:3f:7a:c2:0a:dc:38:5f:c1:d8:bd:a4:16:33:e2:6a:
18:9d:08:0c
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgISAYJBqEbL5ykcHoNfVU7MxrzFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU1ODhmMTk3Zjk3ZTg5MDA3NTU1NDRlODEwY2RkZWY5ZDkw
ZmJjNDEwHhcNMjIwNzI3MjE1NTIzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMzYyMjU1MzNkOTRiZmU5NDBmYmY0ZDQxZGYwYjYyNzUxMjE4MWYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAljKVJ2cz75aLhDkE2wrH6wo3KQ+e
qKVpnTwOuGs3/9VjGOA4Lrdd0kZkeO47QPkuP6l0ndEdTwLzOBe2928424ivaVYQ
41KFfDm6AcXF/S0F4xKIfSrbDyAKIHxH2k5y/ckA56QRc+nlT0A4C3W1EL0gnj1Q
hd2hdowxoFhJYocDyWQNgM3v5s7yGVUNzfIuA8KvO9WK9u4KdWCJQbzZk49nOqOl
K397OQS/PrQS4W5zCWKmjyO2NVOAxuLOq7qJfsuTRfrdZ7lMZfHio+FMPPB46RQ2
7KaIZJadQRDK25edk35WzkU1hpFn55ptkSmGYvl+9+pEoxjWeN38V3Nn8QIDAQAB
o4ICPTCCAjkwHQYDVR0OBBYEFLNiJVM9lL/pQPv01B3wtidRIYHxMB8GA1UdIwQY
MBaAFFWI8Zf5fokAdVVE6BDN3vnZD7xBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVllqeGxfbC1pUUIxVlVUb0VNM2UtZGtQdkVFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNi82MjI5ODEtOTY1MC00MjcxLTkyY2Et
N2NmZWY0Mjc2YTBmLzEvczJJbFV6MlV2LWxBLV9UVUhmQzJKMUVoZ2ZFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNi82MjI5ODEtOTY1MC00MjcxLTkyY2EtN2NmZWY0Mjc2YTBm
LzEvVllqeGxfbC1pUUIxVlVUb0VNM2UtZGtQdkVFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFMGCCsGAQUFBwEHAQH/BEQwQjBABAIAATA6AwQFLgMgAwQD
LgNQAwQELgNgAwQDLgN4MAwDBAMuA9gDBAMuA+AwDAMEAy7oGAMEBC7oIAMEBC7o
UDANBgkqhkiG9w0BAQsFAAOCAQEAH8tP7I3LJuYgzSJekJmvoZ7j5p7SoTxRn+GI
wFMy5dMnCsa3JW4RcqyQAOFEKImuwydEsLupLT/TI6zAxyV6hPGUroLoLvpRGoQ9
z67frc6hyACbjd4VC2YtI4nJ7ntLWIl6o4Lo/ap/GC8Bd6aGzHyWAH+jBIJnSuVA
Pdlyht4FPZzoutCk9Psa+i0LO3jQ2ncvTpG+9eVUweuaHBkKyhj8pG2Hl/yaCpaY
iGckdL+tTEyHzqi6DjQYrToia4lbkyfTgAAGdF4IAUhjHd0JVUnBkyhQ8SsXxCf5
ffycORsT6kfQJLY+XIm6wZEdP3rCCtw4X8HYvaQWM+JqGJ0IDA==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:09:29 2023 by rpki-client on console-ams.rpki-client.org