Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e6/622981-9650-4271-92ca-7cfef4276a0f/1/u0KmtwkKKlwzGk0immpNWKthJGA.roa
File: u0KmtwkKKlwzGk0immpNWKthJGA.roa (raw, json)
Hash identifier: 5mHBtr5pimGe35wRZHulzWF9nw02lm8nqJFGqtUI518=
Subject key identifier: BB:42:A6:B7:09:0A:2A:5C:33:1A:4D:22:9A:6A:4D:58:AB:61:24:60
Certificate issuer: /CN=5588f197f97e8900755544e810cddef9d90fbc41
Certificate serial: 09871E07
Authority key identifier: 55:88:F1:97:F9:7E:89:00:75:55:44:E8:10:CD:DE:F9:D9:0F:BC:41
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VYjxl_l-iQB1VUToEM3e-dkPvEE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e6/622981-9650-4271-92ca-7cfef4276a0f/1/u0KmtwkKKlwzGk0immpNWKthJGA.roa
Signing time: Tue 19 Apr 2022 06:11:53 +0000
ROA not before: Tue 19 Apr 2022 06:11:53 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 57494
IP address blocks: 80.243.128.0/22 maxlen: 22
80.243.136.0/23 maxlen: 23
80.243.140.0/23 maxlen: 23
46.3.64.0/22 maxlen: 22
46.3.68.0/22 maxlen: 22
46.3.88.0/22 maxlen: 22
46.232.2.0/23 maxlen: 23
46.232.4.0/22 maxlen: 22
46.3.168.0/22 maxlen: 22
46.3.172.0/22 maxlen: 22
46.3.176.0/22 maxlen: 22
46.3.180.0/22 maxlen: 22
46.3.184.0/22 maxlen: 22
46.3.188.0/24 maxlen: 24
46.3.188.0/22 maxlen: 22
46.3.192.0/22 maxlen: 22
46.3.192.0/23 maxlen: 23
46.3.196.0/22 maxlen: 22
46.3.140.0/22 maxlen: 22
46.3.206.0/23 maxlen: 23
46.3.223.0/24 maxlen: 24
46.3.228.0/23 maxlen: 23
149.126.216.0/22 maxlen: 22
149.126.220.0/22 maxlen: 22
149.126.232.0/22 maxlen: 22
149.126.236.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 159849991 (0x9871e07)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5588f197f97e8900755544e810cddef9d90fbc41
Validity
Not Before: Apr 19 06:11:53 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=bb42a6b7090a2a5c331a4d229a6a4d58ab612460
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:86:f8:98:29:68:02:8a:76:9b:33:cb:06:85:
4d:08:29:30:90:e0:b0:5b:44:f4:ea:f9:65:1d:77:
d9:2b:30:72:85:85:a1:3a:98:8f:2b:b3:eb:cf:12:
34:b1:49:ba:6a:d5:19:fb:52:63:68:b3:1e:09:d6:
b2:ee:af:a8:b2:3a:f2:49:9e:78:c8:00:15:34:e2:
fa:27:c6:9f:1c:b3:82:0e:69:85:9c:42:9b:35:42:
99:ed:77:d4:a6:07:b8:c8:f8:44:c1:9b:52:ac:75:
eb:9b:e8:cc:8c:84:d7:cf:78:be:d7:66:33:f7:69:
00:dd:ea:ba:81:b1:80:d3:6c:78:77:4b:e2:b5:bc:
41:a2:fd:a0:82:d0:5d:0d:3c:39:b4:14:0d:be:f3:
14:7f:4e:b6:fd:23:1e:7e:19:c0:d2:4e:f0:e5:ff:
1d:c2:c1:0e:15:9c:22:2e:3d:e5:42:72:72:7d:b9:
f4:65:05:0a:1b:e0:a3:da:14:1b:49:10:c6:d8:0c:
c5:85:93:b9:2d:4b:c4:d5:56:9b:ce:09:58:0b:62:
6c:60:fb:09:79:38:9d:f7:7e:5c:c2:e3:18:b9:95:
69:75:df:6a:61:df:48:86:d5:2d:19:95:f8:0b:70:
a1:e7:2b:ac:88:35:dd:4f:81:cc:72:3d:dc:0a:4c:
1a:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:42:A6:B7:09:0A:2A:5C:33:1A:4D:22:9A:6A:4D:58:AB:61:24:60
X509v3 Authority Key Identifier:
keyid:55:88:F1:97:F9:7E:89:00:75:55:44:E8:10:CD:DE:F9:D9:0F:BC:41
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VYjxl_l-iQB1VUToEM3e-dkPvEE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/622981-9650-4271-92ca-7cfef4276a0f/1/u0KmtwkKKlwzGk0immpNWKthJGA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/622981-9650-4271-92ca-7cfef4276a0f/1/VYjxl_l-iQB1VUToEM3e-dkPvEE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.3.64.0/21
46.3.88.0/22
46.3.140.0/22
46.3.168.0-46.3.199.255
46.3.206.0/23
46.3.223.0/24
46.3.228.0/23
46.232.2.0-46.232.7.255
80.243.128.0/22
80.243.136.0/23
80.243.140.0/23
149.126.216.0/21
149.126.232.0/21
Signature Algorithm: sha256WithRSAEncryption
1b:8a:fd:8c:e7:bb:8e:88:7c:d4:e9:5d:5d:4b:70:2d:02:c5:
77:99:a1:1a:d4:f4:90:96:e5:a5:f0:95:c4:bd:3e:b4:5b:9b:
8e:54:f6:83:02:5f:d0:f8:98:a7:05:ec:d8:ae:6a:5f:8b:8d:
3d:d7:bb:1e:d7:f2:71:48:cd:60:d4:5f:8c:f9:f0:c6:db:3b:
a0:f1:f6:26:cf:3a:db:33:d2:30:24:ed:99:7b:0f:c1:9e:46:
76:8e:9c:59:46:f2:e6:95:6b:b1:eb:22:b0:ce:a2:6b:67:22:
d3:49:87:f3:40:55:7f:03:ef:cc:2e:53:77:94:e9:a6:41:58:
a1:17:1e:3d:bd:45:86:2d:50:14:3d:10:40:97:3b:83:eb:fc:
4b:8b:23:83:ba:02:4b:a8:e0:84:d9:8d:d0:1b:f4:78:79:d0:
5d:22:d4:34:38:77:33:17:e4:57:0f:33:ab:9c:74:a2:3f:bd:
2e:f1:04:28:b2:95:f1:d0:20:9e:47:f2:c2:e5:ba:33:c1:d6:
bb:e2:f0:cd:3f:46:76:e6:3b:a5:30:ca:1a:49:5a:a7:70:be:
44:21:fa:3a:76:fc:65:78:13:96:91:52:6b:d5:34:00:54:68:
ce:ca:80:8f:87:67:42:92:97:24:f5:80:2a:11:69:c0:35:a1:
5e:68:c8:c4
-----BEGIN CERTIFICATE-----
MIIFRzCCBC+gAwIBAgIECYceBzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg1
NTg4ZjE5N2Y5N2U4OTAwNzU1NTQ0ZTgxMGNkZGVmOWQ5MGZiYzQxMB4XDTIyMDQx
OTA2MTE1M1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYmI0MmE2YjcwOTBh
MmE1YzMzMWE0ZDIyOWE2YTRkNThhYjYxMjQ2MDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANqG+JgpaAKKdpszywaFTQgpMJDgsFtE9Or5ZR132SswcoWF
oTqYjyuz688SNLFJumrVGftSY2izHgnWsu6vqLI68kmeeMgAFTTi+ifGnxyzgg5p
hZxCmzVCme131KYHuMj4RMGbUqx165vozIyE1894vtdmM/dpAN3quoGxgNNseHdL
4rW8QaL9oILQXQ08ObQUDb7zFH9Otv0jHn4ZwNJO8OX/HcLBDhWcIi495UJycn25
9GUFChvgo9oUG0kQxtgMxYWTuS1LxNVWm84JWAtibGD7CXk4nfd+XMLjGLmVaXXf
amHfSIbVLRmV+AtwoecrrIg13U+BzHI93ApMGn0CAwEAAaOCAmEwggJdMB0GA1Ud
DgQWBBS7Qqa3CQoqXDMaTSKaak1Yq2EkYDAfBgNVHSMEGDAWgBRViPGX+X6JAHVV
ROgQzd752Q+8QTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1ZZanhsX2wtaVFCMVZVVG9FTTNlLWRrUHZFRS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZTYvNjIyOTgxLTk2NTAtNDI3MS05MmNhLTdjZmVmNDI3NmEwZi8x
L3UwS210d2tLS2x3ekdrMGltbXBOV0t0aEpHQS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZTYv
NjIyOTgxLTk2NTAtNDI3MS05MmNhLTdjZmVmNDI3NmEwZi8xL1ZZanhsX2wtaVFC
MVZVVG9FTTNlLWRrUHZFRS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjB3
BggrBgEFBQcBBwEB/wRoMGYwZAQCAAEwXgMEAy4DQAMEAi4DWAMEAi4DjDAMAwQD
LgOoAwQDLgPAAwQBLgPOAwQALgPfAwQBLgPkMAwDBAEu6AIDBAMu6AADBAJQ84AD
BAFQ84gDBAFQ84wDBAOVftgDBAOVfugwDQYJKoZIhvcNAQELBQADggEBABuK/Yzn
u46IfNTpXV1LcC0CxXeZoRrU9JCW5aXwlcS9PrRbm45U9oMCX9D4mKcF7Niual+L
jT3Xux7X8nFIzWDUX4z58MbbO6Dx9ibPOtsz0jAk7Zl7D8GeRnaOnFlG8uaVa7Hr
IrDOomtnItNJh/NAVX8D78wuU3eU6aZBWKEXHj29RYYtUBQ9EECXO4Pr/EuLI4O6
Akuo4ITZjdAb9Hh50F0i1DQ4dzMX5FcPM6ucdKI/vS7xBCiylfHQIJ5H8sLlujPB
1rvi8M0/RnbmO6UwyhpJWqdwvkQh+jp2/GV4E5aRUmvVNABUaM7KgI+HZ0KSlyT1
gCoRacA1oV5oyMQ=
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:05:36 2023 by rpki-client on console-fra.rpki-client.org