Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e6/622981-9650-4271-92ca-7cfef4276a0f/1/z2pjfCxhqQBZ6bqwcSBxQmUYm5g.roa
File: z2pjfCxhqQBZ6bqwcSBxQmUYm5g.roa (raw, json)
Hash identifier: fCgTuI0kTB+E9ZccUiEV4vns45QqXxB8MsXygc9hO5Q=
Subject key identifier: CF:6A:63:7C:2C:61:A9:00:59:E9:BA:B0:71:20:71:42:65:18:9B:98
Certificate issuer: /CN=5588f197f97e8900755544e810cddef9d90fbc41
Certificate serial: 0887E369
Authority key identifier: 55:88:F1:97:F9:7E:89:00:75:55:44:E8:10:CD:DE:F9:D9:0F:BC:41
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VYjxl_l-iQB1VUToEM3e-dkPvEE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e6/622981-9650-4271-92ca-7cfef4276a0f/1/z2pjfCxhqQBZ6bqwcSBxQmUYm5g.roa
Signing time: Wed 12 Jan 2022 07:49:39 +0000
ROA not before: Wed 12 Jan 2022 07:49:39 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2914
IP address blocks: 46.3.152.0/22 maxlen: 22
46.3.160.0/20 maxlen: 20
46.3.176.0/20 maxlen: 20
46.3.96.0/19 maxlen: 19
46.232.64.0/19 maxlen: 19
46.232.64.0/18 maxlen: 18
46.3.64.0/20 maxlen: 20
46.3.80.0/20 maxlen: 20
46.3.80.0/22 maxlen: 22
46.232.96.0/19 maxlen: 19
46.232.0.0/19 maxlen: 19
46.232.0.0/18 maxlen: 18
46.232.0.0/24 maxlen: 24
46.232.0.0/17 maxlen: 17
46.3.208.0/21 maxlen: 21
46.3.216.0/21 maxlen: 21
46.232.16.0/22 maxlen: 22
46.3.224.0/22 maxlen: 22
46.3.16.0/22 maxlen: 22
46.3.12.0/22 maxlen: 22
46.232.32.0/19 maxlen: 19
46.3.32.0/19 maxlen: 19
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 143123305 (0x887e369)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5588f197f97e8900755544e810cddef9d90fbc41
Validity
Not Before: Jan 12 07:49:39 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=cf6a637c2c61a90059e9bab07120714265189b98
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:43:fc:cb:c9:28:2b:f4:26:1c:01:65:40:ae:
70:69:c2:71:54:d0:b4:be:39:83:d9:fe:1c:20:a6:
b1:82:f3:12:9a:54:0b:5a:83:18:d0:42:15:43:c2:
76:19:1c:ec:a9:a3:cd:f4:1b:03:72:bf:ec:0f:22:
4b:06:8b:11:6c:c4:68:9f:f2:02:e2:d7:4b:93:34:
21:ad:3b:fc:ee:5f:3d:ae:f9:9f:20:e8:e4:d9:0d:
4d:41:9f:81:7b:0a:15:f6:65:fe:f2:7c:33:54:3e:
07:35:e4:d0:e9:10:fd:39:e9:6d:89:da:04:86:3f:
68:e8:7e:49:93:93:ba:8d:bd:30:56:2f:10:cb:f1:
db:f4:54:44:75:a2:07:15:16:d3:23:37:5d:dd:19:
d2:98:78:03:f9:49:d8:b9:49:1c:00:fa:a0:0f:69:
33:66:10:37:0b:a2:f8:f0:17:97:cf:a0:94:92:11:
e1:65:97:27:57:b7:45:76:9e:6e:7c:94:7d:4d:f5:
d1:72:4d:1b:b8:36:53:ef:ff:9f:5a:f0:ec:20:7f:
12:bb:57:40:7a:71:af:dc:68:04:af:94:a5:3a:2f:
28:31:61:e6:58:91:dd:9b:a3:e0:88:1f:dd:56:d0:
93:da:19:2b:92:d3:e8:d7:92:af:de:52:e7:4d:b6:
99:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:6A:63:7C:2C:61:A9:00:59:E9:BA:B0:71:20:71:42:65:18:9B:98
X509v3 Authority Key Identifier:
keyid:55:88:F1:97:F9:7E:89:00:75:55:44:E8:10:CD:DE:F9:D9:0F:BC:41
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VYjxl_l-iQB1VUToEM3e-dkPvEE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/622981-9650-4271-92ca-7cfef4276a0f/1/z2pjfCxhqQBZ6bqwcSBxQmUYm5g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/622981-9650-4271-92ca-7cfef4276a0f/1/VYjxl_l-iQB1VUToEM3e-dkPvEE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.3.12.0-46.3.19.255
46.3.32.0-46.3.127.255
46.3.152.0/22
46.3.160.0/19
46.3.208.0-46.3.227.255
46.232.0.0/17
Signature Algorithm: sha256WithRSAEncryption
15:b5:d5:4b:83:68:29:51:a3:85:09:b9:f5:e6:f4:87:2c:e3:
4b:0e:39:8a:c4:09:37:da:87:29:ad:fc:73:69:c2:ed:1e:a2:
cc:df:59:a8:8b:37:c3:9e:10:b8:99:c2:74:65:1b:45:34:79:
53:45:f3:63:1a:fc:69:8a:98:b0:37:41:a9:89:b6:27:ef:77:
ee:0b:5e:dd:73:dc:d2:fb:2d:38:ae:56:a1:c3:c1:b2:93:f6:
a9:bd:77:99:49:25:90:2c:c8:a8:d3:0f:23:dc:68:7a:16:a5:
1e:5f:25:40:09:c9:36:a6:78:5e:58:9d:08:c4:d2:63:de:d6:
65:13:cf:51:4e:00:f0:4b:b3:07:37:7c:2d:16:e6:0d:b8:32:
fb:48:d8:bf:f8:3f:6b:78:81:e4:be:96:b3:4b:dd:8b:ad:3d:
6d:7d:8b:a9:37:8c:b2:f8:1d:47:bf:6d:0a:8b:9a:0b:1e:81:
77:71:59:20:13:b9:77:a6:d2:21:77:12:8c:74:4f:c1:ab:ec:
da:54:dd:94:71:af:f4:74:ed:4d:b2:2d:45:db:f1:bb:44:6a:
18:6e:af:cd:be:1e:02:ed:3e:28:1d:e2:4d:76:7f:11:80:72:
38:15:e6:e6:7f:36:bb:08:57:53:ad:85:44:6e:bc:b4:75:2f:
9b:bd:b2:15
-----BEGIN CERTIFICATE-----
MIIFJTCCBA2gAwIBAgIECIfjaTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg1
NTg4ZjE5N2Y5N2U4OTAwNzU1NTQ0ZTgxMGNkZGVmOWQ5MGZiYzQxMB4XDTIyMDEx
MjA3NDkzOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoY2Y2YTYzN2MyYzYx
YTkwMDU5ZTliYWIwNzEyMDcxNDI2NTE4OWI5ODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAIVD/MvJKCv0JhwBZUCucGnCcVTQtL45g9n+HCCmsYLzEppU
C1qDGNBCFUPCdhkc7KmjzfQbA3K/7A8iSwaLEWzEaJ/yAuLXS5M0Ia07/O5fPa75
nyDo5NkNTUGfgXsKFfZl/vJ8M1Q+BzXk0OkQ/TnpbYnaBIY/aOh+SZOTuo29MFYv
EMvx2/RURHWiBxUW0yM3Xd0Z0ph4A/lJ2LlJHAD6oA9pM2YQNwui+PAXl8+glJIR
4WWXJ1e3RXaebnyUfU310XJNG7g2U+//n1rw7CB/ErtXQHpxr9xoBK+UpTovKDFh
5liR3Zuj4Igf3VbQk9oZK5LT6NeSr95S5022meUCAwEAAaOCAj8wggI7MB0GA1Ud
DgQWBBTPamN8LGGpAFnpurBxIHFCZRibmDAfBgNVHSMEGDAWgBRViPGX+X6JAHVV
ROgQzd752Q+8QTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1ZZanhsX2wtaVFCMVZVVG9FTTNlLWRrUHZFRS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZTYvNjIyOTgxLTk2NTAtNDI3MS05MmNhLTdjZmVmNDI3NmEwZi8x
L3oycGpmQ3hocVFCWjZicXdjU0J4UW1VWW01Zy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZTYv
NjIyOTgxLTk2NTAtNDI3MS05MmNhLTdjZmVmNDI3NmEwZi8xL1ZZanhsX2wtaVFC
MVZVVG9FTTNlLWRrUHZFRS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBV
BggrBgEFBQcBBwEB/wRGMEQwQgQCAAEwPDAMAwQCLgMMAwQCLgMQMAwDBAUuAyAD
BAcuAwADBAIuA5gDBAUuA6AwDAMEBC4D0AMEAi4D4AMEBy7oADANBgkqhkiG9w0B
AQsFAAOCAQEAFbXVS4NoKVGjhQm59eb0hyzjSw45isQJN9qHKa38c2nC7R6izN9Z
qIs3w54QuJnCdGUbRTR5U0XzYxr8aYqYsDdBqYm2J+937gte3XPc0vstOK5WocPB
spP2qb13mUklkCzIqNMPI9xoehalHl8lQAnJNqZ4XlidCMTSY97WZRPPUU4A8Euz
Bzd8LRbmDbgy+0jYv/g/a3iB5L6Ws0vdi609bX2LqTeMsvgdR79tCouaCx6Bd3FZ
IBO5d6bSIXcSjHRPwavs2lTdlHGv9HTtTbItRdvxu0RqGG6vzb4eAu0+KB3iTXZ/
EYByOBXm5n82uwhXU62FRG68tHUvm72yFQ==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:09:29 2023 by rpki-client on console-ams.rpki-client.org