Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/cdff16-458a-47c3-8dfa-231549409720/1/2OK_RQ1TCAiDjVih-0pbFHTo5Kw.roa
File: 2OK_RQ1TCAiDjVih-0pbFHTo5Kw.roa (raw, json)
Hash identifier: k2sowdMEHb6DWFqTgJQ9o4r8uAub61byzsTr4LLrdyQ=
Subject key identifier: D8:E2:BF:45:0D:53:08:08:83:8D:58:A1:FB:4A:5B:14:74:E8:E4:AC
Certificate issuer: /CN=d3cf0884918a50239ef70518ee9fc04f1aae1929
Certificate serial: 0184B1310749BC0CF37EB64421EF0D49DBFC
Authority key identifier: D3:CF:08:84:91:8A:50:23:9E:F7:05:18:EE:9F:C0:4F:1A:AE:19:29
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/088IhJGKUCOe9wUY7p_ATxquGSk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e7/cdff16-458a-47c3-8dfa-231549409720/1/2OK_RQ1TCAiDjVih-0pbFHTo5Kw.roa
Signing time: Fri 25 Nov 2022 23:48:11 +0000
ROA not before: Fri 25 Nov 2022 23:48:11 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 61317
IP address blocks: 46.37.100.0/24 maxlen: 24
46.37.105.0/24 maxlen: 24
46.37.102.0/24 maxlen: 24
46.37.104.0/24 maxlen: 24
46.37.110.0/24 maxlen: 24
185.92.44.0/24 maxlen: 24
46.37.106.0/24 maxlen: 24
185.92.47.0/24 maxlen: 24
185.92.46.0/24 maxlen: 24
46.37.119.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:b1:31:07:49:bc:0c:f3:7e:b6:44:21:ef:0d:49:db:fc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3cf0884918a50239ef70518ee9fc04f1aae1929
Validity
Not Before: Nov 25 23:48:11 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d8e2bf450d530808838d58a1fb4a5b1474e8e4ac
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:a7:81:87:6c:b8:23:83:34:cc:c9:c0:17:c3:
41:3d:88:70:72:23:d1:4a:4a:8f:d1:2e:aa:41:37:
62:5c:9a:50:ea:71:1b:6e:58:aa:4b:71:1a:ed:38:
c2:67:ad:b8:3e:b1:8e:9f:aa:52:f8:b8:97:c2:ee:
02:3f:89:08:5c:58:ee:de:e1:6e:3d:24:f9:50:24:
d1:bc:c4:f5:de:bd:73:53:22:b6:5b:b8:3e:67:f5:
59:54:71:47:35:a3:1e:81:d8:4e:c2:3f:65:b4:99:
13:e0:1f:8d:1c:fa:63:e6:95:66:24:eb:5a:f0:56:
34:57:f2:58:1d:8a:47:87:04:55:8b:e0:ca:72:23:
c4:b4:df:ed:4a:28:61:23:3c:24:7c:8a:50:9a:53:
37:6f:df:1c:2f:55:30:88:31:77:4c:52:8d:cd:94:
48:1a:32:f3:af:f8:90:ff:6a:22:42:a5:f9:0e:b1:
8d:ae:0a:70:bc:57:3f:b5:74:77:5c:b7:6b:48:e4:
b9:5f:3d:c0:90:40:cf:68:a8:07:8f:62:de:39:89:
ed:3d:e7:55:96:97:4b:46:9e:ea:f6:73:94:79:59:
cf:ea:76:31:85:ad:30:de:87:11:33:be:bf:4b:77:
e5:85:34:44:e4:f6:7c:f0:c0:b1:f8:fd:ac:16:9b:
44:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:E2:BF:45:0D:53:08:08:83:8D:58:A1:FB:4A:5B:14:74:E8:E4:AC
X509v3 Authority Key Identifier:
keyid:D3:CF:08:84:91:8A:50:23:9E:F7:05:18:EE:9F:C0:4F:1A:AE:19:29
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/088IhJGKUCOe9wUY7p_ATxquGSk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/cdff16-458a-47c3-8dfa-231549409720/1/2OK_RQ1TCAiDjVih-0pbFHTo5Kw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/cdff16-458a-47c3-8dfa-231549409720/1/088IhJGKUCOe9wUY7p_ATxquGSk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.37.100.0/24
46.37.102.0/24
46.37.104.0-46.37.106.255
46.37.110.0/24
46.37.119.0/24
185.92.44.0/24
185.92.46.0/23
Signature Algorithm: sha256WithRSAEncryption
b1:df:6c:f1:16:ff:d4:fe:7d:13:5c:bc:3a:b5:cd:de:c8:cf:
2f:1c:ea:7d:95:0f:4b:46:84:f2:ff:0f:2c:60:ab:da:3a:e6:
97:b8:a9:a5:e0:04:b3:d1:81:15:c1:a2:35:cd:41:0d:7e:7d:
34:6f:e4:14:a8:e4:42:78:27:d5:e8:d5:06:f9:d5:79:bb:2c:
7e:35:40:73:57:ae:32:2b:82:f2:d5:42:11:b1:14:4c:56:07:
a7:83:17:29:63:c7:c0:1f:2d:23:07:40:2b:f2:97:e6:50:80:
38:14:70:03:39:5d:c9:02:55:20:9b:e1:04:d8:e2:e5:6f:75:
ef:00:9b:40:b8:3e:3a:65:16:bf:3f:43:28:2d:e2:67:50:4c:
c7:73:5e:6f:0d:2e:57:12:fd:31:69:1a:75:c0:1f:02:f1:42:
34:e2:ab:c1:98:4f:82:2f:73:06:c1:bf:ba:b7:7e:89:39:74:
ec:97:0e:46:13:51:28:49:e4:0c:88:a2:96:67:b5:db:0c:61:
e3:f2:8b:c6:82:ef:45:41:b7:cb:42:9e:f1:72:5d:f9:0e:d4:
b9:12:db:cc:9d:b6:ed:8d:70:cf:c1:d1:8a:28:c7:b0:f0:7c:
c8:72:d7:ec:f0:ac:e8:0d:79:ec:4a:9a:d2:67:e7:3f:ad:2d:
f9:f4:8c:75
-----BEGIN CERTIFICATE-----
MIIFKTCCBBGgAwIBAgISAYSxMQdJvAzzfrZEIe8NSdv8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzY2YwODg0OTE4YTUwMjM5ZWY3MDUxOGVlOWZjMDRmMWFh
ZTE5MjkwHhcNMjIxMTI1MjM0ODExWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOGUyYmY0NTBkNTMwODA4ODM4ZDU4YTFmYjRhNWIxNDc0ZThlNGFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvKeBh2y4I4M0zMnAF8NBPYhwciPR
SkqP0S6qQTdiXJpQ6nEbbliqS3Ea7TjCZ624PrGOn6pS+LiXwu4CP4kIXFju3uFu
PST5UCTRvMT13r1zUyK2W7g+Z/VZVHFHNaMegdhOwj9ltJkT4B+NHPpj5pVmJOta
8FY0V/JYHYpHhwRVi+DKciPEtN/tSihhIzwkfIpQmlM3b98cL1UwiDF3TFKNzZRI
GjLzr/iQ/2oiQqX5DrGNrgpwvFc/tXR3XLdrSOS5Xz3AkEDPaKgHj2LeOYntPedV
lpdLRp7q9nOUeVnP6nYxha0w3ocRM76/S3flhTRE5PZ88MCx+P2sFptEhQIDAQAB
o4ICNTCCAjEwHQYDVR0OBBYEFNjiv0UNUwgIg41YoftKWxR06OSsMB8GA1UdIwQY
MBaAFNPPCISRilAjnvcFGO6fwE8arhkpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDg4SWhKR0tVQ09lOXdVWTdwX0FUeHF1R1NrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNy9jZGZmMTYtNDU4YS00N2MzLThkZmEt
MjMxNTQ5NDA5NzIwLzEvMk9LX1JRMVRDQWlEalZpaC0wcGJGSFRvNUt3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNy9jZGZmMTYtNDU4YS00N2MzLThkZmEtMjMxNTQ5NDA5NzIw
LzEvMDg4SWhKR0tVQ09lOXdVWTdwX0FUeHF1R1NrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEsGCCsGAQUFBwEHAQH/BDwwOjA4BAIAATAyAwQALiVkAwQA
LiVmMAwDBAMuJWgDBAAuJWoDBAAuJW4DBAAuJXcDBAC5XCwDBAG5XC4wDQYJKoZI
hvcNAQELBQADggEBALHfbPEW/9T+fRNcvDq1zd7Izy8c6n2VD0tGhPL/Dyxgq9o6
5pe4qaXgBLPRgRXBojXNQQ1+fTRv5BSo5EJ4J9Xo1Qb51Xm7LH41QHNXrjIrgvLV
QhGxFExWB6eDFyljx8AfLSMHQCvyl+ZQgDgUcAM5XckCVSCb4QTY4uVvde8Am0C4
PjplFr8/Qygt4mdQTMdzXm8NLlcS/TFpGnXAHwLxQjTiq8GYT4IvcwbBv7q3fok5
dOyXDkYTUShJ5AyIopZntdsMYePyi8aC70VBt8tCnvFyXfkO1LkS28ydtu2NcM/B
0Yoox7DwfMhy1+zwrOgNeexKmtJn5z+tLfn0jHU=
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:09:34 2023 by rpki-client on console-ams.rpki-client.org