Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/cdff16-458a-47c3-8dfa-231549409720/1/f-YaaVB_D2ZIEQYB4vFvjph12NE.roa
File: f-YaaVB_D2ZIEQYB4vFvjph12NE.roa (raw, json)
Hash identifier: F27rXZj5G9q5C3wLpkN+n6IwBURP+vaNEMbW1Ta3RSI=
Subject key identifier: 7F:E6:1A:69:50:7F:0F:66:48:11:06:01:E2:F1:6F:8E:98:75:D8:D1
Certificate issuer: /CN=d3cf0884918a50239ef70518ee9fc04f1aae1929
Certificate serial: 03F88E99
Authority key identifier: D3:CF:08:84:91:8A:50:23:9E:F7:05:18:EE:9F:C0:4F:1A:AE:19:29
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/088IhJGKUCOe9wUY7p_ATxquGSk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e7/cdff16-458a-47c3-8dfa-231549409720/1/f-YaaVB_D2ZIEQYB4vFvjph12NE.roa
Signing time: Fri 04 Mar 2022 06:06:53 +0000
ROA not before: Fri 04 Mar 2022 06:06:53 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 61317
IP address blocks: 46.37.98.0/24 maxlen: 24
46.37.97.0/24 maxlen: 24
46.37.100.0/24 maxlen: 24
46.37.99.0/24 maxlen: 24
46.37.105.0/24 maxlen: 24
46.37.102.0/24 maxlen: 24
46.37.104.0/24 maxlen: 24
46.37.112.0/24 maxlen: 24
46.37.109.0/24 maxlen: 24
46.37.111.0/24 maxlen: 24
46.37.110.0/24 maxlen: 24
185.92.44.0/24 maxlen: 24
46.37.107.0/24 maxlen: 24
46.37.106.0/24 maxlen: 24
46.37.114.0/24 maxlen: 24
46.37.113.0/24 maxlen: 24
46.37.116.0/24 maxlen: 24
46.37.115.0/24 maxlen: 24
46.37.117.0/24 maxlen: 24
185.92.45.0/24 maxlen: 24
185.92.47.0/24 maxlen: 24
185.92.46.0/24 maxlen: 24
46.37.119.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 66621081 (0x3f88e99)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3cf0884918a50239ef70518ee9fc04f1aae1929
Validity
Not Before: Mar 4 06:06:53 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=7fe61a69507f0f6648110601e2f16f8e9875d8d1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:c2:2d:93:79:87:69:99:65:61:20:be:78:cc:
50:0e:fe:23:23:69:7e:93:7b:f4:2d:c3:7d:ef:ee:
78:af:3d:fb:54:95:7c:5c:af:aa:26:0c:bb:b2:35:
35:f3:cb:10:60:44:f8:ca:e1:48:46:23:23:7b:99:
45:3b:9e:52:65:b6:4b:b5:d8:11:c6:31:c5:f8:c5:
89:8d:2b:e8:9f:49:0c:64:15:ae:27:13:f7:81:25:
e9:d0:9a:0e:49:bf:b6:83:4e:a0:5c:3f:c9:8d:05:
c4:b4:8d:83:11:4f:ce:95:a2:d9:78:00:3b:aa:02:
c6:f9:98:cb:6a:43:ea:2f:aa:1a:31:19:a6:e3:b6:
3f:ef:54:27:d1:5c:8d:25:1d:24:b3:62:8d:8d:a1:
46:39:18:af:a0:09:0b:dc:9f:4a:2f:10:4d:59:0e:
3a:91:b0:de:c7:93:47:45:2e:87:94:e5:59:e1:f8:
5f:e7:c5:ce:b0:30:0b:2e:71:b5:2a:e5:56:33:26:
b6:4d:29:42:ff:9f:9e:84:01:33:47:e3:0f:31:b6:
88:22:64:4a:a0:af:0b:5a:23:8f:ac:0a:c8:a3:d5:
09:bc:b1:8c:7d:0d:eb:ae:cc:e2:f3:52:27:e2:49:
cd:ba:bd:bb:27:aa:b6:ee:84:74:41:97:1d:f1:87:
ac:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7F:E6:1A:69:50:7F:0F:66:48:11:06:01:E2:F1:6F:8E:98:75:D8:D1
X509v3 Authority Key Identifier:
keyid:D3:CF:08:84:91:8A:50:23:9E:F7:05:18:EE:9F:C0:4F:1A:AE:19:29
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/088IhJGKUCOe9wUY7p_ATxquGSk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/cdff16-458a-47c3-8dfa-231549409720/1/f-YaaVB_D2ZIEQYB4vFvjph12NE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/cdff16-458a-47c3-8dfa-231549409720/1/088IhJGKUCOe9wUY7p_ATxquGSk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.37.97.0-46.37.100.255
46.37.102.0/24
46.37.104.0/22
46.37.109.0-46.37.117.255
46.37.119.0/24
185.92.44.0/22
Signature Algorithm: sha256WithRSAEncryption
69:9e:6f:cb:79:9b:97:38:6e:b4:38:04:aa:eb:a8:3b:75:9e:
b1:09:53:e9:7b:92:11:b4:48:37:1b:65:94:7d:52:70:39:bf:
e2:bd:71:f9:f2:65:17:ac:42:8b:20:11:f1:6b:28:7e:5e:02:
f1:15:6d:5f:47:f0:51:24:2e:15:78:eb:7a:72:90:52:12:12:
4c:24:0a:40:5c:ef:0c:b1:5e:0b:4f:78:5d:9f:b2:5f:02:c3:
48:63:39:c5:e9:4b:58:35:25:80:9a:e9:5e:f5:f3:b8:25:6f:
0d:1f:e9:b2:5d:e4:f7:ab:7d:bf:67:3e:95:8b:4b:9c:e3:47:
6d:98:84:20:0c:a8:3e:5d:d0:42:6b:5e:ea:91:93:05:49:00:
8f:25:62:f0:cc:22:4f:72:09:0e:9c:2c:63:b9:22:ba:ab:7d:
01:10:49:7f:fa:9d:d2:cc:8a:5d:ad:fc:39:a0:93:0b:f1:92:
da:9f:7d:ef:93:ea:49:eb:e5:f7:2d:a1:19:79:85:20:ef:1b:
b5:c9:f8:02:ea:00:16:b9:55:17:43:2b:12:04:b6:1b:ef:65:
01:05:cf:c2:d7:d1:62:26:b1:af:fb:09:cb:63:93:4b:9b:53:
e4:6e:28:a0:4b:98:6c:5d:91:69:ac:6a:5c:07:b3:3e:be:e7:
1d:3a:31:c6
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgIEA/iOmTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
M2NmMDg4NDkxOGE1MDIzOWVmNzA1MThlZTlmYzA0ZjFhYWUxOTI5MB4XDTIyMDMw
NDA2MDY1M1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoN2ZlNjFhNjk1MDdm
MGY2NjQ4MTEwNjAxZTJmMTZmOGU5ODc1ZDhkMTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAI7CLZN5h2mZZWEgvnjMUA7+IyNpfpN79C3Dfe/ueK89+1SV
fFyvqiYMu7I1NfPLEGBE+MrhSEYjI3uZRTueUmW2S7XYEcYxxfjFiY0r6J9JDGQV
ricT94El6dCaDkm/toNOoFw/yY0FxLSNgxFPzpWi2XgAO6oCxvmYy2pD6i+qGjEZ
puO2P+9UJ9FcjSUdJLNijY2hRjkYr6AJC9yfSi8QTVkOOpGw3seTR0Uuh5TlWeH4
X+fFzrAwCy5xtSrlVjMmtk0pQv+fnoQBM0fjDzG2iCJkSqCvC1ojj6wKyKPVCbyx
jH0N667M4vNSJ+JJzbq9uyeqtu6EdEGXHfGHrEkCAwEAAaOCAjcwggIzMB0GA1Ud
DgQWBBR/5hppUH8PZkgRBgHi8W+OmHXY0TAfBgNVHSMEGDAWgBTTzwiEkYpQI573
BRjun8BPGq4ZKTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzA4OEloSkdLVUNPZTl3VVk3cF9BVHhxdUdTay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZTcvY2RmZjE2LTQ1OGEtNDdjMy04ZGZhLTIzMTU0OTQwOTcyMC8x
L2YtWWFhVkJfRDJaSUVRWUI0dkZ2anBoMTJORS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZTcv
Y2RmZjE2LTQ1OGEtNDdjMy04ZGZhLTIzMTU0OTQwOTcyMC8xLzA4OEloSkdLVUNP
ZTl3VVk3cF9BVHhxdUdTay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBN
BggrBgEFBQcBBwEB/wQ+MDwwOgQCAAEwNDAMAwQALiVhAwQALiVkAwQALiVmAwQC
LiVoMAwDBAAuJW0DBAEuJXQDBAAuJXcDBAK5XCwwDQYJKoZIhvcNAQELBQADggEB
AGmeb8t5m5c4brQ4BKrrqDt1nrEJU+l7khG0SDcbZZR9UnA5v+K9cfnyZResQosg
EfFrKH5eAvEVbV9H8FEkLhV463pykFISEkwkCkBc7wyxXgtPeF2fsl8Cw0hjOcXp
S1g1JYCa6V7187glbw0f6bJd5Perfb9nPpWLS5zjR22YhCAMqD5d0EJrXuqRkwVJ
AI8lYvDMIk9yCQ6cLGO5IrqrfQEQSX/6ndLMil2t/Dmgkwvxktqffe+T6knr5fct
oRl5hSDvG7XJ+ALqABa5VRdDKxIEthvvZQEFz8LX0WImsa/7Cctjk0ubU+RuKKBL
mGxdkWmsalwHsz6+5x06McY=
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:09:34 2023 by rpki-client on console-ams.rpki-client.org