Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/cdff16-458a-47c3-8dfa-231549409720/1/hgjpGvBV56whO_BvOPD6EipXGmo.roa
File: hgjpGvBV56whO_BvOPD6EipXGmo.roa (raw, json)
Hash identifier: 8cJgnx8EcTS6T2Uh8mHX5fSB/7KC78B/b0vqGhgNQsc=
Subject key identifier: 86:08:E9:1A:F0:55:E7:AC:21:3B:F0:6F:38:F0:FA:12:2A:57:1A:6A
Certificate issuer: /CN=d3cf0884918a50239ef70518ee9fc04f1aae1929
Certificate serial: 0183652D78035C41B1404059A88D98280BC4
Authority key identifier: D3:CF:08:84:91:8A:50:23:9E:F7:05:18:EE:9F:C0:4F:1A:AE:19:29
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/088IhJGKUCOe9wUY7p_ATxquGSk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e7/cdff16-458a-47c3-8dfa-231549409720/1/hgjpGvBV56whO_BvOPD6EipXGmo.roa
Signing time: Thu 22 Sep 2022 12:30:22 +0000
ROA not before: Thu 22 Sep 2022 12:30:22 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 61317
IP address blocks: 46.37.100.0/24 maxlen: 24
46.37.105.0/24 maxlen: 24
46.37.102.0/24 maxlen: 24
46.37.104.0/24 maxlen: 24
46.37.110.0/24 maxlen: 24
185.92.44.0/24 maxlen: 24
46.37.107.0/24 maxlen: 24
46.37.106.0/24 maxlen: 24
185.92.47.0/24 maxlen: 24
185.92.46.0/24 maxlen: 24
46.37.116.0/24 maxlen: 24
46.37.115.0/24 maxlen: 24
46.37.119.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:65:2d:78:03:5c:41:b1:40:40:59:a8:8d:98:28:0b:c4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3cf0884918a50239ef70518ee9fc04f1aae1929
Validity
Not Before: Sep 22 12:30:22 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=8608e91af055e7ac213bf06f38f0fa122a571a6a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:08:9f:a1:22:29:b5:f1:3b:c1:db:db:b9:66:
15:85:28:18:5b:5d:f5:12:4a:e2:38:d5:da:71:35:
25:f5:a4:f5:8a:cd:0f:3a:82:0c:3f:51:aa:67:25:
92:76:87:1a:83:f8:05:b5:a6:d4:91:54:5a:45:4e:
60:ce:14:c2:b5:96:fe:7e:89:14:c8:5a:45:c2:71:
14:57:80:1d:d2:bf:7c:2a:87:bd:05:62:d9:67:bd:
cb:3f:9e:89:7a:3b:42:fc:0e:c2:c9:39:85:a0:dc:
cb:30:bb:ef:62:8f:79:06:fd:a8:3c:3d:30:95:c7:
de:ee:e8:fe:d7:6f:7f:5c:71:77:9a:18:6f:d4:4a:
3f:cd:3d:02:59:4b:67:57:29:46:02:8a:62:14:52:
0e:6b:4c:28:86:38:8f:30:af:39:a0:56:c0:cc:05:
81:d2:59:3e:6b:8b:13:c9:68:61:28:6b:2f:b7:e9:
2a:46:33:11:0a:7a:86:f5:11:3d:19:59:ea:81:36:
3d:d0:c5:66:3b:a8:d8:dd:b1:87:3a:7d:77:c4:16:
cd:f0:c4:1f:1b:05:a1:27:f5:90:9c:b8:e3:7c:57:
a2:8a:72:ff:d7:cf:cf:45:c4:7d:cd:da:0d:53:6d:
d6:67:26:b1:7d:9a:2f:41:92:1b:1e:18:1a:f0:30:
e0:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:08:E9:1A:F0:55:E7:AC:21:3B:F0:6F:38:F0:FA:12:2A:57:1A:6A
X509v3 Authority Key Identifier:
keyid:D3:CF:08:84:91:8A:50:23:9E:F7:05:18:EE:9F:C0:4F:1A:AE:19:29
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/088IhJGKUCOe9wUY7p_ATxquGSk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/cdff16-458a-47c3-8dfa-231549409720/1/hgjpGvBV56whO_BvOPD6EipXGmo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/cdff16-458a-47c3-8dfa-231549409720/1/088IhJGKUCOe9wUY7p_ATxquGSk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.37.100.0/24
46.37.102.0/24
46.37.104.0/22
46.37.110.0/24
46.37.115.0-46.37.116.255
46.37.119.0/24
185.92.44.0/24
185.92.46.0/23
Signature Algorithm: sha256WithRSAEncryption
17:51:34:db:e1:fc:4c:65:bf:c0:b9:46:12:2e:86:88:a8:8b:
4b:9f:11:dc:8c:f5:64:41:56:85:02:5a:e8:f2:36:2b:c1:1f:
3a:61:72:5c:b7:61:e1:16:2f:8e:7d:a9:6f:2c:5c:5d:99:b8:
9b:61:d5:ad:20:cb:db:d2:23:e0:f9:02:db:78:a0:42:2d:24:
f1:f4:07:eb:b7:83:6b:46:54:2e:c7:f3:9a:48:2c:11:d0:47:
97:c6:46:f4:aa:30:99:d9:16:89:5d:82:9c:1f:42:52:47:12:
c9:d1:ae:8a:93:cc:11:2d:28:8c:e6:2c:0b:97:12:1c:4b:58:
47:0f:5f:11:e3:ba:50:4a:99:ff:ec:8d:17:d4:b7:a8:f4:14:
e1:5e:7e:a8:51:9a:99:0e:9a:a0:90:9b:a6:58:e3:b6:87:6a:
09:23:b1:a7:53:59:4c:df:6c:e6:25:42:23:1b:eb:fe:7c:d8:
25:cf:bc:01:5f:f0:11:7b:86:61:68:dd:c9:01:be:fa:24:61:
e2:81:45:d9:89:14:9e:ec:81:8d:10:a6:cf:55:b2:fd:1b:3a:
0b:24:e2:ce:29:25:2f:b6:a3:70:11:7c:41:24:ec:6f:08:b6:
da:0e:64:f7:11:27:b7:17:73:7d:4e:f8:f6:1e:c4:85:87:1b:
58:1e:90:2d
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgISAYNlLXgDXEGxQEBZqI2YKAvEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzY2YwODg0OTE4YTUwMjM5ZWY3MDUxOGVlOWZjMDRmMWFh
ZTE5MjkwHhcNMjIwOTIyMTIzMDIyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NjA4ZTkxYWYwNTVlN2FjMjEzYmYwNmYzOGYwZmExMjJhNTcxYTZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgAifoSIptfE7wdvbuWYVhSgYW131
EkriONXacTUl9aT1is0POoIMP1GqZyWSdocag/gFtabUkVRaRU5gzhTCtZb+fokU
yFpFwnEUV4Ad0r98Koe9BWLZZ73LP56JejtC/A7CyTmFoNzLMLvvYo95Bv2oPD0w
lcfe7uj+129/XHF3mhhv1Eo/zT0CWUtnVylGAopiFFIOa0wohjiPMK85oFbAzAWB
0lk+a4sTyWhhKGsvt+kqRjMRCnqG9RE9GVnqgTY90MVmO6jY3bGHOn13xBbN8MQf
GwWhJ/WQnLjjfFeiinL/18/PRcR9zdoNU23WZyaxfZovQZIbHhga8DDgZQIDAQAB
o4ICOzCCAjcwHQYDVR0OBBYEFIYI6RrwVeesITvwbzjw+hIqVxpqMB8GA1UdIwQY
MBaAFNPPCISRilAjnvcFGO6fwE8arhkpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDg4SWhKR0tVQ09lOXdVWTdwX0FUeHF1R1NrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNy9jZGZmMTYtNDU4YS00N2MzLThkZmEt
MjMxNTQ5NDA5NzIwLzEvaGdqcEd2QlY1NndoT19Cdk9QRDZFaXBYR21vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNy9jZGZmMTYtNDU4YS00N2MzLThkZmEtMjMxNTQ5NDA5NzIw
LzEvMDg4SWhKR0tVQ09lOXdVWTdwX0FUeHF1R1NrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFEGCCsGAQUFBwEHAQH/BEIwQDA+BAIAATA4AwQALiVkAwQA
LiVmAwQCLiVoAwQALiVuMAwDBAAuJXMDBAAuJXQDBAAuJXcDBAC5XCwDBAG5XC4w
DQYJKoZIhvcNAQELBQADggEBABdRNNvh/Exlv8C5RhIuhoioi0ufEdyM9WRBVoUC
WujyNivBHzphcly3YeEWL459qW8sXF2ZuJth1a0gy9vSI+D5Att4oEItJPH0B+u3
g2tGVC7H85pILBHQR5fGRvSqMJnZFoldgpwfQlJHEsnRroqTzBEtKIzmLAuXEhxL
WEcPXxHjulBKmf/sjRfUt6j0FOFefqhRmpkOmqCQm6ZY47aHagkjsadTWUzfbOYl
QiMb6/582CXPvAFf8BF7hmFo3ckBvvokYeKBRdmJFJ7sgY0Qps9Vsv0bOgsk4s4p
JS+2o3ARfEEk7G8IttoOZPcRJ7cXc31O+PYexIWHG1gekC0=
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:09:34 2023 by rpki-client on console-ams.rpki-client.org