Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/cdff16-458a-47c3-8dfa-231549409720/1/lbzYXsavuSI5m8gW_j9I1-QfLhM.roa
File: lbzYXsavuSI5m8gW_j9I1-QfLhM.roa (raw, json)
Hash identifier: 4FtwX573TjKduJ7Di8CPHczs2lBc322eT9RV9PWqzss=
Subject key identifier: 95:BC:D8:5E:C6:AF:B9:22:39:9B:C8:16:FE:3F:48:D7:E4:1F:2E:13
Certificate issuer: /CN=d3cf0884918a50239ef70518ee9fc04f1aae1929
Certificate serial: 01828DF07DB5E64318EC5BF0E2C1ADB52EE4
Authority key identifier: D3:CF:08:84:91:8A:50:23:9E:F7:05:18:EE:9F:C0:4F:1A:AE:19:29
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/088IhJGKUCOe9wUY7p_ATxquGSk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e7/cdff16-458a-47c3-8dfa-231549409720/1/lbzYXsavuSI5m8gW_j9I1-QfLhM.roa
Signing time: Thu 11 Aug 2022 17:25:24 +0000
ROA not before: Thu 11 Aug 2022 17:25:24 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 61317
IP address blocks: 46.37.97.0/24 maxlen: 24
46.37.100.0/24 maxlen: 24
46.37.105.0/24 maxlen: 24
46.37.102.0/24 maxlen: 24
46.37.104.0/24 maxlen: 24
46.37.110.0/24 maxlen: 24
185.92.44.0/24 maxlen: 24
46.37.107.0/24 maxlen: 24
46.37.106.0/24 maxlen: 24
185.92.47.0/24 maxlen: 24
185.92.46.0/24 maxlen: 24
46.37.116.0/24 maxlen: 24
46.37.115.0/24 maxlen: 24
46.37.119.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:8d:f0:7d:b5:e6:43:18:ec:5b:f0:e2:c1:ad:b5:2e:e4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3cf0884918a50239ef70518ee9fc04f1aae1929
Validity
Not Before: Aug 11 17:25:24 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=95bcd85ec6afb922399bc816fe3f48d7e41f2e13
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:56:7a:17:23:f0:5a:d8:02:82:69:04:c9:ec:
6a:7d:95:31:1b:14:4b:7f:a7:94:dc:41:40:2d:ab:
e9:e9:b7:93:7d:62:a7:91:91:fa:ab:e6:ca:49:90:
13:56:a0:d5:14:5b:e9:10:ad:69:42:d7:95:3f:25:
fb:b2:4d:b9:dd:ac:aa:92:54:cd:20:82:c8:41:a6:
50:dc:bc:99:6d:c0:89:47:2e:1c:68:39:7e:30:6a:
5a:80:3e:bf:1b:50:b0:1c:95:12:1c:9e:fe:07:68:
10:9f:26:bd:ea:fe:ca:16:47:4e:f2:70:de:5e:a9:
63:0b:99:9e:24:d0:92:86:c5:07:86:f9:5e:cb:48:
4c:a9:f6:5e:6f:ee:ae:22:c3:47:0c:d3:da:74:00:
6a:a4:4c:1f:b4:11:68:2e:b9:96:7b:12:fe:b8:c5:
6a:62:92:27:84:1d:a7:72:fc:15:3e:45:c5:f5:ad:
9f:46:f8:b1:e1:64:2d:7f:84:e7:99:d2:8a:b2:d8:
13:ff:3d:30:56:64:8b:3d:22:10:70:f2:67:ad:0a:
f0:76:de:3a:f3:1f:b4:9b:c8:36:3e:93:35:bb:a6:
d0:90:6e:b1:0d:57:3c:d7:e9:1e:2c:d5:b2:9f:f6:
d0:69:c9:9a:27:60:c6:4d:96:3f:34:2f:b7:a7:26:
af:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:BC:D8:5E:C6:AF:B9:22:39:9B:C8:16:FE:3F:48:D7:E4:1F:2E:13
X509v3 Authority Key Identifier:
keyid:D3:CF:08:84:91:8A:50:23:9E:F7:05:18:EE:9F:C0:4F:1A:AE:19:29
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/088IhJGKUCOe9wUY7p_ATxquGSk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/cdff16-458a-47c3-8dfa-231549409720/1/lbzYXsavuSI5m8gW_j9I1-QfLhM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/cdff16-458a-47c3-8dfa-231549409720/1/088IhJGKUCOe9wUY7p_ATxquGSk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.37.97.0/24
46.37.100.0/24
46.37.102.0/24
46.37.104.0/22
46.37.110.0/24
46.37.115.0-46.37.116.255
46.37.119.0/24
185.92.44.0/24
185.92.46.0/23
Signature Algorithm: sha256WithRSAEncryption
4b:f7:4c:e4:1a:3a:d9:42:f1:77:58:56:12:6b:9d:2f:32:c7:
c0:18:ad:15:1c:08:63:8f:3b:b1:cb:bb:b1:8f:38:36:b5:60:
81:2b:fd:43:7e:57:cb:93:94:ab:65:5d:c6:06:45:23:0b:8b:
20:5d:b9:3f:5f:38:95:74:33:c8:8d:ac:d0:b7:ed:db:8e:7a:
76:12:b9:ef:5d:90:c0:7e:f7:fa:2d:8f:66:4e:cd:2c:98:48:
d1:de:65:5f:a0:42:cc:24:d6:c9:22:e8:e1:37:50:e4:0b:54:
09:44:8a:04:9d:c0:c2:51:26:1a:e0:23:2a:4e:ef:96:62:47:
9c:af:cc:fd:07:04:e4:b4:3e:c2:dd:b2:da:d9:62:8e:6f:db:
02:bf:43:84:f5:23:7c:a3:fd:40:04:15:b9:15:b6:77:93:ce:
2f:f4:f0:08:51:91:2d:1f:15:0f:3a:b9:0e:ed:b7:20:75:36:
46:34:00:fc:cf:05:5e:95:bb:0c:b0:ae:a7:81:7c:a5:e6:67:
05:6e:34:33:53:ff:6d:16:a0:06:dd:5a:82:35:53:a7:dc:10:
f9:62:9f:06:10:41:29:fd:89:41:89:f1:bd:fb:b6:62:bd:e9:
e2:ab:7f:59:1c:07:15:45:18:b7:a4:cf:cc:0d:34:29:7a:60:
fc:d9:34:33
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgISAYKN8H215kMY7Fvw4sGttS7kMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzY2YwODg0OTE4YTUwMjM5ZWY3MDUxOGVlOWZjMDRmMWFh
ZTE5MjkwHhcNMjIwODExMTcyNTI0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NWJjZDg1ZWM2YWZiOTIyMzk5YmM4MTZmZTNmNDhkN2U0MWYyZTEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmlZ6FyPwWtgCgmkEyexqfZUxGxRL
f6eU3EFALavp6beTfWKnkZH6q+bKSZATVqDVFFvpEK1pQteVPyX7sk253ayqklTN
IILIQaZQ3LyZbcCJRy4caDl+MGpagD6/G1CwHJUSHJ7+B2gQnya96v7KFkdO8nDe
XqljC5meJNCShsUHhvley0hMqfZeb+6uIsNHDNPadABqpEwftBFoLrmWexL+uMVq
YpInhB2ncvwVPkXF9a2fRvix4WQtf4TnmdKKstgT/z0wVmSLPSIQcPJnrQrwdt46
8x+0m8g2PpM1u6bQkG6xDVc81+keLNWyn/bQacmaJ2DGTZY/NC+3pyaviwIDAQAB
o4ICQTCCAj0wHQYDVR0OBBYEFJW82F7Gr7kiOZvIFv4/SNfkHy4TMB8GA1UdIwQY
MBaAFNPPCISRilAjnvcFGO6fwE8arhkpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDg4SWhKR0tVQ09lOXdVWTdwX0FUeHF1R1NrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNy9jZGZmMTYtNDU4YS00N2MzLThkZmEt
MjMxNTQ5NDA5NzIwLzEvbGJ6WVhzYXZ1U0k1bThnV19qOUkxLVFmTGhNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNy9jZGZmMTYtNDU4YS00N2MzLThkZmEtMjMxNTQ5NDA5NzIw
LzEvMDg4SWhKR0tVQ09lOXdVWTdwX0FUeHF1R1NrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFcGCCsGAQUFBwEHAQH/BEgwRjBEBAIAATA+AwQALiVhAwQA
LiVkAwQALiVmAwQCLiVoAwQALiVuMAwDBAAuJXMDBAAuJXQDBAAuJXcDBAC5XCwD
BAG5XC4wDQYJKoZIhvcNAQELBQADggEBAEv3TOQaOtlC8XdYVhJrnS8yx8AYrRUc
CGOPO7HLu7GPODa1YIEr/UN+V8uTlKtlXcYGRSMLiyBduT9fOJV0M8iNrNC37duO
enYSue9dkMB+9/otj2ZOzSyYSNHeZV+gQswk1ski6OE3UOQLVAlEigSdwMJRJhrg
IypO75ZiR5yvzP0HBOS0PsLdstrZYo5v2wK/Q4T1I3yj/UAEFbkVtneTzi/08AhR
kS0fFQ86uQ7ttyB1NkY0APzPBV6VuwywrqeBfKXmZwVuNDNT/20WoAbdWoI1U6fc
EPlinwYQQSn9iUGJ8b37tmK96eKrf1kcBxVFGLekz8wNNCl6YPzZNDM=
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:09:35 2023 by rpki-client on console-ams.rpki-client.org