Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/0mGYlYQElSoLWA83gJUvsg4YCgo.roa
File: 0mGYlYQElSoLWA83gJUvsg4YCgo.roa (raw, json)
Hash identifier: HOFi1H+4p1/s0twQ7gyD7YJi1vXnINUwSs3hjwVax7s=
Subject key identifier: D2:61:98:95:84:04:95:2A:0B:58:0F:37:80:95:2F:B2:0E:18:0A:0A
Certificate issuer: /CN=7d06a42bb2446e51f192ea375bdf7eec5a51c77f
Certificate serial: 0182A02DA6222A1107A30ECC0501D8B102E2
Authority key identifier: 7D:06:A4:2B:B2:44:6E:51:F1:92:EA:37:5B:DF:7E:EC:5A:51:C7:7F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fQakK7JEblHxkuo3W99-7FpRx38.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/0mGYlYQElSoLWA83gJUvsg4YCgo.roa
Signing time: Mon 15 Aug 2022 06:25:22 +0000
ROA not before: Mon 15 Aug 2022 06:25:22 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 210654
IP address blocks: 46.23.100.0/24 maxlen: 24
46.23.103.0/24 maxlen: 24
46.23.102.0/24 maxlen: 24
164.215.101.0/24 maxlen: 24
46.23.101.0/24 maxlen: 24
46.23.105.0/24 maxlen: 24
46.23.104.0/24 maxlen: 24
46.23.107.0/24 maxlen: 24
46.23.106.0/24 maxlen: 24
37.128.205.0/24 maxlen: 24
37.128.204.0/24 maxlen: 24
37.128.206.0/24 maxlen: 24
37.128.207.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:a0:2d:a6:22:2a:11:07:a3:0e:cc:05:01:d8:b1:02:e2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d06a42bb2446e51f192ea375bdf7eec5a51c77f
Validity
Not Before: Aug 15 06:25:22 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d26198958404952a0b580f3780952fb20e180a0a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:e2:57:17:24:bb:c0:9e:1c:7e:0d:80:71:4d:
58:34:59:75:ce:0d:b8:1b:22:e6:62:16:f2:c2:cc:
3d:a0:29:67:63:b6:a2:04:43:9e:f0:15:1a:f6:4b:
04:31:53:63:2e:7b:7c:86:15:cb:0c:db:54:ca:de:
86:a0:5b:15:08:b1:dd:d9:3f:fa:f0:ce:3a:86:f6:
09:37:b9:ba:cd:32:c4:f2:db:78:46:26:78:8e:ab:
7a:47:97:49:a2:86:29:7e:78:f7:48:42:78:5d:4c:
d7:87:5c:be:08:16:6a:d5:3e:48:6a:b6:69:12:30:
93:de:31:66:7d:f7:23:e1:6b:9f:63:97:e5:f8:c7:
b5:26:ce:f9:b5:29:57:d0:40:93:17:2b:0e:23:28:
0a:85:6a:17:fd:3f:94:a0:eb:3d:0c:bd:4f:ef:09:
1e:7b:dd:7d:40:dd:db:9f:1c:31:46:34:37:2f:6b:
37:66:57:4e:18:09:c8:69:ae:ae:ef:c1:6c:71:b8:
ae:d0:9f:40:56:94:30:1d:b4:81:c4:7a:a6:56:8e:
61:d2:7c:bc:2a:c3:f3:d4:2f:ee:e3:9e:c7:8b:84:
4c:99:cb:33:1c:e0:c0:8c:a7:dc:41:3a:dc:42:54:
50:bd:cd:79:8a:b3:39:86:3b:56:d8:3c:1b:d3:d2:
7f:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:61:98:95:84:04:95:2A:0B:58:0F:37:80:95:2F:B2:0E:18:0A:0A
X509v3 Authority Key Identifier:
keyid:7D:06:A4:2B:B2:44:6E:51:F1:92:EA:37:5B:DF:7E:EC:5A:51:C7:7F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fQakK7JEblHxkuo3W99-7FpRx38.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/0mGYlYQElSoLWA83gJUvsg4YCgo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/fQakK7JEblHxkuo3W99-7FpRx38.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.128.204.0/22
46.23.100.0-46.23.107.255
164.215.101.0/24
Signature Algorithm: sha256WithRSAEncryption
cb:1e:a4:14:ad:24:d1:ec:b1:e2:eb:77:48:21:97:f1:dd:3a:
ca:be:2b:d9:fe:38:fa:ab:03:2c:c5:08:fa:1c:a6:32:5f:de:
79:d3:45:7e:7d:04:32:a3:71:13:0e:46:3b:59:78:57:f7:9f:
a3:02:ad:34:e4:57:89:14:c2:17:0b:db:03:36:7b:65:d8:d5:
e9:c2:fe:f6:3c:00:aa:bf:35:6e:b0:16:6b:f0:0f:7c:32:4b:
5e:3c:19:df:22:a5:44:90:87:39:78:32:4f:7a:04:8a:29:5e:
bc:9d:72:a3:93:f5:33:fb:7a:77:12:4e:55:c5:f2:e2:87:4b:
14:ed:00:ab:e6:20:62:95:36:15:64:e7:85:5d:f9:97:85:b8:
d3:9f:ec:6c:11:1d:36:14:e4:e2:57:b5:39:bf:e8:ce:30:e1:
53:a1:e0:11:b4:9a:be:df:ee:dd:63:e4:76:eb:0a:4f:c9:d7:
91:9e:29:94:cb:58:cd:c9:c8:4b:be:03:07:f2:c0:cf:15:37:
74:2b:86:01:48:e5:cc:49:bd:ad:ca:0a:dc:ee:a0:fe:e9:09:
5a:b4:13:d0:08:5d:bb:78:df:3a:26:98:0b:ad:d3:bb:9a:cb:
b9:2c:6d:fc:69:3d:ad:e6:f9:19:cf:a9:54:e4:64:cb:f6:c4:
0d:94:79:b6
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYKgLaYiKhEHow7MBQHYsQLiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkMDZhNDJiYjI0NDZlNTFmMTkyZWEzNzViZGY3ZWVjNWE1
MWM3N2YwHhcNMjIwODE1MDYyNTIyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMjYxOTg5NTg0MDQ5NTJhMGI1ODBmMzc4MDk1MmZiMjBlMTgwYTBhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAneJXFyS7wJ4cfg2AcU1YNFl1zg24
GyLmYhbywsw9oClnY7aiBEOe8BUa9ksEMVNjLnt8hhXLDNtUyt6GoFsVCLHd2T/6
8M46hvYJN7m6zTLE8tt4RiZ4jqt6R5dJooYpfnj3SEJ4XUzXh1y+CBZq1T5IarZp
EjCT3jFmffcj4WufY5fl+Me1Js75tSlX0ECTFysOIygKhWoX/T+UoOs9DL1P7wke
e919QN3bnxwxRjQ3L2s3ZldOGAnIaa6u78Fscbiu0J9AVpQwHbSBxHqmVo5h0ny8
KsPz1C/u457Hi4RMmcszHODAjKfcQTrcQlRQvc15irM5hjtW2Dwb09J/HwIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFNJhmJWEBJUqC1gPN4CVL7IOGAoKMB8GA1UdIwQY
MBaAFH0GpCuyRG5R8ZLqN1vffuxaUcd/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlFha0s3SkVibEh4a3VvM1c5OS03RnBSeDM4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYy83ODAwMmEtNGZjMC00ZGJmLTg1ODUt
MmNmODA2YjJkMGYyLzEvMG1HWWxZUUVsU29MV0E4M2dKVXZzZzRZQ2dvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYy83ODAwMmEtNGZjMC00ZGJmLTg1ODUtMmNmODA2YjJkMGYy
LzEvZlFha0s3SkVibEh4a3VvM1c5OS03RnBSeDM4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQCJYDMMAwD
BAIuF2QDBAIuF2gDBACk12UwDQYJKoZIhvcNAQELBQADggEBAMsepBStJNHsseLr
d0ghl/HdOsq+K9n+OPqrAyzFCPocpjJf3nnTRX59BDKjcRMORjtZeFf3n6MCrTTk
V4kUwhcL2wM2e2XY1enC/vY8AKq/NW6wFmvwD3wyS148Gd8ipUSQhzl4Mk96BIop
XrydcqOT9TP7encSTlXF8uKHSxTtAKvmIGKVNhVk54Vd+ZeFuNOf7GwRHTYU5OJX
tTm/6M4w4VOh4BG0mr7f7t1j5HbrCk/J15GeKZTLWM3JyEu+AwfywM8VN3QrhgFI
5cxJva3KCtzuoP7pCVq0E9AIXbt43zommAut07uay7ksbfxpPa3m+RnPqVTkZMv2
xA2UebY=
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:06:00 2023 by rpki-client on console-fra.rpki-client.org