Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/2uPeJW3VnaddGyevMprso8eTL5I.roa
File: 2uPeJW3VnaddGyevMprso8eTL5I.roa (raw, json)
Hash identifier: cVDknOAvb2Igcjj0XBPuCer9pls5BSReeeleWFhLkzo=
Subject key identifier: DA:E3:DE:25:6D:D5:9D:A7:5D:1B:27:AF:32:9A:EC:A3:C7:93:2F:92
Certificate issuer: /CN=7d06a42bb2446e51f192ea375bdf7eec5a51c77f
Certificate serial: 0183305A8AE269B858CF9347AC61F474945C
Authority key identifier: 7D:06:A4:2B:B2:44:6E:51:F1:92:EA:37:5B:DF:7E:EC:5A:51:C7:7F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fQakK7JEblHxkuo3W99-7FpRx38.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/2uPeJW3VnaddGyevMprso8eTL5I.roa
Signing time: Mon 12 Sep 2022 06:19:43 +0000
ROA not before: Mon 12 Sep 2022 06:19:43 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 398343
IP address blocks: 46.23.98.0/24 maxlen: 24
46.23.96.0/24 maxlen: 24
164.215.100.0/24 maxlen: 24
46.23.99.0/24 maxlen: 24
46.23.111.0/24 maxlen: 24
46.23.108.0/24 maxlen: 24
5.178.0.0/22 maxlen: 22
88.151.199.0/24 maxlen: 24
88.151.195.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:30:5a:8a:e2:69:b8:58:cf:93:47:ac:61:f4:74:94:5c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d06a42bb2446e51f192ea375bdf7eec5a51c77f
Validity
Not Before: Sep 12 06:19:43 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=dae3de256dd59da75d1b27af329aeca3c7932f92
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:2b:39:74:f3:f5:9c:74:13:ec:1d:61:c0:6d:
6e:ec:3b:91:f6:08:de:b3:2b:90:ae:5f:d3:b7:61:
51:f6:25:b9:30:1e:cf:0c:cd:f4:ce:0a:e3:2b:05:
16:53:9d:c0:86:81:e1:9c:d0:9e:de:95:24:86:7a:
61:64:8e:37:35:d4:8b:81:ba:f2:06:f1:76:75:6f:
d3:ce:f8:51:fd:2d:0f:89:19:f0:cd:d5:a4:b1:c4:
a7:31:37:6a:2a:6c:af:07:d0:8b:cb:5c:18:95:04:
06:a4:c1:45:32:a5:d6:67:a4:56:fb:db:61:46:84:
02:6c:0a:06:72:27:f9:fd:5a:a6:3b:b9:04:07:bf:
88:55:0f:e9:48:af:ba:74:45:ad:b2:c4:45:43:79:
6d:82:9e:cb:07:23:17:e1:63:cc:2b:92:29:34:85:
98:d5:9f:9c:a8:a9:80:58:0f:5d:fa:36:33:d1:e7:
3d:03:70:ed:2a:b9:0e:a5:9b:54:ba:6d:0f:bb:0e:
52:0b:a0:28:f8:70:ac:67:91:4c:fe:bb:78:cb:ef:
bd:a1:bc:08:f1:40:de:d5:c5:ee:fc:c5:93:87:4e:
eb:08:c8:c9:13:10:0f:11:b5:66:04:5a:74:a1:35:
3e:ef:46:b6:6a:f5:83:fe:53:d5:b0:af:d6:7c:b0:
48:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:E3:DE:25:6D:D5:9D:A7:5D:1B:27:AF:32:9A:EC:A3:C7:93:2F:92
X509v3 Authority Key Identifier:
keyid:7D:06:A4:2B:B2:44:6E:51:F1:92:EA:37:5B:DF:7E:EC:5A:51:C7:7F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fQakK7JEblHxkuo3W99-7FpRx38.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/2uPeJW3VnaddGyevMprso8eTL5I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/fQakK7JEblHxkuo3W99-7FpRx38.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.178.0.0/22
46.23.96.0/24
46.23.98.0/23
46.23.108.0/24
46.23.111.0/24
88.151.195.0/24
88.151.199.0/24
164.215.100.0/24
Signature Algorithm: sha256WithRSAEncryption
25:ec:66:4c:e4:6a:23:85:32:81:e1:d5:95:a5:75:77:9f:88:
76:71:3d:f1:5e:2c:cd:70:28:50:d5:99:77:a5:40:97:f1:33:
22:5a:f5:c2:78:bc:48:17:55:1e:5f:e5:fe:18:1e:ec:0b:9a:
90:41:26:f9:dc:f7:7f:4d:6f:c8:aa:1c:2b:27:fb:78:bc:3c:
db:df:ad:cb:7d:ee:9c:1d:4f:85:6f:b0:0b:2d:ac:79:dd:7f:
91:9e:29:a6:24:a1:e3:53:b7:91:70:f6:82:5b:7e:15:e7:d6:
05:cc:56:c4:93:46:a2:b0:1c:24:68:46:b4:65:cb:b5:2e:78:
db:6b:ce:36:65:0f:85:69:65:39:58:58:a3:e4:51:cc:46:cf:
f0:26:a7:c6:ac:e4:2a:d2:30:f7:45:6b:6d:85:82:c6:1b:cb:
e9:a1:67:5b:0a:99:76:71:b1:fc:35:c8:1a:da:c7:64:2d:3b:
33:29:57:85:e0:20:d2:fb:7d:12:c1:f2:31:84:33:46:6f:8f:
ab:0b:70:71:41:fa:f4:7a:1c:a0:34:73:a4:f8:66:76:6a:dd:
51:00:0b:76:45:57:2a:74:e4:ff:bb:95:9a:fd:c6:10:51:7e:
35:50:2c:a3:f0:01:36:9b:fb:68:d6:e8:91:49:95:1f:ea:9d:
5f:69:02:02
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAYMwWoriabhYz5NHrGH0dJRcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkMDZhNDJiYjI0NDZlNTFmMTkyZWEzNzViZGY3ZWVjNWE1
MWM3N2YwHhcNMjIwOTEyMDYxOTQzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYWUzZGUyNTZkZDU5ZGE3NWQxYjI3YWYzMjlhZWNhM2M3OTMyZjkyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiis5dPP1nHQT7B1hwG1u7DuR9gje
syuQrl/Tt2FR9iW5MB7PDM30zgrjKwUWU53AhoHhnNCe3pUkhnphZI43NdSLgbry
BvF2dW/TzvhR/S0PiRnwzdWkscSnMTdqKmyvB9CLy1wYlQQGpMFFMqXWZ6RW+9th
RoQCbAoGcif5/VqmO7kEB7+IVQ/pSK+6dEWtssRFQ3ltgp7LByMX4WPMK5IpNIWY
1Z+cqKmAWA9d+jYz0ec9A3DtKrkOpZtUum0Puw5SC6Ao+HCsZ5FM/rt4y++9obwI
8UDe1cXu/MWTh07rCMjJExAPEbVmBFp0oTU+70a2avWD/lPVsK/WfLBITwIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFNrj3iVt1Z2nXRsnrzKa7KPHky+SMB8GA1UdIwQY
MBaAFH0GpCuyRG5R8ZLqN1vffuxaUcd/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlFha0s3SkVibEh4a3VvM1c5OS03RnBSeDM4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYy83ODAwMmEtNGZjMC00ZGJmLTg1ODUt
MmNmODA2YjJkMGYyLzEvMnVQZUpXM1ZuYWRkR3lldk1wcnNvOGVUTDVJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYy83ODAwMmEtNGZjMC00ZGJmLTg1ODUtMmNmODA2YjJkMGYy
LzEvZlFha0s3SkVibEh4a3VvM1c5OS03RnBSeDM4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQCBbIAAwQA
LhdgAwQBLhdiAwQALhdsAwQALhdvAwQAWJfDAwQAWJfHAwQApNdkMA0GCSqGSIb3
DQEBCwUAA4IBAQAl7GZM5GojhTKB4dWVpXV3n4h2cT3xXizNcChQ1Zl3pUCX8TMi
WvXCeLxIF1UeX+X+GB7sC5qQQSb53Pd/TW/IqhwrJ/t4vDzb363Lfe6cHU+Fb7AL
Lax53X+RnimmJKHjU7eRcPaCW34V59YFzFbEk0aisBwkaEa0Zcu1Lnjba842ZQ+F
aWU5WFij5FHMRs/wJqfGrOQq0jD3RWtthYLGG8vpoWdbCpl2cbH8Ncga2sdkLTsz
KVeF4CDS+30SwfIxhDNGb4+rC3BxQfr0ehygNHOk+GZ2at1RAAt2RVcqdOT/u5Wa
/cYQUX41UCyj8AE2m/to1uiRSZUf6p1faQIC
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:06:00 2023 by rpki-client on console-fra.rpki-client.org