Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/5QZXrmIuz-aETCfH7cwcvyQ9XlE.roa
File: 5QZXrmIuz-aETCfH7cwcvyQ9XlE.roa (raw, json)
Hash identifier: CFBgwRiV7IGz4k99inxCKai+SjndnYrS1FoTCiaoxk4=
Subject key identifier: E5:06:57:AE:62:2E:CF:E6:84:4C:27:C7:ED:CC:1C:BF:24:3D:5E:51
Certificate issuer: /CN=7d06a42bb2446e51f192ea375bdf7eec5a51c77f
Certificate serial: 0181FC3487C26FA9A856295A5AD74CFCA561
Authority key identifier: 7D:06:A4:2B:B2:44:6E:51:F1:92:EA:37:5B:DF:7E:EC:5A:51:C7:7F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fQakK7JEblHxkuo3W99-7FpRx38.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/5QZXrmIuz-aETCfH7cwcvyQ9XlE.roa
Signing time: Thu 14 Jul 2022 10:15:09 +0000
ROA not before: Thu 14 Jul 2022 10:15:09 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 398343
IP address blocks: 46.23.98.0/24 maxlen: 24
46.23.96.0/24 maxlen: 24
164.215.100.0/24 maxlen: 24
46.23.99.0/24 maxlen: 24
85.158.148.0/22 maxlen: 22
85.158.146.0/24 maxlen: 24
46.23.111.0/24 maxlen: 24
46.23.108.0/24 maxlen: 24
185.81.216.0/22 maxlen: 22
88.151.195.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:81:fc:34:87:c2:6f:a9:a8:56:29:5a:5a:d7:4c:fc:a5:61
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d06a42bb2446e51f192ea375bdf7eec5a51c77f
Validity
Not Before: Jul 14 10:15:09 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=e50657ae622ecfe6844c27c7edcc1cbf243d5e51
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:35:4f:21:e7:d2:96:98:86:cc:e0:bb:4a:2d:
78:04:2f:14:07:01:27:74:6a:21:ad:39:bb:03:73:
66:3e:95:0a:30:10:98:c4:2a:60:43:8b:4c:55:b6:
2a:e0:72:be:e3:7b:80:92:14:4e:84:e0:a3:5e:fa:
6c:23:c4:bc:75:5b:90:1a:82:79:62:92:d3:f1:ea:
39:b7:c2:f2:d5:f5:21:7f:10:fc:c0:24:50:be:20:
8b:74:91:a3:6a:e2:4d:a9:c8:e2:81:8a:2e:e5:aa:
08:e2:a0:e3:94:04:e2:7e:76:ca:7c:91:c6:f7:e7:
c6:9e:ad:e6:17:40:78:cd:6a:a6:62:bc:1c:cc:d6:
c1:36:03:e9:b4:a1:84:93:e9:41:05:5b:76:bc:25:
81:0f:53:bc:60:93:38:7b:2f:7d:b8:4f:b1:3e:b6:
38:94:2e:27:65:19:00:f1:f2:d1:33:b4:c5:f0:62:
f5:ea:50:ce:db:eb:20:89:67:0a:ff:b7:5a:7c:4a:
60:ae:ca:ca:29:cc:cf:8a:ae:f0:9e:1c:cb:db:a6:
72:6c:03:bb:84:24:a2:27:16:b1:ed:65:48:39:bf:
71:36:4d:4b:55:6e:ab:cb:5d:bc:34:77:6a:67:40:
cc:cb:20:49:5b:15:71:92:52:a2:9a:d5:1c:8c:2a:
57:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E5:06:57:AE:62:2E:CF:E6:84:4C:27:C7:ED:CC:1C:BF:24:3D:5E:51
X509v3 Authority Key Identifier:
keyid:7D:06:A4:2B:B2:44:6E:51:F1:92:EA:37:5B:DF:7E:EC:5A:51:C7:7F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fQakK7JEblHxkuo3W99-7FpRx38.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/5QZXrmIuz-aETCfH7cwcvyQ9XlE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/fQakK7JEblHxkuo3W99-7FpRx38.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.23.96.0/24
46.23.98.0/23
46.23.108.0/24
46.23.111.0/24
85.158.146.0/24
85.158.148.0/22
88.151.195.0/24
164.215.100.0/24
185.81.216.0/22
Signature Algorithm: sha256WithRSAEncryption
de:23:74:69:c1:0e:0b:29:3e:7f:2a:cd:72:9f:35:28:02:98:
e7:90:6a:bd:9c:56:b5:97:64:f8:78:17:7d:25:10:75:18:b4:
55:33:ed:01:75:ec:8e:58:94:3f:01:7c:9b:ce:ae:a7:14:aa:
15:2c:03:45:72:0f:b0:ff:b7:fb:46:80:f4:1e:17:61:6f:82:
af:8a:a1:97:08:c3:df:97:b7:a9:b3:d5:6d:48:bd:26:18:b7:
7a:57:02:74:2b:52:49:c3:0a:1e:b8:56:bc:a5:be:95:6d:b7:
67:6c:24:cc:ef:94:90:df:9d:ac:70:ab:43:59:e3:42:0c:39:
bd:ff:d5:5f:3b:74:e1:de:07:aa:e2:d5:2c:f0:f2:4a:78:c8:
a0:4f:85:ec:5e:e5:01:24:3f:70:08:6e:04:65:59:7a:18:40:
11:8d:07:b3:5c:dc:0a:18:ac:32:4e:86:23:1a:32:3e:a1:28:
34:b8:b7:74:e2:ea:02:05:1b:b7:b0:98:b6:69:ff:88:7b:e7:
9a:9d:af:74:ff:10:98:49:39:03:da:30:87:3e:0e:ab:1c:5f:
bd:18:36:2e:25:fb:f8:84:20:1f:c9:9c:d5:77:7d:e5:34:98:
6c:eb:09:01:3a:d2:1c:26:f4:4d:88:f4:29:5b:ab:b8:58:86:
cc:ed:d6:62
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAYH8NIfCb6moVilaWtdM/KVhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkMDZhNDJiYjI0NDZlNTFmMTkyZWEzNzViZGY3ZWVjNWE1
MWM3N2YwHhcNMjIwNzE0MTAxNTA5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNTA2NTdhZTYyMmVjZmU2ODQ0YzI3YzdlZGNjMWNiZjI0M2Q1ZTUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5TVPIefSlpiGzOC7Si14BC8UBwEn
dGohrTm7A3NmPpUKMBCYxCpgQ4tMVbYq4HK+43uAkhROhOCjXvpsI8S8dVuQGoJ5
YpLT8eo5t8Ly1fUhfxD8wCRQviCLdJGjauJNqcjigYou5aoI4qDjlATifnbKfJHG
9+fGnq3mF0B4zWqmYrwczNbBNgPptKGEk+lBBVt2vCWBD1O8YJM4ey99uE+xPrY4
lC4nZRkA8fLRM7TF8GL16lDO2+sgiWcK/7dafEpgrsrKKczPiq7wnhzL26ZybAO7
hCSiJxax7WVIOb9xNk1LVW6ry128NHdqZ0DMyyBJWxVxklKimtUcjCpX+QIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFOUGV65iLs/mhEwnx+3MHL8kPV5RMB8GA1UdIwQY
MBaAFH0GpCuyRG5R8ZLqN1vffuxaUcd/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlFha0s3SkVibEh4a3VvM1c5OS03RnBSeDM4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYy83ODAwMmEtNGZjMC00ZGJmLTg1ODUt
MmNmODA2YjJkMGYyLzEvNVFaWHJtSXV6LWFFVENmSDdjd2N2eVE5WGxFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYy83ODAwMmEtNGZjMC00ZGJmLTg1ODUtMmNmODA2YjJkMGYy
LzEvZlFha0s3SkVibEh4a3VvM1c5OS03RnBSeDM4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAATA2AwQALhdgAwQB
LhdiAwQALhdsAwQALhdvAwQAVZ6SAwQCVZ6UAwQAWJfDAwQApNdkAwQCuVHYMA0G
CSqGSIb3DQEBCwUAA4IBAQDeI3RpwQ4LKT5/Ks1ynzUoApjnkGq9nFa1l2T4eBd9
JRB1GLRVM+0BdeyOWJQ/AXybzq6nFKoVLANFcg+w/7f7RoD0Hhdhb4KviqGXCMPf
l7eps9VtSL0mGLd6VwJ0K1JJwwoeuFa8pb6VbbdnbCTM75SQ352scKtDWeNCDDm9
/9VfO3Th3geq4tUs8PJKeMigT4XsXuUBJD9wCG4EZVl6GEARjQezXNwKGKwyToYj
GjI+oSg0uLd04uoCBRu3sJi2af+Ie+eana90/xCYSTkD2jCHPg6rHF+9GDYuJfv4
hCAfyZzVd33lNJhs6wkBOtIcJvRNiPQpW6u4WIbM7dZi
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:09:50 2023 by rpki-client on console-ams.rpki-client.org