Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/80kPmVS1gEYaseIyu8spgeTg4k8.roa
File: 80kPmVS1gEYaseIyu8spgeTg4k8.roa (raw, json)
Hash identifier: ZQrWYs+PUYwmurdCF4O4/2SUhZzllulrJWMTTDbLLEA=
Subject key identifier: F3:49:0F:99:54:B5:80:46:1A:B1:E2:32:BB:CB:29:81:E4:E0:E2:4F
Certificate issuer: /CN=7d06a42bb2446e51f192ea375bdf7eec5a51c77f
Certificate serial: 01850A00A7AB0A8A82A7FC2A97EFEB238B2F
Authority key identifier: 7D:06:A4:2B:B2:44:6E:51:F1:92:EA:37:5B:DF:7E:EC:5A:51:C7:7F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fQakK7JEblHxkuo3W99-7FpRx38.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/80kPmVS1gEYaseIyu8spgeTg4k8.roa
Signing time: Tue 13 Dec 2022 05:41:33 +0000
ROA not before: Tue 13 Dec 2022 05:41:33 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 15723
IP address blocks: 46.23.98.0/24 maxlen: 24
46.23.96.0/24 maxlen: 24
46.23.99.0/24 maxlen: 24
46.23.111.0/24 maxlen: 24
37.128.203.0/24 maxlen: 24
37.128.202.0/24 maxlen: 24
37.128.201.0/24 maxlen: 24
88.151.192.0/24 maxlen: 24
185.81.217.0/24 maxlen: 24
185.81.216.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:0a:00:a7:ab:0a:8a:82:a7:fc:2a:97:ef:eb:23:8b:2f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d06a42bb2446e51f192ea375bdf7eec5a51c77f
Validity
Not Before: Dec 13 05:41:33 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=f3490f9954b580461ab1e232bbcb2981e4e0e24f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:a0:52:b7:d6:01:e6:2e:5c:c4:5c:14:49:5e:
35:52:56:ef:8c:7c:46:6a:60:0c:e1:e2:55:41:ec:
6b:23:be:1f:19:31:46:43:93:e1:00:3d:40:e0:cd:
4a:a6:09:63:8d:01:64:db:f7:c0:be:9a:24:21:db:
b6:4f:f2:49:81:ff:f5:41:2b:82:a4:1b:c5:84:9d:
46:4c:43:5e:79:25:ff:ea:9a:1b:09:2e:05:19:f7:
0a:63:1b:55:08:1f:8d:63:5f:24:4c:cf:a8:e5:06:
85:7e:15:31:e3:18:4e:ee:98:a4:79:8b:38:5b:c5:
6a:4f:86:c1:6d:50:11:f5:96:ae:42:91:a2:6e:a2:
4f:55:a2:fe:fd:36:6d:70:d2:56:5e:03:fc:94:df:
6d:85:08:64:76:42:d1:e5:fa:a3:f3:b3:c1:23:b3:
66:cf:1e:a6:29:57:2d:33:0c:4a:17:98:d0:f0:61:
ed:e1:57:7f:8a:15:96:be:8a:4e:61:ab:e7:7e:5c:
55:d1:2b:7d:86:d4:f1:7e:5d:a1:1b:9f:72:bd:7d:
64:88:9f:0c:de:d0:d9:70:52:ac:7d:db:a5:f8:34:
f0:7d:80:31:9f:7d:73:07:68:4d:94:46:11:55:be:
59:e3:fe:4c:76:68:d1:ac:3d:87:e4:bb:b6:f6:40:
36:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F3:49:0F:99:54:B5:80:46:1A:B1:E2:32:BB:CB:29:81:E4:E0:E2:4F
X509v3 Authority Key Identifier:
keyid:7D:06:A4:2B:B2:44:6E:51:F1:92:EA:37:5B:DF:7E:EC:5A:51:C7:7F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fQakK7JEblHxkuo3W99-7FpRx38.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/80kPmVS1gEYaseIyu8spgeTg4k8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/fQakK7JEblHxkuo3W99-7FpRx38.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.128.201.0-37.128.203.255
46.23.96.0/24
46.23.98.0/23
46.23.111.0/24
88.151.192.0/24
185.81.216.0/23
Signature Algorithm: sha256WithRSAEncryption
11:ea:7d:a3:c0:18:86:58:43:0f:2b:c3:46:ca:e8:81:3e:73:
91:5e:78:52:fd:b0:72:49:6f:ca:7d:5b:bd:f3:43:56:17:59:
71:20:28:1d:c1:69:52:2b:ed:f0:bc:63:9d:5a:c7:b2:81:4b:
3e:49:6d:da:fd:5c:49:67:1a:16:67:fd:0c:5f:32:ab:ad:08:
31:62:64:82:31:f1:80:04:de:52:e1:37:0b:b3:08:24:58:31:
0c:47:a6:ca:ca:26:6f:8a:6a:59:02:e6:0d:64:63:d8:96:55:
36:a3:1c:05:29:99:67:9c:6a:05:e2:04:47:c8:53:7f:86:31:
58:3f:36:6e:a6:dc:83:2c:c2:c7:dd:76:62:70:5f:01:e0:ea:
91:50:30:03:a8:6e:d2:40:c6:81:50:0a:33:d9:55:25:0c:db:
36:8d:f9:49:5d:94:2c:8a:3e:e9:c2:70:14:9f:7d:4c:05:86:
2c:88:32:df:16:4f:e0:60:d2:5b:fa:43:2a:20:92:d8:ff:cd:
e2:ca:9b:52:17:19:c8:7f:b8:e1:4e:41:90:76:ae:51:98:fe:
44:0b:10:b2:25:8b:7d:4d:df:2c:16:0d:13:89:00:f7:27:aa:
46:42:cd:91:c9:1f:39:90:84:27:ae:2a:a2:9a:7d:84:d9:67:
63:ca:2d:35
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgISAYUKAKerCoqCp/wql+/rI4svMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkMDZhNDJiYjI0NDZlNTFmMTkyZWEzNzViZGY3ZWVjNWE1
MWM3N2YwHhcNMjIxMjEzMDU0MTMzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMzQ5MGY5OTU0YjU4MDQ2MWFiMWUyMzJiYmNiMjk4MWU0ZTBlMjRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgKBSt9YB5i5cxFwUSV41UlbvjHxG
amAM4eJVQexrI74fGTFGQ5PhAD1A4M1KpgljjQFk2/fAvpokIdu2T/JJgf/1QSuC
pBvFhJ1GTENeeSX/6pobCS4FGfcKYxtVCB+NY18kTM+o5QaFfhUx4xhO7pikeYs4
W8VqT4bBbVAR9ZauQpGibqJPVaL+/TZtcNJWXgP8lN9thQhkdkLR5fqj87PBI7Nm
zx6mKVctMwxKF5jQ8GHt4Vd/ihWWvopOYavnflxV0St9htTxfl2hG59yvX1kiJ8M
3tDZcFKsfdul+DTwfYAxn31zB2hNlEYRVb5Z4/5MdmjRrD2H5Lu29kA27QIDAQAB
o4ICLzCCAiswHQYDVR0OBBYEFPNJD5lUtYBGGrHiMrvLKYHk4OJPMB8GA1UdIwQY
MBaAFH0GpCuyRG5R8ZLqN1vffuxaUcd/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlFha0s3SkVibEh4a3VvM1c5OS03RnBSeDM4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYy83ODAwMmEtNGZjMC00ZGJmLTg1ODUt
MmNmODA2YjJkMGYyLzEvODBrUG1WUzFnRVlhc2VJeXU4c3BnZVRnNGs4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYy83ODAwMmEtNGZjMC00ZGJmLTg1ODUtMmNmODA2YjJkMGYy
LzEvZlFha0s3SkVibEh4a3VvM1c5OS03RnBSeDM4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEUGCCsGAQUFBwEHAQH/BDYwNDAyBAIAATAsMAwDBAAlgMkD
BAIlgMgDBAAuF2ADBAEuF2IDBAAuF28DBABYl8ADBAG5UdgwDQYJKoZIhvcNAQEL
BQADggEBABHqfaPAGIZYQw8rw0bK6IE+c5FeeFL9sHJJb8p9W73zQ1YXWXEgKB3B
aVIr7fC8Y51ax7KBSz5Jbdr9XElnGhZn/QxfMqutCDFiZIIx8YAE3lLhNwuzCCRY
MQxHpsrKJm+KalkC5g1kY9iWVTajHAUpmWecagXiBEfIU3+GMVg/Nm6m3IMswsfd
dmJwXwHg6pFQMAOobtJAxoFQCjPZVSUM2zaN+UldlCyKPunCcBSffUwFhiyIMt8W
T+Bg0lv6Qyogktj/zeLKm1IXGch/uOFOQZB2rlGY/kQLELIli31N3ywWDROJAPcn
qkZCzZHJHzmQhCeuKqKafYTZZ2PKLTU=
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:09:50 2023 by rpki-client on console-ams.rpki-client.org