Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/9GDjSTW_UX0t1yakHCFooWliRJM.roa
File: 9GDjSTW_UX0t1yakHCFooWliRJM.roa (raw, json)
Hash identifier: Y53ymiUjlVGyFXpaR+31/92FfLOrQiGXDLB++2FLYAY=
Subject key identifier: F4:60:E3:49:35:BF:51:7D:2D:D7:26:A4:1C:21:68:A1:69:62:44:93
Certificate issuer: /CN=7d06a42bb2446e51f192ea375bdf7eec5a51c77f
Certificate serial: 03AE4D0A
Authority key identifier: 7D:06:A4:2B:B2:44:6E:51:F1:92:EA:37:5B:DF:7E:EC:5A:51:C7:7F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fQakK7JEblHxkuo3W99-7FpRx38.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/9GDjSTW_UX0t1yakHCFooWliRJM.roa
Signing time: Thu 19 May 2022 11:21:29 +0000
ROA not before: Thu 19 May 2022 11:21:29 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 394648
IP address blocks: 46.23.96.0/24 maxlen: 24
46.23.98.0/24 maxlen: 24
46.23.99.0/24 maxlen: 24
46.23.108.0/24 maxlen: 24
46.23.111.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 61754634 (0x3ae4d0a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d06a42bb2446e51f192ea375bdf7eec5a51c77f
Validity
Not Before: May 19 11:21:29 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=f460e34935bf517d2dd726a41c2168a169624493
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:17:2a:8e:72:a0:fd:d1:3d:cf:d6:45:f2:59:
a6:65:56:11:b1:e1:da:06:9b:39:b7:7f:03:8a:f3:
2a:18:e1:18:9a:8b:ad:57:c7:7b:34:92:1c:00:28:
d6:9c:57:b9:59:85:09:e4:20:78:b9:76:4a:89:01:
8c:38:13:24:97:85:85:dc:77:46:5a:f3:39:21:ab:
65:b7:4a:3f:23:01:98:a7:28:b9:6e:84:67:a6:cf:
25:b3:9b:17:48:7b:2b:ef:10:7c:fb:5c:f6:45:00:
53:e7:b8:11:8b:43:e6:34:4c:61:cc:ae:7f:c6:b3:
96:7e:61:65:3e:de:bd:dd:eb:d2:a0:90:d9:a2:f1:
f9:47:6a:0a:a2:7c:99:9d:8d:5e:41:5b:08:f4:5f:
e0:b8:ff:21:e8:1b:bc:06:cd:3e:94:54:a3:a7:05:
e7:1e:08:61:74:56:d5:72:a4:18:00:92:b7:a0:98:
3a:a1:29:85:50:a7:30:91:c2:12:7a:4b:bc:07:41:
36:8e:7e:e1:17:2d:0f:74:17:9b:a6:5e:a5:74:44:
38:78:b9:dd:b8:e1:97:3a:71:4f:b4:47:bf:c5:a5:
ac:ad:44:a9:c0:83:18:7e:d7:a9:a0:43:97:c0:6c:
23:06:43:c5:69:ed:38:c8:d9:b1:79:ea:73:d0:27:
b5:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:60:E3:49:35:BF:51:7D:2D:D7:26:A4:1C:21:68:A1:69:62:44:93
X509v3 Authority Key Identifier:
keyid:7D:06:A4:2B:B2:44:6E:51:F1:92:EA:37:5B:DF:7E:EC:5A:51:C7:7F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fQakK7JEblHxkuo3W99-7FpRx38.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/9GDjSTW_UX0t1yakHCFooWliRJM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/fQakK7JEblHxkuo3W99-7FpRx38.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.23.96.0/24
46.23.98.0/23
46.23.108.0/24
46.23.111.0/24
Signature Algorithm: sha256WithRSAEncryption
de:10:72:21:d1:7d:2a:c9:7d:9f:70:10:51:7a:35:f7:a0:c4:
72:7e:df:bb:78:93:33:9a:ab:df:31:11:d6:10:e0:77:49:b2:
04:6f:42:6a:3c:8b:bd:09:56:4a:ce:01:47:24:48:1e:57:13:
95:fd:4d:25:69:11:57:1a:3d:f8:ae:95:70:4a:c8:a5:11:90:
03:8e:64:af:00:07:80:91:b7:76:98:8c:79:81:04:dc:e4:a7:
9d:f1:39:c7:2e:51:de:e1:4a:fa:ea:e4:f9:08:17:a4:66:40:
7c:c4:9e:c4:bd:f8:c1:bf:94:7e:3e:00:7c:38:51:0a:df:1a:
e4:8b:72:f1:e1:b4:8b:19:12:8f:34:c1:0e:ed:bc:34:a7:04:
cf:c2:38:f5:21:22:d0:6c:15:3e:2f:9b:07:62:36:22:31:4f:
fa:2f:2a:45:83:8b:06:a2:88:28:03:cf:4b:db:3f:ea:c4:28:
6e:95:51:3c:b2:e9:ca:01:b8:6a:7a:f7:10:37:6f:2d:a5:44:
0e:08:6f:b4:b8:1d:27:ee:5a:b3:04:72:ec:a3:d7:3c:f8:5c:
d9:f4:03:78:f7:aa:25:f0:11:44:8e:ac:d5:22:25:db:ec:c5:
41:17:e9:10:4f:4b:32:6d:ab:23:44:44:6a:69:8f:eb:00:c3:
c5:c8:58:ea
-----BEGIN CERTIFICATE-----
MIIFATCCA+mgAwIBAgIEA65NCjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
ZDA2YTQyYmIyNDQ2ZTUxZjE5MmVhMzc1YmRmN2VlYzVhNTFjNzdmMB4XDTIyMDUx
OTExMjEyOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZjQ2MGUzNDkzNWJm
NTE3ZDJkZDcyNmE0MWMyMTY4YTE2OTYyNDQ5MzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALgXKo5yoP3RPc/WRfJZpmVWEbHh2gabObd/A4rzKhjhGJqL
rVfHezSSHAAo1pxXuVmFCeQgeLl2SokBjDgTJJeFhdx3RlrzOSGrZbdKPyMBmKco
uW6EZ6bPJbObF0h7K+8QfPtc9kUAU+e4EYtD5jRMYcyuf8azln5hZT7evd3r0qCQ
2aLx+UdqCqJ8mZ2NXkFbCPRf4Lj/IegbvAbNPpRUo6cF5x4IYXRW1XKkGACSt6CY
OqEphVCnMJHCEnpLvAdBNo5+4RctD3QXm6ZepXREOHi53bjhlzpxT7RHv8WlrK1E
qcCDGH7XqaBDl8BsIwZDxWntOMjZsXnqc9AntUECAwEAAaOCAhswggIXMB0GA1Ud
DgQWBBT0YONJNb9RfS3XJqQcIWihaWJEkzAfBgNVHSMEGDAWgBR9BqQrskRuUfGS
6jdb337sWlHHfzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2ZRYWtLN0pFYmxIeGt1bzNXOTktN0ZwUngzOC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZWMvNzgwMDJhLTRmYzAtNGRiZi04NTg1LTJjZjgwNmIyZDBmMi8x
LzlHRGpTVFdfVVgwdDF5YWtIQ0Zvb1dsaVJKTS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZWMv
NzgwMDJhLTRmYzAtNGRiZi04NTg1LTJjZjgwNmIyZDBmMi8xL2ZRYWtLN0pFYmxI
eGt1bzNXOTktN0ZwUngzOC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAx
BggrBgEFBQcBBwEB/wQiMCAwHgQCAAEwGAMEAC4XYAMEAS4XYgMEAC4XbAMEAC4X
bzANBgkqhkiG9w0BAQsFAAOCAQEA3hByIdF9Ksl9n3AQUXo196DEcn7fu3iTM5qr
3zER1hDgd0myBG9CajyLvQlWSs4BRyRIHlcTlf1NJWkRVxo9+K6VcErIpRGQA45k
rwAHgJG3dpiMeYEE3OSnnfE5xy5R3uFK+urk+QgXpGZAfMSexL34wb+Ufj4AfDhR
Ct8a5Ity8eG0ixkSjzTBDu28NKcEz8I49SEi0GwVPi+bB2I2IjFP+i8qRYOLBqKI
KAPPS9s/6sQobpVRPLLpygG4anr3EDdvLaVEDghvtLgdJ+5aswRy7KPXPPhc2fQD
ePeqJfARRI6s1SIl2+zFQRfpEE9LMm2rI0REammP6wDDxchY6g==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:09:50 2023 by rpki-client on console-ams.rpki-client.org