Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/I2zjJ_ZdXeT4DIxh6ydOI5t57HM.roa
File: I2zjJ_ZdXeT4DIxh6ydOI5t57HM.roa (raw, json)
Hash identifier: 11aqC1FCNuptkcnv3rHjhQr5lolWmZ2wJKh6ZL0wvzA=
Subject key identifier: 23:6C:E3:27:F6:5D:5D:E4:F8:0C:8C:61:EB:27:4E:23:9B:79:EC:73
Certificate issuer: /CN=7d06a42bb2446e51f192ea375bdf7eec5a51c77f
Certificate serial: 01837ADF76D635414602E7E938E1ACFBCD0A
Authority key identifier: 7D:06:A4:2B:B2:44:6E:51:F1:92:EA:37:5B:DF:7E:EC:5A:51:C7:7F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fQakK7JEblHxkuo3W99-7FpRx38.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/I2zjJ_ZdXeT4DIxh6ydOI5t57HM.roa
Signing time: Mon 26 Sep 2022 17:36:48 +0000
ROA not before: Mon 26 Sep 2022 17:36:48 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 398343
IP address blocks: 46.23.98.0/24 maxlen: 24
46.23.96.0/24 maxlen: 24
46.23.99.0/24 maxlen: 24
164.215.103.0/24 maxlen: 24
46.23.111.0/24 maxlen: 24
46.23.108.0/24 maxlen: 24
88.151.195.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:7a:df:76:d6:35:41:46:02:e7:e9:38:e1:ac:fb:cd:0a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d06a42bb2446e51f192ea375bdf7eec5a51c77f
Validity
Not Before: Sep 26 17:36:48 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=236ce327f65d5de4f80c8c61eb274e239b79ec73
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:db:cb:3f:26:4b:9b:30:45:ce:8b:44:61:48:
5f:2c:14:17:67:04:47:67:8a:be:09:88:f4:2f:bf:
7f:61:b6:9e:c6:58:54:0e:0a:72:93:e8:f0:a2:7e:
1f:65:9d:ed:ef:65:b5:4a:b8:dc:c8:d7:53:4d:86:
51:42:06:ee:70:dd:f7:77:b9:f8:19:c5:58:fb:c3:
9e:5e:ba:44:59:53:28:75:d6:4d:ce:b4:1e:fa:03:
c9:92:2d:8f:32:18:8f:f6:be:43:75:8b:e6:8b:78:
90:0a:46:a6:12:c3:a8:d7:52:3b:18:1c:a1:4b:e8:
e2:82:0c:3c:8b:50:4b:d3:18:77:ad:88:a2:a6:3e:
d6:86:b3:5b:c2:4f:b9:62:1d:d4:a8:0d:ea:1c:55:
30:12:4b:1f:5f:78:b9:27:fd:10:17:20:97:61:28:
1c:2b:65:f3:3d:12:b0:30:1e:71:ea:83:30:c9:6d:
7f:77:33:d4:d7:5f:c8:ed:ea:73:46:1a:1d:08:3c:
f7:2a:8d:9d:8e:44:d1:e9:dc:3e:d4:71:3e:ba:40:
2a:16:8f:ac:cd:ae:d1:0b:4d:02:f3:08:cf:5d:ac:
0a:13:c5:0c:12:13:5d:c1:21:75:1c:26:83:7b:ac:
63:52:05:2b:01:8b:aa:c3:7b:60:fc:ad:40:15:c5:
42:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:6C:E3:27:F6:5D:5D:E4:F8:0C:8C:61:EB:27:4E:23:9B:79:EC:73
X509v3 Authority Key Identifier:
keyid:7D:06:A4:2B:B2:44:6E:51:F1:92:EA:37:5B:DF:7E:EC:5A:51:C7:7F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fQakK7JEblHxkuo3W99-7FpRx38.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/I2zjJ_ZdXeT4DIxh6ydOI5t57HM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/fQakK7JEblHxkuo3W99-7FpRx38.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.23.96.0/24
46.23.98.0/23
46.23.108.0/24
46.23.111.0/24
88.151.195.0/24
164.215.103.0/24
Signature Algorithm: sha256WithRSAEncryption
c1:cd:58:61:bf:03:ae:26:e3:cd:6e:19:0d:93:ad:25:de:ef:
9f:c7:cd:03:5d:eb:38:ab:13:3b:03:24:01:be:3f:da:eb:f2:
47:38:17:c7:e9:6f:ed:7d:56:66:1f:24:49:4d:f7:ef:aa:d6:
c5:1a:0a:d2:7d:67:83:2d:fa:26:ef:a4:7e:2f:4a:a4:79:b6:
67:a4:d1:5d:f6:0e:1b:00:8e:b2:54:db:db:c0:fe:49:49:3f:
4d:28:8d:45:c3:c1:3d:73:4a:4c:c8:e6:5b:ad:09:ec:ad:9e:
7e:68:4a:ca:c2:54:c9:87:b0:f6:74:f0:88:99:c5:62:bb:46:
10:62:95:51:8f:4b:e2:3c:92:2e:a6:24:4d:12:45:03:e3:dd:
d2:81:70:28:a0:a7:cc:c0:7c:21:43:76:bf:8c:8d:0a:07:d0:
d3:ae:52:19:35:30:ed:55:ae:19:ec:cd:f4:29:89:ed:9d:ca:
75:1c:10:6e:62:30:3a:50:6e:06:40:60:5c:6e:4d:e6:58:1f:
01:5d:5b:7a:8e:11:94:7c:a4:96:ad:b9:ed:c3:46:81:e2:96:
c4:fc:53:7c:3a:b9:4a:9d:d0:1e:81:7d:60:90:59:12:19:c0:
ce:52:67:97:9a:a8:1b:a9:9d:27:48:31:d5:7e:07:51:16:f1:
dd:f5:33:96
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYN633bWNUFGAufpOOGs+80KMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkMDZhNDJiYjI0NDZlNTFmMTkyZWEzNzViZGY3ZWVjNWE1
MWM3N2YwHhcNMjIwOTI2MTczNjQ4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMzZjZTMyN2Y2NWQ1ZGU0ZjgwYzhjNjFlYjI3NGUyMzliNzllYzczMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAntvLPyZLmzBFzotEYUhfLBQXZwRH
Z4q+CYj0L79/YbaexlhUDgpyk+jwon4fZZ3t72W1SrjcyNdTTYZRQgbucN33d7n4
GcVY+8OeXrpEWVModdZNzrQe+gPJki2PMhiP9r5DdYvmi3iQCkamEsOo11I7GByh
S+jiggw8i1BL0xh3rYiipj7WhrNbwk+5Yh3UqA3qHFUwEksfX3i5J/0QFyCXYSgc
K2XzPRKwMB5x6oMwyW1/dzPU11/I7epzRhodCDz3Ko2djkTR6dw+1HE+ukAqFo+s
za7RC00C8wjPXawKE8UMEhNdwSF1HCaDe6xjUgUrAYuqw3tg/K1AFcVC/wIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFCNs4yf2XV3k+AyMYesnTiObeexzMB8GA1UdIwQY
MBaAFH0GpCuyRG5R8ZLqN1vffuxaUcd/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlFha0s3SkVibEh4a3VvM1c5OS03RnBSeDM4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYy83ODAwMmEtNGZjMC00ZGJmLTg1ODUt
MmNmODA2YjJkMGYyLzEvSTJ6akpfWmRYZVQ0REl4aDZ5ZE9JNXQ1N0hNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYy83ODAwMmEtNGZjMC00ZGJmLTg1ODUtMmNmODA2YjJkMGYy
LzEvZlFha0s3SkVibEh4a3VvM1c5OS03RnBSeDM4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQALhdgAwQB
LhdiAwQALhdsAwQALhdvAwQAWJfDAwQApNdnMA0GCSqGSIb3DQEBCwUAA4IBAQDB
zVhhvwOuJuPNbhkNk60l3u+fx80DXes4qxM7AyQBvj/a6/JHOBfH6W/tfVZmHyRJ
TffvqtbFGgrSfWeDLfom76R+L0qkebZnpNFd9g4bAI6yVNvbwP5JST9NKI1Fw8E9
c0pMyOZbrQnsrZ5+aErKwlTJh7D2dPCImcViu0YQYpVRj0viPJIupiRNEkUD493S
gXAooKfMwHwhQ3a/jI0KB9DTrlIZNTDtVa4Z7M30KYntncp1HBBuYjA6UG4GQGBc
bk3mWB8BXVt6jhGUfKSWrbntw0aB4pbE/FN8OrlKndAegX1gkFkSGcDOUmeXmqgb
qZ0nSDHVfgdRFvHd9TOW
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:09:50 2023 by rpki-client on console-ams.rpki-client.org