Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/Nd7rqChe3ylbgCwU7S2nwqKVgEk.roa
File: Nd7rqChe3ylbgCwU7S2nwqKVgEk.roa (raw, json)
Hash identifier: zyXWi3mwKOL8Uo8lvV55elPbvzic7YO8jjTrXwptOD8=
Subject key identifier: 35:DE:EB:A8:28:5E:DF:29:5B:80:2C:14:ED:2D:A7:C2:A2:95:80:49
Certificate issuer: /CN=7d06a42bb2446e51f192ea375bdf7eec5a51c77f
Certificate serial: 01834524B23D4BF90F5442BC38876C096E18
Authority key identifier: 7D:06:A4:2B:B2:44:6E:51:F1:92:EA:37:5B:DF:7E:EC:5A:51:C7:7F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fQakK7JEblHxkuo3W99-7FpRx38.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/Nd7rqChe3ylbgCwU7S2nwqKVgEk.roa
Signing time: Fri 16 Sep 2022 07:12:56 +0000
ROA not before: Fri 16 Sep 2022 07:12:56 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 398343
IP address blocks: 46.23.98.0/24 maxlen: 24
46.23.96.0/24 maxlen: 24
46.23.99.0/24 maxlen: 24
164.215.103.0/24 maxlen: 24
46.23.111.0/24 maxlen: 24
46.23.108.0/24 maxlen: 24
5.178.0.0/22 maxlen: 22
88.151.195.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:45:24:b2:3d:4b:f9:0f:54:42:bc:38:87:6c:09:6e:18
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d06a42bb2446e51f192ea375bdf7eec5a51c77f
Validity
Not Before: Sep 16 07:12:56 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=35deeba8285edf295b802c14ed2da7c2a2958049
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:8a:f5:02:6a:d9:9a:ef:10:60:77:b7:ea:82:
80:74:98:77:2c:61:ce:3e:da:b1:08:ca:c7:c9:ed:
cc:6c:94:30:23:cc:8c:81:e3:c6:c6:d0:35:63:02:
3b:23:a3:a5:8a:f2:fb:6b:90:4d:86:c4:8c:31:30:
42:de:14:5e:ed:5c:da:f5:ec:54:25:58:e5:ef:4f:
a7:21:6e:b7:78:b9:d5:6f:24:f1:d9:ea:d7:c3:f4:
ae:34:5b:f6:a1:7a:49:b1:94:9a:c4:63:88:28:90:
c0:9b:fb:3c:91:e1:91:c2:2a:b6:d0:b5:cd:a4:55:
0d:17:de:8f:ad:26:a7:95:b1:1d:bd:34:f2:e2:51:
c1:20:88:da:4d:58:bc:d5:65:b0:18:41:d7:bc:6f:
80:9c:82:f2:5d:c1:d7:1f:58:75:bf:72:d4:79:57:
b1:23:47:c9:2e:8b:db:f6:8d:ac:ff:99:2f:fe:0e:
08:86:ad:b5:2c:04:d4:1d:ff:cf:c7:cb:fe:45:99:
b2:2f:7a:58:03:39:f8:96:82:71:73:0c:2d:c3:e5:
eb:a9:e8:50:88:2d:eb:8c:b3:a2:db:76:83:9b:e0:
2e:e9:f2:47:c4:2d:c4:3a:b4:b5:d1:b1:6c:49:a4:
75:19:c6:e8:d2:f4:de:ec:b2:4a:09:77:28:38:41:
31:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:DE:EB:A8:28:5E:DF:29:5B:80:2C:14:ED:2D:A7:C2:A2:95:80:49
X509v3 Authority Key Identifier:
keyid:7D:06:A4:2B:B2:44:6E:51:F1:92:EA:37:5B:DF:7E:EC:5A:51:C7:7F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fQakK7JEblHxkuo3W99-7FpRx38.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/Nd7rqChe3ylbgCwU7S2nwqKVgEk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/fQakK7JEblHxkuo3W99-7FpRx38.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.178.0.0/22
46.23.96.0/24
46.23.98.0/23
46.23.108.0/24
46.23.111.0/24
88.151.195.0/24
164.215.103.0/24
Signature Algorithm: sha256WithRSAEncryption
52:9c:93:ca:dd:a7:db:52:77:30:a6:31:3b:5d:a8:86:01:24:
16:f4:0d:96:6d:df:75:8e:7a:e5:65:5f:65:32:87:b5:34:f0:
45:02:39:f2:77:ba:8a:4a:f6:27:1d:a8:eb:00:fc:fb:a1:22:
ce:48:3f:77:47:1c:e0:85:fa:50:46:fc:bc:64:f8:7a:0b:8b:
c4:1f:96:a5:ab:15:e7:43:60:66:88:ff:19:0a:4d:db:c5:66:
03:c7:e5:5d:ec:43:d4:2b:fa:fc:f8:81:d8:31:80:6e:47:e7:
01:e0:8f:e1:1e:9f:06:1a:29:6f:b4:a7:ab:33:10:f4:a7:af:
1f:c0:f4:af:c7:ab:b9:f9:db:2d:09:cf:90:ec:ad:81:88:8c:
7c:d2:a0:7a:c9:ba:a3:d4:9d:76:52:3f:05:eb:10:53:b6:2e:
08:ef:d1:f0:a2:02:fc:45:0d:95:0b:38:d5:14:15:6a:34:89:
f2:79:45:37:d6:34:7a:01:02:54:04:ae:cd:4b:1c:1b:e4:04:
ba:e8:2a:3f:0f:df:7f:d2:93:7c:df:30:c3:05:4c:9c:2c:f8:
e9:bc:c6:cb:09:e6:8e:6e:71:fa:1c:b3:96:4d:0d:5f:39:d6:
fc:56:d9:c5:4a:43:58:c2:af:5f:ba:3d:5a:d5:d4:de:74:3a:
69:11:88:c8
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAYNFJLI9S/kPVEK8OIdsCW4YMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkMDZhNDJiYjI0NDZlNTFmMTkyZWEzNzViZGY3ZWVjNWE1
MWM3N2YwHhcNMjIwOTE2MDcxMjU2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNWRlZWJhODI4NWVkZjI5NWI4MDJjMTRlZDJkYTdjMmEyOTU4MDQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp4r1AmrZmu8QYHe36oKAdJh3LGHO
PtqxCMrHye3MbJQwI8yMgePGxtA1YwI7I6OlivL7a5BNhsSMMTBC3hRe7Vza9exU
JVjl70+nIW63eLnVbyTx2erXw/SuNFv2oXpJsZSaxGOIKJDAm/s8keGRwiq20LXN
pFUNF96PrSanlbEdvTTy4lHBIIjaTVi81WWwGEHXvG+AnILyXcHXH1h1v3LUeVex
I0fJLovb9o2s/5kv/g4Ihq21LATUHf/Px8v+RZmyL3pYAzn4loJxcwwtw+XrqehQ
iC3rjLOi23aDm+Au6fJHxC3EOrS10bFsSaR1Gcbo0vTe7LJKCXcoOEExiQIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFDXe66goXt8pW4AsFO0tp8KilYBJMB8GA1UdIwQY
MBaAFH0GpCuyRG5R8ZLqN1vffuxaUcd/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlFha0s3SkVibEh4a3VvM1c5OS03RnBSeDM4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYy83ODAwMmEtNGZjMC00ZGJmLTg1ODUt
MmNmODA2YjJkMGYyLzEvTmQ3cnFDaGUzeWxiZ0N3VTdTMm53cUtWZ0VrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYy83ODAwMmEtNGZjMC00ZGJmLTg1ODUtMmNmODA2YjJkMGYy
LzEvZlFha0s3SkVibEh4a3VvM1c5OS03RnBSeDM4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQCBbIAAwQA
LhdgAwQBLhdiAwQALhdsAwQALhdvAwQAWJfDAwQApNdnMA0GCSqGSIb3DQEBCwUA
A4IBAQBSnJPK3afbUncwpjE7XaiGASQW9A2Wbd91jnrlZV9lMoe1NPBFAjnyd7qK
SvYnHajrAPz7oSLOSD93RxzghfpQRvy8ZPh6C4vEH5alqxXnQ2BmiP8ZCk3bxWYD
x+Vd7EPUK/r8+IHYMYBuR+cB4I/hHp8GGilvtKerMxD0p68fwPSvx6u5+dstCc+Q
7K2BiIx80qB6ybqj1J12Uj8F6xBTti4I79HwogL8RQ2VCzjVFBVqNInyeUU31jR6
AQJUBK7NSxwb5AS66Co/D99/0pN83zDDBUycLPjpvMbLCeaObnH6HLOWTQ1fOdb8
VtnFSkNYwq9fuj1a1dTedDppEYjI
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:09:50 2023 by rpki-client on console-ams.rpki-client.org