Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/Ouc4Hv4H6aP9oN4AkzZAlMeA60E.roa
File: Ouc4Hv4H6aP9oN4AkzZAlMeA60E.roa (raw, json)
Hash identifier: Knb8TiAuP+soEfB9Bux6h6vDx39Q8reCWFPkOyDQBk8=
Subject key identifier: 3A:E7:38:1E:FE:07:E9:A3:FD:A0:DE:00:93:36:40:94:C7:80:EB:41
Certificate issuer: /CN=7d06a42bb2446e51f192ea375bdf7eec5a51c77f
Certificate serial: 0182F95301188E38916704F9D03737B1BC46
Authority key identifier: 7D:06:A4:2B:B2:44:6E:51:F1:92:EA:37:5B:DF:7E:EC:5A:51:C7:7F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fQakK7JEblHxkuo3W99-7FpRx38.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/Ouc4Hv4H6aP9oN4AkzZAlMeA60E.roa
Signing time: Thu 01 Sep 2022 13:52:22 +0000
ROA not before: Thu 01 Sep 2022 13:52:22 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 398343
IP address blocks: 46.23.98.0/24 maxlen: 24
46.23.96.0/24 maxlen: 24
164.215.100.0/24 maxlen: 24
46.23.99.0/24 maxlen: 24
46.23.111.0/24 maxlen: 24
46.23.108.0/24 maxlen: 24
5.178.0.0/22 maxlen: 22
185.81.216.0/22 maxlen: 22
88.151.199.0/24 maxlen: 24
88.151.195.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:f9:53:01:18:8e:38:91:67:04:f9:d0:37:37:b1:bc:46
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d06a42bb2446e51f192ea375bdf7eec5a51c77f
Validity
Not Before: Sep 1 13:52:22 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=3ae7381efe07e9a3fda0de0093364094c780eb41
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:17:74:79:01:9a:4a:b3:fc:58:ec:7a:65:cf:
3c:a4:54:45:48:c6:b0:f4:2d:42:a8:34:67:20:19:
a8:21:ea:57:c7:b3:09:9d:52:39:5d:20:ee:75:79:
5a:07:a2:0b:14:35:33:29:1a:ed:e2:f2:7a:85:7c:
e4:c4:66:a3:1f:0b:42:8a:a4:e9:42:94:d9:9a:5c:
8c:3d:5d:e3:da:21:7e:a8:8a:59:78:eb:ad:db:34:
8e:d4:db:d4:06:6d:13:2c:88:e6:85:ea:fc:57:48:
84:7f:3c:84:02:e8:9e:d4:6d:c6:ef:fc:1a:fb:e6:
5c:24:91:ab:fb:88:ca:4d:07:65:24:2c:21:ec:0a:
3d:dd:65:4b:70:6f:e1:4d:7c:a3:5d:18:30:7c:6b:
fc:e1:aa:43:96:6f:e3:8f:f4:91:cf:f6:95:d1:f6:
38:4d:de:6d:05:52:ff:00:5f:12:a1:e5:45:6b:cb:
23:85:74:bc:5c:0d:ff:04:f6:5b:01:20:10:06:aa:
43:aa:d3:d4:0b:3a:32:99:3f:68:6a:1f:fc:5c:29:
e9:8e:a7:f4:76:35:c1:4f:a5:bd:86:4e:b4:01:68:
5e:36:eb:55:4a:d3:4c:8d:16:25:67:f3:6d:06:fb:
14:84:86:81:91:01:5f:0b:81:20:f6:17:8f:0e:51:
36:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:E7:38:1E:FE:07:E9:A3:FD:A0:DE:00:93:36:40:94:C7:80:EB:41
X509v3 Authority Key Identifier:
keyid:7D:06:A4:2B:B2:44:6E:51:F1:92:EA:37:5B:DF:7E:EC:5A:51:C7:7F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fQakK7JEblHxkuo3W99-7FpRx38.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/Ouc4Hv4H6aP9oN4AkzZAlMeA60E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/fQakK7JEblHxkuo3W99-7FpRx38.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.178.0.0/22
46.23.96.0/24
46.23.98.0/23
46.23.108.0/24
46.23.111.0/24
88.151.195.0/24
88.151.199.0/24
164.215.100.0/24
185.81.216.0/22
Signature Algorithm: sha256WithRSAEncryption
23:cc:7d:c6:ac:9a:81:be:6f:84:f2:60:ae:0b:20:08:0c:78:
63:f1:be:4a:90:ec:5a:37:6b:c4:fc:ed:3a:c6:76:6b:05:77:
3f:e5:25:11:58:d5:1e:f8:85:bd:65:58:98:4c:a8:f0:8f:a8:
a6:85:24:b9:bc:db:1d:d3:3b:dc:15:ff:ab:7e:1c:cd:7e:0b:
5a:3a:7e:0f:9f:57:c0:1d:fd:bf:55:88:0a:3e:46:aa:6f:9d:
e1:48:d4:22:3d:b2:d5:25:0d:f3:3e:0b:28:08:a1:16:f0:29:
d6:67:29:1f:d0:cc:a9:85:45:1d:d4:09:06:ff:e3:b6:ad:7a:
29:54:88:64:35:14:cc:3d:92:32:70:17:1e:e7:13:57:77:f5:
4e:ec:c0:ac:7a:bf:eb:ff:fd:99:db:5c:de:e4:48:35:54:5f:
05:c5:b6:9a:42:31:71:5f:13:88:b8:9e:1a:55:3c:a2:c2:84:
dd:3f:f9:eb:ec:c1:52:64:71:f1:20:c7:30:6f:8f:6c:21:7b:
fc:de:0d:2a:fe:f3:63:8a:8a:1d:58:8f:5d:18:95:84:2b:3f:
2e:28:88:f4:39:a9:95:4b:7e:74:79:ca:7a:ee:cf:ca:25:e4:
33:b3:01:0f:fb:9c:1f:c7:32:c8:83:bc:78:f9:ca:41:88:57:
14:78:f2:75
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAYL5UwEYjjiRZwT50Dc3sbxGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkMDZhNDJiYjI0NDZlNTFmMTkyZWEzNzViZGY3ZWVjNWE1
MWM3N2YwHhcNMjIwOTAxMTM1MjIyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYWU3MzgxZWZlMDdlOWEzZmRhMGRlMDA5MzM2NDA5NGM3ODBlYjQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkhd0eQGaSrP8WOx6Zc88pFRFSMaw
9C1CqDRnIBmoIepXx7MJnVI5XSDudXlaB6ILFDUzKRrt4vJ6hXzkxGajHwtCiqTp
QpTZmlyMPV3j2iF+qIpZeOut2zSO1NvUBm0TLIjmher8V0iEfzyEAuie1G3G7/wa
++ZcJJGr+4jKTQdlJCwh7Ao93WVLcG/hTXyjXRgwfGv84apDlm/jj/SRz/aV0fY4
Td5tBVL/AF8SoeVFa8sjhXS8XA3/BPZbASAQBqpDqtPUCzoymT9oah/8XCnpjqf0
djXBT6W9hk60AWheNutVStNMjRYlZ/NtBvsUhIaBkQFfC4Eg9hePDlE2HwIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFDrnOB7+B+mj/aDeAJM2QJTHgOtBMB8GA1UdIwQY
MBaAFH0GpCuyRG5R8ZLqN1vffuxaUcd/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlFha0s3SkVibEh4a3VvM1c5OS03RnBSeDM4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYy83ODAwMmEtNGZjMC00ZGJmLTg1ODUt
MmNmODA2YjJkMGYyLzEvT3VjNEh2NEg2YVA5b040QWt6WkFsTWVBNjBFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYy83ODAwMmEtNGZjMC00ZGJmLTg1ODUtMmNmODA2YjJkMGYy
LzEvZlFha0s3SkVibEh4a3VvM1c5OS03RnBSeDM4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAATA2AwQCBbIAAwQA
LhdgAwQBLhdiAwQALhdsAwQALhdvAwQAWJfDAwQAWJfHAwQApNdkAwQCuVHYMA0G
CSqGSIb3DQEBCwUAA4IBAQAjzH3GrJqBvm+E8mCuCyAIDHhj8b5KkOxaN2vE/O06
xnZrBXc/5SURWNUe+IW9ZViYTKjwj6imhSS5vNsd0zvcFf+rfhzNfgtaOn4Pn1fA
Hf2/VYgKPkaqb53hSNQiPbLVJQ3zPgsoCKEW8CnWZykf0MyphUUd1AkG/+O2rXop
VIhkNRTMPZIycBce5xNXd/VO7MCser/r//2Z21ze5Eg1VF8FxbaaQjFxXxOIuJ4a
VTyiwoTdP/nr7MFSZHHxIMcwb49sIXv83g0q/vNjioodWI9dGJWEKz8uKIj0OamV
S350ecp67s/KJeQzswEP+5wfxzLIg7x4+cpBiFcUePJ1
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:09:50 2023 by rpki-client on console-ams.rpki-client.org