Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/Up1lBgMIW1MDrprcit447pJGpOo.roa
File: Up1lBgMIW1MDrprcit447pJGpOo.roa (raw, json)
Hash identifier: qabGKEgv4+1ea/v8f76Y1Z6vdg5ToCCmHIVPgzqIjNI=
Subject key identifier: 52:9D:65:06:03:08:5B:53:03:AE:9A:DC:8A:DE:38:EE:92:46:A4:EA
Certificate issuer: /CN=7d06a42bb2446e51f192ea375bdf7eec5a51c77f
Certificate serial: 0184BE6F03EF13D1BF9F9751DEC02038C4DC
Authority key identifier: 7D:06:A4:2B:B2:44:6E:51:F1:92:EA:37:5B:DF:7E:EC:5A:51:C7:7F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fQakK7JEblHxkuo3W99-7FpRx38.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/Up1lBgMIW1MDrprcit447pJGpOo.roa
Signing time: Mon 28 Nov 2022 13:30:57 +0000
ROA not before: Mon 28 Nov 2022 13:30:57 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 398343
IP address blocks: 46.23.98.0/24 maxlen: 24
46.23.96.0/24 maxlen: 24
46.23.99.0/24 maxlen: 24
164.215.103.0/24 maxlen: 24
46.23.111.0/24 maxlen: 24
185.81.219.0/24 maxlen: 24
185.81.218.0/24 maxlen: 24
88.151.195.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:be:6f:03:ef:13:d1:bf:9f:97:51:de:c0:20:38:c4:dc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d06a42bb2446e51f192ea375bdf7eec5a51c77f
Validity
Not Before: Nov 28 13:30:57 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=529d650603085b5303ae9adc8ade38ee9246a4ea
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:2a:c6:ff:f6:f7:59:bb:ed:f8:ca:b5:86:fc:
af:7b:d0:f3:1d:4f:2d:d9:b6:6b:b2:d8:69:fc:60:
5c:fd:e5:e9:12:45:66:9d:96:14:f9:24:ea:38:75:
63:48:fa:6e:ea:42:f9:44:c8:48:24:a6:5c:8f:c5:
24:64:f1:bd:fe:b1:9b:88:36:8b:f6:c6:e6:32:5c:
ab:a9:ca:74:75:8d:fa:e6:24:a4:f1:bd:15:d7:97:
94:7d:5b:50:cc:ec:1b:e5:cd:d6:37:06:18:3c:70:
9d:4b:a8:3e:ef:72:de:f8:8a:e3:d1:66:d6:e7:26:
4a:d6:63:81:a1:fc:de:1b:69:39:b6:b4:cd:97:51:
13:3a:93:22:66:61:c2:9b:a8:94:3e:07:40:e8:cf:
69:36:4b:5b:af:9b:9c:db:d5:46:37:a2:2f:8a:fa:
22:d2:e2:91:6f:fb:22:5f:46:12:98:b6:cf:3f:43:
66:e8:80:6c:ac:f0:5e:0a:e2:a7:7f:24:cf:d6:09:
e2:2c:ca:e9:27:7c:d9:da:51:3a:32:5d:a7:d9:67:
09:3e:32:8f:8a:7a:05:e3:32:91:1b:d0:06:62:0f:
6e:33:ee:e4:b8:38:a6:c9:89:14:79:46:0c:40:81:
b2:ac:5a:4f:10:1c:be:a8:a7:5c:25:92:f9:9f:98:
f2:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:9D:65:06:03:08:5B:53:03:AE:9A:DC:8A:DE:38:EE:92:46:A4:EA
X509v3 Authority Key Identifier:
keyid:7D:06:A4:2B:B2:44:6E:51:F1:92:EA:37:5B:DF:7E:EC:5A:51:C7:7F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fQakK7JEblHxkuo3W99-7FpRx38.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/Up1lBgMIW1MDrprcit447pJGpOo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/fQakK7JEblHxkuo3W99-7FpRx38.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.23.96.0/24
46.23.98.0/23
46.23.111.0/24
88.151.195.0/24
164.215.103.0/24
185.81.218.0/23
Signature Algorithm: sha256WithRSAEncryption
19:fd:f3:f2:94:d7:f1:fb:17:bf:28:1b:6b:22:af:bf:1c:bc:
c2:9b:b1:34:f3:6d:b0:36:3c:bc:d5:ca:26:3b:ae:4c:04:5c:
ae:4e:10:39:79:98:6a:c7:a1:40:3c:2f:59:67:02:8c:61:51:
7d:50:5e:70:e6:28:9a:ae:b6:34:e5:c1:82:62:71:dc:18:3d:
56:15:da:3f:ad:12:e8:9b:95:43:26:db:3f:19:47:c0:00:09:
86:1c:8e:3d:8d:76:37:a7:42:a6:ed:62:07:10:81:c4:79:09:
ab:9e:03:bc:4f:c0:ef:d6:8c:06:c1:27:b4:3d:02:de:43:99:
72:85:8e:b7:b5:7e:ae:04:14:9b:4f:9a:b6:f4:be:fb:4f:5f:
58:5f:46:fe:ed:83:49:4a:ab:bb:ac:b8:5e:49:21:3e:6a:5e:
14:03:c2:58:44:83:1b:3f:6f:f7:b7:84:e8:ca:56:40:d5:0a:
78:e7:de:9d:9b:02:d5:e2:36:f5:13:0b:b0:c8:0f:7d:a4:fb:
00:4e:c0:10:25:65:be:18:99:29:1f:5b:6e:a5:be:65:5a:da:
6b:1c:6f:d5:bd:79:ed:5c:72:be:95:21:04:2e:e1:d4:4b:51:
50:3e:52:77:a2:af:bc:25:1f:15:dc:18:57:05:c5:5f:e1:b5:
73:46:68:b3
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYS+bwPvE9G/n5dR3sAgOMTcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkMDZhNDJiYjI0NDZlNTFmMTkyZWEzNzViZGY3ZWVjNWE1
MWM3N2YwHhcNMjIxMTI4MTMzMDU3WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MjlkNjUwNjAzMDg1YjUzMDNhZTlhZGM4YWRlMzhlZTkyNDZhNGVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzirG//b3Wbvt+Mq1hvyve9DzHU8t
2bZrsthp/GBc/eXpEkVmnZYU+STqOHVjSPpu6kL5RMhIJKZcj8UkZPG9/rGbiDaL
9sbmMlyrqcp0dY365iSk8b0V15eUfVtQzOwb5c3WNwYYPHCdS6g+73Le+Irj0WbW
5yZK1mOBofzeG2k5trTNl1ETOpMiZmHCm6iUPgdA6M9pNktbr5uc29VGN6Ivivoi
0uKRb/siX0YSmLbPP0Nm6IBsrPBeCuKnfyTP1gniLMrpJ3zZ2lE6Ml2n2WcJPjKP
inoF4zKRG9AGYg9uM+7kuDimyYkUeUYMQIGyrFpPEBy+qKdcJZL5n5jyBQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFFKdZQYDCFtTA66a3IreOO6SRqTqMB8GA1UdIwQY
MBaAFH0GpCuyRG5R8ZLqN1vffuxaUcd/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlFha0s3SkVibEh4a3VvM1c5OS03RnBSeDM4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYy83ODAwMmEtNGZjMC00ZGJmLTg1ODUt
MmNmODA2YjJkMGYyLzEvVXAxbEJnTUlXMU1EcnByY2l0NDQ3cEpHcE9vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYy83ODAwMmEtNGZjMC00ZGJmLTg1ODUtMmNmODA2YjJkMGYy
LzEvZlFha0s3SkVibEh4a3VvM1c5OS03RnBSeDM4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQALhdgAwQB
LhdiAwQALhdvAwQAWJfDAwQApNdnAwQBuVHaMA0GCSqGSIb3DQEBCwUAA4IBAQAZ
/fPylNfx+xe/KBtrIq+/HLzCm7E0822wNjy81comO65MBFyuThA5eZhqx6FAPC9Z
ZwKMYVF9UF5w5iiarrY05cGCYnHcGD1WFdo/rRLom5VDJts/GUfAAAmGHI49jXY3
p0Km7WIHEIHEeQmrngO8T8Dv1owGwSe0PQLeQ5lyhY63tX6uBBSbT5q29L77T19Y
X0b+7YNJSqu7rLheSSE+al4UA8JYRIMbP2/3t4ToylZA1Qp4596dmwLV4jb1Ewuw
yA99pPsATsAQJWW+GJkpH1tupb5lWtprHG/VvXntXHK+lSEELuHUS1FQPlJ3oq+8
JR8V3BhXBcVf4bVzRmiz
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:09:50 2023 by rpki-client on console-ams.rpki-client.org