Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/XFjYJhlRmNgxsvWLtHG8eGyvh8k.roa
File: XFjYJhlRmNgxsvWLtHG8eGyvh8k.roa (raw, json)
Hash identifier: mZYYWasCg+jzlKGtj5scmM6XxoydFWdD4UxaabfkUNA=
Subject key identifier: 5C:58:D8:26:19:51:98:D8:31:B2:F5:8B:B4:71:BC:78:6C:AF:87:C9
Certificate issuer: /CN=7d06a42bb2446e51f192ea375bdf7eec5a51c77f
Certificate serial: 0183305B755A163A4BF2B1AFF9B1D86A6F9D
Authority key identifier: 7D:06:A4:2B:B2:44:6E:51:F1:92:EA:37:5B:DF:7E:EC:5A:51:C7:7F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fQakK7JEblHxkuo3W99-7FpRx38.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/XFjYJhlRmNgxsvWLtHG8eGyvh8k.roa
Signing time: Mon 12 Sep 2022 06:20:43 +0000
ROA not before: Mon 12 Sep 2022 06:20:43 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 15723
IP address blocks: 46.23.103.0/24 maxlen: 24
46.23.101.0/24 maxlen: 24
46.23.102.0/24 maxlen: 24
46.23.100.0/24 maxlen: 24
37.128.203.0/24 maxlen: 24
37.128.202.0/24 maxlen: 24
37.128.200.0/24 maxlen: 24
37.128.201.0/24 maxlen: 24
185.81.216.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:30:5b:75:5a:16:3a:4b:f2:b1:af:f9:b1:d8:6a:6f:9d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d06a42bb2446e51f192ea375bdf7eec5a51c77f
Validity
Not Before: Sep 12 06:20:43 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=5c58d826195198d831b2f58bb471bc786caf87c9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:7f:12:5d:88:21:40:22:94:44:19:be:fa:92:
6c:89:00:77:8c:63:b3:a0:88:d9:e7:21:c7:61:6d:
07:e9:c3:04:82:c3:c9:0a:46:ce:bd:92:1d:74:ea:
8a:a6:cb:3a:21:95:38:9d:df:34:40:15:ab:51:21:
09:23:7c:d2:dc:02:61:ad:3b:1c:cf:bf:af:e2:ce:
85:60:2b:8b:f7:a6:89:e6:c7:15:cd:6a:aa:b6:43:
0f:26:3e:1b:5b:a9:a5:31:ba:16:20:77:da:ed:5d:
98:81:7e:ba:e1:28:30:1b:b0:a7:85:b6:bb:d7:3a:
f4:86:25:38:7c:d3:3e:c9:a8:dd:c5:9a:09:b7:82:
60:01:76:5e:10:f5:f0:17:1c:7f:4d:76:4b:2e:bf:
53:91:25:e3:ad:d9:04:8c:ac:5b:97:89:9f:39:8d:
b9:2b:58:2a:82:10:6f:ba:a5:19:03:df:a9:bf:20:
54:da:f9:d4:81:a9:ca:ae:f9:e1:f3:1c:f9:41:5c:
c7:b6:f4:14:66:2b:29:3c:a3:e9:22:7c:a2:28:ba:
95:25:29:6d:74:79:2e:9f:c2:ca:dd:96:77:0d:be:
fc:d1:c1:e9:73:9f:23:b8:c7:42:f2:05:6e:ed:da:
2d:55:31:36:6a:2b:fd:8d:8f:f8:cf:15:36:a6:bc:
cf:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:58:D8:26:19:51:98:D8:31:B2:F5:8B:B4:71:BC:78:6C:AF:87:C9
X509v3 Authority Key Identifier:
keyid:7D:06:A4:2B:B2:44:6E:51:F1:92:EA:37:5B:DF:7E:EC:5A:51:C7:7F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fQakK7JEblHxkuo3W99-7FpRx38.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/XFjYJhlRmNgxsvWLtHG8eGyvh8k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/fQakK7JEblHxkuo3W99-7FpRx38.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.128.200.0/22
46.23.100.0/22
185.81.216.0/22
Signature Algorithm: sha256WithRSAEncryption
3c:b1:38:0e:72:cc:b9:3c:6f:b6:c5:02:07:7b:4b:64:33:3b:
56:a7:d6:27:2d:3d:d0:9a:60:c0:28:90:95:15:c7:96:18:0e:
b7:2a:1e:00:a6:53:84:5d:86:17:68:82:b5:56:ce:9e:8a:1e:
cf:95:38:75:ab:f7:7f:93:55:2c:6d:d5:57:15:6b:eb:74:f4:
33:db:ab:5a:bc:2a:15:df:29:c2:0b:f9:85:30:35:00:2f:6c:
7b:e4:9e:65:c4:14:19:b1:dc:94:f0:c0:eb:d5:69:0a:c2:f1:
52:7c:23:40:8c:fb:d2:e0:15:c2:51:7a:90:2a:1c:0e:ce:b8:
19:0f:9e:c6:4c:ea:e3:02:54:e9:f4:ef:93:f5:e5:2f:45:75:
01:f2:71:06:33:5f:35:40:8c:9e:77:02:b9:5d:20:3d:90:95:
a2:0d:dd:19:67:9e:92:20:5f:28:6d:ff:5b:3c:c8:41:46:d3:
59:93:9a:c9:16:c5:21:70:77:63:18:66:45:a9:ba:d7:3a:dd:
8d:64:93:05:a0:36:5e:92:d9:bf:2f:8f:34:91:32:25:46:5b:
21:60:98:23:f7:75:0a:0d:26:dd:c9:6a:4f:4f:34:40:cd:fc:
10:82:33:97:81:e1:0c:68:0b:d8:80:cf:ad:3e:20:25:9a:e8:
27:e1:46:25
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYMwW3VaFjpL8rGv+bHYam+dMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkMDZhNDJiYjI0NDZlNTFmMTkyZWEzNzViZGY3ZWVjNWE1
MWM3N2YwHhcNMjIwOTEyMDYyMDQzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YzU4ZDgyNjE5NTE5OGQ4MzFiMmY1OGJiNDcxYmM3ODZjYWY4N2M5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkH8SXYghQCKURBm++pJsiQB3jGOz
oIjZ5yHHYW0H6cMEgsPJCkbOvZIddOqKpss6IZU4nd80QBWrUSEJI3zS3AJhrTsc
z7+v4s6FYCuL96aJ5scVzWqqtkMPJj4bW6mlMboWIHfa7V2YgX664SgwG7Cnhba7
1zr0hiU4fNM+yajdxZoJt4JgAXZeEPXwFxx/TXZLLr9TkSXjrdkEjKxbl4mfOY25
K1gqghBvuqUZA9+pvyBU2vnUganKrvnh8xz5QVzHtvQUZispPKPpInyiKLqVJSlt
dHkun8LK3ZZ3Db780cHpc58juMdC8gVu7dotVTE2aiv9jY/4zxU2przPDwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFFxY2CYZUZjYMbL1i7RxvHhsr4fJMB8GA1UdIwQY
MBaAFH0GpCuyRG5R8ZLqN1vffuxaUcd/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlFha0s3SkVibEh4a3VvM1c5OS03RnBSeDM4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYy83ODAwMmEtNGZjMC00ZGJmLTg1ODUt
MmNmODA2YjJkMGYyLzEvWEZqWUpobFJtTmd4c3ZXTHRIRzhlR3l2aDhrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYy83ODAwMmEtNGZjMC00ZGJmLTg1ODUtMmNmODA2YjJkMGYy
LzEvZlFha0s3SkVibEh4a3VvM1c5OS03RnBSeDM4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCJYDIAwQC
LhdkAwQCuVHYMA0GCSqGSIb3DQEBCwUAA4IBAQA8sTgOcsy5PG+2xQIHe0tkMztW
p9YnLT3QmmDAKJCVFceWGA63Kh4AplOEXYYXaIK1Vs6eih7PlTh1q/d/k1UsbdVX
FWvrdPQz26tavCoV3ynCC/mFMDUAL2x75J5lxBQZsdyU8MDr1WkKwvFSfCNAjPvS
4BXCUXqQKhwOzrgZD57GTOrjAlTp9O+T9eUvRXUB8nEGM181QIyedwK5XSA9kJWi
Dd0ZZ56SIF8obf9bPMhBRtNZk5rJFsUhcHdjGGZFqbrXOt2NZJMFoDZektm/L480
kTIlRlshYJgj93UKDSbdyWpPTzRAzfwQgjOXgeEMaAvYgM+tPiAlmugn4UYl
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:09:50 2023 by rpki-client on console-ams.rpki-client.org