Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/aTeGOn8v0e9odjeOTseF5TiU3Qw.roa
File: aTeGOn8v0e9odjeOTseF5TiU3Qw.roa (raw, json)
Hash identifier: 0OqKRl0dswEjTZfwQskhunmVScgncFfxjbDSlSsqV2U=
Subject key identifier: 69:37:86:3A:7F:2F:D1:EF:68:76:37:8E:4E:C7:85:E5:38:94:DD:0C
Certificate issuer: /CN=7d06a42bb2446e51f192ea375bdf7eec5a51c77f
Certificate serial: 0182C51FDE9FAD6D0E8D27D0BD2D91A6DF98
Authority key identifier: 7D:06:A4:2B:B2:44:6E:51:F1:92:EA:37:5B:DF:7E:EC:5A:51:C7:7F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fQakK7JEblHxkuo3W99-7FpRx38.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/aTeGOn8v0e9odjeOTseF5TiU3Qw.roa
Signing time: Mon 22 Aug 2022 10:36:16 +0000
ROA not before: Mon 22 Aug 2022 10:36:16 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 398343
IP address blocks: 46.23.98.0/24 maxlen: 24
46.23.96.0/24 maxlen: 24
164.215.100.0/24 maxlen: 24
46.23.99.0/24 maxlen: 24
46.23.111.0/24 maxlen: 24
46.23.108.0/24 maxlen: 24
5.178.0.0/22 maxlen: 22
185.81.216.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:c5:1f:de:9f:ad:6d:0e:8d:27:d0:bd:2d:91:a6:df:98
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d06a42bb2446e51f192ea375bdf7eec5a51c77f
Validity
Not Before: Aug 22 10:36:16 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=6937863a7f2fd1ef6876378e4ec785e53894dd0c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:6d:a1:21:a7:c0:14:1d:8b:9c:a6:e0:11:ce:
55:e6:b5:20:44:3d:ef:0c:70:23:51:95:b7:ce:90:
41:ec:02:94:78:9b:7f:07:02:da:9c:ff:e2:a5:3f:
9b:6f:33:24:fc:a6:1b:2f:f5:de:b3:12:d3:c7:a5:
93:2f:a4:b9:fe:8a:2c:12:8a:74:e0:7f:53:1d:0f:
96:d7:7f:2f:1f:ca:37:9e:b0:f4:55:72:12:98:b2:
c7:99:ed:d3:f7:e7:cb:53:1e:54:1b:09:0e:7d:36:
c0:32:7a:c4:c9:ad:60:39:18:ab:f1:88:49:1a:9b:
85:1c:e1:d1:fb:50:1e:b3:18:52:9c:d3:a3:62:ee:
5b:a9:51:d5:04:86:fe:60:93:f4:80:07:75:82:95:
ac:9c:a9:22:b5:79:43:90:c5:37:ad:0e:9f:83:c9:
bf:83:8e:0b:59:76:61:ed:9d:5e:d1:29:71:eb:46:
83:ac:4b:3f:6a:76:c8:0c:fd:83:f9:10:d0:f5:9d:
68:47:35:04:19:70:1a:b4:73:0e:85:95:a9:9d:64:
f4:d2:ef:cc:5a:31:1e:13:23:23:ac:56:be:58:d2:
f7:c0:f6:14:39:58:c9:a4:13:7e:72:29:1f:ee:02:
74:17:39:24:88:69:91:ca:d0:5a:9c:3c:24:0d:f2:
27:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:37:86:3A:7F:2F:D1:EF:68:76:37:8E:4E:C7:85:E5:38:94:DD:0C
X509v3 Authority Key Identifier:
keyid:7D:06:A4:2B:B2:44:6E:51:F1:92:EA:37:5B:DF:7E:EC:5A:51:C7:7F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fQakK7JEblHxkuo3W99-7FpRx38.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/aTeGOn8v0e9odjeOTseF5TiU3Qw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/fQakK7JEblHxkuo3W99-7FpRx38.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.178.0.0/22
46.23.96.0/24
46.23.98.0/23
46.23.108.0/24
46.23.111.0/24
164.215.100.0/24
185.81.216.0/22
Signature Algorithm: sha256WithRSAEncryption
bb:e1:27:f7:c8:34:78:f7:ff:e4:4b:84:2b:42:d2:0a:36:dc:
85:0c:90:56:38:7a:92:c6:4c:4a:1b:0d:97:e0:db:6c:d3:6d:
37:2d:2a:e8:78:78:cc:2f:1c:25:a2:14:e8:ce:b6:60:7d:55:
ce:fe:39:d3:7c:fa:28:17:04:a0:60:6f:9d:ca:a7:e2:8f:f3:
8d:f0:12:6a:b8:39:f3:e9:07:22:32:2e:cd:83:32:81:e2:9d:
f6:3d:3e:e2:2e:54:de:6b:e4:49:80:37:2c:8d:4f:fe:cb:6d:
0f:0a:c1:88:5a:3f:f0:02:2d:82:f1:50:6c:f0:08:61:63:f5:
df:32:f8:85:34:ab:2c:d4:5d:db:fe:29:e4:06:ac:98:55:8e:
bd:a0:bc:2e:48:10:c2:19:54:3c:bb:73:63:fb:17:42:ff:a7:
0d:d9:1d:02:90:5a:d6:04:13:d8:bf:e3:94:9f:f8:2d:e4:bc:
df:70:63:e9:46:bd:bc:79:1d:aa:cf:3b:c0:59:1c:00:d3:9c:
19:16:f1:0e:19:76:9b:e9:4f:5b:5a:92:c1:d4:af:9b:a9:a1:
c7:ea:3e:37:c4:5a:37:61:a3:5d:ec:de:d8:2f:ed:7c:53:7e:
e0:9a:f9:8a:c3:c5:fd:cf:f8:42:90:3f:84:fb:df:80:3f:65:
0e:70:74:8d
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAYLFH96frW0OjSfQvS2Rpt+YMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkMDZhNDJiYjI0NDZlNTFmMTkyZWEzNzViZGY3ZWVjNWE1
MWM3N2YwHhcNMjIwODIyMTAzNjE2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OTM3ODYzYTdmMmZkMWVmNjg3NjM3OGU0ZWM3ODVlNTM4OTRkZDBjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgW2hIafAFB2LnKbgEc5V5rUgRD3v
DHAjUZW3zpBB7AKUeJt/BwLanP/ipT+bbzMk/KYbL/XesxLTx6WTL6S5/oosEop0
4H9THQ+W138vH8o3nrD0VXISmLLHme3T9+fLUx5UGwkOfTbAMnrEya1gORir8YhJ
GpuFHOHR+1AesxhSnNOjYu5bqVHVBIb+YJP0gAd1gpWsnKkitXlDkMU3rQ6fg8m/
g44LWXZh7Z1e0Slx60aDrEs/anbIDP2D+RDQ9Z1oRzUEGXAatHMOhZWpnWT00u/M
WjEeEyMjrFa+WNL3wPYUOVjJpBN+cikf7gJ0FzkkiGmRytBanDwkDfIn2QIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFGk3hjp/L9HvaHY3jk7HheU4lN0MMB8GA1UdIwQY
MBaAFH0GpCuyRG5R8ZLqN1vffuxaUcd/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlFha0s3SkVibEh4a3VvM1c5OS03RnBSeDM4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYy83ODAwMmEtNGZjMC00ZGJmLTg1ODUt
MmNmODA2YjJkMGYyLzEvYVRlR09uOHYwZTlvZGplT1RzZUY1VGlVM1F3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYy83ODAwMmEtNGZjMC00ZGJmLTg1ODUtMmNmODA2YjJkMGYy
LzEvZlFha0s3SkVibEh4a3VvM1c5OS03RnBSeDM4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQCBbIAAwQA
LhdgAwQBLhdiAwQALhdsAwQALhdvAwQApNdkAwQCuVHYMA0GCSqGSIb3DQEBCwUA
A4IBAQC74Sf3yDR49//kS4QrQtIKNtyFDJBWOHqSxkxKGw2X4Nts0203LSroeHjM
LxwlohTozrZgfVXO/jnTfPooFwSgYG+dyqfij/ON8BJquDnz6QciMi7NgzKB4p32
PT7iLlTea+RJgDcsjU/+y20PCsGIWj/wAi2C8VBs8AhhY/XfMviFNKss1F3b/ink
BqyYVY69oLwuSBDCGVQ8u3Nj+xdC/6cN2R0CkFrWBBPYv+OUn/gt5LzfcGPpRr28
eR2qzzvAWRwA05wZFvEOGXab6U9bWpLB1K+bqaHH6j43xFo3YaNd7N7YL+18U37g
mvmKw8X9z/hCkD+E+9+AP2UOcHSN
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:09:50 2023 by rpki-client on console-ams.rpki-client.org