Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/pXYl2lVck6YGGLFDsFMQ2DQXmg0.roa
File: pXYl2lVck6YGGLFDsFMQ2DQXmg0.roa (raw, json)
Hash identifier: reo/eFtZZeOalJIA17V4hc7d+gE7uXueR9ljjI+3riI=
Subject key identifier: A5:76:25:DA:55:5C:93:A6:06:18:B1:43:B0:53:10:D8:34:17:9A:0D
Certificate issuer: /CN=7d06a42bb2446e51f192ea375bdf7eec5a51c77f
Certificate serial: 0185293015A5D5ED1AF52543495FF6702C06
Authority key identifier: 7D:06:A4:2B:B2:44:6E:51:F1:92:EA:37:5B:DF:7E:EC:5A:51:C7:7F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fQakK7JEblHxkuo3W99-7FpRx38.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/pXYl2lVck6YGGLFDsFMQ2DQXmg0.roa
Signing time: Mon 19 Dec 2022 07:01:35 +0000
ROA not before: Mon 19 Dec 2022 07:01:35 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 15723
IP address blocks: 46.23.98.0/24 maxlen: 24
46.23.96.0/24 maxlen: 24
46.23.99.0/24 maxlen: 24
37.128.203.0/24 maxlen: 24
37.128.202.0/24 maxlen: 24
37.128.201.0/24 maxlen: 24
5.10.240.0/20 maxlen: 20
88.151.192.0/24 maxlen: 24
185.81.217.0/24 maxlen: 24
185.81.216.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:29:30:15:a5:d5:ed:1a:f5:25:43:49:5f:f6:70:2c:06
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d06a42bb2446e51f192ea375bdf7eec5a51c77f
Validity
Not Before: Dec 19 07:01:35 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a57625da555c93a60618b143b05310d834179a0d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:48:fd:d6:e4:ba:5c:3c:f8:98:1d:cf:97:36:
68:f1:b7:8c:ac:ff:a7:94:bb:1d:69:0d:aa:51:ab:
ae:34:89:a2:79:91:d1:4b:fb:f1:5e:9c:c9:86:1d:
74:76:d9:d3:8b:a2:30:b0:51:72:36:56:ac:ad:e9:
5c:e6:bc:d2:72:37:f5:c6:3e:f0:5d:ce:98:d3:d1:
85:18:cd:4c:48:ba:a0:5f:71:6c:96:3f:0a:ae:ef:
ca:7b:2f:7a:f7:aa:62:b7:0f:03:bf:cc:06:63:eb:
55:a9:d3:b2:91:d2:15:8e:53:49:29:d6:88:14:c6:
95:65:60:84:08:e7:8c:bf:59:a8:cc:55:22:1b:33:
82:19:14:c8:93:f9:14:c8:45:d7:b4:70:85:53:c3:
3e:8f:ee:89:45:f3:a3:de:7b:87:5d:76:1f:31:bd:
0c:27:11:c5:c0:c9:d9:31:f2:2f:a9:d4:70:2d:b3:
59:9a:94:be:8d:95:15:e3:67:2f:42:6e:50:a2:63:
8a:2e:8c:c2:78:0e:3c:61:36:08:74:ef:59:32:e4:
8e:65:7c:09:e6:1d:9c:ea:08:7b:ec:a6:f3:55:fd:
f2:74:75:8c:26:24:3a:fd:43:e4:15:02:9a:c4:c3:
b7:bd:19:6a:56:d9:7e:22:a2:6c:4a:e3:dd:8d:10:
eb:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:76:25:DA:55:5C:93:A6:06:18:B1:43:B0:53:10:D8:34:17:9A:0D
X509v3 Authority Key Identifier:
keyid:7D:06:A4:2B:B2:44:6E:51:F1:92:EA:37:5B:DF:7E:EC:5A:51:C7:7F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fQakK7JEblHxkuo3W99-7FpRx38.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/pXYl2lVck6YGGLFDsFMQ2DQXmg0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/fQakK7JEblHxkuo3W99-7FpRx38.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.10.240.0/20
37.128.201.0-37.128.203.255
46.23.96.0/24
46.23.98.0/23
88.151.192.0/24
185.81.216.0/23
Signature Algorithm: sha256WithRSAEncryption
6d:e0:64:00:76:8b:af:6f:6c:51:03:83:24:fb:75:69:b0:e0:
8e:1c:8a:2b:66:8f:96:50:6b:38:b8:b9:e1:2a:5d:64:d2:41:
e0:5d:5d:87:28:8c:f5:31:52:16:fc:72:6e:5a:15:0f:e3:5e:
a5:c1:07:03:15:ab:41:89:44:16:d6:eb:90:8e:61:3a:2d:98:
ca:4d:c2:e9:48:0a:73:a1:2d:e8:b9:0b:04:b9:4e:9c:46:85:
21:b1:f0:b2:56:e7:e3:47:5a:77:98:da:04:5d:88:7d:4b:c3:
97:10:4a:69:4e:bd:f1:7c:96:2d:89:e4:98:64:8a:d3:02:de:
be:39:31:41:18:cb:af:b3:af:00:c2:bc:d7:60:fc:ca:6b:ee:
c2:c4:a4:e2:0e:6f:b2:14:f4:72:dc:2a:c4:90:29:9e:13:48:
5c:4e:90:d0:e5:33:9a:d4:ec:e4:c6:55:01:df:d6:08:f7:ba:
d2:b6:c5:0f:50:8e:ee:ee:a3:eb:3c:33:7b:7d:3a:2d:97:31:
82:bc:e2:5f:38:f3:0e:1f:8f:fa:35:6e:28:71:0a:3d:31:37:
32:f8:ee:8e:1b:15:67:f3:6d:63:9d:94:c7:e4:d2:e2:4e:bd:
95:fb:36:e4:92:73:c9:99:45:a1:f1:7b:33:db:ba:99:42:48:
c7:b7:13:a5
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgISAYUpMBWl1e0a9SVDSV/2cCwGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkMDZhNDJiYjI0NDZlNTFmMTkyZWEzNzViZGY3ZWVjNWE1
MWM3N2YwHhcNMjIxMjE5MDcwMTM1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNTc2MjVkYTU1NWM5M2E2MDYxOGIxNDNiMDUzMTBkODM0MTc5YTBkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg0j91uS6XDz4mB3PlzZo8beMrP+n
lLsdaQ2qUauuNImieZHRS/vxXpzJhh10dtnTi6IwsFFyNlasrelc5rzScjf1xj7w
Xc6Y09GFGM1MSLqgX3Fslj8Kru/Key9696pitw8Dv8wGY+tVqdOykdIVjlNJKdaI
FMaVZWCECOeMv1mozFUiGzOCGRTIk/kUyEXXtHCFU8M+j+6JRfOj3nuHXXYfMb0M
JxHFwMnZMfIvqdRwLbNZmpS+jZUV42cvQm5QomOKLozCeA48YTYIdO9ZMuSOZXwJ
5h2c6gh77KbzVf3ydHWMJiQ6/UPkFQKaxMO3vRlqVtl+IqJsSuPdjRDrVQIDAQAB
o4ICLzCCAiswHQYDVR0OBBYEFKV2JdpVXJOmBhixQ7BTENg0F5oNMB8GA1UdIwQY
MBaAFH0GpCuyRG5R8ZLqN1vffuxaUcd/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlFha0s3SkVibEh4a3VvM1c5OS03RnBSeDM4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYy83ODAwMmEtNGZjMC00ZGJmLTg1ODUt
MmNmODA2YjJkMGYyLzEvcFhZbDJsVmNrNllHR0xGRHNGTVEyRFFYbWcwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYy83ODAwMmEtNGZjMC00ZGJmLTg1ODUtMmNmODA2YjJkMGYy
LzEvZlFha0s3SkVibEh4a3VvM1c5OS03RnBSeDM4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEUGCCsGAQUFBwEHAQH/BDYwNDAyBAIAATAsAwQEBQrwMAwD
BAAlgMkDBAIlgMgDBAAuF2ADBAEuF2IDBABYl8ADBAG5UdgwDQYJKoZIhvcNAQEL
BQADggEBAG3gZAB2i69vbFEDgyT7dWmw4I4ciitmj5ZQazi4ueEqXWTSQeBdXYco
jPUxUhb8cm5aFQ/jXqXBBwMVq0GJRBbW65COYTotmMpNwulICnOhLei5CwS5TpxG
hSGx8LJW5+NHWneY2gRdiH1Lw5cQSmlOvfF8li2J5JhkitMC3r45MUEYy6+zrwDC
vNdg/Mpr7sLEpOIOb7IU9HLcKsSQKZ4TSFxOkNDlM5rU7OTGVQHf1gj3utK2xQ9Q
ju7uo+s8M3t9Oi2XMYK84l848w4fj/o1bihxCj0xNzL47o4bFWfzbWOdlMfk0uJO
vZX7NuSSc8mZRaHxezPbuplCSMe3E6U=
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:06:01 2023 by rpki-client on console-fra.rpki-client.org