Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/tL3vezf-jqLfo4C2p5uQSTuYsJ0.roa
File: tL3vezf-jqLfo4C2p5uQSTuYsJ0.roa (raw, json)
Hash identifier: EzW9SRoAizeaPLsVHHh/YcCQg2zoILaKYcvmxGVAXFI=
Subject key identifier: B4:BD:EF:7B:37:FE:8E:A2:DF:A3:80:B6:A7:9B:90:49:3B:98:B0:9D
Certificate issuer: /CN=7d06a42bb2446e51f192ea375bdf7eec5a51c77f
Certificate serial: 018341E73A77BAAD535EC7BF4A49EC39F9B6
Authority key identifier: 7D:06:A4:2B:B2:44:6E:51:F1:92:EA:37:5B:DF:7E:EC:5A:51:C7:7F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fQakK7JEblHxkuo3W99-7FpRx38.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/tL3vezf-jqLfo4C2p5uQSTuYsJ0.roa
Signing time: Thu 15 Sep 2022 16:06:56 +0000
ROA not before: Thu 15 Sep 2022 16:06:56 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 210654
IP address blocks: 46.23.105.0/24 maxlen: 24
46.23.104.0/24 maxlen: 24
46.23.107.0/24 maxlen: 24
46.23.106.0/24 maxlen: 24
37.128.205.0/24 maxlen: 24
37.128.204.0/24 maxlen: 24
37.128.206.0/24 maxlen: 24
37.128.207.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:41:e7:3a:77:ba:ad:53:5e:c7:bf:4a:49:ec:39:f9:b6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d06a42bb2446e51f192ea375bdf7eec5a51c77f
Validity
Not Before: Sep 15 16:06:56 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=b4bdef7b37fe8ea2dfa380b6a79b90493b98b09d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:f8:06:32:96:dd:ba:de:7a:fe:ee:b6:ce:e6:
e8:76:90:e8:f5:7b:0d:66:61:44:8d:2a:e0:bf:05:
ca:30:41:6b:e3:9f:37:7c:c4:42:ed:92:21:76:fb:
16:eb:d0:11:da:79:a9:e8:71:d9:3a:ea:08:cd:7a:
76:ad:9d:71:38:14:5a:7c:22:4b:63:18:be:0e:c1:
ad:c8:57:3a:dd:9c:61:9b:ff:2d:44:88:ab:26:e2:
84:54:13:00:68:3e:27:3f:80:30:fe:14:9e:b3:b6:
f9:46:fa:ea:35:10:c8:9b:5f:be:09:b8:69:45:a0:
ff:32:9f:61:da:28:af:ca:cb:09:7d:d6:45:f2:ff:
3a:ba:86:18:01:c6:c7:7a:5c:e0:98:f3:e2:79:4b:
c9:91:33:02:be:e9:35:1f:da:ee:ed:9f:c0:5d:9d:
8b:96:26:6f:1d:bc:84:0b:48:57:8d:50:c0:07:cc:
f0:12:ce:14:ed:55:9f:19:ae:15:4b:ca:c6:aa:0d:
72:c6:df:2f:89:e5:27:6c:e2:60:5a:1c:fe:7c:01:
93:a2:4e:55:8d:6b:ab:4e:3c:79:d5:4d:8e:40:1f:
24:37:0f:8d:f4:22:ba:1f:e2:a4:0c:48:27:29:b3:
e7:98:39:4b:5d:87:19:80:ef:c7:45:3c:6f:32:9d:
f2:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:BD:EF:7B:37:FE:8E:A2:DF:A3:80:B6:A7:9B:90:49:3B:98:B0:9D
X509v3 Authority Key Identifier:
keyid:7D:06:A4:2B:B2:44:6E:51:F1:92:EA:37:5B:DF:7E:EC:5A:51:C7:7F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fQakK7JEblHxkuo3W99-7FpRx38.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/tL3vezf-jqLfo4C2p5uQSTuYsJ0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/fQakK7JEblHxkuo3W99-7FpRx38.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.128.204.0/22
46.23.104.0/22
Signature Algorithm: sha256WithRSAEncryption
28:51:df:cb:b5:ce:4f:df:4c:a3:75:57:4d:56:9f:e0:3d:c7:
47:ce:d0:94:b2:64:0c:de:0e:24:71:44:56:0f:b5:19:85:9b:
c7:cd:7f:f8:e1:78:e2:f9:ac:ad:89:82:92:d6:24:59:b4:b1:
4b:fa:b6:62:04:f8:30:be:41:5d:35:13:9a:48:d6:5b:98:bc:
ac:fc:02:7b:d9:a6:1d:8b:1a:5f:da:bb:9c:60:f7:a5:61:af:
35:1a:d1:d1:3c:17:7f:84:03:8d:30:31:7f:a4:ca:7a:90:1c:
b3:09:f4:88:86:f1:74:6e:90:aa:40:7a:fd:f6:a0:ff:4d:b0:
24:f8:26:a3:8c:7f:08:d6:dc:a3:8f:4d:dd:64:61:8c:e5:37:
54:f1:35:fc:64:e7:df:1f:f8:1e:f1:de:2d:c5:63:b0:ce:8f:
50:bc:d2:35:11:0a:18:61:e0:94:fd:61:0c:a7:50:a7:6c:85:
a3:2d:41:7f:5c:e9:53:76:fe:44:4b:b4:c9:f2:4a:20:12:e3:
a6:0c:dc:f2:3d:7c:57:b6:f3:fe:df:35:40:ef:b4:36:9a:09:
13:42:39:30:77:c5:45:1a:7c:46:f3:7e:e5:c8:0e:46:4e:94:
8d:90:83:c4:6c:e1:35:87:b6:3d:a6:40:14:ea:fc:e5:8a:98:
07:f2:ff:88
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYNB5zp3uq1TXse/SknsOfm2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkMDZhNDJiYjI0NDZlNTFmMTkyZWEzNzViZGY3ZWVjNWE1
MWM3N2YwHhcNMjIwOTE1MTYwNjU2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNGJkZWY3YjM3ZmU4ZWEyZGZhMzgwYjZhNzliOTA0OTNiOThiMDlkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmfgGMpbdut56/u62zubodpDo9XsN
ZmFEjSrgvwXKMEFr4583fMRC7ZIhdvsW69AR2nmp6HHZOuoIzXp2rZ1xOBRafCJL
Yxi+DsGtyFc63Zxhm/8tRIirJuKEVBMAaD4nP4Aw/hSes7b5RvrqNRDIm1++Cbhp
RaD/Mp9h2iivyssJfdZF8v86uoYYAcbHelzgmPPieUvJkTMCvuk1H9ru7Z/AXZ2L
liZvHbyEC0hXjVDAB8zwEs4U7VWfGa4VS8rGqg1yxt8vieUnbOJgWhz+fAGTok5V
jWurTjx51U2OQB8kNw+N9CK6H+KkDEgnKbPnmDlLXYcZgO/HRTxvMp3yBQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFLS973s3/o6i36OAtqebkEk7mLCdMB8GA1UdIwQY
MBaAFH0GpCuyRG5R8ZLqN1vffuxaUcd/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlFha0s3SkVibEh4a3VvM1c5OS03RnBSeDM4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYy83ODAwMmEtNGZjMC00ZGJmLTg1ODUt
MmNmODA2YjJkMGYyLzEvdEwzdmV6Zi1qcUxmbzRDMnA1dVFTVHVZc0owLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYy83ODAwMmEtNGZjMC00ZGJmLTg1ODUtMmNmODA2YjJkMGYy
LzEvZlFha0s3SkVibEh4a3VvM1c5OS03RnBSeDM4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCJYDMAwQC
LhdoMA0GCSqGSIb3DQEBCwUAA4IBAQAoUd/Ltc5P30yjdVdNVp/gPcdHztCUsmQM
3g4kcURWD7UZhZvHzX/44Xji+aytiYKS1iRZtLFL+rZiBPgwvkFdNROaSNZbmLys
/AJ72aYdixpf2rucYPelYa81GtHRPBd/hAONMDF/pMp6kByzCfSIhvF0bpCqQHr9
9qD/TbAk+CajjH8I1tyjj03dZGGM5TdU8TX8ZOffH/ge8d4txWOwzo9QvNI1EQoY
YeCU/WEMp1CnbIWjLUF/XOlTdv5ES7TJ8kogEuOmDNzyPXxXtvP+3zVA77Q2mgkT
Qjkwd8VFGnxG837lyA5GTpSNkIPEbOE1h7Y9pkAU6vzlipgH8v+I
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:06:01 2023 by rpki-client on console-fra.rpki-client.org