Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ed/4307d1-b608-4581-992c-753741a80e94/1/4GM_JQYRAUR7bh-gItKtqyOyr-I.roa
File: 4GM_JQYRAUR7bh-gItKtqyOyr-I.roa (raw, json)
Hash identifier: kxCeOHnmERUjWwTHnPeYQzJ5Y5iaWS13WLtaLsUoUqw=
Subject key identifier: E0:63:3F:25:06:11:01:44:7B:6E:1F:A0:22:D2:AD:AB:23:B2:AF:E2
Certificate issuer: /CN=07fa540a25432e2aa4dca057845c359d214886f7
Certificate serial: 15AAF746
Authority key identifier: 07:FA:54:0A:25:43:2E:2A:A4:DC:A0:57:84:5C:35:9D:21:48:86:F7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/B_pUCiVDLiqk3KBXhFw1nSFIhvc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ed/4307d1-b608-4581-992c-753741a80e94/1/4GM_JQYRAUR7bh-gItKtqyOyr-I.roa
Signing time: Sat 01 Jan 2022 03:57:21 +0000
ROA not before: Sat 01 Jan 2022 03:57:21 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 196922
IP address blocks: 46.232.186.0/24 maxlen: 24
46.232.184.0/21 maxlen: 21
46.232.185.0/24 maxlen: 24
46.232.190.0/24 maxlen: 24
46.232.187.0/24 maxlen: 24
46.232.191.0/24 maxlen: 24
178.248.240.0/24 maxlen: 24
178.248.245.0/24 maxlen: 24
178.248.246.0/24 maxlen: 24
178.248.243.0/24 maxlen: 24
178.248.244.0/24 maxlen: 24
178.248.241.0/24 maxlen: 24
178.248.240.0/21 maxlen: 21
178.248.242.0/24 maxlen: 24
185.115.24.0/22 maxlen: 24
185.115.24.0/23 maxlen: 23
178.248.247.0/24 maxlen: 24
185.115.26.0/23 maxlen: 23
2a02:1308::/29 maxlen: 32
2a02:1308::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 363525958 (0x15aaf746)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=07fa540a25432e2aa4dca057845c359d214886f7
Validity
Not Before: Jan 1 03:57:21 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=e0633f25061101447b6e1fa022d2adab23b2afe2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:c5:04:43:66:76:f7:dc:27:a9:64:94:64:d1:
d4:1f:96:40:9e:c5:9a:7b:e8:6d:b7:e1:69:a9:c2:
16:fe:5a:bc:23:6c:83:8c:8e:f7:02:e5:ee:9d:61:
4f:24:8a:d2:c0:9e:4e:1d:0f:a3:c2:02:d3:78:5b:
38:03:9b:58:51:a6:6e:12:42:ef:0d:3e:72:5b:5c:
c0:9f:da:66:f2:cf:1c:17:9d:7b:92:17:38:64:a8:
61:e6:8b:a4:3c:d3:88:91:71:12:50:1f:a9:bb:a5:
11:d8:ad:28:7b:13:99:e2:50:14:bb:7a:73:dc:6b:
76:0a:05:7f:ff:32:81:ef:e9:e5:d4:21:49:b5:56:
2e:40:76:0b:ae:cc:d3:50:a1:46:43:4f:e0:f5:a7:
ca:06:b4:05:b2:72:b5:57:83:24:68:74:74:3c:af:
90:08:13:95:9d:ff:92:ca:44:3c:c5:16:48:78:cb:
f5:66:71:37:70:f2:26:37:d6:d4:20:01:72:f1:92:
bb:1b:7d:5b:37:fd:6a:09:12:2a:5f:da:4b:56:c6:
96:63:bd:26:9c:59:8b:80:a8:18:45:af:4b:8e:87:
50:d6:20:b4:85:71:6c:2f:b9:80:49:3a:0b:9d:83:
97:6f:a3:c6:11:c6:97:02:be:d7:0f:8e:04:d1:4e:
b9:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:63:3F:25:06:11:01:44:7B:6E:1F:A0:22:D2:AD:AB:23:B2:AF:E2
X509v3 Authority Key Identifier:
keyid:07:FA:54:0A:25:43:2E:2A:A4:DC:A0:57:84:5C:35:9D:21:48:86:F7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/B_pUCiVDLiqk3KBXhFw1nSFIhvc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/4307d1-b608-4581-992c-753741a80e94/1/4GM_JQYRAUR7bh-gItKtqyOyr-I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/4307d1-b608-4581-992c-753741a80e94/1/B_pUCiVDLiqk3KBXhFw1nSFIhvc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.232.184.0/21
178.248.240.0/21
185.115.24.0/22
IPv6:
2a02:1308::/29
Signature Algorithm: sha256WithRSAEncryption
4d:58:89:bc:91:19:fb:fe:0f:e3:ff:c5:a8:7c:60:a7:1d:fd:
a8:0b:61:68:93:89:9d:9a:00:d0:a6:0a:25:7c:c4:6d:46:34:
6c:53:51:7b:7a:3b:e8:0b:bc:35:6a:6f:e1:dd:fd:33:1c:a7:
37:3b:04:a3:9b:da:f3:9d:7c:56:e0:eb:5a:ed:75:1a:00:bf:
e3:e1:68:ba:5d:36:40:1a:6d:b0:b5:ba:c4:61:d1:5f:e4:ac:
1e:f6:46:75:37:48:7c:3a:4b:48:90:ed:01:92:2d:2a:8d:7e:
e6:d1:86:d1:70:e9:d7:88:ab:c9:9b:03:cc:50:39:70:5d:d8:
0e:1c:0e:de:e3:de:9e:17:29:43:a2:1e:a6:6d:2c:f2:94:20:
cc:d4:51:1b:e0:15:3f:e7:a1:c4:d5:19:1d:c8:0b:42:21:0b:
3b:e7:f5:f0:8a:10:1c:eb:ce:b7:91:3a:64:20:d9:27:c2:20:
e5:0a:af:85:b7:c5:03:f2:1b:d1:6d:fb:35:0b:1c:f8:33:21:
ab:e1:3d:1f:cc:3e:e3:51:a5:04:e9:d4:e8:d0:a6:a1:25:10:
7d:95:f8:7c:42:58:f1:2c:e2:62:e2:88:10:b0:f8:06:90:ac:
0d:c3:10:57:c0:58:de:c7:a1:8d:6a:9e:e9:fb:a1:b2:12:06:
a6:f2:b3:4d
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgIEFar3RjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
N2ZhNTQwYTI1NDMyZTJhYTRkY2EwNTc4NDVjMzU5ZDIxNDg4NmY3MB4XDTIyMDEw
MTAzNTcyMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZTA2MzNmMjUwNjEx
MDE0NDdiNmUxZmEwMjJkMmFkYWIyM2IyYWZlMjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMzFBENmdvfcJ6lklGTR1B+WQJ7FmnvobbfhaanCFv5avCNs
g4yO9wLl7p1hTySK0sCeTh0Po8IC03hbOAObWFGmbhJC7w0+cltcwJ/aZvLPHBed
e5IXOGSoYeaLpDzTiJFxElAfqbulEditKHsTmeJQFLt6c9xrdgoFf/8yge/p5dQh
SbVWLkB2C67M01ChRkNP4PWnyga0BbJytVeDJGh0dDyvkAgTlZ3/kspEPMUWSHjL
9WZxN3DyJjfW1CABcvGSuxt9Wzf9agkSKl/aS1bGlmO9JpxZi4CoGEWvS46HUNYg
tIVxbC+5gEk6C52Dl2+jxhHGlwK+1w+OBNFOuY0CAwEAAaOCAiQwggIgMB0GA1Ud
DgQWBBTgYz8lBhEBRHtuH6Ai0q2rI7Kv4jAfBgNVHSMEGDAWgBQH+lQKJUMuKqTc
oFeEXDWdIUiG9zAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0JfcFVDaVZETGlxazNLQlhoRncxblNGSWh2Yy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZWQvNDMwN2QxLWI2MDgtNDU4MS05OTJjLTc1Mzc0MWE4MGU5NC8x
LzRHTV9KUVlSQVVSN2JoLWdJdEt0cXlPeXItSS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZWQv
NDMwN2QxLWI2MDgtNDU4MS05OTJjLTc1Mzc0MWE4MGU5NC8xL0JfcFVDaVZETGlx
azNLQlhoRncxblNGSWh2Yy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA6
BggrBgEFBQcBBwEB/wQrMCkwGAQCAAEwEgMEAy7ouAMEA7L48AMEArlzGDANBAIA
AjAHAwUDKgITCDANBgkqhkiG9w0BAQsFAAOCAQEATViJvJEZ+/4P4//FqHxgpx39
qAthaJOJnZoA0KYKJXzEbUY0bFNRe3o76Au8NWpv4d39MxynNzsEo5va8518VuDr
Wu11GgC/4+Foul02QBptsLW6xGHRX+SsHvZGdTdIfDpLSJDtAZItKo1+5tGG0XDp
14iryZsDzFA5cF3YDhwO3uPenhcpQ6Iepm0s8pQgzNRRG+AVP+ehxNUZHcgLQiEL
O+f18IoQHOvOt5E6ZCDZJ8Ig5QqvhbfFA/Ib0W37NQsc+DMhq+E9H8w+41GlBOnU
6NCmoSUQfZX4fEJY8SziYuKIELD4BpCsDcMQV8BY3sehjWqe6fuhshIGpvKzTQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:58:44 2024 by rpki-client on console-fra.rpki-client.org