Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f7/c3069e-5ffc-4c8c-91dc-31d197f139d8/1/5lbrSt2wXYWeaGev8sISAQnsvr8.roa
File: 5lbrSt2wXYWeaGev8sISAQnsvr8.roa (raw, json)
Hash identifier: tDZ6+1DiXBO3Ynhr4rKpVksHRu9qB/snKRK4ByY67ys=
Subject key identifier: E6:56:EB:4A:DD:B0:5D:85:9E:68:67:AF:F2:C2:12:01:09:EC:BE:BF
Certificate issuer: /CN=e875464e89816ef00b0369502018a7e59ce2d36c
Certificate serial: 01852FD9E0E95A05634B2316CB24DC2648DE
Authority key identifier: E8:75:46:4E:89:81:6E:F0:0B:03:69:50:20:18:A7:E5:9C:E2:D3:6C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6HVGTomBbvALA2lQIBin5Zzi02w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f7/c3069e-5ffc-4c8c-91dc-31d197f139d8/1/5lbrSt2wXYWeaGev8sISAQnsvr8.roa
Signing time: Tue 20 Dec 2022 14:04:46 +0000
ROA not before: Tue 20 Dec 2022 14:04:46 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 29470
IP address blocks: 46.46.160.0/20 maxlen: 20
46.46.176.0/21 maxlen: 21
46.46.184.0/22 maxlen: 22
46.46.128.0/19 maxlen: 19
46.46.128.0/18 maxlen: 18
2a02:24b0::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:2f:d9:e0:e9:5a:05:63:4b:23:16:cb:24:dc:26:48:de
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e875464e89816ef00b0369502018a7e59ce2d36c
Validity
Not Before: Dec 20 14:04:46 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=e656eb4addb05d859e6867aff2c2120109ecbebf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:5f:0a:af:0d:5d:f6:22:e3:0d:97:0b:04:42:
ea:c2:a5:9f:11:bd:a0:6e:7a:2c:ba:e7:b7:7c:79:
ce:53:9c:5d:f5:f9:5d:1a:6d:30:af:0e:4b:bb:38:
22:f2:85:ae:e1:d1:b7:86:04:49:af:04:81:a3:f0:
1a:f8:43:b6:59:5b:ad:b6:92:6f:35:b0:70:75:a1:
7d:c1:9b:97:0b:22:7e:9d:67:6e:f7:32:c2:4d:72:
b0:9d:61:69:cf:7b:86:7f:47:c8:be:87:03:c8:87:
fe:48:d6:3d:44:ef:05:b9:ad:cf:0b:7c:dd:85:23:
94:b1:aa:7c:bb:17:1b:1c:67:70:c6:0d:ca:6e:3b:
3a:a2:25:63:f4:ef:f6:c0:64:8c:9a:61:24:69:ed:
06:77:85:b4:a2:96:40:90:16:b4:6c:34:bf:26:e7:
58:94:9c:2f:3d:b5:52:38:a1:e4:13:e4:94:df:cb:
ba:5e:85:bd:52:10:22:d9:2f:55:06:d5:2a:be:cc:
92:86:85:8d:86:8f:b3:3e:60:f1:f1:9d:86:f2:40:
cc:ad:7f:71:8c:81:c9:0e:7f:fb:67:a0:d6:08:3b:
27:55:d8:91:2d:f9:57:b0:6a:b5:32:56:e9:02:f2:
fa:08:8b:dc:e7:d9:b5:19:8c:68:00:52:bd:d9:a3:
5c:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E6:56:EB:4A:DD:B0:5D:85:9E:68:67:AF:F2:C2:12:01:09:EC:BE:BF
X509v3 Authority Key Identifier:
keyid:E8:75:46:4E:89:81:6E:F0:0B:03:69:50:20:18:A7:E5:9C:E2:D3:6C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6HVGTomBbvALA2lQIBin5Zzi02w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/c3069e-5ffc-4c8c-91dc-31d197f139d8/1/5lbrSt2wXYWeaGev8sISAQnsvr8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/c3069e-5ffc-4c8c-91dc-31d197f139d8/1/6HVGTomBbvALA2lQIBin5Zzi02w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.46.128.0/18
IPv6:
2a02:24b0::/32
Signature Algorithm: sha256WithRSAEncryption
03:d1:bf:3d:cc:53:cc:18:27:2c:b4:3d:78:5b:96:83:c3:f8:
06:61:24:69:f6:8f:62:d8:75:0d:fb:39:5b:1c:a7:ef:c3:1a:
0c:6d:d3:8c:0f:d6:03:f0:c8:45:71:8e:bc:92:2d:3e:ea:f6:
02:94:80:9c:73:a1:5c:60:f4:b5:1a:1c:a4:64:a9:18:d9:84:
55:e9:2b:48:d3:be:6e:d9:15:ee:8a:8a:66:42:c4:a5:77:f1:
42:73:31:bb:44:a6:9c:0b:89:98:1e:0b:9b:ed:06:fa:f9:9c:
47:62:5a:9b:57:03:d7:e2:19:a3:85:a5:fb:13:9b:91:ee:5f:
b7:1d:f9:ea:f7:da:99:55:0b:1e:7d:42:0e:78:20:83:e7:97:
9a:31:3e:e8:3e:28:df:92:f3:5c:ea:23:07:ee:61:6c:29:f8:
cd:17:03:63:8e:d9:8a:31:12:50:80:fc:27:3a:85:53:7c:08:
b1:78:d9:bf:e2:8a:33:98:de:8e:15:26:28:db:e7:4a:88:80:
97:ef:b1:ad:5e:4a:b7:7e:0d:e2:4c:49:5e:f1:ae:4e:e7:8d:
05:d5:b2:ee:e4:ec:8a:01:0b:f8:89:67:7e:1b:aa:4f:c8:59:
94:29:96:e5:fb:73:d1:e0:ee:45:6d:9f:b5:cf:58:62:0d:12:
ac:82:21:07
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYUv2eDpWgVjSyMWyyTcJkjeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU4NzU0NjRlODk4MTZlZjAwYjAzNjk1MDIwMThhN2U1OWNl
MmQzNmMwHhcNMjIxMjIwMTQwNDQ2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNjU2ZWI0YWRkYjA1ZDg1OWU2ODY3YWZmMmMyMTIwMTA5ZWNiZWJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqV8Krw1d9iLjDZcLBELqwqWfEb2g
bnosuue3fHnOU5xd9fldGm0wrw5Luzgi8oWu4dG3hgRJrwSBo/Aa+EO2WVuttpJv
NbBwdaF9wZuXCyJ+nWdu9zLCTXKwnWFpz3uGf0fIvocDyIf+SNY9RO8Fua3PC3zd
hSOUsap8uxcbHGdwxg3Kbjs6oiVj9O/2wGSMmmEkae0Gd4W0opZAkBa0bDS/JudY
lJwvPbVSOKHkE+SU38u6XoW9UhAi2S9VBtUqvsyShoWNho+zPmDx8Z2G8kDMrX9x
jIHJDn/7Z6DWCDsnVdiRLflXsGq1MlbpAvL6CIvc59m1GYxoAFK92aNcqwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFOZW60rdsF2Fnmhnr/LCEgEJ7L6/MB8GA1UdIwQY
MBaAFOh1Rk6JgW7wCwNpUCAYp+Wc4tNsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNkhWR1RvbUJidkFMQTJsUUlCaW41WnppMDJ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNy9jMzA2OWUtNWZmYy00YzhjLTkxZGMt
MzFkMTk3ZjEzOWQ4LzEvNWxiclN0MndYWVdlYUdldjhzSVNBUW5zdnI4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNy9jMzA2OWUtNWZmYy00YzhjLTkxZGMtMzFkMTk3ZjEzOWQ4
LzEvNkhWR1RvbUJidkFMQTJsUUlCaW41WnppMDJ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQGLi6AMA0E
AgACMAcDBQAqAiSwMA0GCSqGSIb3DQEBCwUAA4IBAQAD0b89zFPMGCcstD14W5aD
w/gGYSRp9o9i2HUN+zlbHKfvwxoMbdOMD9YD8MhFcY68ki0+6vYClICcc6FcYPS1
GhykZKkY2YRV6StI075u2RXuiopmQsSld/FCczG7RKacC4mYHgub7Qb6+ZxHYlqb
VwPX4hmjhaX7E5uR7l+3Hfnq99qZVQsefUIOeCCD55eaMT7oPijfkvNc6iMH7mFs
KfjNFwNjjtmKMRJQgPwnOoVTfAixeNm/4oozmN6OFSYo2+dKiICX77GtXkq3fg3i
TEle8a5O540F1bLu5OyKAQv4iWd+G6pPyFmUKZbl+3PR4O5FbZ+1z1hiDRKsgiEH
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:10:29 2023 by rpki-client on console-ams.rpki-client.org