Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f9/488f61-2f00-4639-97b8-d24f562dedd2/1/wEA3nahtNupUV_hMhlRpW4HOW-w.roa
File: wEA3nahtNupUV_hMhlRpW4HOW-w.roa (raw, json)
Hash identifier: jmA48VfDluXlizaKelDkUcXqn+EOg1FK7AWGv/XdLwA=
Subject key identifier: C0:40:37:9D:A8:6D:36:EA:54:57:F8:4C:86:54:69:5B:81:CE:5B:EC
Certificate issuer: /CN=e760126dce78bc16e66c2e6e7635848ac46846af
Certificate serial: 0184E3A4A3B3FE10FBB63068B626E9EE6EC8
Authority key identifier: E7:60:12:6D:CE:78:BC:16:E6:6C:2E:6E:76:35:84:8A:C4:68:46:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/52ASbc54vBbmbC5udjWEisRoRq8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f9/488f61-2f00-4639-97b8-d24f562dedd2/1/wEA3nahtNupUV_hMhlRpW4HOW-w.roa
Signing time: Mon 05 Dec 2022 18:55:28 +0000
ROA not before: Mon 05 Dec 2022 18:55:28 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 49581
IP address blocks: 146.247.117.0/24 maxlen: 24
146.247.122.0/24 maxlen: 24
146.247.126.0/24 maxlen: 24
146.247.127.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:e3:a4:a3:b3:fe:10:fb:b6:30:68:b6:26:e9:ee:6e:c8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e760126dce78bc16e66c2e6e7635848ac46846af
Validity
Not Before: Dec 5 18:55:28 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=c040379da86d36ea5457f84c8654695b81ce5bec
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:f6:1d:83:9e:0c:ae:13:ca:dc:0e:4b:a1:99:
27:87:74:a3:bd:fe:02:5f:f8:c9:6b:bd:0e:dd:9a:
8b:07:f6:49:72:9b:6e:c7:09:61:3d:89:ce:2d:d4:
ed:e9:13:9e:d7:02:2c:e2:d3:95:c4:f1:cb:31:cb:
62:d1:18:ce:ac:2d:76:ab:a2:9a:7b:8d:06:a4:36:
c4:19:e5:79:24:30:58:f5:b5:a6:72:9b:1a:18:c6:
ef:b7:80:5b:1d:68:eb:5d:49:23:0d:c2:df:44:78:
8a:86:83:8b:88:a6:da:3d:26:49:0d:64:cd:1f:37:
1d:6a:4e:2c:60:74:03:5d:a0:c6:09:66:4c:cb:64:
8f:a8:df:63:15:d8:97:30:04:fd:82:da:44:eb:33:
74:99:f0:24:47:f2:cf:49:72:5f:2d:a6:e1:90:21:
f0:ba:77:72:9b:ce:ca:bb:b9:9f:41:63:19:6f:f2:
3f:18:d5:fe:ae:28:a9:19:45:46:f9:6d:6b:e7:35:
12:a1:76:24:a0:3a:37:db:91:f8:13:f3:4d:62:84:
1e:e5:85:93:88:59:df:fa:03:66:fb:61:96:c1:fb:
5d:32:26:5e:54:32:aa:03:92:21:7a:62:27:59:90:
b3:25:a9:08:10:e4:2e:01:0b:02:5d:90:36:f0:bc:
0a:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C0:40:37:9D:A8:6D:36:EA:54:57:F8:4C:86:54:69:5B:81:CE:5B:EC
X509v3 Authority Key Identifier:
keyid:E7:60:12:6D:CE:78:BC:16:E6:6C:2E:6E:76:35:84:8A:C4:68:46:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/52ASbc54vBbmbC5udjWEisRoRq8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/488f61-2f00-4639-97b8-d24f562dedd2/1/wEA3nahtNupUV_hMhlRpW4HOW-w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/488f61-2f00-4639-97b8-d24f562dedd2/1/52ASbc54vBbmbC5udjWEisRoRq8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
146.247.117.0/24
146.247.122.0/24
146.247.126.0/23
Signature Algorithm: sha256WithRSAEncryption
63:22:38:8a:9d:0f:3b:12:66:16:f6:3e:87:f5:82:d1:5f:af:
01:f3:4d:00:6d:66:56:5a:1c:70:2b:c1:c9:82:79:71:a7:f1:
bb:2e:5d:4b:3f:d8:14:2b:71:9c:2c:79:e3:35:1f:c8:21:1a:
31:98:46:e5:8a:e6:7c:fb:34:54:a4:d5:c8:50:0c:b7:f4:24:
b0:90:9d:79:23:5b:0c:8c:17:c5:d1:9f:da:72:7e:7a:dd:46:
4b:b3:fc:5d:51:10:bb:35:39:9a:76:d5:6e:01:a6:5f:40:4e:
59:3d:ca:7b:7f:47:a5:17:db:8c:68:26:a8:7f:31:b4:7e:61:
f7:bf:e1:e9:45:4f:38:4f:90:d8:bd:cb:7a:30:bb:23:b8:63:
2b:64:99:a7:1a:6a:80:38:7a:c5:0f:6e:4e:eb:2f:d8:63:a7:
13:80:eb:f6:f2:fa:eb:9d:42:c6:e4:e3:20:91:f7:86:cf:45:
7a:4d:fa:0d:ab:30:51:3d:03:67:51:de:90:49:77:32:b6:e4:
82:44:89:de:ec:ca:9a:e8:36:03:b5:05:51:4d:5b:2e:94:1b:
53:fc:eb:aa:5d:2a:4c:99:53:cb:8f:57:be:2a:3d:27:35:9a:
43:7a:6b:4b:fd:0f:b2:db:23:e6:1f:4d:25:1a:c0:fa:08:9c:
13:b5:71:59
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYTjpKOz/hD7tjBotibp7m7IMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU3NjAxMjZkY2U3OGJjMTZlNjZjMmU2ZTc2MzU4NDhhYzQ2
ODQ2YWYwHhcNMjIxMjA1MTg1NTI4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMDQwMzc5ZGE4NmQzNmVhNTQ1N2Y4NGM4NjU0Njk1YjgxY2U1YmVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqvYdg54MrhPK3A5LoZknh3Sjvf4C
X/jJa70O3ZqLB/ZJcptuxwlhPYnOLdTt6ROe1wIs4tOVxPHLMcti0RjOrC12q6Ka
e40GpDbEGeV5JDBY9bWmcpsaGMbvt4BbHWjrXUkjDcLfRHiKhoOLiKbaPSZJDWTN
Hzcdak4sYHQDXaDGCWZMy2SPqN9jFdiXMAT9gtpE6zN0mfAkR/LPSXJfLabhkCHw
undym87Ku7mfQWMZb/I/GNX+riipGUVG+W1r5zUSoXYkoDo325H4E/NNYoQe5YWT
iFnf+gNm+2GWwftdMiZeVDKqA5IhemInWZCzJakIEOQuAQsCXZA28LwKdwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFMBAN52obTbqVFf4TIZUaVuBzlvsMB8GA1UdIwQY
MBaAFOdgEm3OeLwW5mwubnY1hIrEaEavMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNTJBU2JjNTR2QmJtYkM1dWRqV0Vpc1JvUnE4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOS80ODhmNjEtMmYwMC00NjM5LTk3Yjgt
ZDI0ZjU2MmRlZGQyLzEvd0VBM25haHROdXBVVl9oTWhsUnBXNEhPVy13LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOS80ODhmNjEtMmYwMC00NjM5LTk3YjgtZDI0ZjU2MmRlZGQy
LzEvNTJBU2JjNTR2QmJtYkM1dWRqV0Vpc1JvUnE4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAkvd1AwQA
kvd6AwQBkvd+MA0GCSqGSIb3DQEBCwUAA4IBAQBjIjiKnQ87EmYW9j6H9YLRX68B
800AbWZWWhxwK8HJgnlxp/G7Ll1LP9gUK3GcLHnjNR/IIRoxmEbliuZ8+zRUpNXI
UAy39CSwkJ15I1sMjBfF0Z/acn563UZLs/xdURC7NTmadtVuAaZfQE5ZPcp7f0el
F9uMaCaofzG0fmH3v+HpRU84T5DYvct6MLsjuGMrZJmnGmqAOHrFD25O6y/YY6cT
gOv28vrrnULG5OMgkfeGz0V6TfoNqzBRPQNnUd6QSXcytuSCRIne7Mqa6DYDtQVR
TVsulBtT/OuqXSpMmVPLj1e+Kj0nNZpDemtL/Q+y2yPmH00lGsD6CJwTtXFZ
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:06:43 2023 by rpki-client on console-fra.rpki-client.org