Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9f/43312f-991d-4e95-93df-2c7ef9ff03f5/1/PqU465YWhIc8DdrWQ_xyR5O9sco.roa
File: PqU465YWhIc8DdrWQ_xyR5O9sco.roa (raw, json)
Hash identifier: 94BxxF5pnrDfSzBrWWk0SdAFDo0I8FZEJlncqEuBe2k=
Subject key identifier: 3E:A5:38:EB:96:16:84:87:3C:0D:DA:D6:43:FC:72:47:93:BD:B1:CA
Certificate issuer: /CN=61d764a0434272c1329ae99288d092bc3ef2228f
Certificate serial: 056738D2
Authority key identifier: 61:D7:64:A0:43:42:72:C1:32:9A:E9:92:88:D0:92:BC:3E:F2:22:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YddkoENCcsEymumSiNCSvD7yIo8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9f/43312f-991d-4e95-93df-2c7ef9ff03f5/1/PqU465YWhIc8DdrWQ_xyR5O9sco.roa
Signing time: Sat 01 Jan 2022 03:02:44 +0000
ROA not before: Sat 01 Jan 2022 03:02:44 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 51309
IP address blocks: 46.28.16.0/24 maxlen: 24
46.28.17.0/24 maxlen: 24
46.28.23.0/24 maxlen: 24
46.28.20.0/24 maxlen: 24
46.28.22.0/24 maxlen: 24
46.28.19.0/24 maxlen: 24
46.28.21.0/24 maxlen: 24
46.28.18.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 90650834 (0x56738d2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=61d764a0434272c1329ae99288d092bc3ef2228f
Validity
Not Before: Jan 1 03:02:44 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=3ea538eb961684873c0ddad643fc724793bdb1ca
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:3a:49:fa:f6:93:23:8b:6d:50:d8:7a:a3:68:
e5:43:37:2f:1e:de:1f:e8:6c:01:3a:2f:44:c7:32:
c4:e8:46:11:fa:87:74:bc:fb:12:38:d5:c6:6e:ea:
1b:c7:6a:f4:71:2d:30:d2:af:db:01:d9:9f:3a:2b:
37:cb:ef:ce:64:b3:ee:e8:0f:ca:39:e9:e9:6f:0e:
75:95:73:9d:a8:d9:95:b2:5b:82:fc:53:3d:4c:2b:
08:36:c6:d9:fc:9d:50:18:96:df:0a:07:ca:3c:b2:
74:03:19:7b:63:fc:00:7b:af:7f:2a:60:f9:16:14:
22:97:6f:9e:79:54:25:a5:57:a5:89:ee:88:97:5c:
86:94:76:46:87:a6:21:c9:a5:05:14:3e:2f:f6:b8:
df:88:bc:79:6a:42:9b:d9:b1:9e:5c:9b:d0:a7:d8:
c0:d1:0d:18:e0:63:c4:be:7c:69:5c:af:69:fb:81:
49:58:90:d9:c6:ec:77:f5:15:10:91:21:1f:01:94:
fa:f2:cd:98:57:e7:99:d2:3a:ef:c8:fc:75:70:aa:
1a:23:07:60:74:2d:65:af:1b:78:3b:ae:d2:42:3e:
c4:76:8f:a4:e1:dc:ff:be:13:ef:c1:64:84:07:6b:
0c:94:2b:1f:82:b5:3b:35:18:95:76:d0:79:3c:be:
41:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:A5:38:EB:96:16:84:87:3C:0D:DA:D6:43:FC:72:47:93:BD:B1:CA
X509v3 Authority Key Identifier:
keyid:61:D7:64:A0:43:42:72:C1:32:9A:E9:92:88:D0:92:BC:3E:F2:22:8F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YddkoENCcsEymumSiNCSvD7yIo8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/43312f-991d-4e95-93df-2c7ef9ff03f5/1/PqU465YWhIc8DdrWQ_xyR5O9sco.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/43312f-991d-4e95-93df-2c7ef9ff03f5/1/YddkoENCcsEymumSiNCSvD7yIo8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.28.16.0/21
Signature Algorithm: sha256WithRSAEncryption
9d:38:90:a8:15:e6:16:37:d7:76:6c:6c:1f:8e:1e:b4:61:05:
e5:b3:e2:4a:87:59:4d:c3:91:84:ba:7e:2f:7b:65:01:00:0d:
1f:ea:26:f0:52:00:07:2d:29:72:08:e2:36:99:21:e3:b0:de:
bb:02:a6:aa:fd:67:f2:6e:e9:2e:0e:57:6a:8e:e8:06:7a:95:
d3:07:d0:33:bb:bb:1d:7c:0a:08:1c:86:92:b6:06:5d:ca:2b:
ef:a9:a1:3f:83:27:b0:47:56:ef:8c:db:d5:2f:64:fb:3d:c3:
1b:bd:10:e6:83:b5:79:9c:ba:26:e2:01:a7:4f:79:a3:b5:d4:
f7:cb:8d:d6:a5:00:99:29:b7:8f:2b:83:0b:d6:a1:d8:f7:ba:
ce:aa:2c:06:c1:f8:1c:13:42:18:49:4f:7d:f7:7a:24:2b:3f:
f5:23:ec:58:2f:ee:e9:6c:04:19:55:73:c5:31:d6:26:7c:83:
d0:a5:b6:0d:76:ed:02:26:9e:dc:e7:c1:6c:b6:41:98:2e:a2:
88:ba:f1:17:a8:75:ba:47:b8:8e:0c:0c:fc:66:df:fe:f2:fd:
a0:be:05:70:8a:0c:24:49:e0:c0:79:62:77:89:04:e4:e8:f1:
7a:b0:a9:8f:0d:b2:63:b1:6e:17:fe:fd:0d:18:e9:87:68:a8:
ec:d3:d9:6f
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEBWc40jANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
MWQ3NjRhMDQzNDI3MmMxMzI5YWU5OTI4OGQwOTJiYzNlZjIyMjhmMB4XDTIyMDEw
MTAzMDI0NFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoM2VhNTM4ZWI5NjE2
ODQ4NzNjMGRkYWQ2NDNmYzcyNDc5M2JkYjFjYTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMA6Sfr2kyOLbVDYeqNo5UM3Lx7eH+hsATovRMcyxOhGEfqH
dLz7EjjVxm7qG8dq9HEtMNKv2wHZnzorN8vvzmSz7ugPyjnp6W8OdZVznajZlbJb
gvxTPUwrCDbG2fydUBiW3woHyjyydAMZe2P8AHuvfypg+RYUIpdvnnlUJaVXpYnu
iJdchpR2RoemIcmlBRQ+L/a434i8eWpCm9mxnlyb0KfYwNENGOBjxL58aVyvafuB
SViQ2cbsd/UVEJEhHwGU+vLNmFfnmdI678j8dXCqGiMHYHQtZa8beDuu0kI+xHaP
pOHc/74T78FkhAdrDJQrH4K1OzUYlXbQeTy+Qa8CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQ+pTjrlhaEhzwN2tZD/HJHk72xyjAfBgNVHSMEGDAWgBRh12SgQ0JywTKa
6ZKI0JK8PvIijzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1lkZGtvRU5DY3NFeW11bVNpTkNTdkQ3eUlvOC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOWYvNDMzMTJmLTk5MWQtNGU5NS05M2RmLTJjN2VmOWZmMDNmNS8x
L1BxVTQ2NVlXaEljOERkcldRX3h5UjVPOXNjby5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOWYv
NDMzMTJmLTk5MWQtNGU5NS05M2RmLTJjN2VmOWZmMDNmNS8xL1lkZGtvRU5DY3NF
eW11bVNpTkNTdkQ3eUlvOC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAy4cEDANBgkqhkiG9w0BAQsFAAOC
AQEAnTiQqBXmFjfXdmxsH44etGEF5bPiSodZTcORhLp+L3tlAQANH+om8FIABy0p
cgjiNpkh47DeuwKmqv1n8m7pLg5Xao7oBnqV0wfQM7u7HXwKCByGkrYGXcor76mh
P4MnsEdW74zb1S9k+z3DG70Q5oO1eZy6JuIBp095o7XU98uN1qUAmSm3jyuDC9ah
2Pe6zqosBsH4HBNCGElPffd6JCs/9SPsWC/u6WwEGVVzxTHWJnyD0KW2DXbtAiae
3OfBbLZBmC6iiLrxF6h1uke4jgwM/Gbf/vL9oL4FcIoMJEngwHlid4kE5OjxerCp
jw2yY7FuF/79DRjph2io7NPZbw==
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:42:02 2023 by rpki-client on console.sobornost.net