Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/15/c5e51e-fb41-42e3-be69-ee1e1ded2f9f/1/G2HoF5144-T1jpEqgpXELjn8UMw.roa
File: G2HoF5144-T1jpEqgpXELjn8UMw.roa (raw, json)
Hash identifier: QFR9fW8E/mu8fk8WhroYtaFdzMj+MsK2nvf4/BbdGNU=
Subject key identifier: 1B:61:E8:17:9D:78:E3:E4:F5:8E:91:2A:82:95:C4:2E:39:FC:50:CC
Certificate issuer: /CN=542f7ea90d2a2b4202e578b25ba139b3c8e62928
Certificate serial: 0DF2D199
Authority key identifier: 54:2F:7E:A9:0D:2A:2B:42:02:E5:78:B2:5B:A1:39:B3:C8:E6:29:28
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VC9-qQ0qK0IC5XiyW6E5s8jmKSg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/15/c5e51e-fb41-42e3-be69-ee1e1ded2f9f/1/G2HoF5144-T1jpEqgpXELjn8UMw.roa
Signing time: Sat 01 Jan 2022 03:56:55 +0000
ROA not before: Sat 01 Jan 2022 03:56:55 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 35007
IP address blocks: 91.201.120.0/22 maxlen: 22
185.221.80.0/22 maxlen: 22
195.225.36.0/23 maxlen: 23
195.160.184.0/23 maxlen: 23
93.157.112.0/21 maxlen: 21
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 234017177 (0xdf2d199)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=542f7ea90d2a2b4202e578b25ba139b3c8e62928
Validity
Not Before: Jan 1 03:56:55 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=1b61e8179d78e3e4f58e912a8295c42e39fc50cc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:ad:7d:bb:d3:13:59:74:cf:5c:aa:c3:db:17:
a8:97:a6:b3:03:d0:13:2b:59:75:70:7f:fc:a0:52:
79:ea:fa:e7:2e:11:ac:86:f0:dd:80:39:64:a7:c7:
f7:94:52:28:15:e2:9a:21:f3:72:fa:3f:8c:b6:66:
a6:b6:42:4a:02:5e:d1:f8:73:c3:a7:07:3c:d3:a9:
91:51:89:54:60:28:95:2e:76:5a:f3:47:0a:5c:d6:
5c:72:ad:ef:ca:4a:d4:21:13:ff:0c:07:f5:c8:7f:
2c:a9:b7:05:e4:3a:44:fa:67:c5:c3:1b:f1:9a:3c:
c9:0b:bb:e4:91:0f:12:39:ef:29:c8:71:36:bd:c5:
5b:5c:f7:86:79:5c:b0:db:30:bf:14:bd:b2:19:c5:
6c:67:3c:78:62:d4:7d:50:17:75:7c:fd:3d:59:02:
15:7f:bf:b2:38:4e:5f:69:7f:d8:47:b5:e8:79:7c:
2f:8e:db:9a:cc:d3:10:90:2a:70:30:01:9a:0a:c1:
38:27:e4:e6:27:b1:16:ed:68:eb:8f:de:04:5e:54:
9f:5a:43:32:0e:98:94:a4:eb:66:6a:27:dc:ba:b6:
cb:19:ea:63:89:90:e6:0b:f2:1f:73:3c:b2:10:05:
fc:cc:e7:75:e5:b5:d2:3d:c8:4e:96:7b:fe:73:a3:
75:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1B:61:E8:17:9D:78:E3:E4:F5:8E:91:2A:82:95:C4:2E:39:FC:50:CC
X509v3 Authority Key Identifier:
keyid:54:2F:7E:A9:0D:2A:2B:42:02:E5:78:B2:5B:A1:39:B3:C8:E6:29:28
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VC9-qQ0qK0IC5XiyW6E5s8jmKSg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/15/c5e51e-fb41-42e3-be69-ee1e1ded2f9f/1/G2HoF5144-T1jpEqgpXELjn8UMw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/15/c5e51e-fb41-42e3-be69-ee1e1ded2f9f/1/VC9-qQ0qK0IC5XiyW6E5s8jmKSg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.201.120.0/22
93.157.112.0/21
185.221.80.0/22
195.160.184.0/23
195.225.36.0/23
Signature Algorithm: sha256WithRSAEncryption
bc:e0:a4:70:93:97:a7:b8:44:7f:f1:40:55:0b:09:5f:ca:95:
39:a3:71:82:6f:c4:9b:82:5b:72:85:52:3b:f9:82:d4:19:ad:
96:f9:9c:ab:c7:cd:85:dd:08:3e:00:46:c0:64:f7:80:d0:c7:
ac:55:16:f7:9c:47:7c:a2:6d:3f:03:46:fa:ff:b4:eb:76:7f:
1c:57:40:43:6d:54:69:81:fd:cd:ea:1c:16:18:23:77:d9:ac:
c9:78:7c:02:20:13:85:a7:e4:3d:f9:94:73:e0:c0:93:1b:f5:
9a:6b:c7:2c:c7:f2:0e:c4:9d:61:20:c6:df:3a:06:12:4c:f2:
b1:60:8e:03:6f:9e:b0:06:1b:88:1f:93:cc:85:e8:b3:5a:04:
ba:cf:1b:a9:2a:dc:4a:76:74:d4:47:1c:e5:ab:c6:8f:62:8f:
4d:c5:7f:b9:17:9e:f5:c2:ae:b7:84:11:a5:95:51:c6:39:61:
5e:53:d6:17:2c:f6:06:2a:74:e4:0e:4a:42:8b:71:01:81:01:
89:f8:fc:a6:fe:63:04:24:46:4b:a2:7a:e3:48:9f:49:13:29:
29:91:9d:b4:74:39:93:a0:1b:8d:f8:38:3e:39:15:5d:c0:1c:
d0:ae:ef:56:67:df:40:09:71:8b:f9:45:ad:83:c7:4e:18:65:
3c:87:16:bf
-----BEGIN CERTIFICATE-----
MIIFBzCCA++gAwIBAgIEDfLRmTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg1
NDJmN2VhOTBkMmEyYjQyMDJlNTc4YjI1YmExMzliM2M4ZTYyOTI4MB4XDTIyMDEw
MTAzNTY1NVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMWI2MWU4MTc5ZDc4
ZTNlNGY1OGU5MTJhODI5NWM0MmUzOWZjNTBjYzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMOtfbvTE1l0z1yqw9sXqJemswPQEytZdXB//KBSeer65y4R
rIbw3YA5ZKfH95RSKBXimiHzcvo/jLZmprZCSgJe0fhzw6cHPNOpkVGJVGAolS52
WvNHClzWXHKt78pK1CET/wwH9ch/LKm3BeQ6RPpnxcMb8Zo8yQu75JEPEjnvKchx
Nr3FW1z3hnlcsNswvxS9shnFbGc8eGLUfVAXdXz9PVkCFX+/sjhOX2l/2Ee16Hl8
L47bmszTEJAqcDABmgrBOCfk5iexFu1o64/eBF5Un1pDMg6YlKTrZmon3Lq2yxnq
Y4mQ5gvyH3M8shAF/MzndeW10j3ITpZ7/nOjdbECAwEAAaOCAiEwggIdMB0GA1Ud
DgQWBBQbYegXnXjj5PWOkSqClcQuOfxQzDAfBgNVHSMEGDAWgBRUL36pDSorQgLl
eLJboTmzyOYpKDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1ZDOS1xUTBxSzBJQzVYaXlXNkU1czhqbUtTZy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMTUvYzVlNTFlLWZiNDEtNDJlMy1iZTY5LWVlMWUxZGVkMmY5Zi8x
L0cySG9GNTE0NC1UMWpwRXFncFhFTGpuOFVNdy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMTUv
YzVlNTFlLWZiNDEtNDJlMy1iZTY5LWVlMWUxZGVkMmY5Zi8xL1ZDOS1xUTBxSzBJ
QzVYaXlXNkU1czhqbUtTZy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA3
BggrBgEFBQcBBwEB/wQoMCYwJAQCAAEwHgMEAlvJeAMEA12dcAMEArndUAMEAcOg
uAMEAcPhJDANBgkqhkiG9w0BAQsFAAOCAQEAvOCkcJOXp7hEf/FAVQsJX8qVOaNx
gm/Em4JbcoVSO/mC1Bmtlvmcq8fNhd0IPgBGwGT3gNDHrFUW95xHfKJtPwNG+v+0
63Z/HFdAQ21UaYH9zeocFhgjd9msyXh8AiAThafkPfmUc+DAkxv1mmvHLMfyDsSd
YSDG3zoGEkzysWCOA2+esAYbiB+TzIXos1oEus8bqSrcSnZ01Ecc5avGj2KPTcV/
uRee9cKut4QRpZVRxjlhXlPWFyz2Bip05A5KQotxAYEBifj8pv5jBCRGS6J640if
SRMpKZGdtHQ5k6Abjfg4PjkVXcAc0K7vVmffQAlxi/lFrYPHThhlPIcWvw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:25 2024 by rpki-client on console-fra.rpki-client.org