Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/67/5b1149-647d-4067-9807-445d4588c312/1/GIKsKMVQPNyA7SIxMMItZoNQupY.roa
File: GIKsKMVQPNyA7SIxMMItZoNQupY.roa (raw, json)
Hash identifier: L1UYyaqELiEBGcdABx/DTlepgvK9qbE5qAN8yZ3ooxs=
Subject key identifier: 18:82:AC:28:C5:50:3C:DC:80:ED:22:31:30:C2:2D:66:83:50:BA:96
Certificate issuer: /CN=dac79d2855b897418208d47ba6e51460015b5d7b
Certificate serial: 068C12D8
Authority key identifier: DA:C7:9D:28:55:B8:97:41:82:08:D4:7B:A6:E5:14:60:01:5B:5D:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2sedKFW4l0GCCNR7puUUYAFbXXs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/67/5b1149-647d-4067-9807-445d4588c312/1/GIKsKMVQPNyA7SIxMMItZoNQupY.roa
Signing time: Sat 01 Jan 2022 07:57:03 +0000
ROA not before: Sat 01 Jan 2022 07:57:03 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 56871
IP address blocks: 185.154.216.0/22 maxlen: 24
213.184.80.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 109843160 (0x68c12d8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dac79d2855b897418208d47ba6e51460015b5d7b
Validity
Not Before: Jan 1 07:57:03 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=1882ac28c5503cdc80ed223130c22d668350ba96
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:90:d6:34:92:a2:4a:a3:5c:93:15:89:9a:0d:
b5:1d:03:59:ee:b7:d8:8d:7a:3c:4e:f3:97:3c:5e:
be:dc:dc:4a:b6:05:27:fb:5c:bf:50:16:29:18:b3:
f1:85:97:19:29:ff:37:f5:5f:58:69:f0:b1:84:1f:
12:b4:dc:91:1a:d3:01:68:e4:93:a2:b6:e1:c7:34:
b0:1e:fb:f5:9f:f1:c8:ae:ca:29:e6:99:d9:09:a6:
86:ce:46:d0:e0:8d:63:1d:f6:a7:ae:8d:4f:b2:64:
32:31:31:77:3a:40:e4:e2:2a:ed:47:a4:36:a9:17:
0f:98:13:2a:d0:92:d3:a5:ca:22:79:ae:61:1a:7a:
bd:78:6e:d7:87:93:8d:82:73:2d:8c:b8:67:a6:2c:
30:fb:79:b3:82:eb:6e:b6:9f:ec:62:07:00:e4:b4:
26:bb:2d:f5:b7:59:67:f8:80:b7:bd:9f:20:dd:11:
a0:9e:53:f0:cc:cd:c3:c4:d8:43:66:14:b2:2d:88:
bb:7f:ac:07:60:1b:b2:68:a5:68:36:0f:48:91:c2:
a5:2b:f1:c8:49:97:db:cd:50:08:93:45:eb:ca:d3:
1c:a0:6a:eb:01:bc:a7:43:66:5c:97:08:e7:f9:e5:
83:78:09:ac:95:c7:bb:90:a9:22:8e:c8:cd:24:1d:
19:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
18:82:AC:28:C5:50:3C:DC:80:ED:22:31:30:C2:2D:66:83:50:BA:96
X509v3 Authority Key Identifier:
keyid:DA:C7:9D:28:55:B8:97:41:82:08:D4:7B:A6:E5:14:60:01:5B:5D:7B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2sedKFW4l0GCCNR7puUUYAFbXXs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/67/5b1149-647d-4067-9807-445d4588c312/1/GIKsKMVQPNyA7SIxMMItZoNQupY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/67/5b1149-647d-4067-9807-445d4588c312/1/2sedKFW4l0GCCNR7puUUYAFbXXs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.154.216.0/22
213.184.80.0/22
Signature Algorithm: sha256WithRSAEncryption
88:65:ad:f3:e6:8e:ea:de:c9:80:7a:16:af:3b:c5:e7:08:94:
00:e2:da:ba:9e:0a:55:5f:01:81:2f:0e:89:cd:33:2d:a0:3d:
dc:fd:0b:a8:49:67:71:9e:58:75:b9:ce:09:c5:50:b1:85:04:
3e:63:98:03:b7:89:e8:bd:b5:30:70:53:43:22:d4:52:14:cb:
e4:e9:9d:09:1a:0e:57:d8:af:e7:16:f3:af:44:20:1c:dc:ab:
eb:da:a2:d6:f8:bd:2b:d0:d9:09:f3:d3:56:55:70:85:7e:0f:
c3:6f:d0:54:cd:44:08:a5:8d:6f:01:6e:28:9c:6f:34:b2:1b:
b7:55:80:a7:b3:5e:87:8a:65:0d:47:55:f7:46:f8:68:87:d4:
5d:44:f2:f8:38:11:f7:0c:6a:a2:12:7c:c6:46:5d:86:5e:23:
fb:f8:8d:4b:7b:d4:a0:fe:a4:f2:82:fc:d4:ef:09:c9:e9:09:
bf:c7:3e:d6:1c:5f:b3:47:ab:a2:81:43:ad:c3:74:0e:3c:c8:
eb:8d:10:35:eb:bf:13:10:a0:f4:ee:11:4c:d0:69:71:d6:9a:
2c:c4:83:ae:b0:27:db:6f:da:92:85:1d:7c:b2:7d:a6:6e:6e:
c3:8b:85:77:41:34:00:00:6e:88:8d:65:7d:f9:64:50:89:ce:
d4:81:80:ec
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIEBowS2DANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
YWM3OWQyODU1Yjg5NzQxODIwOGQ0N2JhNmU1MTQ2MDAxNWI1ZDdiMB4XDTIyMDEw
MTA3NTcwM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMTg4MmFjMjhjNTUw
M2NkYzgwZWQyMjMxMzBjMjJkNjY4MzUwYmE5NjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMOQ1jSSokqjXJMViZoNtR0DWe632I16PE7zlzxevtzcSrYF
J/tcv1AWKRiz8YWXGSn/N/VfWGnwsYQfErTckRrTAWjkk6K24cc0sB779Z/xyK7K
KeaZ2Qmmhs5G0OCNYx32p66NT7JkMjExdzpA5OIq7UekNqkXD5gTKtCS06XKInmu
YRp6vXhu14eTjYJzLYy4Z6YsMPt5s4Lrbraf7GIHAOS0Jrst9bdZZ/iAt72fIN0R
oJ5T8MzNw8TYQ2YUsi2Iu3+sB2AbsmilaDYPSJHCpSvxyEmX281QCJNF68rTHKBq
6wG8p0NmXJcI5/nlg3gJrJXHu5CpIo7IzSQdGe8CAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBQYgqwoxVA83IDtIjEwwi1mg1C6ljAfBgNVHSMEGDAWgBTax50oVbiXQYII
1Hum5RRgAVtdezAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzJzZWRLRlc0bDBHQ0NOUjdwdVVVWUFGYlhYcy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNjcvNWIxMTQ5LTY0N2QtNDA2Ny05ODA3LTQ0NWQ0NTg4YzMxMi8x
L0dJS3NLTVZRUE55QTdTSXhNTUl0Wm9OUXVwWS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNjcv
NWIxMTQ5LTY0N2QtNDA2Ny05ODA3LTQ0NWQ0NTg4YzMxMi8xLzJzZWRLRlc0bDBH
Q0NOUjdwdVVVWUFGYlhYcy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEArma2AMEAtW4UDANBgkqhkiG9w0B
AQsFAAOCAQEAiGWt8+aO6t7JgHoWrzvF5wiUAOLaup4KVV8BgS8Oic0zLaA93P0L
qElncZ5YdbnOCcVQsYUEPmOYA7eJ6L21MHBTQyLUUhTL5OmdCRoOV9iv5xbzr0Qg
HNyr69qi1vi9K9DZCfPTVlVwhX4Pw2/QVM1ECKWNbwFuKJxvNLIbt1WAp7Neh4pl
DUdV90b4aIfUXUTy+DgR9wxqohJ8xkZdhl4j+/iNS3vUoP6k8oL81O8JyekJv8c+
1hxfs0erooFDrcN0DjzI640QNeu/ExCg9O4RTNBpcdaaLMSDrrAn22/akoUdfLJ9
pm5uw4uFd0E0AABuiI1lfflkUInO1IGA7A==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:57:16 2023 by rpki-client on console-fra.rpki-client.org