Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7a/39a5fc-d26e-4d53-91e3-493d774aa1ff/1/GoFNImtXfE4I_G2vewP7lNZJdEk.roa
File: GoFNImtXfE4I_G2vewP7lNZJdEk.roa (raw, json)
Hash identifier: TXg8FeU/Vyt+zZoRdPnRuxUoiVIPVfwK6U5zQvxTMxk=
Subject key identifier: 1A:81:4D:22:6B:57:7C:4E:08:FC:6D:AF:7B:03:FB:94:D6:49:74:49
Certificate issuer: /CN=3e24c7ecfa37d2487152fb9bbbab50be79de2619
Certificate serial: 10B5C1D1
Authority key identifier: 3E:24:C7:EC:FA:37:D2:48:71:52:FB:9B:BB:AB:50:BE:79:DE:26:19
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PiTH7Po30khxUvubu6tQvnneJhk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7a/39a5fc-d26e-4d53-91e3-493d774aa1ff/1/GoFNImtXfE4I_G2vewP7lNZJdEk.roa
Signing time: Sat 01 Jan 2022 03:53:11 +0000
ROA not before: Sat 01 Jan 2022 03:53:11 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 134433
IP address blocks: 185.71.229.0/24 maxlen: 24
185.71.230.0/24 maxlen: 24
185.71.228.0/24 maxlen: 24
193.0.180.0/24 maxlen: 24
185.125.86.0/24 maxlen: 24
193.0.182.0/24 maxlen: 24
193.0.183.0/24 maxlen: 24
2a05:3343:4::/48 maxlen: 48
2a05:3340:140::/42 maxlen: 42
2a05:3340::/42 maxlen: 42
2a05:3343:5::/48 maxlen: 48
2a05:3343:a::/48 maxlen: 48
2a05:3343:c::/48 maxlen: 48
2a05:3343:6::/48 maxlen: 48
2a05:3343:b::/48 maxlen: 48
2a05:3343:7::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 280347089 (0x10b5c1d1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e24c7ecfa37d2487152fb9bbbab50be79de2619
Validity
Not Before: Jan 1 03:53:11 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=1a814d226b577c4e08fc6daf7b03fb94d6497449
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:91:41:85:98:07:e1:a1:70:c2:71:d7:e8:7d:
d5:b4:7a:d3:81:b5:5c:8a:0a:2c:f4:16:27:8b:62:
65:41:93:34:a6:b2:b2:58:ea:16:46:ee:69:0f:51:
1c:14:40:91:b4:22:2e:77:f5:c6:c0:56:09:8a:45:
df:95:95:eb:7e:39:d1:99:61:df:2b:4c:ec:1c:f2:
d6:e0:71:e9:07:4f:1b:d8:ca:6b:23:82:a8:ac:26:
de:4a:a2:1a:18:34:3f:9c:7f:b1:70:8c:5a:02:d8:
9f:ef:85:9f:c1:58:2c:69:f4:b0:7b:f8:b9:89:fb:
40:e6:1b:04:9d:89:6c:da:7d:6c:c8:1e:62:6f:66:
7e:24:4f:6f:83:43:e2:32:61:c6:a9:2c:0c:a2:62:
bf:2f:c2:11:2c:4b:4b:fb:49:24:ae:64:5c:f1:96:
69:6a:fa:c1:ea:59:83:b8:d6:d4:cd:7e:97:56:33:
a3:af:1c:c3:66:1f:12:14:0f:3d:87:9c:91:08:e8:
c4:0d:f1:2d:e1:41:44:57:1c:a4:73:f6:65:4b:d1:
67:5e:17:46:30:63:c7:e9:71:c6:22:51:34:12:de:
90:e5:26:b1:2b:02:03:1b:78:be:4f:e6:f5:4c:af:
93:27:7d:27:08:9c:04:8e:d5:3d:f6:2d:d7:fb:94:
1d:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1A:81:4D:22:6B:57:7C:4E:08:FC:6D:AF:7B:03:FB:94:D6:49:74:49
X509v3 Authority Key Identifier:
keyid:3E:24:C7:EC:FA:37:D2:48:71:52:FB:9B:BB:AB:50:BE:79:DE:26:19
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PiTH7Po30khxUvubu6tQvnneJhk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/39a5fc-d26e-4d53-91e3-493d774aa1ff/1/GoFNImtXfE4I_G2vewP7lNZJdEk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/39a5fc-d26e-4d53-91e3-493d774aa1ff/1/PiTH7Po30khxUvubu6tQvnneJhk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.71.228.0-185.71.230.255
185.125.86.0/24
193.0.180.0/24
193.0.182.0/23
IPv6:
2a05:3340::/42
2a05:3340:140::/42
2a05:3343:4::/46
2a05:3343:a::-2a05:3343:c:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
4d:ec:5a:02:52:09:98:80:c6:9e:46:6f:09:6a:b6:2e:04:3f:
30:92:7b:36:8c:1f:57:e0:21:72:e7:d7:66:c0:17:a2:6e:d4:
9d:d8:94:82:91:11:57:fe:b0:cc:10:9f:f2:36:92:17:bc:13:
d9:15:4b:d4:9f:0f:ce:9d:28:97:fc:68:3e:75:24:d7:70:cc:
b8:13:be:bc:34:09:f5:90:f2:e8:45:50:1c:6d:b5:b5:29:b9:
14:34:92:ec:79:1e:45:48:9d:37:06:01:f3:e2:5e:6a:e5:22:
a2:c5:4e:12:f0:0a:c6:c3:ac:1e:47:ef:75:7f:85:d4:14:9d:
4f:b9:90:92:66:f2:73:1b:44:c0:39:4f:49:6f:a0:0a:86:5c:
c1:16:e8:4b:ab:10:7a:5e:39:ba:f4:a4:96:f5:1d:b1:46:a7:
6f:a2:86:7e:51:d0:d5:53:07:67:47:d6:35:73:3e:94:c3:51:
59:bf:4b:72:dd:ee:6f:f1:8b:bc:c8:48:7c:b2:e0:15:81:8d:
e6:e0:77:d9:96:d7:bb:1d:95:ed:9e:f5:58:23:8d:b9:a0:ae:
81:75:4d:77:84:40:dd:db:ec:f2:b4:8a:71:40:eb:3b:3a:c4:
d7:78:66:7f:10:02:37:aa:6d:e9:40:1c:e7:fd:54:df:f4:b9:
7d:1f:27:06
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgIEELXB0TANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
ZTI0YzdlY2ZhMzdkMjQ4NzE1MmZiOWJiYmFiNTBiZTc5ZGUyNjE5MB4XDTIyMDEw
MTAzNTMxMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMWE4MTRkMjI2YjU3
N2M0ZTA4ZmM2ZGFmN2IwM2ZiOTRkNjQ5NzQ0OTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALiRQYWYB+GhcMJx1+h91bR604G1XIoKLPQWJ4tiZUGTNKay
sljqFkbuaQ9RHBRAkbQiLnf1xsBWCYpF35WV63450Zlh3ytM7Bzy1uBx6QdPG9jK
ayOCqKwm3kqiGhg0P5x/sXCMWgLYn++Fn8FYLGn0sHv4uYn7QOYbBJ2JbNp9bMge
Ym9mfiRPb4ND4jJhxqksDKJivy/CESxLS/tJJK5kXPGWaWr6wepZg7jW1M1+l1Yz
o68cw2YfEhQPPYeckQjoxA3xLeFBRFccpHP2ZUvRZ14XRjBjx+lxxiJRNBLekOUm
sSsCAxt4vk/m9Uyvkyd9JwicBI7VPfYt1/uUHbkCAwEAAaOCAlowggJWMB0GA1Ud
DgQWBBQagU0ia1d8Tgj8ba97A/uU1kl0STAfBgNVHSMEGDAWgBQ+JMfs+jfSSHFS
+5u7q1C+ed4mGTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1BpVEg3UG8zMGtoeFV2dWJ1NnRRdm5uZUpoay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvN2EvMzlhNWZjLWQyNmUtNGQ1My05MWUzLTQ5M2Q3NzRhYTFmZi8x
L0dvRk5JbXRYZkU0SV9HMnZld1A3bE5aSmRFay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvN2Ev
MzlhNWZjLWQyNmUtNGQ1My05MWUzLTQ5M2Q3NzRhYTFmZi8xL1BpVEg3UG8zMGto
eFV2dWJ1NnRRdm5uZUpoay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBw
BggrBgEFBQcBBwEB/wRhMF8wJgQCAAEwIDAMAwQCuUfkAwQAuUfmAwQAuX1WAwQA
wQC0AwQBwQC2MDUEAgACMC8DBwYqBTNAAAADBwYqBTNAAUADBwIqBTNDAAQwEgMH
ASoFM0MACgMHACoFM0MADDANBgkqhkiG9w0BAQsFAAOCAQEATexaAlIJmIDGnkZv
CWq2LgQ/MJJ7NowfV+AhcufXZsAXom7UndiUgpERV/6wzBCf8jaSF7wT2RVL1J8P
zp0ol/xoPnUk13DMuBO+vDQJ9ZDy6EVQHG21tSm5FDSS7HkeRUidNwYB8+JeauUi
osVOEvAKxsOsHkfvdX+F1BSdT7mQkmbycxtEwDlPSW+gCoZcwRboS6sQel45uvSk
lvUdsUanb6KGflHQ1VMHZ0fWNXM+lMNRWb9Lct3ub/GLvMhIfLLgFYGN5uB32ZbX
ux2V7Z71WCONuaCugXVNd4RA3dvs8rSKcUDrOzrE13hmfxACN6pt6UAc5/1U3/S5
fR8nBg==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:58:17 2023 by rpki-client on console-fra.rpki-client.org