Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7a/39a5fc-d26e-4d53-91e3-493d774aa1ff/1/rG--KauSDQ1yxakUGsWoH7kBGXU.roa
File: rG--KauSDQ1yxakUGsWoH7kBGXU.roa (raw, json)
Hash identifier: b6KOhr7hWvC0gN/POl4liyqB3LTfu3iHg6O1WxaXrk0=
Subject key identifier: AC:6F:BE:29:AB:92:0D:0D:72:C5:A9:14:1A:C5:A8:1F:B9:01:19:75
Certificate issuer: /CN=3e24c7ecfa37d2487152fb9bbbab50be79de2619
Certificate serial: 10B4C09E
Authority key identifier: 3E:24:C7:EC:FA:37:D2:48:71:52:FB:9B:BB:AB:50:BE:79:DE:26:19
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PiTH7Po30khxUvubu6tQvnneJhk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7a/39a5fc-d26e-4d53-91e3-493d774aa1ff/1/rG--KauSDQ1yxakUGsWoH7kBGXU.roa
Signing time: Sat 01 Jan 2022 03:53:11 +0000
ROA not before: Sat 01 Jan 2022 03:53:11 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 19905
IP address blocks: 193.0.181.0/24 maxlen: 24
185.125.87.0/24 maxlen: 24
193.0.182.0/24 maxlen: 24
193.0.180.0/24 maxlen: 24
185.125.86.0/24 maxlen: 24
185.71.229.0/24 maxlen: 24
185.71.230.0/24 maxlen: 24
185.71.228.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 280281246 (0x10b4c09e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e24c7ecfa37d2487152fb9bbbab50be79de2619
Validity
Not Before: Jan 1 03:53:11 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=ac6fbe29ab920d0d72c5a9141ac5a81fb9011975
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:44:a0:23:04:e4:a4:3b:ee:20:5a:df:68:26:
2a:89:6c:57:cc:31:b2:ab:69:c7:64:42:a2:21:53:
3e:c2:52:26:9f:17:e3:eb:6e:9a:96:d3:b8:14:3d:
a1:3d:a8:49:9f:03:af:6d:8a:a1:34:d2:72:f2:32:
9e:18:a7:4a:b2:03:db:52:c2:6d:aa:b2:b5:ed:42:
f7:35:7a:68:b7:a6:b0:ea:a6:c9:d8:14:3c:f3:d8:
a2:03:3a:23:8a:ba:74:d3:4e:6c:24:fc:83:12:a1:
d4:59:8c:4d:82:ac:13:61:0f:a4:17:9a:17:73:97:
01:b8:65:96:24:87:16:14:76:08:ad:a8:84:e0:50:
f8:e6:80:98:d7:92:58:2e:0f:af:d3:f0:0d:75:47:
67:b8:7c:17:ce:4d:88:75:d6:c9:5a:59:e5:74:a8:
76:9e:45:be:9a:10:da:6e:03:9a:0d:24:29:7d:e9:
81:5e:81:cd:e2:31:3c:fc:72:83:c6:6c:24:a3:bc:
3a:4d:a6:17:85:37:99:04:18:8d:3d:4c:0a:75:d8:
ad:e0:fe:55:c8:a0:95:0e:89:e4:66:5d:42:eb:28:
5c:2c:c3:50:52:bf:76:61:5e:1b:bb:be:32:68:5f:
70:ba:d2:ac:c4:92:d6:c5:5a:42:7e:e4:49:52:c5:
fb:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:6F:BE:29:AB:92:0D:0D:72:C5:A9:14:1A:C5:A8:1F:B9:01:19:75
X509v3 Authority Key Identifier:
keyid:3E:24:C7:EC:FA:37:D2:48:71:52:FB:9B:BB:AB:50:BE:79:DE:26:19
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PiTH7Po30khxUvubu6tQvnneJhk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/39a5fc-d26e-4d53-91e3-493d774aa1ff/1/rG--KauSDQ1yxakUGsWoH7kBGXU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/39a5fc-d26e-4d53-91e3-493d774aa1ff/1/PiTH7Po30khxUvubu6tQvnneJhk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.71.228.0-185.71.230.255
185.125.86.0/23
193.0.180.0-193.0.182.255
Signature Algorithm: sha256WithRSAEncryption
5a:86:bf:8c:7e:18:d0:96:c9:5d:f7:1d:11:60:40:57:0b:96:
d5:0e:fb:0f:ac:09:f6:b1:fe:33:dc:1b:cc:e4:59:3f:6a:cb:
7d:d4:1b:20:ae:cf:36:42:d1:dd:b1:84:4c:a6:86:ec:99:a0:
c8:c1:70:f0:0d:f5:1c:95:74:55:a0:e6:59:00:38:26:c2:d2:
28:b7:d7:23:81:95:80:24:0e:02:75:7b:29:f9:71:32:b5:f1:
76:a3:f7:53:3c:94:56:22:b2:18:c0:e4:82:0c:cd:9c:71:a1:
0b:76:0c:b0:42:b6:69:8e:f4:a8:95:97:36:12:09:fc:eb:39:
37:82:4c:32:7a:07:69:80:54:13:61:2a:4e:7f:29:86:fb:83:
d4:87:01:06:39:2f:6e:54:89:00:fa:29:64:8a:ac:cb:04:73:
14:b1:8c:c6:b8:ec:d3:92:cc:34:07:63:5b:6a:a1:6b:fd:ac:
65:86:90:e2:1d:38:d2:54:78:6a:d4:bf:61:23:d9:99:6c:7c:
c9:f0:ea:c5:ab:af:9d:d7:ce:90:3e:b1:9d:99:bf:7d:17:be:
38:18:15:af:aa:63:4e:7f:04:c4:eb:15:cf:2f:76:2d:3d:40:
1d:14:4b:f5:d1:52:2a:61:80:3f:9b:df:0d:6a:15:ea:ec:af:
13:4a:6f:39
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgIEELTAnjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
ZTI0YzdlY2ZhMzdkMjQ4NzE1MmZiOWJiYmFiNTBiZTc5ZGUyNjE5MB4XDTIyMDEw
MTAzNTMxMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYWM2ZmJlMjlhYjky
MGQwZDcyYzVhOTE0MWFjNWE4MWZiOTAxMTk3NTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALZEoCME5KQ77iBa32gmKolsV8wxsqtpx2RCoiFTPsJSJp8X
4+tumpbTuBQ9oT2oSZ8Dr22KoTTScvIynhinSrID21LCbaqyte1C9zV6aLemsOqm
ydgUPPPYogM6I4q6dNNObCT8gxKh1FmMTYKsE2EPpBeaF3OXAbhlliSHFhR2CK2o
hOBQ+OaAmNeSWC4Pr9PwDXVHZ7h8F85NiHXWyVpZ5XSodp5FvpoQ2m4Dmg0kKX3p
gV6BzeIxPPxyg8ZsJKO8Ok2mF4U3mQQYjT1MCnXYreD+VciglQ6J5GZdQusoXCzD
UFK/dmFeG7u+MmhfcLrSrMSS1sVaQn7kSVLF+wECAwEAAaOCAiUwggIhMB0GA1Ud
DgQWBBSsb74pq5INDXLFqRQaxagfuQEZdTAfBgNVHSMEGDAWgBQ+JMfs+jfSSHFS
+5u7q1C+ed4mGTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1BpVEg3UG8zMGtoeFV2dWJ1NnRRdm5uZUpoay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvN2EvMzlhNWZjLWQyNmUtNGQ1My05MWUzLTQ5M2Q3NzRhYTFmZi8x
L3JHLS1LYXVTRFExeXhha1VHc1dvSDdrQkdYVS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvN2Ev
MzlhNWZjLWQyNmUtNGQ1My05MWUzLTQ5M2Q3NzRhYTFmZi8xL1BpVEg3UG8zMGto
eFV2dWJ1NnRRdm5uZUpoay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA7
BggrBgEFBQcBBwEB/wQsMCowKAQCAAEwIjAMAwQCuUfkAwQAuUfmAwQBuX1WMAwD
BALBALQDBADBALYwDQYJKoZIhvcNAQELBQADggEBAFqGv4x+GNCWyV33HRFgQFcL
ltUO+w+sCfax/jPcG8zkWT9qy33UGyCuzzZC0d2xhEymhuyZoMjBcPAN9RyVdFWg
5lkAOCbC0ii31yOBlYAkDgJ1eyn5cTK18Xaj91M8lFYishjA5IIMzZxxoQt2DLBC
tmmO9KiVlzYSCfzrOTeCTDJ6B2mAVBNhKk5/KYb7g9SHAQY5L25UiQD6KWSKrMsE
cxSxjMa47NOSzDQHY1tqoWv9rGWGkOIdONJUeGrUv2Ej2ZlsfMnw6sWrr53XzpA+
sZ2Zv30XvjgYFa+qY05/BMTrFc8vdi09QB0US/XRUiphgD+b3w1qFersrxNKbzk=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:58:17 2023 by rpki-client on console-fra.rpki-client.org