Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/83/2727b5-5ecb-485f-b7d9-a2fd28840a03/1/GNdQRrgP6cy1cQ4eWy9PWTqF3aA.roa
File: GNdQRrgP6cy1cQ4eWy9PWTqF3aA.roa (raw, json)
Hash identifier: RuHwFhqss7ySMFCaMPWQCSZ3enzgdR2FgU1T/Q8fUu4=
Subject key identifier: 18:D7:50:46:B8:0F:E9:CC:B5:71:0E:1E:5B:2F:4F:59:3A:85:DD:A0
Certificate issuer: /CN=acfeacea5d812f3030c557e48c53758753fb6c6b
Certificate serial: 06305E41
Authority key identifier: AC:FE:AC:EA:5D:81:2F:30:30:C5:57:E4:8C:53:75:87:53:FB:6C:6B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rP6s6l2BLzAwxVfkjFN1h1P7bGs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/83/2727b5-5ecb-485f-b7d9-a2fd28840a03/1/GNdQRrgP6cy1cQ4eWy9PWTqF3aA.roa
Signing time: Sat 01 Jan 2022 09:56:11 +0000
ROA not before: Sat 01 Jan 2022 09:56:11 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 9158
IP address blocks: 94.144.0.0/13 maxlen: 13
212.242.0.0/16 maxlen: 16
213.237.0.0/17 maxlen: 17
85.80.0.0/14 maxlen: 14
213.83.128.0/17 maxlen: 17
5.33.0.0/16 maxlen: 16
62.79.0.0/16 maxlen: 16
77.212.0.0/14 maxlen: 14
130.227.0.0/16 maxlen: 16
83.72.0.0/14 maxlen: 14
192.38.128.0/17 maxlen: 17
195.82.192.0/19 maxlen: 19
195.47.128.0/18 maxlen: 18
212.54.64.0/19 maxlen: 19
62.66.0.0/16 maxlen: 16
62.121.160.0/19 maxlen: 19
217.157.0.0/16 maxlen: 16
37.96.0.0/16 maxlen: 16
80.91.0.0/20 maxlen: 20
2.128.0.0/14 maxlen: 14
130.228.0.0/16 maxlen: 16
212.88.64.0/19 maxlen: 19
185.116.184.0/22 maxlen: 22
129.142.0.0/16 maxlen: 16
2001:1580::/32 maxlen: 32
2a02:2a30::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 103833153 (0x6305e41)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=acfeacea5d812f3030c557e48c53758753fb6c6b
Validity
Not Before: Jan 1 09:56:11 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=18d75046b80fe9ccb5710e1e5b2f4f593a85dda0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:6a:7c:c5:6e:06:dd:9c:5d:4d:ef:f8:81:22:
94:91:43:db:1b:73:72:1f:f5:04:bb:a3:15:1f:62:
63:c5:e4:4c:39:1a:75:03:7f:e1:db:6b:ac:e2:f2:
a2:0d:a6:ef:e5:38:12:f7:5b:50:c0:85:fd:33:5e:
ed:8d:7f:63:19:d7:bf:c3:cb:af:63:02:ca:0e:91:
14:1d:8d:40:4a:32:d3:88:44:3b:e5:0d:d6:8b:1a:
ed:5d:49:10:07:a7:5c:f7:93:0c:e0:2f:4f:da:49:
f8:37:67:34:93:9b:78:2c:8a:10:5a:42:d0:aa:c4:
a1:a0:fc:ef:26:45:89:8b:ed:c0:12:5b:49:7f:75:
0e:48:fe:f7:b6:cc:a3:55:cd:e6:ea:c1:fe:be:50:
a6:d4:ab:d3:8d:07:4e:ad:00:a6:61:63:0c:a5:40:
8a:21:6d:c7:6a:dc:2f:0d:bf:49:49:f7:28:ac:eb:
00:48:4c:55:2e:5e:a6:a4:c8:26:39:e4:15:5f:a2:
4b:db:89:c7:7d:46:b3:d0:e0:c7:5b:97:71:e0:5b:
53:bb:0e:e4:31:e9:74:d3:fe:a1:dd:df:19:47:34:
6b:4b:b7:46:66:1f:23:57:8c:fe:4e:9a:f5:21:80:
f3:3d:b7:55:3a:bc:ce:27:7b:65:e9:0a:7d:d7:98:
55:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
18:D7:50:46:B8:0F:E9:CC:B5:71:0E:1E:5B:2F:4F:59:3A:85:DD:A0
X509v3 Authority Key Identifier:
keyid:AC:FE:AC:EA:5D:81:2F:30:30:C5:57:E4:8C:53:75:87:53:FB:6C:6B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rP6s6l2BLzAwxVfkjFN1h1P7bGs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/83/2727b5-5ecb-485f-b7d9-a2fd28840a03/1/GNdQRrgP6cy1cQ4eWy9PWTqF3aA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/83/2727b5-5ecb-485f-b7d9-a2fd28840a03/1/rP6s6l2BLzAwxVfkjFN1h1P7bGs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.128.0.0/14
5.33.0.0/16
37.96.0.0/16
62.66.0.0/16
62.79.0.0/16
62.121.160.0/19
77.212.0.0/14
80.91.0.0/20
83.72.0.0/14
85.80.0.0/14
94.144.0.0/13
129.142.0.0/16
130.227.0.0-130.228.255.255
185.116.184.0/22
192.38.128.0/17
195.47.128.0/18
195.82.192.0/19
212.54.64.0/19
212.88.64.0/19
212.242.0.0/16
213.83.128.0/17
213.237.0.0/17
217.157.0.0/16
IPv6:
2001:1580::/32
2a02:2a30::/29
Signature Algorithm: sha256WithRSAEncryption
c6:ee:dc:30:30:f7:76:b1:24:04:98:2d:7a:3a:e3:c1:a8:7b:
3d:1e:bf:86:c6:89:81:e0:7c:3e:66:a4:52:5a:da:a0:89:be:
bf:23:31:63:0b:e7:5f:93:f5:33:8e:9a:b6:4e:cc:c9:e0:20:
41:6d:ce:5d:93:76:d1:da:99:fa:2e:ab:ac:39:5f:7b:31:cb:
d4:f8:d3:79:56:77:73:03:2a:d8:d0:94:8d:33:7e:55:9b:0e:
bd:8a:fd:df:a5:ef:2e:75:e1:62:20:70:e9:51:df:e2:f5:01:
ac:49:04:ec:dc:d0:fa:53:6b:de:d6:09:cc:d9:33:ab:3d:c3:
f7:ab:16:24:7b:62:29:6a:2a:1e:5d:f6:6f:f4:f4:95:0a:da:
b4:15:42:33:15:20:54:3c:9a:2c:32:84:18:60:a1:1d:b3:bd:
58:17:d9:65:50:e2:66:8d:90:77:b2:04:9e:2d:98:97:f2:8b:
d7:fb:f4:4e:9c:53:06:fd:89:c9:0b:bb:32:74:73:b3:f0:78:
49:0c:b7:48:f3:c2:aa:2a:a5:c4:73:8f:2b:9a:d9:bd:d9:a3:
e2:03:cc:32:fe:db:4a:99:4b:0a:65:b2:3a:f6:0e:fa:2a:c4:
c6:a1:9f:b2:2b:67:4a:73:1a:82:c8:6f:d2:07:36:b6:15:3a:
ab:97:98:18
-----BEGIN CERTIFICATE-----
MIIFiDCCBHCgAwIBAgIEBjBeQTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
Y2ZlYWNlYTVkODEyZjMwMzBjNTU3ZTQ4YzUzNzU4NzUzZmI2YzZiMB4XDTIyMDEw
MTA5NTYxMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMThkNzUwNDZiODBm
ZTljY2I1NzEwZTFlNWIyZjRmNTkzYTg1ZGRhMDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJpqfMVuBt2cXU3v+IEilJFD2xtzch/1BLujFR9iY8XkTDka
dQN/4dtrrOLyog2m7+U4EvdbUMCF/TNe7Y1/YxnXv8PLr2MCyg6RFB2NQEoy04hE
O+UN1osa7V1JEAenXPeTDOAvT9pJ+DdnNJObeCyKEFpC0KrEoaD87yZFiYvtwBJb
SX91Dkj+97bMo1XN5urB/r5QptSr040HTq0ApmFjDKVAiiFtx2rcLw2/SUn3KKzr
AEhMVS5epqTIJjnkFV+iS9uJx31Gs9Dgx1uXceBbU7sO5DHpdNP+od3fGUc0a0u3
RmYfI1eM/k6a9SGA8z23VTq8zid7ZekKfdeYVdMCAwEAAaOCAqIwggKeMB0GA1Ud
DgQWBBQY11BGuA/pzLVxDh5bL09ZOoXdoDAfBgNVHSMEGDAWgBSs/qzqXYEvMDDF
V+SMU3WHU/tsazAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3JQNnM2bDJCTHpBd3hWZmtqRk4xaDFQN2JHcy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvODMvMjcyN2I1LTVlY2ItNDg1Zi1iN2Q5LWEyZmQyODg0MGEwMy8x
L0dOZFFScmdQNmN5MWNRNGVXeTlQV1RxRjNhQS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvODMv
MjcyN2I1LTVlY2ItNDg1Zi1iN2Q5LWEyZmQyODg0MGEwMy8xL3JQNnM2bDJCTHpB
d3hWZmtqRk4xaDFQN2JHcy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCB
twYIKwYBBQUHAQcBAf8EgacwgaQwgYsEAgABMIGEAwMCAoADAwAFIQMDACVgAwMA
PkIDAwA+TwMEBT55oAMDAk3UAwQEUFsAAwMCU0gDAwJVUAMDA16QAwMAgY4wCgMD
AILjAwMAguQDBAK5dLgDBAfAJoADBAbDL4ADBAXDUsADBAXUNkADBAXUWEADAwDU
8gMEB9VTgAMEB9XtAAMDANmdMBQEAgACMA4DBQAgARWAAwUDKgIqMDANBgkqhkiG
9w0BAQsFAAOCAQEAxu7cMDD3drEkBJgtejrjwah7PR6/hsaJgeB8PmakUlraoIm+
vyMxYwvnX5P1M46atk7MyeAgQW3OXZN20dqZ+i6rrDlfezHL1PjTeVZ3cwMq2NCU
jTN+VZsOvYr936XvLnXhYiBw6VHf4vUBrEkE7NzQ+lNr3tYJzNkzqz3D96sWJHti
KWoqHl32b/T0lQratBVCMxUgVDyaLDKEGGChHbO9WBfZZVDiZo2Qd7IEni2Yl/KL
1/v0TpxTBv2JyQu7MnRzs/B4SQy3SPPCqiqlxHOPK5rZvdmj4gPMMv7bSplLCmWy
OvYO+irExqGfsitnSnMagshv0gc2thU6q5eYGA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:37:15 2024 by rpki-client on console-fra.rpki-client.org