Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/2922cf-1861-419d-9eea-0a79d54965a9/1/GHsXn3-aPgmw-ou2mW8jDfVgayk.roa
File: GHsXn3-aPgmw-ou2mW8jDfVgayk.roa (raw, json)
Hash identifier: /txgDIHmTFPTvtfGW3tVS1qb5enjn+sYVsjMECqDobY=
Subject key identifier: 18:7B:17:9F:7F:9A:3E:09:B0:FA:8B:B6:99:6F:23:0D:F5:60:6B:29
Certificate issuer: /CN=84184ce919023640bb9256c2d8d1a049fa102520
Certificate serial: 0BE9422E
Authority key identifier: 84:18:4C:E9:19:02:36:40:BB:92:56:C2:D8:D1:A0:49:FA:10:25:20
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hBhM6RkCNkC7klbC2NGgSfoQJSA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/2922cf-1861-419d-9eea-0a79d54965a9/1/GHsXn3-aPgmw-ou2mW8jDfVgayk.roa
Signing time: Sat 01 Jan 2022 14:02:11 +0000
ROA not before: Sat 01 Jan 2022 14:02:11 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 43212
IP address blocks: 185.11.68.0/22 maxlen: 22
185.11.68.0/24 maxlen: 24
185.11.71.0/24 maxlen: 24
185.11.69.0/24 maxlen: 24
185.11.70.0/24 maxlen: 24
185.83.196.0/22 maxlen: 22
185.83.196.0/24 maxlen: 24
185.83.197.0/24 maxlen: 24
185.83.198.0/24 maxlen: 24
185.83.199.0/24 maxlen: 24
185.59.112.0/23 maxlen: 23
185.59.112.0/24 maxlen: 24
185.59.113.0/24 maxlen: 24
2a0b:3000::/29 maxlen: 29
2a03:9080::/32 maxlen: 32
2a06:e080::/29 maxlen: 29
2a05:9e40::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 199836206 (0xbe9422e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=84184ce919023640bb9256c2d8d1a049fa102520
Validity
Not Before: Jan 1 14:02:11 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=187b179f7f9a3e09b0fa8bb6996f230df5606b29
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:92:e8:2e:9c:9f:d1:94:6a:c7:8d:41:3b:4d:
df:dc:78:cb:f9:89:94:76:71:5a:e2:14:a6:9c:9b:
31:11:aa:9f:18:ba:27:43:3f:3f:ea:1e:95:3e:2b:
60:d6:d8:a0:9f:7f:68:92:db:c1:99:8b:f5:57:5c:
c9:cf:32:09:9e:32:84:ff:fd:3d:af:b6:1e:39:d7:
56:0a:28:92:c4:37:c9:ec:3b:72:60:a0:8e:ca:61:
91:e2:c3:0c:d4:dc:d6:91:72:52:ea:7a:0f:23:20:
67:17:1c:31:1c:6f:03:78:2f:69:45:82:8d:0b:8f:
14:6b:ed:59:79:e4:cc:88:89:39:bc:df:6c:30:3c:
20:f0:3b:5d:76:e8:22:56:3f:fb:a5:fb:04:f4:a1:
4e:2f:a4:9f:a1:7c:e1:e9:48:51:24:80:08:ff:bc:
cb:ca:3e:39:b2:37:95:d4:00:eb:76:51:a1:45:27:
93:e5:2a:63:9c:11:5c:71:80:a7:00:d6:35:76:92:
5e:85:2a:e1:b1:3c:a2:1b:5a:92:62:c0:5d:f1:82:
6f:ac:c0:1e:d7:64:79:14:7d:a9:8d:0a:64:e6:99:
7f:03:a9:70:74:93:34:09:79:6e:ad:fd:6b:54:46:
c3:02:22:25:10:d1:74:38:22:e9:af:2d:06:78:f2:
e5:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
18:7B:17:9F:7F:9A:3E:09:B0:FA:8B:B6:99:6F:23:0D:F5:60:6B:29
X509v3 Authority Key Identifier:
keyid:84:18:4C:E9:19:02:36:40:BB:92:56:C2:D8:D1:A0:49:FA:10:25:20
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hBhM6RkCNkC7klbC2NGgSfoQJSA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/2922cf-1861-419d-9eea-0a79d54965a9/1/GHsXn3-aPgmw-ou2mW8jDfVgayk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/2922cf-1861-419d-9eea-0a79d54965a9/1/hBhM6RkCNkC7klbC2NGgSfoQJSA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.11.68.0/22
185.59.112.0/23
185.83.196.0/22
IPv6:
2a03:9080::/32
2a05:9e40::/29
2a06:e080::/29
2a0b:3000::/29
Signature Algorithm: sha256WithRSAEncryption
69:9a:a9:19:e1:8c:86:49:9b:2b:5d:62:84:7c:31:ce:86:1c:
5f:79:2f:2a:ba:bd:9c:88:f9:f5:09:7e:be:b7:b7:df:74:ef:
51:6a:37:b0:52:99:b3:40:25:5b:c8:ea:3f:05:b6:fe:9a:76:
8d:e1:a1:da:74:aa:c8:b7:d1:38:c7:9f:e7:1a:c6:1f:e3:cc:
4c:fe:9f:2b:f3:cc:e1:f6:2e:c9:1a:0c:c1:3e:5c:f3:4b:13:
66:9a:e5:33:af:47:8c:25:12:40:d6:e3:9c:ad:3a:9d:a2:0f:
7a:b6:7c:41:ee:34:a1:76:23:10:27:5f:4c:ab:8f:49:22:e5:
32:d2:aa:35:59:f6:54:29:b5:5c:25:7d:57:ad:c9:66:1e:17:
02:50:91:f5:89:ef:4d:3c:a8:72:63:25:40:79:2f:2e:11:2d:
d3:50:cc:35:09:90:47:38:9c:fe:8b:1e:a4:f4:5d:fa:4f:8f:
2b:de:39:b1:ef:b9:52:68:23:8d:0a:90:a7:e0:ee:04:1a:52:
61:5a:23:63:b9:99:e4:62:6b:77:20:36:e5:b0:b5:15:99:fc:
36:52:cf:ae:1e:ad:ff:ab:fc:77:7c:96:5b:e5:bd:80:6d:cd:
49:1f:66:66:55:db:9e:a3:4f:71:2a:fe:40:49:83:8b:62:f3:
66:51:e5:df
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgIEC+lCLjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
NDE4NGNlOTE5MDIzNjQwYmI5MjU2YzJkOGQxYTA0OWZhMTAyNTIwMB4XDTIyMDEw
MTE0MDIxMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMTg3YjE3OWY3Zjlh
M2UwOWIwZmE4YmI2OTk2ZjIzMGRmNTYwNmIyOTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKWS6C6cn9GUaseNQTtN39x4y/mJlHZxWuIUppybMRGqnxi6
J0M/P+oelT4rYNbYoJ9/aJLbwZmL9Vdcyc8yCZ4yhP/9Pa+2HjnXVgooksQ3yew7
cmCgjsphkeLDDNTc1pFyUup6DyMgZxccMRxvA3gvaUWCjQuPFGvtWXnkzIiJObzf
bDA8IPA7XXboIlY/+6X7BPShTi+kn6F84elIUSSACP+8y8o+ObI3ldQA63ZRoUUn
k+UqY5wRXHGApwDWNXaSXoUq4bE8ohtakmLAXfGCb6zAHtdkeRR9qY0KZOaZfwOp
cHSTNAl5bq39a1RGwwIiJRDRdDgi6a8tBnjy5X8CAwEAAaOCAjkwggI1MB0GA1Ud
DgQWBBQYexeff5o+CbD6i7aZbyMN9WBrKTAfBgNVHSMEGDAWgBSEGEzpGQI2QLuS
VsLY0aBJ+hAlIDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2hCaE02UmtDTmtDN2tsYkMyTkdnU2ZvUUpTQS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZjAvMjkyMmNmLTE4NjEtNDE5ZC05ZWVhLTBhNzlkNTQ5NjVhOS8x
L0dIc1huMy1hUGdtdy1vdTJtVzhqRGZWZ2F5ay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZjAv
MjkyMmNmLTE4NjEtNDE5ZC05ZWVhLTBhNzlkNTQ5NjVhOS8xL2hCaE02UmtDTmtD
N2tsYkMyTkdnU2ZvUUpTQS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBP
BggrBgEFBQcBBwEB/wRAMD4wGAQCAAEwEgMEArkLRAMEAbk7cAMEArlTxDAiBAIA
AjAcAwUAKgOQgAMFAyoFnkADBQMqBuCAAwUDKgswADANBgkqhkiG9w0BAQsFAAOC
AQEAaZqpGeGMhkmbK11ihHwxzoYcX3kvKrq9nIj59Ql+vre333TvUWo3sFKZs0Al
W8jqPwW2/pp2jeGh2nSqyLfROMef5xrGH+PMTP6fK/PM4fYuyRoMwT5c80sTZprl
M69HjCUSQNbjnK06naIPerZ8Qe40oXYjECdfTKuPSSLlMtKqNVn2VCm1XCV9V63J
Zh4XAlCR9YnvTTyocmMlQHkvLhEt01DMNQmQRzic/osepPRd+k+PK945se+5Umgj
jQqQp+DuBBpSYVojY7mZ5GJrdyA25bC1FZn8NlLPrh6t/6v8d3yWW+W9gG3NSR9m
ZlXbnqNPcSr+QEmDi2LzZlHl3w==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:51:52 2024 by rpki-client on console-ams.rpki-client.org