Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/05/4992b6-fdae-4c9f-bf3e-95c8942df724/1/gxOYdJEADD_SdYjF_dd5mTcds9k.roa
File: gxOYdJEADD_SdYjF_dd5mTcds9k.roa (raw, json)
Hash identifier: 0ac7524PdjBFwL7ULzYJMg64PbQtc8YajFPLn1nxeJo=
Subject key identifier: 83:13:98:74:91:00:0C:3F:D2:75:88:C5:FD:D7:79:99:37:1D:B3:D9
Certificate issuer: /CN=bc9f0b9ac1d5652f3dca1ef1623bf99ab29647df
Certificate serial: 188D3DAF
Authority key identifier: BC:9F:0B:9A:C1:D5:65:2F:3D:CA:1E:F1:62:3B:F9:9A:B2:96:47:DF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vJ8LmsHVZS89yh7xYjv5mrKWR98.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/05/4992b6-fdae-4c9f-bf3e-95c8942df724/1/gxOYdJEADD_SdYjF_dd5mTcds9k.roa
Signing time: Sat 01 Jan 2022 11:04:24 +0000
ROA not before: Sat 01 Jan 2022 11:04:24 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 47674
IP address blocks: 185.38.140.0/22 maxlen: 24
185.236.230.0/24 maxlen: 24
185.236.231.0/24 maxlen: 24
185.236.229.0/24 maxlen: 24
188.93.232.0/21 maxlen: 24
5.206.224.0/21 maxlen: 24
2a00:1c60::/32 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 411909551 (0x188d3daf)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bc9f0b9ac1d5652f3dca1ef1623bf99ab29647df
Validity
Not Before: Jan 1 11:04:24 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=8313987491000c3fd27588c5fdd77999371db3d9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:ad:30:16:62:b5:07:76:f6:1f:d4:ae:cb:81:
c1:d7:de:1c:83:90:06:2b:f8:f9:1c:5b:de:a4:aa:
5c:a6:e8:57:48:5c:7f:53:ab:dd:57:18:82:32:ed:
b7:67:4b:cb:3c:42:2e:fd:31:cf:8d:3e:2b:1f:a1:
eb:b3:30:75:1a:5e:8c:c1:91:70:fa:0b:7d:f5:6d:
7e:a7:7c:67:0c:3d:24:ec:70:38:9a:37:22:6b:45:
6e:8b:04:b9:17:34:a1:22:b3:70:d1:f1:e6:a0:64:
3e:28:23:73:5f:20:19:66:58:93:aa:cd:b6:9e:d6:
06:fd:eb:8b:9c:74:93:10:d3:dc:ec:b0:72:41:ac:
4e:89:01:48:9c:31:65:13:a3:65:34:9f:0b:8d:8d:
d0:2b:fd:f0:63:7c:58:4b:b7:cf:8d:88:73:cb:e0:
b9:ba:a1:24:ea:ca:bc:33:a4:51:6f:4f:49:90:43:
b9:19:e7:b1:80:28:72:ed:a8:00:99:0c:eb:90:f5:
6d:28:96:39:80:39:e2:b2:b8:9c:c8:c0:60:c2:4e:
b6:63:23:d7:82:c2:1b:58:c6:5c:74:ec:9a:b6:f0:
f6:00:61:2e:d7:be:db:72:b3:a7:1c:6d:6c:e0:7f:
00:e7:f2:c6:ca:0e:ec:a7:d9:25:d4:14:e2:39:ec:
6a:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
83:13:98:74:91:00:0C:3F:D2:75:88:C5:FD:D7:79:99:37:1D:B3:D9
X509v3 Authority Key Identifier:
keyid:BC:9F:0B:9A:C1:D5:65:2F:3D:CA:1E:F1:62:3B:F9:9A:B2:96:47:DF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vJ8LmsHVZS89yh7xYjv5mrKWR98.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/05/4992b6-fdae-4c9f-bf3e-95c8942df724/1/gxOYdJEADD_SdYjF_dd5mTcds9k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/05/4992b6-fdae-4c9f-bf3e-95c8942df724/1/vJ8LmsHVZS89yh7xYjv5mrKWR98.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.206.224.0/21
185.38.140.0/22
185.236.229.0-185.236.231.255
188.93.232.0/21
IPv6:
2a00:1c60::/32
Signature Algorithm: sha256WithRSAEncryption
ad:7c:47:c4:a0:67:09:fd:8b:a4:76:bb:a5:4e:30:ee:bb:a3:
88:d4:31:49:d6:ad:08:3d:69:44:bc:43:2a:0a:d7:eb:ed:33:
75:45:a7:0f:fa:70:8b:fa:44:f9:4c:dc:a9:c4:f2:ff:e3:29:
53:1d:f5:55:cf:ed:57:2c:fd:09:83:61:bb:7f:23:b3:a0:f4:
38:a6:98:32:db:0a:d4:fa:95:3a:be:5e:29:6f:e5:28:a0:2c:
5a:3d:e4:d2:8f:13:f1:92:7b:ba:a0:55:24:07:7e:61:c8:32:
6c:ee:32:a1:37:ce:ea:8e:8c:ed:86:4d:76:31:37:7c:5d:25:
52:0a:0f:ab:43:6f:c7:c4:10:77:50:d2:f2:a2:2f:75:4e:bb:
0e:2b:1c:c2:01:64:6c:3b:ab:02:97:6c:40:b6:fe:ca:0e:87:
40:1f:92:b6:30:ab:78:f5:87:d8:3d:b1:a6:1f:b8:77:58:d9:
e3:16:31:0e:4a:58:87:90:e2:fc:b8:6e:38:d7:76:82:19:c4:
ae:87:2c:82:e3:11:e6:d0:5e:b4:75:e8:65:a5:d0:51:17:ee:
10:a7:ba:7d:d1:6e:58:e1:78:49:94:da:21:36:ea:21:13:0f:
4a:49:03:ef:9e:7e:c7:50:34:66:85:29:35:e1:d5:11:22:5d:
0e:aa:2c:89
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgIEGI09rzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
YzlmMGI5YWMxZDU2NTJmM2RjYTFlZjE2MjNiZjk5YWIyOTY0N2RmMB4XDTIyMDEw
MTExMDQyNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoODMxMzk4NzQ5MTAw
MGMzZmQyNzU4OGM1ZmRkNzc5OTkzNzFkYjNkOTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOStMBZitQd29h/UrsuBwdfeHIOQBiv4+Rxb3qSqXKboV0hc
f1Or3VcYgjLtt2dLyzxCLv0xz40+Kx+h67MwdRpejMGRcPoLffVtfqd8Zww9JOxw
OJo3ImtFbosEuRc0oSKzcNHx5qBkPigjc18gGWZYk6rNtp7WBv3ri5x0kxDT3Oyw
ckGsTokBSJwxZROjZTSfC42N0Cv98GN8WEu3z42Ic8vgubqhJOrKvDOkUW9PSZBD
uRnnsYAocu2oAJkM65D1bSiWOYA54rK4nMjAYMJOtmMj14LCG1jGXHTsmrbw9gBh
Lte+23KzpxxtbOB/AOfyxsoO7KfZJdQU4jnsav8CAwEAAaOCAjIwggIuMB0GA1Ud
DgQWBBSDE5h0kQAMP9J1iMX913mZNx2z2TAfBgNVHSMEGDAWgBS8nwuawdVlLz3K
HvFiO/maspZH3zAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3ZKOExtc0hWWlM4OXloN3hZanY1bXJLV1I5OC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMDUvNDk5MmI2LWZkYWUtNGM5Zi1iZjNlLTk1Yzg5NDJkZjcyNC8x
L2d4T1lkSkVBRERfU2RZakZfZGQ1bVRjZHM5ay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMDUv
NDk5MmI2LWZkYWUtNGM5Zi1iZjNlLTk1Yzg5NDJkZjcyNC8xL3ZKOExtc0hWWlM4
OXloN3hZanY1bXJLV1I5OC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBI
BggrBgEFBQcBBwEB/wQ5MDcwJgQCAAEwIAMEAwXO4AMEArkmjDAMAwQAuezlAwQD
uezgAwQDvF3oMA0EAgACMAcDBQAqABxgMA0GCSqGSIb3DQEBCwUAA4IBAQCtfEfE
oGcJ/YukdrulTjDuu6OI1DFJ1q0IPWlEvEMqCtfr7TN1RacP+nCL+kT5TNypxPL/
4ylTHfVVz+1XLP0Jg2G7fyOzoPQ4ppgy2wrU+pU6vl4pb+UooCxaPeTSjxPxknu6
oFUkB35hyDJs7jKhN87qjozthk12MTd8XSVSCg+rQ2/HxBB3UNLyoi91TrsOKxzC
AWRsO6sCl2xAtv7KDodAH5K2MKt49YfYPbGmH7h3WNnjFjEOSliHkOL8uG4413aC
GcSuhyyC4xHm0F60dehlpdBRF+4Qp7p90W5Y4XhJlNohNuohEw9KSQPvnn7HUDRm
hSk14dURIl0OqiyJ
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:46:51 2023 by rpki-client on console-ams.rpki-client.org