Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/541c05-8d7d-42b8-ab00-7fbbae6f9437/1/Gh23d1CQc6PTKRTzAnCa8fphZEg.roa
File: Gh23d1CQc6PTKRTzAnCa8fphZEg.roa (raw, json)
Hash identifier: TloDB/ZdoLXGQji3KmfYOKyDZ+Qjf4Z9wX3VzD9zv1o=
Subject key identifier: 1A:1D:B7:77:50:90:73:A3:D3:29:14:F3:02:70:9A:F1:FA:61:64:48
Certificate issuer: /CN=0548cedf17029ed98a108113c6c109ecaccd82ec
Certificate serial: 38BEE3C3
Authority key identifier: 05:48:CE:DF:17:02:9E:D9:8A:10:81:13:C6:C1:09:EC:AC:CD:82:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BUjO3xcCntmKEIETxsEJ7KzNguw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/09/541c05-8d7d-42b8-ab00-7fbbae6f9437/1/Gh23d1CQc6PTKRTzAnCa8fphZEg.roa
Signing time: Tue 17 May 2022 05:30:30 +0000
ROA not before: Tue 17 May 2022 05:30:30 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 201642
IP address blocks: 85.196.128.0/23 maxlen: 23
85.196.131.0/24 maxlen: 24
85.196.128.0/24 maxlen: 24
85.196.130.0/23 maxlen: 23
85.196.129.0/24 maxlen: 24
85.196.130.0/24 maxlen: 24
2a01:288:4005::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 952034243 (0x38bee3c3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0548cedf17029ed98a108113c6c109ecaccd82ec
Validity
Not Before: May 17 05:30:30 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=1a1db777509073a3d32914f302709af1fa616448
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:56:2a:79:68:6e:bd:83:58:15:f4:e3:62:ba:
20:2f:10:6d:91:02:bd:a8:b5:34:e4:2c:11:4d:4d:
4d:60:d8:36:a1:31:99:8a:f2:59:11:27:a1:c0:98:
f6:fa:eb:82:35:b6:5d:7c:c8:57:7b:29:ac:f4:b9:
4b:2f:d1:55:45:c9:d8:22:25:ea:fa:08:1a:10:49:
0e:d5:fb:5e:ed:ff:9d:fb:27:bf:c4:9a:8d:07:e5:
41:f2:38:e1:ab:66:14:f0:65:e0:c9:e0:a6:ef:c8:
a9:48:89:5f:09:c1:89:e8:42:8f:26:92:24:1e:3e:
78:b4:bd:3e:79:33:c0:93:3d:36:36:eb:6e:5a:33:
f6:1d:fd:94:a6:90:87:9b:03:5b:9b:fc:64:f9:d3:
88:86:ce:0a:32:6b:8b:bb:34:66:3a:5c:62:dd:bc:
7b:0e:97:58:84:6e:37:a3:f0:27:15:c6:80:7e:11:
52:e5:27:6e:92:de:5e:f4:c2:29:d9:76:65:39:af:
d7:13:7a:75:ec:34:e9:39:5b:44:ae:01:2f:83:99:
a2:3c:9c:63:05:fb:21:9c:44:1f:4c:bb:22:98:a8:
f1:c5:b0:28:f7:86:4e:92:a9:50:28:48:02:e0:76:
f7:3a:ba:c6:cf:6a:ba:e2:32:bc:8b:e6:02:9e:bc:
2c:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1A:1D:B7:77:50:90:73:A3:D3:29:14:F3:02:70:9A:F1:FA:61:64:48
X509v3 Authority Key Identifier:
keyid:05:48:CE:DF:17:02:9E:D9:8A:10:81:13:C6:C1:09:EC:AC:CD:82:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BUjO3xcCntmKEIETxsEJ7KzNguw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/541c05-8d7d-42b8-ab00-7fbbae6f9437/1/Gh23d1CQc6PTKRTzAnCa8fphZEg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/09/541c05-8d7d-42b8-ab00-7fbbae6f9437/1/BUjO3xcCntmKEIETxsEJ7KzNguw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.196.128.0/22
IPv6:
2a01:288:4005::/48
Signature Algorithm: sha256WithRSAEncryption
98:1d:05:13:b0:b3:7c:85:8c:40:8d:14:36:6a:9a:75:e8:5f:
d9:28:d7:96:c1:4c:33:ca:37:59:bc:fc:fb:1f:07:ff:00:2e:
d8:ea:0a:08:9b:3a:62:fb:81:2a:a4:bc:5d:51:72:84:36:f8:
80:b4:a6:a7:ee:3d:f5:7b:4a:b2:17:b6:c9:50:e4:7f:da:2f:
d0:5f:9c:53:4c:29:a9:3b:88:50:6d:63:10:42:9b:ab:4d:d1:
e0:7a:a2:f0:bd:38:ee:8d:61:c6:b5:77:f6:e5:40:3f:7f:02:
68:73:f9:8f:6b:47:8d:72:18:e0:6c:e0:dd:41:15:37:0b:b3:
fc:61:5d:c0:89:76:dd:30:f5:4d:8a:08:f5:d9:ce:26:7c:78:
1a:39:b8:0f:d2:91:7f:01:77:58:d0:48:8d:92:12:92:3b:33:
5b:5b:eb:1a:e1:2c:5a:6f:8e:84:14:e7:b1:1a:1c:64:0b:c9:
bf:62:44:6a:04:80:86:17:7b:d7:a9:49:40:da:3e:1f:81:fd:
a8:29:7b:8d:83:56:53:eb:e5:19:5f:77:34:06:9e:0e:b9:aa:
74:4e:13:1c:36:c4:67:be:f1:0f:ce:55:82:af:9c:cc:d0:aa:
b6:45:bd:ad:b0:22:5b:0c:19:d9:b9:a8:1c:0b:8d:1c:5a:9b:
17:9c:af:29
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIEOL7jwzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
NTQ4Y2VkZjE3MDI5ZWQ5OGExMDgxMTNjNmMxMDllY2FjY2Q4MmVjMB4XDTIyMDUx
NzA1MzAzMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMWExZGI3Nzc1MDkw
NzNhM2QzMjkxNGYzMDI3MDlhZjFmYTYxNjQ0ODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANxWKnlobr2DWBX042K6IC8QbZECvai1NOQsEU1NTWDYNqEx
mYryWREnocCY9vrrgjW2XXzIV3sprPS5Sy/RVUXJ2CIl6voIGhBJDtX7Xu3/nfsn
v8SajQflQfI44atmFPBl4Mngpu/IqUiJXwnBiehCjyaSJB4+eLS9PnkzwJM9Njbr
bloz9h39lKaQh5sDW5v8ZPnTiIbOCjJri7s0ZjpcYt28ew6XWIRuN6PwJxXGgH4R
UuUnbpLeXvTCKdl2ZTmv1xN6dew06TlbRK4BL4OZojycYwX7IZxEH0y7Ipio8cWw
KPeGTpKpUChIAuB29zq6xs9quuIyvIvmAp68LBsCAwEAAaOCAhowggIWMB0GA1Ud
DgQWBBQaHbd3UJBzo9MpFPMCcJrx+mFkSDAfBgNVHSMEGDAWgBQFSM7fFwKe2YoQ
gRPGwQnsrM2C7DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0JVak8zeGNDbnRtS0VJRVR4c0VKN0t6Tmd1dy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMDkvNTQxYzA1LThkN2QtNDJiOC1hYjAwLTdmYmJhZTZmOTQzNy8x
L0doMjNkMUNRYzZQVEtSVHpBbkNhOGZwaFpFZy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMDkv
NTQxYzA1LThkN2QtNDJiOC1hYjAwLTdmYmJhZTZmOTQzNy8xL0JVak8zeGNDbnRt
S0VJRVR4c0VKN0t6Tmd1dy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAw
BggrBgEFBQcBBwEB/wQhMB8wDAQCAAEwBgMEAlXEgDAPBAIAAjAJAwcAKgECiEAF
MA0GCSqGSIb3DQEBCwUAA4IBAQCYHQUTsLN8hYxAjRQ2app16F/ZKNeWwUwzyjdZ
vPz7Hwf/AC7Y6goImzpi+4EqpLxdUXKENviAtKan7j31e0qyF7bJUOR/2i/QX5xT
TCmpO4hQbWMQQpurTdHgeqLwvTjujWHGtXf25UA/fwJoc/mPa0eNchjgbODdQRU3
C7P8YV3AiXbdMPVNigj12c4mfHgaObgP0pF/AXdY0EiNkhKSOzNbW+sa4Sxab46E
FOexGhxkC8m/YkRqBICGF3vXqUlA2j4fgf2oKXuNg1ZT6+UZX3c0Bp4Ouap0ThMc
NsRnvvEPzlWCr5zM0Kq2Rb2tsCJbDBnZuagcC40cWpsXnK8p
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:43:18 2023 by rpki-client on console-fra.rpki-client.org