Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/a3ccce-c0d6-49a8-bbb8-b8ae16b35c31/1/G19PB4QwsOCnX1wwA6g_kByD_dw.roa
File: G19PB4QwsOCnX1wwA6g_kByD_dw.roa (raw, json)
Hash identifier: EzewYwc+4YWCHPhIc8J0bh6o5GOPHuXIOeDtG3fmP7k=
Subject key identifier: 1B:5F:4F:07:84:30:B0:E0:A7:5F:5C:30:03:A8:3F:90:1C:83:FD:DC
Certificate issuer: /CN=790d1ca78761310ac39a714ff62f3b92b2e77d8a
Certificate serial: 080CE128
Authority key identifier: 79:0D:1C:A7:87:61:31:0A:C3:9A:71:4F:F6:2F:3B:92:B2:E7:7D:8A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/eQ0cp4dhMQrDmnFP9i87krLnfYo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/09/a3ccce-c0d6-49a8-bbb8-b8ae16b35c31/1/G19PB4QwsOCnX1wwA6g_kByD_dw.roa
Signing time: Sat 01 Jan 2022 06:57:05 +0000
ROA not before: Sat 01 Jan 2022 06:57:05 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 15830
IP address blocks: 85.119.0.0/21 maxlen: 21
178.250.56.0/21 maxlen: 21
185.172.92.0/22 maxlen: 22
2a03:bd80::/32 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 135061800 (0x80ce128)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=790d1ca78761310ac39a714ff62f3b92b2e77d8a
Validity
Not Before: Jan 1 06:57:05 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=1b5f4f078430b0e0a75f5c3003a83f901c83fddc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:a6:83:da:7c:30:c1:68:29:db:f8:27:23:d8:
58:94:81:9a:70:ab:a9:33:08:45:7b:f2:3c:b8:77:
9f:de:ec:d8:24:b1:74:af:64:48:19:6e:47:3a:22:
00:ac:75:87:c3:0c:3f:c6:0e:7e:28:aa:3e:98:00:
81:f6:aa:47:1b:aa:85:9b:82:ca:ec:0f:f9:16:0e:
c0:05:98:9e:cf:9a:80:13:43:32:ac:cd:7a:0e:0a:
31:68:d2:af:6d:fb:41:1f:6c:40:f6:b3:8f:16:4b:
94:c0:bb:5d:06:48:54:c1:f9:69:00:57:34:5a:ab:
d3:66:5c:68:be:d8:1d:11:39:d7:52:9d:f1:33:a4:
61:b2:a9:6e:87:fe:1f:e4:d4:63:5c:f1:47:6b:cd:
62:55:48:34:02:b8:3e:88:15:c3:cb:af:2a:a8:87:
25:68:16:22:ef:53:b2:65:b8:25:8f:fa:6f:3b:fd:
ed:8d:6f:e1:11:e1:58:38:5d:9e:63:91:19:e5:fa:
a3:9b:06:58:62:c4:43:c8:cd:e4:8f:09:ea:0f:9c:
50:51:29:ce:55:d2:e1:8a:30:6c:04:24:e7:aa:87:
16:f9:3d:3c:26:9d:7f:ee:15:60:10:b7:34:01:78:
f9:96:91:24:37:70:7f:31:d7:9a:a9:fb:0f:af:31:
e5:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1B:5F:4F:07:84:30:B0:E0:A7:5F:5C:30:03:A8:3F:90:1C:83:FD:DC
X509v3 Authority Key Identifier:
keyid:79:0D:1C:A7:87:61:31:0A:C3:9A:71:4F:F6:2F:3B:92:B2:E7:7D:8A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eQ0cp4dhMQrDmnFP9i87krLnfYo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/a3ccce-c0d6-49a8-bbb8-b8ae16b35c31/1/G19PB4QwsOCnX1wwA6g_kByD_dw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/09/a3ccce-c0d6-49a8-bbb8-b8ae16b35c31/1/eQ0cp4dhMQrDmnFP9i87krLnfYo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.119.0.0/21
178.250.56.0/21
185.172.92.0/22
IPv6:
2a03:bd80::/32
Signature Algorithm: sha256WithRSAEncryption
73:8a:72:56:21:cd:83:b5:db:18:a1:1c:eb:96:8d:ff:c2:fc:
02:bf:26:a7:5c:8f:2a:57:21:23:d7:ee:fe:23:50:41:e9:fa:
f0:cb:4b:e2:75:25:87:ff:9c:b1:b0:37:b8:6c:ea:20:dc:bc:
54:5e:81:9b:78:1c:79:56:ce:b9:bc:7f:84:a4:23:d8:b7:b8:
30:d0:60:cf:3d:9b:6a:44:d3:4f:85:97:b2:c4:a1:d8:68:8f:
fb:67:9d:97:90:b9:a6:f7:6a:5a:a8:68:a0:2c:f3:6a:b3:64:
ec:d4:45:9b:34:f8:2e:24:0b:26:73:a3:3d:cb:eb:81:70:4f:
04:74:7b:39:28:a7:cb:30:61:b3:36:a9:7d:f7:16:c1:3f:3e:
5d:f6:92:81:bd:b7:63:4c:08:92:5c:c4:24:6a:2b:2b:e9:da:
50:52:5e:48:56:ed:01:8e:38:18:2a:8d:f0:df:e4:b6:99:75:
0c:53:68:1b:a9:f4:df:b0:91:a0:13:2b:af:dd:ff:ce:59:47:
9b:77:a1:54:61:81:e5:29:80:40:a1:e9:2a:b2:1d:ea:09:0a:
89:e7:d7:f7:3b:b9:e9:23:34:ad:30:93:de:ac:d1:4c:06:23:
09:fd:ff:e5:e9:02:55:ce:53:00:22:62:8f:00:82:9f:b3:b9:
4c:c6:ea:1a
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgIECAzhKDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
OTBkMWNhNzg3NjEzMTBhYzM5YTcxNGZmNjJmM2I5MmIyZTc3ZDhhMB4XDTIyMDEw
MTA2NTcwNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMWI1ZjRmMDc4NDMw
YjBlMGE3NWY1YzMwMDNhODNmOTAxYzgzZmRkYzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKqmg9p8MMFoKdv4JyPYWJSBmnCrqTMIRXvyPLh3n97s2CSx
dK9kSBluRzoiAKx1h8MMP8YOfiiqPpgAgfaqRxuqhZuCyuwP+RYOwAWYns+agBND
MqzNeg4KMWjSr237QR9sQPazjxZLlMC7XQZIVMH5aQBXNFqr02ZcaL7YHRE511Kd
8TOkYbKpbof+H+TUY1zxR2vNYlVINAK4PogVw8uvKqiHJWgWIu9TsmW4JY/6bzv9
7Y1v4RHhWDhdnmORGeX6o5sGWGLEQ8jN5I8J6g+cUFEpzlXS4YowbAQk56qHFvk9
PCadf+4VYBC3NAF4+ZaRJDdwfzHXmqn7D68x5eUCAwEAAaOCAiQwggIgMB0GA1Ud
DgQWBBQbX08HhDCw4KdfXDADqD+QHIP93DAfBgNVHSMEGDAWgBR5DRynh2ExCsOa
cU/2LzuSsud9ijAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2VRMGNwNGRoTVFyRG1uRlA5aTg3a3JMbmZZby5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMDkvYTNjY2NlLWMwZDYtNDlhOC1iYmI4LWI4YWUxNmIzNWMzMS8x
L0cxOVBCNFF3c09Dblgxd3dBNmdfa0J5RF9kdy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMDkv
YTNjY2NlLWMwZDYtNDlhOC1iYmI4LWI4YWUxNmIzNWMzMS8xL2VRMGNwNGRoTVFy
RG1uRlA5aTg3a3JMbmZZby5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA6
BggrBgEFBQcBBwEB/wQrMCkwGAQCAAEwEgMEA1V3AAMEA7L6OAMEArmsXDANBAIA
AjAHAwUAKgO9gDANBgkqhkiG9w0BAQsFAAOCAQEAc4pyViHNg7XbGKEc65aN/8L8
Ar8mp1yPKlchI9fu/iNQQen68MtL4nUlh/+csbA3uGzqINy8VF6Bm3gceVbOubx/
hKQj2Le4MNBgzz2bakTTT4WXssSh2GiP+2edl5C5pvdqWqhooCzzarNk7NRFmzT4
LiQLJnOjPcvrgXBPBHR7OSinyzBhszapffcWwT8+XfaSgb23Y0wIklzEJGorK+na
UFJeSFbtAY44GCqN8N/ktpl1DFNoG6n037CRoBMrr93/zllHm3ehVGGB5SmAQKHp
KrId6gkKiefX9zu56SM0rTCT3qzRTAYjCf3/5ekCVc5TACJijwCCn7O5TMbqGg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:51:56 2024 by rpki-client on console-ams.rpki-client.org