Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/GaUrboyF1wMJgy2zVvmG71QQyEQ.roa
File: GaUrboyF1wMJgy2zVvmG71QQyEQ.roa (raw, json)
Hash identifier: LgsQcRQVCF8mf2tvT4zqXtRTntcl+lNrYUG2Yig3Yq0=
Subject key identifier: 19:A5:2B:6E:8C:85:D7:03:09:83:2D:B3:56:F9:86:EF:54:10:C8:44
Certificate issuer: /CN=ab0952c8ba8dadb1d34de6c6a93864a609fc41ec
Certificate serial: 01839DD4C2FF414329DD313F55D50A54B2A0
Authority key identifier: AB:09:52:C8:BA:8D:AD:B1:D3:4D:E6:C6:A9:38:64:A6:09:FC:41:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/GaUrboyF1wMJgy2zVvmG71QQyEQ.roa
Signing time: Mon 03 Oct 2022 12:31:49 +0000
ROA not before: Mon 03 Oct 2022 12:31:49 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 210906
IP address blocks: 85.254.62.0/23 maxlen: 23
85.254.64.0/23 maxlen: 23
85.254.76.0/22 maxlen: 22
85.254.2.0/24 maxlen: 24
85.254.138.0/23 maxlen: 23
85.254.134.0/24 maxlen: 24
159.148.109.0/24 maxlen: 24
85.254.140.0/24 maxlen: 24
159.148.126.0/24 maxlen: 24
159.148.130.0/24 maxlen: 24
159.148.128.0/24 maxlen: 24
159.148.138.0/24 maxlen: 24
159.148.150.0/24 maxlen: 24
85.254.174.0/23 maxlen: 23
85.254.178.0/23 maxlen: 23
159.148.157.0/24 maxlen: 24
159.148.158.0/24 maxlen: 24
85.254.180.0/23 maxlen: 23
159.148.54.0/24 maxlen: 24
85.254.84.0/23 maxlen: 23
159.148.62.0/24 maxlen: 24
159.148.66.0/24 maxlen: 24
85.254.112.0/22 maxlen: 22
85.254.116.0/22 maxlen: 22
85.254.124.0/23 maxlen: 23
85.254.122.0/23 maxlen: 23
85.254.128.0/22 maxlen: 22
85.254.126.0/24 maxlen: 24
159.148.216.0/24 maxlen: 24
159.148.218.0/24 maxlen: 24
159.148.236.0/24 maxlen: 24
159.148.239.0/24 maxlen: 24
159.148.234.0/24 maxlen: 24
159.148.241.0/24 maxlen: 24
159.148.248.0/24 maxlen: 24
159.148.163.0/24 maxlen: 24
159.148.169.0/24 maxlen: 24
159.148.166.0/23 maxlen: 23
159.148.179.0/24 maxlen: 24
159.148.177.0/24 maxlen: 24
159.148.180.0/24 maxlen: 24
159.148.204.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:9d:d4:c2:ff:41:43:29:dd:31:3f:55:d5:0a:54:b2:a0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab0952c8ba8dadb1d34de6c6a93864a609fc41ec
Validity
Not Before: Oct 3 12:31:49 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=19a52b6e8c85d70309832db356f986ef5410c844
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:23:3e:d8:3b:a8:8f:e5:44:48:ef:54:ff:a9:
ff:83:1a:f4:25:f3:69:0f:bd:cd:2e:28:fe:6e:8f:
30:83:ed:04:33:74:67:9f:a1:67:16:e1:f1:ce:0f:
e6:f1:b9:64:80:88:67:ef:75:6f:84:69:02:fe:f8:
1a:0c:d2:87:f5:dc:89:35:2e:37:52:a5:22:7b:04:
97:14:56:b8:ec:6c:53:7e:29:76:a0:8c:8a:00:09:
6a:d3:8f:cb:d0:c9:73:9e:64:ee:93:27:c5:ba:e1:
c1:b6:93:be:45:a8:e7:48:bf:b5:d4:0e:df:24:bc:
76:b8:90:86:7f:2d:fb:c7:e0:c8:48:bf:93:e2:d7:
25:1d:00:be:8b:1e:76:ea:81:7c:51:0d:c9:13:d1:
da:4b:b9:f9:93:54:67:3c:c8:49:53:3a:93:05:a4:
22:07:09:c0:80:ec:c0:18:5c:97:9f:97:2b:df:94:
ee:83:54:59:bb:ab:d7:29:c6:51:50:e1:e0:be:f4:
1e:98:d7:05:f6:22:0f:46:0b:d6:af:75:01:0c:88:
1e:ec:72:1a:03:72:eb:34:29:9b:ef:87:59:e7:2d:
0b:d8:8e:28:06:25:4c:87:da:54:d3:50:81:25:cd:
88:b5:86:b7:b9:fb:81:b7:69:33:8e:e8:9f:7f:25:
ce:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
19:A5:2B:6E:8C:85:D7:03:09:83:2D:B3:56:F9:86:EF:54:10:C8:44
X509v3 Authority Key Identifier:
keyid:AB:09:52:C8:BA:8D:AD:B1:D3:4D:E6:C6:A9:38:64:A6:09:FC:41:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/GaUrboyF1wMJgy2zVvmG71QQyEQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/qwlSyLqNrbHTTebGqThkpgn8Qew.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.254.2.0/24
85.254.62.0-85.254.65.255
85.254.76.0/22
85.254.84.0/23
85.254.112.0/21
85.254.122.0-85.254.126.255
85.254.128.0/22
85.254.134.0/24
85.254.138.0-85.254.140.255
85.254.174.0/23
85.254.178.0-85.254.181.255
159.148.54.0/24
159.148.62.0/24
159.148.66.0/24
159.148.109.0/24
159.148.126.0/24
159.148.128.0/24
159.148.130.0/24
159.148.138.0/24
159.148.150.0/24
159.148.157.0-159.148.158.255
159.148.163.0/24
159.148.166.0/23
159.148.169.0/24
159.148.177.0/24
159.148.179.0-159.148.180.255
159.148.204.0/24
159.148.216.0/24
159.148.218.0/24
159.148.234.0/24
159.148.236.0/24
159.148.239.0/24
159.148.241.0/24
159.148.248.0/24
Signature Algorithm: sha256WithRSAEncryption
88:d6:2c:28:99:74:3e:f3:b9:7f:6a:91:1c:ce:9f:d0:d8:4a:
44:7b:0f:2c:df:d1:ae:a5:b4:55:e5:55:cf:49:dd:f5:30:f6:
fe:44:63:d2:54:b1:c8:8b:92:67:04:d0:d7:1b:c1:38:9b:c9:
bb:77:7f:2e:9b:5c:9d:d3:97:fb:31:3c:ad:13:74:9a:18:5d:
ae:83:d7:0b:36:61:16:e4:54:61:f4:9d:5b:43:6b:43:d3:12:
f4:db:0b:a9:b3:e2:80:e0:94:f3:d4:1a:08:83:fd:1e:2e:6c:
6b:10:24:57:93:4e:8d:a8:b9:34:48:90:d5:d3:d7:94:d0:2c:
75:95:11:1c:04:16:0e:6e:e2:4e:43:8d:cb:cf:97:c6:6b:49:
0c:0f:5b:34:06:07:ff:92:a2:3f:12:12:c0:fe:31:7b:a9:dd:
3f:47:ed:93:a6:0a:11:6b:2b:6e:84:3c:8e:fc:d3:ef:69:11:
17:50:f9:a8:fe:62:96:ff:48:16:08:5b:c1:87:80:b7:3a:5d:
a4:9b:1b:9b:d4:4f:f6:47:ae:56:5b:38:5f:dd:97:0a:50:97:
2b:0c:f9:54:3f:fc:87:9d:18:21:e1:bb:02:5f:9e:df:48:12:
5e:5f:c5:7c:04:60:68:d8:9d:fb:53:13:02:a7:e0:6d:b9:14:
61:c3:e6:47
-----BEGIN CERTIFICATE-----
MIIF/DCCBOSgAwIBAgISAYOd1ML/QUMp3TE/VdUKVLKgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiMDk1MmM4YmE4ZGFkYjFkMzRkZTZjNmE5Mzg2NGE2MDlm
YzQxZWMwHhcNMjIxMDAzMTIzMTQ5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxOWE1MmI2ZThjODVkNzAzMDk4MzJkYjM1NmY5ODZlZjU0MTBjODQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsSM+2Duoj+VESO9U/6n/gxr0JfNp
D73NLij+bo8wg+0EM3Rnn6FnFuHxzg/m8blkgIhn73VvhGkC/vgaDNKH9dyJNS43
UqUiewSXFFa47GxTfil2oIyKAAlq04/L0MlznmTukyfFuuHBtpO+RajnSL+11A7f
JLx2uJCGfy37x+DISL+T4tclHQC+ix526oF8UQ3JE9HaS7n5k1RnPMhJUzqTBaQi
BwnAgOzAGFyXn5cr35Tug1RZu6vXKcZRUOHgvvQemNcF9iIPRgvWr3UBDIge7HIa
A3LrNCmb74dZ5y0L2I4oBiVMh9pU01CBJc2ItYa3ufuBt2kzjuiffyXOqwIDAQAB
o4IDCDCCAwQwHQYDVR0OBBYEFBmlK26MhdcDCYMts1b5hu9UEMhEMB8GA1UdIwQY
MBaAFKsJUsi6ja2x003mxqk4ZKYJ/EHsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcXdsU3lMcU5yYkhUVGViR3FUaGtwZ244UWV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZS8zNTU1ZmUtMTJjZC00MDJhLWE4MTAt
NTU1NGQ2ZTE2ODZmLzEvR2FVcmJveUYxd01KZ3kyelZ2bUc3MVFReUVRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZS8zNTU1ZmUtMTJjZC00MDJhLWE4MTAtNTU1NGQ2ZTE2ODZm
LzEvcXdsU3lMcU5yYkhUVGViR3FUaGtwZ244UWV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBHAYIKwYBBQUHAQcBAf8EggELMIIBBzCCAQMEAgABMIH8
AwQAVf4CMAwDBAFV/j4DBAFV/kADBAJV/kwDBAFV/lQDBANV/nAwDAMEAVX+egME
AFX+fgMEAlX+gAMEAFX+hjAMAwQBVf6KAwQAVf6MAwQBVf6uMAwDBAFV/rIDBAFV
/rQDBACflDYDBACflD4DBACflEIDBACflG0DBACflH4DBACflIADBACflIIDBACf
lIoDBACflJYwDAMEAJ+UnQMEAJ+UngMEAJ+UowMEAZ+UpgMEAJ+UqQMEAJ+UsTAM
AwQAn5SzAwQAn5S0AwQAn5TMAwQAn5TYAwQAn5TaAwQAn5TqAwQAn5TsAwQAn5Tv
AwQAn5TxAwQAn5T4MA0GCSqGSIb3DQEBCwUAA4IBAQCI1iwomXQ+87l/apEczp/Q
2EpEew8s39GupbRV5VXPSd31MPb+RGPSVLHIi5JnBNDXG8E4m8m7d38um1yd05f7
MTytE3SaGF2ug9cLNmEW5FRh9J1bQ2tD0xL02wups+KA4JTz1BoIg/0eLmxrECRX
k06NqLk0SJDV09eU0Cx1lREcBBYObuJOQ43Lz5fGa0kMD1s0Bgf/kqI/EhLA/jF7
qd0/R+2TpgoRaytuhDyO/NPvaREXUPmo/mKW/0gWCFvBh4C3Ol2kmxub1E/2R65W
Wzhf3ZcKUJcrDPlUP/yHnRgh4bsCX57fSBJeX8V8BGBo2J37UxMCp+BtuRRhw+ZH
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:43:45 2023 by rpki-client on console-fra.rpki-client.org