Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/GQNlLxyzlJs6p-RcsRPXrEYKeuY.roa
File: GQNlLxyzlJs6p-RcsRPXrEYKeuY.roa (raw, json)
Hash identifier: iJBY5BdtURghGc6vIpt+iMSNuAULwGqi0WIEwXqiHkY=
Subject key identifier: 19:03:65:2F:1C:B3:94:9B:3A:A7:E4:5C:B1:13:D7:AC:46:0A:7A:E6
Certificate issuer: /CN=d217b472c841c1d68550a24f1936d29cc6c28f6a
Certificate serial: 4349A5CF
Authority key identifier: D2:17:B4:72:C8:41:C1:D6:85:50:A2:4F:19:36:D2:9C:C6:C2:8F:6A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0he0cshBwdaFUKJPGTbSnMbCj2o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/GQNlLxyzlJs6p-RcsRPXrEYKeuY.roa
Signing time: Sat 01 Jan 2022 07:59:56 +0000
ROA not before: Sat 01 Jan 2022 07:59:56 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 47447
IP address blocks: 151.236.15.0/24 maxlen: 24
151.236.17.0/24 maxlen: 24
158.255.214.0/24 maxlen: 24
149.154.159.0/24 maxlen: 24
2a03:f80:49::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1128900047 (0x4349a5cf)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d217b472c841c1d68550a24f1936d29cc6c28f6a
Validity
Not Before: Jan 1 07:59:56 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=1903652f1cb3949b3aa7e45cb113d7ac460a7ae6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:08:ca:6c:0f:2a:16:f8:d2:2b:fd:a1:a4:be:
8c:d1:cc:c9:e8:b2:f0:ce:aa:64:de:ef:58:f8:b0:
22:2e:f2:86:6f:8f:e6:f3:c5:97:94:80:d7:95:53:
de:a2:37:fa:dd:40:9f:62:59:14:5b:9f:71:e1:fc:
bb:c2:43:8e:33:0d:82:32:87:2e:8e:34:82:06:e4:
97:de:fb:98:48:dd:df:d5:ee:26:e7:57:a3:b5:aa:
7f:34:d0:8a:2f:a3:8f:9b:87:2e:22:19:d8:c4:96:
c9:6a:38:d2:c4:4b:93:b7:fb:66:a5:c6:70:ea:65:
6c:6d:79:00:d5:a9:c1:42:4e:86:4f:11:ad:42:1a:
68:52:60:7e:ca:c4:29:95:36:4b:a4:cf:1f:35:d8:
c2:99:d5:f6:1d:19:3b:44:b9:20:ea:a8:13:ad:28:
67:ef:98:a6:9c:84:b8:c4:7a:c4:9e:f3:a3:0f:48:
14:ac:ea:80:0e:3d:4c:5a:68:ec:a6:b0:f0:36:44:
d5:18:58:fd:82:bf:cf:e2:de:cd:93:81:85:34:72:
61:a6:3f:2b:31:e2:d1:29:f1:11:25:47:e2:38:68:
63:c1:78:52:08:13:ea:74:16:02:c7:4b:b4:af:a5:
f3:9e:7a:4e:ca:37:cb:9f:4f:20:d0:21:62:82:ad:
96:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
19:03:65:2F:1C:B3:94:9B:3A:A7:E4:5C:B1:13:D7:AC:46:0A:7A:E6
X509v3 Authority Key Identifier:
keyid:D2:17:B4:72:C8:41:C1:D6:85:50:A2:4F:19:36:D2:9C:C6:C2:8F:6A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0he0cshBwdaFUKJPGTbSnMbCj2o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/GQNlLxyzlJs6p-RcsRPXrEYKeuY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/0he0cshBwdaFUKJPGTbSnMbCj2o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
149.154.159.0/24
151.236.15.0/24
151.236.17.0/24
158.255.214.0/24
IPv6:
2a03:f80:49::/48
Signature Algorithm: sha256WithRSAEncryption
bd:4f:61:fa:ac:85:50:ce:61:80:56:66:06:33:37:7f:b9:90:
e9:0e:de:48:48:23:65:85:9a:fa:8c:65:e1:21:d9:06:6c:6d:
84:4b:0b:45:dd:e1:54:f3:6a:d6:bc:b5:89:ef:14:cb:a7:69:
82:34:95:88:43:ad:0d:b3:d2:69:df:ee:3c:6c:ee:9a:b9:8f:
b8:1c:41:47:e9:0f:ea:e3:25:f9:40:c3:3f:00:8e:29:97:ef:
03:02:85:1c:9a:c0:76:80:1c:2c:81:e4:54:74:4f:38:f1:17:
5c:01:88:b4:84:58:97:60:3a:cd:f0:0a:e4:98:93:8a:d9:09:
2e:51:97:c7:e2:ff:78:74:81:d2:60:e7:9c:12:d9:30:ee:58:
32:50:4d:02:16:10:20:89:04:8a:ae:c3:be:36:f6:dd:91:5a:
be:08:30:00:97:92:98:bb:f2:2f:a6:58:dc:15:50:13:84:ce:
e6:b3:96:f6:c8:b3:81:03:8a:32:49:27:4e:ce:a2:b3:21:5a:
53:3b:c8:b8:11:1b:14:57:6f:a1:5a:5b:c2:e5:1f:bc:69:1b:
47:e3:18:35:76:de:58:ce:ae:7e:05:ac:a2:bf:6f:5e:e1:d1:
65:d9:98:de:cf:54:44:0f:b4:a3:d1:ac:b4:4d:aa:3b:1f:46:
e6:66:54:93
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgIEQ0mlzzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
MjE3YjQ3MmM4NDFjMWQ2ODU1MGEyNGYxOTM2ZDI5Y2M2YzI4ZjZhMB4XDTIyMDEw
MTA3NTk1NloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMTkwMzY1MmYxY2Iz
OTQ5YjNhYTdlNDVjYjExM2Q3YWM0NjBhN2FlNjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJgIymwPKhb40iv9oaS+jNHMyeiy8M6qZN7vWPiwIi7yhm+P
5vPFl5SA15VT3qI3+t1An2JZFFufceH8u8JDjjMNgjKHLo40ggbkl977mEjd39Xu
JudXo7WqfzTQii+jj5uHLiIZ2MSWyWo40sRLk7f7ZqXGcOplbG15ANWpwUJOhk8R
rUIaaFJgfsrEKZU2S6TPHzXYwpnV9h0ZO0S5IOqoE60oZ++YppyEuMR6xJ7zow9I
FKzqgA49TFpo7Kaw8DZE1RhY/YK/z+LezZOBhTRyYaY/KzHi0SnxESVH4jhoY8F4
UggT6nQWAsdLtK+l8556Tso3y59PINAhYoKtlqcCAwEAAaOCAiwwggIoMB0GA1Ud
DgQWBBQZA2UvHLOUmzqn5FyxE9esRgp65jAfBgNVHSMEGDAWgBTSF7RyyEHB1oVQ
ok8ZNtKcxsKPajAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzBoZTBjc2hCd2RhRlVLSlBHVGJTbk1iQ2oyby5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMTAvMjkwZTQ0LWI0NzktNDZjZi1hYjRiLWIzOGUyNjc3YjNkYy8x
L0dRTmxMeHl6bEpzNnAtUmNzUlBYckVZS2V1WS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMTAv
MjkwZTQ0LWI0NzktNDZjZi1hYjRiLWIzOGUyNjc3YjNkYy8xLzBoZTBjc2hCd2Rh
RlVLSlBHVGJTbk1iQ2oyby5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBC
BggrBgEFBQcBBwEB/wQzMDEwHgQCAAEwGAMEAJWanwMEAJfsDwMEAJfsEQMEAJ7/
1jAPBAIAAjAJAwcAKgMPgABJMA0GCSqGSIb3DQEBCwUAA4IBAQC9T2H6rIVQzmGA
VmYGMzd/uZDpDt5ISCNlhZr6jGXhIdkGbG2ESwtF3eFU82rWvLWJ7xTLp2mCNJWI
Q60Ns9Jp3+48bO6auY+4HEFH6Q/q4yX5QMM/AI4pl+8DAoUcmsB2gBwsgeRUdE84
8RdcAYi0hFiXYDrN8ArkmJOK2QkuUZfH4v94dIHSYOecEtkw7lgyUE0CFhAgiQSK
rsO+NvbdkVq+CDAAl5KYu/IvpljcFVAThM7ms5b2yLOBA4oySSdOzqKzIVpTO8i4
ERsUV2+hWlvC5R+8aRtH4xg1dt5Yzq5+Bayiv29e4dFl2Zjez1RED7Sj0ay0Tao7
H0bmZlST
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:47:58 2023 by rpki-client on console-ams.rpki-client.org