Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/12/edc855-f2bc-4e9c-8c0c-b6f2ac86ef27/1/qOmGzIpaDH2sK_zGPpOGFsgtcoA.roa
File: qOmGzIpaDH2sK_zGPpOGFsgtcoA.roa (raw, json)
Hash identifier: XPPYx65tX6rrqKOuQKaO8r7U6BP+EeGtF0f5ELQ/Zsc=
Subject key identifier: A8:E9:86:CC:8A:5A:0C:7D:AC:2B:FC:C6:3E:93:86:16:C8:2D:72:80
Certificate issuer: /CN=821a3f21fb0c294d6d4a529b2f1dbd4bd1119bd7
Certificate serial: 034CBCF4
Authority key identifier: 82:1A:3F:21:FB:0C:29:4D:6D:4A:52:9B:2F:1D:BD:4B:D1:11:9B:D7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gho_IfsMKU1tSlKbLx29S9ERm9c.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/12/edc855-f2bc-4e9c-8c0c-b6f2ac86ef27/1/qOmGzIpaDH2sK_zGPpOGFsgtcoA.roa
Signing time: Tue 21 Jun 2022 12:52:47 +0000
ROA not before: Tue 21 Jun 2022 12:52:47 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 11426
IP address blocks: 45.157.72.0/23 maxlen: 23
141.98.240.0/24 maxlen: 24
141.98.241.0/24 maxlen: 24
193.31.72.0/24 maxlen: 24
193.31.73.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 55360756 (0x34cbcf4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=821a3f21fb0c294d6d4a529b2f1dbd4bd1119bd7
Validity
Not Before: Jun 21 12:52:47 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a8e986cc8a5a0c7dac2bfcc63e938616c82d7280
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:a8:f3:8a:c5:92:20:db:cd:a7:ac:9e:de:ff:
f5:6b:10:b7:c3:75:20:fe:0a:f8:f0:35:62:e3:b7:
6c:8a:de:10:e6:a1:56:49:8a:06:e5:59:e7:81:ed:
6a:3a:6a:ed:f0:d5:a4:0c:ec:16:1a:93:ba:fa:b5:
5e:aa:7f:99:3f:e9:63:d5:f8:c9:03:6e:15:9a:98:
f9:dd:85:5f:4b:c0:20:63:85:94:7a:ef:34:4b:c8:
43:44:5a:f8:29:57:7c:ba:18:66:ca:cd:e8:43:7c:
34:cc:5b:85:e2:f3:9b:8e:22:95:3c:8b:e0:13:31:
e3:be:ff:33:5d:14:d9:c9:88:83:e5:f5:b7:d0:5d:
05:55:7a:33:ab:93:ac:b6:08:a2:74:4b:f0:13:5f:
bf:a9:4a:92:6a:27:03:4f:1c:14:60:84:d9:d2:db:
51:f9:5d:ea:ee:98:6f:00:73:e2:1f:5f:51:0a:a4:
ad:41:5c:46:38:76:2d:96:0d:3e:85:16:66:37:a7:
8e:e6:55:32:db:c0:9d:3e:4b:67:6f:08:68:26:b6:
0a:43:9d:e7:5f:ad:12:48:b6:55:94:2f:a9:6d:f4:
c5:af:15:d0:fc:eb:43:a0:46:b9:c5:65:34:13:03:
48:82:41:fe:b9:3b:0c:8b:42:72:bf:5b:22:d7:cd:
36:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:E9:86:CC:8A:5A:0C:7D:AC:2B:FC:C6:3E:93:86:16:C8:2D:72:80
X509v3 Authority Key Identifier:
keyid:82:1A:3F:21:FB:0C:29:4D:6D:4A:52:9B:2F:1D:BD:4B:D1:11:9B:D7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gho_IfsMKU1tSlKbLx29S9ERm9c.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/12/edc855-f2bc-4e9c-8c0c-b6f2ac86ef27/1/qOmGzIpaDH2sK_zGPpOGFsgtcoA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/12/edc855-f2bc-4e9c-8c0c-b6f2ac86ef27/1/gho_IfsMKU1tSlKbLx29S9ERm9c.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.157.72.0/23
141.98.240.0/23
193.31.72.0/23
Signature Algorithm: sha256WithRSAEncryption
33:bd:39:ce:a1:b1:b8:ab:fc:32:7f:db:29:03:19:0a:3e:e3:
bd:5c:65:d8:e3:b3:1c:cc:af:31:8f:2a:13:52:5d:8c:14:94:
0e:8d:28:5b:3d:7b:3b:22:23:a8:8f:7a:0c:79:4b:d9:83:d0:
f7:ad:0b:32:ad:35:cd:f1:c1:a5:e4:6b:fc:a1:2b:c6:78:d4:
a5:92:62:0a:93:97:45:97:ec:3d:d8:7f:46:d3:bc:da:2b:11:
78:7b:e9:a8:75:5b:21:a3:71:20:8c:5e:21:cd:05:29:05:4c:
dc:71:c1:1d:35:43:7d:cf:31:04:ef:90:fb:44:50:48:b4:2d:
ab:e4:bb:9e:9e:39:fe:28:c6:a8:02:00:77:4b:09:5a:f6:be:
7e:b6:69:66:f2:1d:24:af:76:f0:07:34:c7:e5:52:f9:2b:23:
1b:d1:64:10:e4:63:81:72:15:75:a9:c4:5f:ae:a2:5f:d7:aa:
50:1f:18:70:f6:1a:a6:ff:cf:d3:f1:be:4a:17:d6:08:5d:da:
a2:61:a4:86:ed:7f:04:53:a9:f4:7a:f1:85:94:3d:3b:35:ad:
9e:64:11:31:e7:ff:86:3a:6c:d5:f5:05:e9:09:c7:89:4c:46:
ce:71:da:9d:e8:51:67:2b:dc:3b:56:cb:f7:17:f4:54:db:6e:
d8:da:8f:e9
-----BEGIN CERTIFICATE-----
MIIE+zCCA+OgAwIBAgIEA0y89DANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
MjFhM2YyMWZiMGMyOTRkNmQ0YTUyOWIyZjFkYmQ0YmQxMTE5YmQ3MB4XDTIyMDYy
MTEyNTI0N1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYThlOTg2Y2M4YTVh
MGM3ZGFjMmJmY2M2M2U5Mzg2MTZjODJkNzI4MDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKeo84rFkiDbzaesnt7/9WsQt8N1IP4K+PA1YuO3bIreEOah
VkmKBuVZ54Htajpq7fDVpAzsFhqTuvq1Xqp/mT/pY9X4yQNuFZqY+d2FX0vAIGOF
lHrvNEvIQ0Ra+ClXfLoYZsrN6EN8NMxbheLzm44ilTyL4BMx477/M10U2cmIg+X1
t9BdBVV6M6uTrLYIonRL8BNfv6lKkmonA08cFGCE2dLbUfld6u6YbwBz4h9fUQqk
rUFcRjh2LZYNPoUWZjenjuZVMtvAnT5LZ28IaCa2CkOd51+tEki2VZQvqW30xa8V
0PzrQ6BGucVlNBMDSIJB/rk7DItCcr9bItfNNn0CAwEAAaOCAhUwggIRMB0GA1Ud
DgQWBBSo6YbMiloMfawr/MY+k4YWyC1ygDAfBgNVHSMEGDAWgBSCGj8h+wwpTW1K
UpsvHb1L0RGb1zAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2dob19JZnNNS1UxdFNsS2JMeDI5UzlFUm05Yy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMTIvZWRjODU1LWYyYmMtNGU5Yy04YzBjLWI2ZjJhYzg2ZWYyNy8x
L3FPbUd6SXBhREgyc0tfekdQcE9HRnNndGNvQS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMTIv
ZWRjODU1LWYyYmMtNGU5Yy04YzBjLWI2ZjJhYzg2ZWYyNy8xL2dob19JZnNNS1Ux
dFNsS2JMeDI5UzlFUm05Yy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAr
BggrBgEFBQcBBwEB/wQcMBowGAQCAAEwEgMEAS2dSAMEAY1i8AMEAcEfSDANBgkq
hkiG9w0BAQsFAAOCAQEAM705zqGxuKv8Mn/bKQMZCj7jvVxl2OOzHMyvMY8qE1Jd
jBSUDo0oWz17OyIjqI96DHlL2YPQ960LMq01zfHBpeRr/KErxnjUpZJiCpOXRZfs
Pdh/RtO82isReHvpqHVbIaNxIIxeIc0FKQVM3HHBHTVDfc8xBO+Q+0RQSLQtq+S7
np45/ijGqAIAd0sJWva+frZpZvIdJK928Ac0x+VS+SsjG9FkEORjgXIVdanEX66i
X9eqUB8YcPYapv/P0/G+ShfWCF3aomGkhu1/BFOp9HrxhZQ9OzWtnmQRMef/hjps
1fUF6QnHiUxGznHanehRZyvcO1bL9xf0VNtu2NqP6Q==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:44:17 2023 by rpki-client on console-fra.rpki-client.org