Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/a146c7-81e9-4862-974f-e0ecd5342ed8/1/gLpSEBta9wwTUcYr_RO8D7hUdg4.roa
File: gLpSEBta9wwTUcYr_RO8D7hUdg4.roa (raw, json)
Hash identifier: JH0INMjROYvaxXjkarToHoO7tyeiqg4VYiV/SLwgGHk=
Subject key identifier: 80:BA:52:10:1B:5A:F7:0C:13:51:C6:2B:FD:13:BC:0F:B8:54:76:0E
Certificate issuer: /CN=dfa68d14863a454b89547b59b5cc3415cd2d8f37
Certificate serial: 018506FA218D6A158DCCFBCE3593DE34080F
Authority key identifier: DF:A6:8D:14:86:3A:45:4B:89:54:7B:59:B5:CC:34:15:CD:2D:8F:37
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/36aNFIY6RUuJVHtZtcw0Fc0tjzc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/a146c7-81e9-4862-974f-e0ecd5342ed8/1/gLpSEBta9wwTUcYr_RO8D7hUdg4.roa
Signing time: Mon 12 Dec 2022 15:35:33 +0000
ROA not before: Mon 12 Dec 2022 15:35:33 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 60940
IP address blocks: 185.23.93.0/24 maxlen: 24
185.23.94.0/23 maxlen: 23
185.23.92.0/24 maxlen: 24
2a04:2500::/32 maxlen: 32
2a04:2500::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:06:fa:21:8d:6a:15:8d:cc:fb:ce:35:93:de:34:08:0f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dfa68d14863a454b89547b59b5cc3415cd2d8f37
Validity
Not Before: Dec 12 15:35:33 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=80ba52101b5af70c1351c62bfd13bc0fb854760e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:39:37:7b:c2:50:a3:b6:a1:9e:33:2b:9c:66:
14:f7:13:f5:a6:9e:89:5a:65:56:8d:d9:7f:31:ce:
2e:20:9e:54:fd:40:a7:f2:21:f2:61:c1:ca:8b:ac:
4d:b5:af:d0:cb:97:cd:60:c2:33:44:ca:e0:de:46:
2d:1c:f6:5e:f3:0a:6f:0b:b4:9b:24:04:48:5e:27:
55:2d:b5:1c:3d:76:bf:1c:53:6f:0f:3b:5b:d1:74:
92:f3:49:f3:6e:78:d7:03:f1:a8:33:49:ff:bf:c8:
3f:4b:20:62:ec:50:dc:79:bd:d4:31:f1:69:db:dd:
02:65:f3:ad:e2:0a:6c:bd:19:9e:0f:f6:94:31:aa:
ab:1f:cf:12:d1:03:04:7e:ed:94:a3:a5:01:c9:70:
25:f5:69:81:66:d8:a3:8f:ce:52:cf:34:6e:af:7e:
fb:62:e1:53:1c:e4:3c:a7:35:2a:34:c0:fd:c5:ab:
f2:6b:26:0d:de:fc:1a:5e:3a:97:b0:41:49:2a:ac:
3f:f3:ad:4b:8e:5a:fb:1b:ef:86:74:f8:c4:d4:e1:
97:05:40:42:f6:e9:d2:44:39:0b:d0:a3:45:d9:52:
c5:74:b0:dc:02:39:2b:03:eb:6c:ad:7d:48:e1:8b:
a5:65:05:6c:30:e9:f8:ee:cd:b3:24:99:88:fb:eb:
93:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
80:BA:52:10:1B:5A:F7:0C:13:51:C6:2B:FD:13:BC:0F:B8:54:76:0E
X509v3 Authority Key Identifier:
keyid:DF:A6:8D:14:86:3A:45:4B:89:54:7B:59:B5:CC:34:15:CD:2D:8F:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/36aNFIY6RUuJVHtZtcw0Fc0tjzc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/a146c7-81e9-4862-974f-e0ecd5342ed8/1/gLpSEBta9wwTUcYr_RO8D7hUdg4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/a146c7-81e9-4862-974f-e0ecd5342ed8/1/36aNFIY6RUuJVHtZtcw0Fc0tjzc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.23.92.0/22
IPv6:
2a04:2500::/32
Signature Algorithm: sha256WithRSAEncryption
7e:66:64:fb:43:0b:d1:9c:20:4d:9d:a2:6e:62:f4:1a:a1:da:
3c:4d:34:4d:cf:ba:8b:21:d9:8c:40:bd:40:2f:43:03:3f:19:
cd:a9:f9:85:fe:1e:2d:83:75:8f:91:a0:64:8c:42:d0:a5:57:
a0:2f:43:79:26:39:39:4f:3d:01:60:9b:29:9d:7c:98:da:e9:
c2:79:2d:a5:97:29:56:e0:f7:f9:c8:2b:e4:60:a7:50:99:a0:
91:d3:f3:d4:26:9c:a8:ae:b1:26:63:99:99:55:50:9e:5c:6f:
d9:8c:e9:96:db:af:c7:da:0e:86:0c:95:39:c2:27:f1:1e:64:
57:e7:2c:f4:c5:55:04:30:f9:ff:07:e8:ee:dc:fe:8f:de:e5:
ec:2e:49:cb:dc:9e:27:23:c6:04:9c:51:79:90:48:4b:91:05:
2c:6d:5b:a9:c7:0b:c5:bf:4e:b1:be:f0:0c:09:db:b8:af:f5:
ae:b0:03:94:53:99:b2:b5:3f:a4:19:e6:c6:b1:c9:a6:74:fc:
90:f7:54:35:b1:d0:f8:5a:5b:b3:be:4e:02:b2:5e:38:e4:23:
3e:da:76:34:f9:bc:0b:1a:9f:b7:76:24:f3:08:0b:92:69:9d:
73:88:5d:9f:0b:73:40:22:72:11:f8:3d:52:37:6b:e2:12:55:
90:e8:5b:4c
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYUG+iGNahWNzPvONZPeNAgPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRmYTY4ZDE0ODYzYTQ1NGI4OTU0N2I1OWI1Y2MzNDE1Y2Qy
ZDhmMzcwHhcNMjIxMjEyMTUzNTMzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MGJhNTIxMDFiNWFmNzBjMTM1MWM2MmJmZDEzYmMwZmI4NTQ3NjBlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwjk3e8JQo7ahnjMrnGYU9xP1pp6J
WmVWjdl/Mc4uIJ5U/UCn8iHyYcHKi6xNta/Qy5fNYMIzRMrg3kYtHPZe8wpvC7Sb
JARIXidVLbUcPXa/HFNvDztb0XSS80nzbnjXA/GoM0n/v8g/SyBi7FDceb3UMfFp
290CZfOt4gpsvRmeD/aUMaqrH88S0QMEfu2Uo6UByXAl9WmBZtijj85SzzRur377
YuFTHOQ8pzUqNMD9xavyayYN3vwaXjqXsEFJKqw/861Ljlr7G++GdPjE1OGXBUBC
9unSRDkL0KNF2VLFdLDcAjkrA+tsrX1I4YulZQVsMOn47s2zJJmI++uTkQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFIC6UhAbWvcME1HGK/0TvA+4VHYOMB8GA1UdIwQY
MBaAFN+mjRSGOkVLiVR7WbXMNBXNLY83MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMzZhTkZJWTZSVXVKVkh0WnRjdzBGYzB0anpjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy9hMTQ2YzctODFlOS00ODYyLTk3NGYt
ZTBlY2Q1MzQyZWQ4LzEvZ0xwU0VCdGE5d3dUVWNZcl9STzhEN2hVZGc0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy9hMTQ2YzctODFlOS00ODYyLTk3NGYtZTBlY2Q1MzQyZWQ4
LzEvMzZhTkZJWTZSVXVKVkh0WnRjdzBGYzB0anpjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuRdcMA0E
AgACMAcDBQAqBCUAMA0GCSqGSIb3DQEBCwUAA4IBAQB+ZmT7QwvRnCBNnaJuYvQa
odo8TTRNz7qLIdmMQL1AL0MDPxnNqfmF/h4tg3WPkaBkjELQpVegL0N5Jjk5Tz0B
YJspnXyY2unCeS2llylW4Pf5yCvkYKdQmaCR0/PUJpyorrEmY5mZVVCeXG/ZjOmW
26/H2g6GDJU5wifxHmRX5yz0xVUEMPn/B+ju3P6P3uXsLknL3J4nI8YEnFF5kEhL
kQUsbVupxwvFv06xvvAMCdu4r/WusAOUU5mytT+kGebGscmmdPyQ91Q1sdD4Wluz
vk4Csl445CM+2nY0+bwLGp+3diTzCAuSaZ1ziF2fC3NAInIR+D1SN2viElWQ6FtM
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:25 2023 by rpki-client on console-ams.rpki-client.org