Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1a/64d4d0-6c98-4eec-bba1-37aa35e69dc1/1/gV0A7pQw_ck2lKdp-Jsl5a-ocsQ.roa
File: gV0A7pQw_ck2lKdp-Jsl5a-ocsQ.roa (raw, json)
Hash identifier: yDbBpc1GH/hzO3eI2QIeuxCzSUTFEcEJPhjMqhBiFhQ=
Subject key identifier: 81:5D:00:EE:94:30:FD:C9:36:94:A7:69:F8:9B:25:E5:AF:A8:72:C4
Certificate issuer: /CN=d3c8b10a38f81c64e201207bfc3544c2972af5f3
Certificate serial: 0130D3A0
Authority key identifier: D3:C8:B1:0A:38:F8:1C:64:E2:01:20:7B:FC:35:44:C2:97:2A:F5:F3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/08ixCjj4HGTiASB7_DVEwpcq9fM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1a/64d4d0-6c98-4eec-bba1-37aa35e69dc1/1/gV0A7pQw_ck2lKdp-Jsl5a-ocsQ.roa
Signing time: Sat 01 Jan 2022 12:54:10 +0000
ROA not before: Sat 01 Jan 2022 12:54:10 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 50736
IP address blocks: 193.124.116.0/24 maxlen: 24
185.25.152.0/22 maxlen: 22
193.124.134.0/24 maxlen: 24
193.124.48.0/24 maxlen: 24
193.124.54.0/24 maxlen: 24
194.58.78.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 19977120 (0x130d3a0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3c8b10a38f81c64e201207bfc3544c2972af5f3
Validity
Not Before: Jan 1 12:54:10 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=815d00ee9430fdc93694a769f89b25e5afa872c4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:b1:46:60:31:fe:00:a5:71:6c:6b:ea:2b:f1:
9b:e8:51:36:65:51:bb:a7:fc:cd:62:c6:eb:c5:6d:
73:d3:e7:3e:50:26:78:e9:2c:17:d4:69:15:13:e1:
78:f5:32:d4:bf:5b:68:df:2e:18:ef:b4:f3:59:b6:
9f:22:5e:3f:30:17:63:2c:4a:43:5d:48:af:9d:2f:
27:ee:e2:b0:d9:e3:63:7d:0e:ba:01:46:87:bf:f0:
f2:3a:ba:ea:a3:c4:74:c1:5d:bc:2c:ce:a8:b2:78:
87:a1:10:72:bf:cb:f9:6e:17:40:76:6e:21:a8:6f:
a0:68:b2:0f:88:6a:9b:32:40:5d:26:c5:25:d7:3e:
bf:6d:15:77:ac:e6:31:b5:2e:51:f4:ef:da:4b:14:
2d:d8:c0:b5:5e:72:33:ea:71:5b:53:60:82:a3:ac:
54:7b:78:7f:8a:d7:f5:b3:0c:b3:80:74:a9:9a:b3:
9a:29:02:d0:ef:a0:bb:c0:2e:36:eb:f0:5a:c5:ea:
50:48:97:e5:18:92:ce:14:e7:14:bd:f4:ef:fd:eb:
8b:ec:1c:c0:57:8a:ae:8b:5b:6b:84:87:6e:f2:9e:
7d:88:c3:52:54:e1:d7:fb:1d:bb:7a:90:01:6b:c3:
7a:fa:d5:29:12:b2:88:c8:ab:b6:f8:52:ae:c1:58:
d3:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
81:5D:00:EE:94:30:FD:C9:36:94:A7:69:F8:9B:25:E5:AF:A8:72:C4
X509v3 Authority Key Identifier:
keyid:D3:C8:B1:0A:38:F8:1C:64:E2:01:20:7B:FC:35:44:C2:97:2A:F5:F3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/08ixCjj4HGTiASB7_DVEwpcq9fM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/64d4d0-6c98-4eec-bba1-37aa35e69dc1/1/gV0A7pQw_ck2lKdp-Jsl5a-ocsQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/64d4d0-6c98-4eec-bba1-37aa35e69dc1/1/08ixCjj4HGTiASB7_DVEwpcq9fM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.25.152.0/22
193.124.48.0/24
193.124.54.0/24
193.124.116.0/24
193.124.134.0/24
194.58.78.0/24
Signature Algorithm: sha256WithRSAEncryption
34:27:48:30:8b:48:9d:49:00:c4:69:22:45:ce:5e:29:5e:f6:
04:bb:74:2a:ea:e0:19:00:d2:ee:97:1b:58:66:09:e6:5e:1d:
63:00:9a:60:87:58:77:c0:ac:ba:ef:9f:41:6d:5f:4a:80:1c:
0f:71:6c:30:6f:42:ae:f6:5b:bc:4c:31:3e:2c:79:19:65:22:
1d:71:28:57:0a:d9:82:4c:c4:c4:a0:1d:f2:67:94:be:81:a8:
a5:95:0d:dd:42:50:09:3f:f4:63:91:b1:8f:90:95:8a:13:ec:
88:15:99:4f:aa:70:dc:8c:9e:5c:a8:af:f0:3e:2f:b6:76:9a:
c9:76:44:5c:fa:b9:87:13:34:64:e1:57:3a:f0:54:9e:74:24:
5a:01:03:0c:8d:16:82:43:75:c8:8e:46:b6:98:25:aa:e7:9d:
82:1d:88:e9:a0:31:93:89:53:74:5e:8c:65:4e:df:6a:18:0a:
21:53:2b:70:c3:92:ad:78:b0:45:b3:00:95:58:77:88:69:70:
67:01:c4:4e:e9:8b:2d:09:dd:d7:8f:12:fc:0d:b2:d2:2c:89:
5b:8b:6c:42:bb:c9:67:d2:30:66:df:c1:ce:b9:30:58:46:33:
c9:a4:5e:47:32:60:57:0c:4d:42:b7:86:ae:6a:52:4a:6e:77:
69:32:aa:76
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgIEATDToDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
M2M4YjEwYTM4ZjgxYzY0ZTIwMTIwN2JmYzM1NDRjMjk3MmFmNWYzMB4XDTIyMDEw
MTEyNTQxMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoODE1ZDAwZWU5NDMw
ZmRjOTM2OTRhNzY5Zjg5YjI1ZTVhZmE4NzJjNDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMyxRmAx/gClcWxr6ivxm+hRNmVRu6f8zWLG68Vtc9PnPlAm
eOksF9RpFRPhePUy1L9baN8uGO+081m2nyJePzAXYyxKQ11Ir50vJ+7isNnjY30O
ugFGh7/w8jq66qPEdMFdvCzOqLJ4h6EQcr/L+W4XQHZuIahvoGiyD4hqmzJAXSbF
Jdc+v20Vd6zmMbUuUfTv2ksULdjAtV5yM+pxW1NggqOsVHt4f4rX9bMMs4B0qZqz
mikC0O+gu8AuNuvwWsXqUEiX5RiSzhTnFL307/3ri+wcwFeKrotba4SHbvKefYjD
UlTh1/sdu3qQAWvDevrVKRKyiMirtvhSrsFY0/8CAwEAAaOCAicwggIjMB0GA1Ud
DgQWBBSBXQDulDD9yTaUp2n4myXlr6hyxDAfBgNVHSMEGDAWgBTTyLEKOPgcZOIB
IHv8NUTClyr18zAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzA4aXhDamo0SEdUaUFTQjdfRFZFd3BjcTlmTS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMWEvNjRkNGQwLTZjOTgtNGVlYy1iYmExLTM3YWEzNWU2OWRjMS8x
L2dWMEE3cFF3X2NrMmxLZHAtSnNsNWEtb2NzUS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMWEv
NjRkNGQwLTZjOTgtNGVlYy1iYmExLTM3YWEzNWU2OWRjMS8xLzA4aXhDamo0SEdU
aUFTQjdfRFZFd3BjcTlmTS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA9
BggrBgEFBQcBBwEB/wQuMCwwKgQCAAEwJAMEArkZmAMEAMF8MAMEAMF8NgMEAMF8
dAMEAMF8hgMEAMI6TjANBgkqhkiG9w0BAQsFAAOCAQEANCdIMItInUkAxGkiRc5e
KV72BLt0KurgGQDS7pcbWGYJ5l4dYwCaYIdYd8Csuu+fQW1fSoAcD3FsMG9CrvZb
vEwxPix5GWUiHXEoVwrZgkzExKAd8meUvoGopZUN3UJQCT/0Y5Gxj5CVihPsiBWZ
T6pw3IyeXKiv8D4vtnaayXZEXPq5hxM0ZOFXOvBUnnQkWgEDDI0WgkN1yI5Gtpgl
quedgh2I6aAxk4lTdF6MZU7fahgKIVMrcMOSrXiwRbMAlVh3iGlwZwHETumLLQnd
148S/A2y0iyJW4tsQrvJZ9IwZt/BzrkwWEYzyaReRzJgVwxNQreGrmpSSm53aTKq
dg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:56:37 2024 by rpki-client on console-ams.rpki-client.org