Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/G-IrRQ2XqkVwq67gpGikVUOxSho.roa
File: G-IrRQ2XqkVwq67gpGikVUOxSho.roa (raw, json)
Hash identifier: /kd0jrHxvxKp5WYChB+ACjy2XZGESarUIk0DFuDkcbk=
Subject key identifier: 1B:E2:2B:45:0D:97:AA:45:70:AB:AE:E0:A4:68:A4:55:43:B1:4A:1A
Certificate issuer: /CN=eaaa8a0a5fdfd698e104be36a2aeec813aeca071
Certificate serial: 487A4E32
Authority key identifier: EA:AA:8A:0A:5F:DF:D6:98:E1:04:BE:36:A2:AE:EC:81:3A:EC:A0:71
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6qqKCl_f1pjhBL42oq7sgTrsoHE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/G-IrRQ2XqkVwq67gpGikVUOxSho.roa
Signing time: Sat 01 Jan 2022 03:00:39 +0000
ROA not before: Sat 01 Jan 2022 03:00:39 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 203196
IP address blocks: 37.139.38.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1215974962 (0x487a4e32)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=eaaa8a0a5fdfd698e104be36a2aeec813aeca071
Validity
Not Before: Jan 1 03:00:39 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=1be22b450d97aa4570abaee0a468a45543b14a1a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:15:aa:e2:98:f6:f3:a6:28:57:61:68:d2:20:
10:ae:33:88:94:2b:80:78:61:3c:c5:5b:9d:66:dd:
7b:b6:fe:44:a4:d9:5f:39:04:54:4b:eb:b0:4a:52:
ab:bf:2d:e5:08:6c:78:9f:cb:c3:67:f9:79:6b:30:
0d:b8:29:9c:b6:10:6e:d6:33:f4:be:f3:5a:f8:bf:
d0:db:2f:d2:8d:d1:0d:b7:c2:7a:6f:f3:98:f4:97:
87:af:1c:1c:03:dd:92:01:ba:71:53:65:6f:24:0d:
15:d3:12:e1:d1:00:1b:f9:6b:65:12:82:f3:1e:c1:
fd:06:ed:0a:89:4e:9e:e3:0b:0b:b3:f8:38:c5:9b:
43:c7:9c:2b:ed:80:6b:a4:16:c9:ad:9a:82:0d:8c:
53:c6:9e:9c:aa:94:02:99:5f:d7:e7:f6:10:4f:e5:
a0:b5:35:64:b5:f9:33:5e:b0:30:cb:4d:30:6c:f9:
c7:d2:eb:4b:e4:66:a2:ab:2d:9f:17:bb:c9:98:2a:
77:33:ca:42:38:08:18:04:2d:b8:d5:4c:e7:e1:b8:
79:19:c3:6b:af:60:14:15:74:8e:df:f2:24:32:0f:
e9:b2:2a:cf:1b:b7:0b:fb:41:26:23:ea:e3:99:4d:
3b:13:3a:d2:31:56:93:8b:09:7a:56:25:66:28:d1:
5c:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1B:E2:2B:45:0D:97:AA:45:70:AB:AE:E0:A4:68:A4:55:43:B1:4A:1A
X509v3 Authority Key Identifier:
keyid:EA:AA:8A:0A:5F:DF:D6:98:E1:04:BE:36:A2:AE:EC:81:3A:EC:A0:71
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6qqKCl_f1pjhBL42oq7sgTrsoHE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/G-IrRQ2XqkVwq67gpGikVUOxSho.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/6qqKCl_f1pjhBL42oq7sgTrsoHE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.139.38.0/24
Signature Algorithm: sha256WithRSAEncryption
59:6e:22:41:7c:d0:bb:81:27:e0:04:f6:22:b9:d8:47:46:b4:
43:66:7e:4c:5a:9e:57:60:2a:85:14:85:96:01:39:c0:5c:46:
52:00:12:87:25:8a:e9:f9:79:7f:f8:f0:49:72:ab:44:c4:1e:
33:cd:78:c4:6e:06:8b:09:9c:d8:2a:56:95:0b:bb:5c:25:a0:
f0:26:2e:18:55:be:02:ea:d7:15:20:e4:77:f2:8a:cd:10:3f:
e4:9a:7b:a9:9b:f4:8e:7c:f7:28:a6:40:54:b7:20:96:71:88:
05:60:51:99:77:b5:9c:92:ac:ff:ed:f8:4d:66:18:29:44:2d:
bc:70:0e:09:f4:ed:84:25:be:ca:13:e1:1d:b1:56:e6:12:5c:
a5:e9:ab:9e:f8:3c:53:1e:42:15:25:38:01:a5:aa:a1:7b:eb:
44:5c:04:ad:2e:63:82:5c:81:06:ef:f4:23:6d:c8:91:01:0e:
ad:d9:a7:53:8d:01:cd:e8:55:46:46:74:a7:4e:0b:b3:be:f0:
ee:8e:7c:16:b3:d6:1b:b9:5b:09:83:cb:46:d3:35:53:f4:41:
1d:b2:dd:2b:61:13:96:75:cc:18:a4:74:00:60:ff:98:4a:4b:
91:3b:a6:4c:9b:2a:1c:11:0d:76:c5:4e:95:e2:29:6e:1e:c8:
b1:ec:f2:ee
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIESHpOMjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhl
YWFhOGEwYTVmZGZkNjk4ZTEwNGJlMzZhMmFlZWM4MTNhZWNhMDcxMB4XDTIyMDEw
MTAzMDAzOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMWJlMjJiNDUwZDk3
YWE0NTcwYWJhZWUwYTQ2OGE0NTU0M2IxNGExYTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAM4VquKY9vOmKFdhaNIgEK4ziJQrgHhhPMVbnWbde7b+RKTZ
XzkEVEvrsEpSq78t5QhseJ/Lw2f5eWswDbgpnLYQbtYz9L7zWvi/0Nsv0o3RDbfC
em/zmPSXh68cHAPdkgG6cVNlbyQNFdMS4dEAG/lrZRKC8x7B/QbtColOnuMLC7P4
OMWbQ8ecK+2Aa6QWya2agg2MU8aenKqUAplf1+f2EE/loLU1ZLX5M16wMMtNMGz5
x9LrS+Rmoqstnxe7yZgqdzPKQjgIGAQtuNVM5+G4eRnDa69gFBV0jt/yJDIP6bIq
zxu3C/tBJiPq45lNOxM60jFWk4sJelYlZijRXC8CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQb4itFDZeqRXCrruCkaKRVQ7FKGjAfBgNVHSMEGDAWgBTqqooKX9/WmOEE
vjairuyBOuygcTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzZxcUtDbF9mMXBqaEJMNDJvcTdzZ1Ryc29IRS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMWMvMjkzMmRmLWE0YmQtNGFmNS1hNGQ0LTg5ZDA5MjQwYzQzYi8x
L0ctSXJSUTJYcWtWd3E2N2dwR2lrVlVPeFNoby5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMWMv
MjkzMmRmLWE0YmQtNGFmNS1hNGQ0LTg5ZDA5MjQwYzQzYi8xLzZxcUtDbF9mMXBq
aEJMNDJvcTdzZ1Ryc29IRS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEACWLJjANBgkqhkiG9w0BAQsFAAOC
AQEAWW4iQXzQu4En4AT2IrnYR0a0Q2Z+TFqeV2AqhRSFlgE5wFxGUgAShyWK6fl5
f/jwSXKrRMQeM814xG4Giwmc2CpWlQu7XCWg8CYuGFW+AurXFSDkd/KKzRA/5Jp7
qZv0jnz3KKZAVLcglnGIBWBRmXe1nJKs/+34TWYYKUQtvHAOCfTthCW+yhPhHbFW
5hJcpemrnvg8Ux5CFSU4AaWqoXvrRFwErS5jglyBBu/0I23IkQEOrdmnU40BzehV
RkZ0p04Ls77w7o58FrPWG7lbCYPLRtM1U/RBHbLdK2ETlnXMGKR0AGD/mEpLkTum
TJsqHBENdsVOleIpbh7Isezy7g==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:44:56 2023 by rpki-client on console-fra.rpki-client.org