Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/b20d83-612c-4b62-97a3-1a5e5f191bfa/1/GX__j7d4fq6ACDFMbVfj9WsGafw.roa
File: GX__j7d4fq6ACDFMbVfj9WsGafw.roa (raw, json)
Hash identifier: nbDqlLBpHct1gsbzpV5O8JCK00WrrGOWiVI7+fJyORo=
Subject key identifier: 19:7F:FF:8F:B7:78:7E:AE:80:08:31:4C:6D:57:E3:F5:6B:06:69:FC
Certificate issuer: /CN=307d887c02e07c9e474d1f8e21049caa6ce3fbd3
Certificate serial: 0E867662
Authority key identifier: 30:7D:88:7C:02:E0:7C:9E:47:4D:1F:8E:21:04:9C:AA:6C:E3:FB:D3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MH2IfALgfJ5HTR-OIQScqmzj-9M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/b20d83-612c-4b62-97a3-1a5e5f191bfa/1/GX__j7d4fq6ACDFMbVfj9WsGafw.roa
Signing time: Tue 14 Jun 2022 07:30:45 +0000
ROA not before: Tue 14 Jun 2022 07:30:45 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 31167
IP address blocks: 109.74.80.0/20 maxlen: 20
109.74.90.0/24 maxlen: 24
85.14.153.0/24 maxlen: 24
217.119.176.0/20 maxlen: 20
217.171.16.0/20 maxlen: 20
217.171.27.0/24 maxlen: 24
85.14.131.0/24 maxlen: 24
85.14.128.0/18 maxlen: 18
2a00:1788::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 243693154 (0xe867662)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=307d887c02e07c9e474d1f8e21049caa6ce3fbd3
Validity
Not Before: Jun 14 07:30:45 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=197fff8fb7787eae8008314c6d57e3f56b0669fc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:27:67:a7:39:68:bb:4a:a8:c9:fa:fc:48:04:
58:9f:14:3b:e3:02:a6:09:90:38:bf:3b:48:a5:3e:
2f:cb:c5:6e:93:db:44:e1:18:35:07:b1:e5:11:46:
ad:29:e9:c7:14:96:7b:65:62:79:cc:47:b7:d6:15:
22:28:8d:02:9a:a3:5b:63:27:05:1c:9c:a6:00:fd:
92:8f:20:71:87:d3:44:b7:86:3d:7a:3f:5c:e9:65:
01:aa:f0:bf:ec:49:84:2a:d3:c9:3c:58:eb:26:32:
4a:ab:42:05:dd:f8:c6:00:4f:c6:f8:11:ee:9c:46:
2f:2e:53:d8:5f:82:88:ed:e6:b9:94:08:8c:31:fb:
04:21:c6:66:4c:d3:af:5d:1a:be:30:a1:a4:30:f4:
82:41:e0:ef:2c:b6:6f:dc:e5:a4:36:64:e7:94:ff:
a7:b6:58:6b:5f:ec:70:bd:9e:d3:44:63:b0:d4:65:
46:aa:a9:25:94:9b:8f:5d:d3:e9:a2:aa:b3:8c:f7:
8d:96:93:a9:6b:46:39:5c:ba:62:43:31:0d:d8:48:
34:18:c6:35:e3:a4:a2:9c:12:a7:24:98:51:a1:c5:
dc:39:2d:7f:3b:56:64:e7:8b:61:73:73:4b:94:60:
05:2f:75:a1:74:91:46:69:98:7d:47:83:ac:07:35:
6c:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
19:7F:FF:8F:B7:78:7E:AE:80:08:31:4C:6D:57:E3:F5:6B:06:69:FC
X509v3 Authority Key Identifier:
keyid:30:7D:88:7C:02:E0:7C:9E:47:4D:1F:8E:21:04:9C:AA:6C:E3:FB:D3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MH2IfALgfJ5HTR-OIQScqmzj-9M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/b20d83-612c-4b62-97a3-1a5e5f191bfa/1/GX__j7d4fq6ACDFMbVfj9WsGafw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/b20d83-612c-4b62-97a3-1a5e5f191bfa/1/MH2IfALgfJ5HTR-OIQScqmzj-9M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.14.128.0/18
109.74.80.0/20
217.119.176.0/20
217.171.16.0/20
IPv6:
2a00:1788::/32
Signature Algorithm: sha256WithRSAEncryption
b5:cb:af:e2:d2:55:e3:98:e5:82:2b:f9:4c:9f:ae:40:15:0a:
89:db:a5:f6:2b:69:ca:cd:92:c1:2a:a5:ad:47:c9:38:6b:2d:
1e:e0:5d:6d:20:0a:2b:cc:43:71:1c:9e:1a:6b:b1:64:4b:9c:
c5:02:5b:e2:41:2a:61:7b:b0:5f:ac:9f:d2:9f:66:0d:24:fb:
dd:1d:f1:cc:93:60:66:b6:d7:ce:92:fc:54:3d:e9:6f:d5:b3:
45:20:44:0a:b2:01:bb:ed:0e:cd:ce:99:1e:7b:32:e6:0e:77:
dc:14:08:c9:07:c1:88:2e:0d:75:17:e6:67:ee:97:b7:e7:4d:
1c:b8:f3:14:ce:22:95:af:57:bb:4f:53:bd:67:1e:21:3f:b3:
24:80:59:40:7a:e2:30:14:c7:3f:c6:c8:85:7d:71:84:c4:c4:
0f:65:e4:6f:35:a8:3d:5d:46:cb:f7:ef:db:7d:74:dd:4d:40:
0a:e4:12:77:7e:d1:7f:59:08:55:03:42:bd:a8:64:a8:44:7b:
12:18:16:fc:1e:76:94:f5:bf:8e:a6:89:6c:08:7a:fe:ad:a7:
48:0a:96:dd:ef:bd:51:b9:ce:d1:30:0d:65:c5:a8:1b:c4:0c:
df:ef:13:fa:f7:f7:0e:1d:03:5a:1a:25:38:25:b0:0b:d2:f6:
9c:d3:27:1b
-----BEGIN CERTIFICATE-----
MIIFEDCCA/igAwIBAgIEDoZ2YjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
MDdkODg3YzAyZTA3YzllNDc0ZDFmOGUyMTA0OWNhYTZjZTNmYmQzMB4XDTIyMDYx
NDA3MzA0NVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMTk3ZmZmOGZiNzc4
N2VhZTgwMDgzMTRjNmQ1N2UzZjU2YjA2NjlmYzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAK4nZ6c5aLtKqMn6/EgEWJ8UO+MCpgmQOL87SKU+L8vFbpPb
ROEYNQex5RFGrSnpxxSWe2ViecxHt9YVIiiNApqjW2MnBRycpgD9ko8gcYfTRLeG
PXo/XOllAarwv+xJhCrTyTxY6yYySqtCBd34xgBPxvgR7pxGLy5T2F+CiO3muZQI
jDH7BCHGZkzTr10avjChpDD0gkHg7yy2b9zlpDZk55T/p7ZYa1/scL2e00RjsNRl
RqqpJZSbj13T6aKqs4z3jZaTqWtGOVy6YkMxDdhINBjGNeOkopwSpySYUaHF3Dkt
fztWZOeLYXNzS5RgBS91oXSRRmmYfUeDrAc1bJECAwEAAaOCAiowggImMB0GA1Ud
DgQWBBQZf/+Pt3h+roAIMUxtV+P1awZp/DAfBgNVHSMEGDAWgBQwfYh8AuB8nkdN
H44hBJyqbOP70zAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L01IMklmQUxnZko1SFRSLU9JUVNjcW16ai05TS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMWMvYjIwZDgzLTYxMmMtNGI2Mi05N2EzLTFhNWU1ZjE5MWJmYS8x
L0dYX19qN2Q0ZnE2QUNERk1iVmZqOVdzR2Fmdy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMWMv
YjIwZDgzLTYxMmMtNGI2Mi05N2EzLTFhNWU1ZjE5MWJmYS8xL01IMklmQUxnZko1
SFRSLU9JUVNjcW16ai05TS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBA
BggrBgEFBQcBBwEB/wQxMC8wHgQCAAEwGAMEBlUOgAMEBG1KUAMEBNl3sAMEBNmr
EDANBAIAAjAHAwUAKgAXiDANBgkqhkiG9w0BAQsFAAOCAQEAtcuv4tJV45jlgiv5
TJ+uQBUKidul9itpys2SwSqlrUfJOGstHuBdbSAKK8xDcRyeGmuxZEucxQJb4kEq
YXuwX6yf0p9mDST73R3xzJNgZrbXzpL8VD3pb9WzRSBECrIBu+0Ozc6ZHnsy5g53
3BQIyQfBiC4NdRfmZ+6Xt+dNHLjzFM4ila9Xu09TvWceIT+zJIBZQHriMBTHP8bI
hX1xhMTED2XkbzWoPV1Gy/fv23103U1ACuQSd37Rf1kIVQNCvahkqER7EhgW/B52
lPW/jqaJbAh6/q2nSAqW3e+9UbnO0TANZcWoG8QM3+8T+vf3Dh0DWholOCWwC9L2
nNMnGw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:57:04 2024 by rpki-client on console-ams.rpki-client.org