Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1e/709e07-47d5-4720-b777-c6bca01b2ff8/1/gnpn8j7nm8CmzHQnWLwzv2L-adY.roa
File: gnpn8j7nm8CmzHQnWLwzv2L-adY.roa (raw, json)
Hash identifier: AG3SUup+eRAy5YjAHO/z0GsBkjXJXzwbkPLPfiwPF2o=
Subject key identifier: 82:7A:67:F2:3E:E7:9B:C0:A6:CC:74:27:58:BC:33:BF:62:FE:69:D6
Certificate issuer: /CN=a8c6f393350c77598c121acd3c92f7048576ef89
Certificate serial: 0278E9
Authority key identifier: A8:C6:F3:93:35:0C:77:59:8C:12:1A:CD:3C:92:F7:04:85:76:EF:89
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qMbzkzUMd1mMEhrNPJL3BIV274k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1e/709e07-47d5-4720-b777-c6bca01b2ff8/1/gnpn8j7nm8CmzHQnWLwzv2L-adY.roa
Signing time: Wed 30 Mar 2022 18:58:12 +0000
ROA not before: Wed 30 Mar 2022 18:58:12 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 49561
IP address blocks: 193.169.126.0/23 maxlen: 23
91.222.152.0/22 maxlen: 22
91.231.160.0/24 maxlen: 24
91.235.224.0/22 maxlen: 22
31.134.112.0/21 maxlen: 21
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 162025 (0x278e9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a8c6f393350c77598c121acd3c92f7048576ef89
Validity
Not Before: Mar 30 18:58:12 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=827a67f23ee79bc0a6cc742758bc33bf62fe69d6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:d6:49:e2:21:70:14:a9:07:31:a6:5f:e2:98:
86:c0:df:9c:f0:5d:e8:93:ad:0b:6d:b5:5d:14:d0:
23:7d:3e:0a:22:e6:49:ca:2d:6f:a1:0a:7a:41:0c:
df:32:f6:4b:e9:e4:26:0c:91:a3:df:57:5b:47:6c:
c8:29:60:8f:cb:0a:df:f6:d4:f6:c0:7b:f7:57:fc:
ab:03:6b:12:d9:b6:8b:37:77:b7:f7:0f:c5:fc:14:
69:f7:be:2a:fd:bf:4f:f7:e2:bc:37:84:d1:ba:59:
de:2a:a7:cf:4e:86:1a:0f:32:41:d5:2d:20:9e:8c:
ed:ec:b5:51:8e:67:d8:e2:2a:33:27:8a:ad:46:83:
2c:c4:2d:b0:d0:9a:eb:62:8b:e4:1b:b8:90:b8:cf:
a3:c8:45:e3:a7:f7:b7:37:0c:b3:f3:cc:50:f8:87:
33:36:9b:80:ed:99:53:86:41:6d:b3:df:0e:ca:47:
70:3a:85:17:6c:ac:e0:49:b3:b6:20:47:7b:a8:2a:
3c:8a:a8:0d:ba:e2:e2:6e:64:a0:e5:55:74:71:8b:
bf:b6:54:93:5e:e4:a2:ae:03:a8:0d:f4:1b:45:70:
4f:b8:eb:ac:95:25:02:d0:01:9e:9f:08:42:97:19:
f4:16:b6:cb:7a:2d:35:e4:b0:72:d6:10:39:6e:9f:
55:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
82:7A:67:F2:3E:E7:9B:C0:A6:CC:74:27:58:BC:33:BF:62:FE:69:D6
X509v3 Authority Key Identifier:
keyid:A8:C6:F3:93:35:0C:77:59:8C:12:1A:CD:3C:92:F7:04:85:76:EF:89
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qMbzkzUMd1mMEhrNPJL3BIV274k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/709e07-47d5-4720-b777-c6bca01b2ff8/1/gnpn8j7nm8CmzHQnWLwzv2L-adY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/709e07-47d5-4720-b777-c6bca01b2ff8/1/qMbzkzUMd1mMEhrNPJL3BIV274k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.134.112.0/21
91.222.152.0/22
91.231.160.0/24
91.235.224.0/22
193.169.126.0/23
Signature Algorithm: sha256WithRSAEncryption
1c:f9:08:72:47:9e:f8:04:c5:7c:38:0e:57:6f:7a:19:f4:f2:
db:cc:7d:be:02:6e:5a:ef:95:08:9d:37:28:4f:39:c0:aa:de:
6f:f1:b8:db:48:61:88:68:20:cb:6d:ae:ea:94:c0:9a:9e:83:
c5:a2:56:3d:36:2b:4d:47:7a:e0:e7:dc:1e:ed:76:ea:d9:6e:
7c:ee:81:b1:0d:7d:4a:55:55:07:40:cd:55:80:f2:20:85:8c:
dc:c6:8b:06:61:41:41:74:aa:5e:9e:7f:ff:38:c6:b7:5e:4e:
ee:f2:aa:18:0f:67:f9:9d:c0:37:aa:42:02:10:a8:7f:10:24:
6a:60:22:98:61:f3:d5:7f:44:71:ff:a9:d7:bf:67:6e:5b:72:
60:dd:1b:0d:91:e5:32:c9:b0:1b:0f:f1:10:4e:64:0d:31:96:
d7:67:be:c5:94:fe:30:8b:ae:49:c8:74:16:47:67:e2:03:36:
fb:ed:d7:b3:a9:f0:65:4d:2b:ce:fb:a3:bd:c4:c9:07:5b:71:
ef:91:c1:fe:d8:73:6f:c2:ac:07:14:cf:5f:c0:57:e0:7a:bf:
d8:49:aa:52:38:7b:be:e8:1f:4b:4b:a5:48:56:e5:5a:ea:fa:
e9:7c:12:6b:03:ae:26:c4:1c:fb:17:93:c2:48:e0:7b:9a:56:
cc:68:c1:11
-----BEGIN CERTIFICATE-----
MIIFBjCCA+6gAwIBAgIDAnjpMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGE4
YzZmMzkzMzUwYzc3NTk4YzEyMWFjZDNjOTJmNzA0ODU3NmVmODkwHhcNMjIwMzMw
MTg1ODEyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyg4MjdhNjdmMjNlZTc5
YmMwYTZjYzc0Mjc1OGJjMzNiZjYyZmU2OWQ2MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAy9ZJ4iFwFKkHMaZf4piGwN+c8F3ok60LbbVdFNAjfT4KIuZJ
yi1voQp6QQzfMvZL6eQmDJGj31dbR2zIKWCPywrf9tT2wHv3V/yrA2sS2baLN3e3
9w/F/BRp974q/b9P9+K8N4TRulneKqfPToYaDzJB1S0gnozt7LVRjmfY4iozJ4qt
RoMsxC2w0JrrYovkG7iQuM+jyEXjp/e3Nwyz88xQ+IczNpuA7ZlThkFts98Oykdw
OoUXbKzgSbO2IEd7qCo8iqgNuuLibmSg5VV0cYu/tlSTXuSirgOoDfQbRXBPuOus
lSUC0AGenwhClxn0FrbLei015LBy1hA5bp9VpQIDAQABo4ICITCCAh0wHQYDVR0O
BBYEFIJ6Z/I+55vApsx0J1i8M79i/mnWMB8GA1UdIwQYMBaAFKjG85M1DHdZjBIa
zTyS9wSFdu+JMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
cU1iemt6VU1kMW1NRWhyTlBKTDNCSVYyNzRrLmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC8xZS83MDllMDctNDdkNS00NzIwLWI3NzctYzZiY2EwMWIyZmY4LzEv
Z25wbjhqN25tOENtekhRbldMd3p2MkwtYWRZLnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZS83
MDllMDctNDdkNS00NzIwLWI3NzctYzZiY2EwMWIyZmY4LzEvcU1iemt6VU1kMW1N
RWhyTlBKTDNCSVYyNzRrLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMDcG
CCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQDH4ZwAwQCW96YAwQAW+egAwQCW+vg
AwQBwal+MA0GCSqGSIb3DQEBCwUAA4IBAQAc+QhyR574BMV8OA5Xb3oZ9PLbzH2+
Am5a75UInTcoTznAqt5v8bjbSGGIaCDLba7qlMCanoPFolY9NitNR3rg59we7Xbq
2W587oGxDX1KVVUHQM1VgPIghYzcxosGYUFBdKpenn//OMa3Xk7u8qoYD2f5ncA3
qkICEKh/ECRqYCKYYfPVf0Rx/6nXv2duW3Jg3RsNkeUyybAbD/EQTmQNMZbXZ77F
lP4wi65JyHQWR2fiAzb77dezqfBlTSvO+6O9xMkHW3HvkcH+2HNvwqwHFM9fwFfg
er/YSapSOHu+6B9LS6VIVuVa6vrpfBJrA64mxBz7F5PCSOB7mlbMaMER
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:45:03 2023 by rpki-client on console-fra.rpki-client.org