Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/bfdd19-6bba-4dc9-afc6-97be426a2334/1/GI-i2KOSZebG6fWY7NsdKV1JiVY.roa
File: GI-i2KOSZebG6fWY7NsdKV1JiVY.roa (raw, json)
Hash identifier: bJUrCncJmZVVuoV9Pgq06Szba2sai7YUzrHNQCM3sWs=
Subject key identifier: 18:8F:A2:D8:A3:92:65:E6:C6:E9:F5:98:EC:DB:1D:29:5D:49:89:56
Certificate issuer: /CN=d04687a3ee6322b757de81e7f53c5d32eebe33a6
Certificate serial: 586B13
Authority key identifier: D0:46:87:A3:EE:63:22:B7:57:DE:81:E7:F5:3C:5D:32:EE:BE:33:A6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0EaHo-5jIrdX3oHn9TxdMu6-M6Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/25/bfdd19-6bba-4dc9-afc6-97be426a2334/1/GI-i2KOSZebG6fWY7NsdKV1JiVY.roa
Signing time: Sat 01 Jan 2022 00:57:36 +0000
ROA not before: Sat 01 Jan 2022 00:57:36 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 42669
IP address blocks: 185.128.76.0/22 maxlen: 24
77.242.176.0/20 maxlen: 20
2a0b:aa80::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5794579 (0x586b13)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d04687a3ee6322b757de81e7f53c5d32eebe33a6
Validity
Not Before: Jan 1 00:57:36 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=188fa2d8a39265e6c6e9f598ecdb1d295d498956
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:9c:ee:27:23:4c:80:d1:0d:61:c9:71:f6:cc:
d2:41:ef:17:fb:7e:c3:5e:3b:7d:90:5e:41:3b:79:
8f:cc:45:41:70:ab:ff:8e:6f:eb:a6:7c:a5:96:3f:
92:67:d8:ac:69:21:c5:80:02:aa:0d:05:31:5a:8c:
64:f6:28:6d:68:3b:a5:5e:3d:07:c4:34:cf:8a:ce:
39:bc:77:45:a9:da:1d:c5:61:04:e6:87:2c:10:6c:
01:38:17:d5:3a:93:f0:00:e5:8f:93:45:6f:28:a2:
28:55:38:9b:5a:e0:16:39:9b:79:8a:a3:26:66:c0:
47:fe:35:4b:17:40:a6:ef:bf:c3:83:ab:e5:07:c1:
ca:ad:15:9a:f8:dd:c4:f7:be:f1:04:e0:9f:f4:ed:
f3:a7:8c:e6:05:82:15:d1:35:a2:fc:a1:4f:b6:70:
46:e1:a6:0d:71:59:cb:f8:b9:7c:4d:8b:1e:81:75:
5b:b5:fb:36:dc:8f:ec:39:a8:c1:89:13:0d:9f:f6:
db:a3:d9:46:a3:92:30:04:91:ac:ba:e9:e3:e9:95:
60:cb:67:85:fa:5f:8b:45:b8:53:0c:fd:f6:5c:d6:
25:31:b5:ef:32:b7:70:05:75:ce:3b:20:c3:6b:d2:
cb:07:dd:48:ab:44:41:43:4f:f1:5f:e8:8e:ff:d5:
13:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
18:8F:A2:D8:A3:92:65:E6:C6:E9:F5:98:EC:DB:1D:29:5D:49:89:56
X509v3 Authority Key Identifier:
keyid:D0:46:87:A3:EE:63:22:B7:57:DE:81:E7:F5:3C:5D:32:EE:BE:33:A6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0EaHo-5jIrdX3oHn9TxdMu6-M6Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/bfdd19-6bba-4dc9-afc6-97be426a2334/1/GI-i2KOSZebG6fWY7NsdKV1JiVY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/25/bfdd19-6bba-4dc9-afc6-97be426a2334/1/0EaHo-5jIrdX3oHn9TxdMu6-M6Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.242.176.0/20
185.128.76.0/22
IPv6:
2a0b:aa80::/29
Signature Algorithm: sha256WithRSAEncryption
54:42:b6:31:b8:31:88:c5:bb:3b:9d:b1:56:2d:84:4c:a8:61:
85:f4:19:43:a0:45:ad:30:1a:b8:31:a7:33:30:ee:06:7a:45:
54:85:68:cf:14:d9:1b:fb:38:a8:6a:37:a1:79:bb:e7:b6:d7:
02:5b:0b:53:87:83:a2:a3:de:ee:85:1e:66:4e:bc:5e:53:b6:
de:96:4a:23:56:6d:95:42:1f:4b:e1:2f:17:91:a2:01:29:b7:
c6:c5:f4:4d:89:74:a5:78:c2:73:de:55:83:bb:02:58:2c:ef:
a9:77:86:da:c0:de:a9:df:b6:06:59:57:1a:64:a9:79:8d:9d:
3e:d2:1f:87:0d:68:85:9c:c0:fc:c4:89:f9:eb:05:1f:4c:02:
76:ea:3b:ab:1a:46:21:e6:44:f9:85:61:eb:34:74:33:22:f8:
ee:0c:14:62:9f:2c:99:9f:7d:16:46:1e:78:71:c0:8d:b6:cf:
d7:71:f2:64:61:0f:b1:56:7d:3d:28:0c:3d:c2:3e:4a:48:ae:
78:66:65:62:32:af:64:dc:d0:60:cb:f3:09:54:89:b5:a7:b8:
e2:fb:09:ad:d7:50:55:38:6f:7e:65:c2:e3:ce:3c:3b:13:58:
8e:ed:b3:bd:f8:17:70:27:fd:b8:fa:99:b8:43:6a:5c:f0:1f:
df:f6:a1:d0
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgIDWGsTMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGQw
NDY4N2EzZWU2MzIyYjc1N2RlODFlN2Y1M2M1ZDMyZWViZTMzYTYwHhcNMjIwMTAx
MDA1NzM2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEygxODhmYTJkOGEzOTI2
NWU2YzZlOWY1OThlY2RiMWQyOTVkNDk4OTU2MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAqZzuJyNMgNENYclx9szSQe8X+37DXjt9kF5BO3mPzEVBcKv/
jm/rpnyllj+SZ9isaSHFgAKqDQUxWoxk9ihtaDulXj0HxDTPis45vHdFqdodxWEE
5ocsEGwBOBfVOpPwAOWPk0VvKKIoVTibWuAWOZt5iqMmZsBH/jVLF0Cm77/Dg6vl
B8HKrRWa+N3E977xBOCf9O3zp4zmBYIV0TWi/KFPtnBG4aYNcVnL+Ll8TYsegXVb
tfs23I/sOajBiRMNn/bbo9lGo5IwBJGsuunj6ZVgy2eF+l+LRbhTDP32XNYlMbXv
MrdwBXXOOyDDa9LLB91Iq0RBQ0/xX+iO/9UTcwIDAQABo4ICHjCCAhowHQYDVR0O
BBYEFBiPotijkmXmxun1mOzbHSldSYlWMB8GA1UdIwQYMBaAFNBGh6PuYyK3V96B
5/U8XTLuvjOmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
MEVhSG8tNWpJcmRYM29IbjlUeGRNdTYtTTZZLmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC8yNS9iZmRkMTktNmJiYS00ZGM5LWFmYzYtOTdiZTQyNmEyMzM0LzEv
R0ktaTJLT1NaZWJHNmZXWTdOc2RLVjFKaVZZLnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS9i
ZmRkMTktNmJiYS00ZGM5LWFmYzYtOTdiZTQyNmEyMzM0LzEvMEVhSG8tNWpJcmRY
M29IbjlUeGRNdTYtTTZZLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMDQG
CCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQETfKwAwQCuYBMMA0EAgACMAcDBQMq
C6qAMA0GCSqGSIb3DQEBCwUAA4IBAQBUQrYxuDGIxbs7nbFWLYRMqGGF9BlDoEWt
MBq4MaczMO4GekVUhWjPFNkb+zioajehebvnttcCWwtTh4Oio97uhR5mTrxeU7be
lkojVm2VQh9L4S8XkaIBKbfGxfRNiXSleMJz3lWDuwJYLO+pd4bawN6p37YGWVca
ZKl5jZ0+0h+HDWiFnMD8xIn56wUfTAJ26jurGkYh5kT5hWHrNHQzIvjuDBRinyyZ
n30WRh54ccCNts/XcfJkYQ+xVn09KAw9wj5KSK54ZmViMq9k3NBgy/MJVIm1p7ji
+wmt11BVOG9+ZcLjzjw7E1iO7bO9+BdwJ/24+pm4Q2pc8B/f9qHQ
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:49:13 2023 by rpki-client on console-ams.rpki-client.org