Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/71e09c-28f3-4825-806f-a0dc354f4ca3/1/GKLbRAHhT2tnBY-rlCx80nzULU8.roa
File: GKLbRAHhT2tnBY-rlCx80nzULU8.roa (raw, json)
Hash identifier: VaXZrVASrGxEWTxWTXWgEkmVVGFWugEenyNdlD9QBJc=
Subject key identifier: 18:A2:DB:44:01:E1:4F:6B:67:05:8F:AB:94:2C:7C:D2:7C:D4:2D:4F
Certificate issuer: /CN=e9aab1446100a8fce03df19d755e06329ee24713
Certificate serial: 01830DBCB7692112A595B2066B9C4A6DF640
Authority key identifier: E9:AA:B1:44:61:00:A8:FC:E0:3D:F1:9D:75:5E:06:32:9E:E2:47:13
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6aqxRGEAqPzgPfGddV4GMp7iRxM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/71e09c-28f3-4825-806f-a0dc354f4ca3/1/GKLbRAHhT2tnBY-rlCx80nzULU8.roa
Signing time: Mon 05 Sep 2022 13:00:14 +0000
ROA not before: Mon 05 Sep 2022 13:00:14 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 42708
IP address blocks: 46.21.96.0/20 maxlen: 24
46.21.100.0/24 maxlen: 24
195.149.101.0/24 maxlen: 24
185.157.220.0/22 maxlen: 24
212.112.0.0/19 maxlen: 24
31.192.224.0/21 maxlen: 24
31.192.228.0/24 maxlen: 24
193.108.196.0/24 maxlen: 24
109.74.0.0/20 maxlen: 24
188.126.64.0/19 maxlen: 24
80.67.0.0/20 maxlen: 24
79.99.0.0/21 maxlen: 24
178.73.192.0/18 maxlen: 24
91.228.194.0/23 maxlen: 24
91.228.193.0/24 maxlen: 24
178.73.224.0/19 maxlen: 19
5.178.72.0/21 maxlen: 21
185.118.36.0/22 maxlen: 22
91.213.246.0/24 maxlen: 24
94.247.168.0/21 maxlen: 24
46.246.0.0/17 maxlen: 24
37.152.56.0/21 maxlen: 24
194.54.164.0/22 maxlen: 24
195.238.76.0/23 maxlen: 24
185.39.144.0/22 maxlen: 24
159.253.24.0/21 maxlen: 24
91.217.189.0/24 maxlen: 24
159.253.28.0/24 maxlen: 24
159.253.29.0/24 maxlen: 24
195.246.120.0/23 maxlen: 24
195.20.206.0/23 maxlen: 24
2a03:5e00::/32 maxlen: 32
2a00:1a28::/32 maxlen: 48
2a02:750::/29 maxlen: 48
2a02:750:10::/48 maxlen: 48
2a02:750:14::/48 maxlen: 48
2a02:750:8::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:0d:bc:b7:69:21:12:a5:95:b2:06:6b:9c:4a:6d:f6:40
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e9aab1446100a8fce03df19d755e06329ee24713
Validity
Not Before: Sep 5 13:00:14 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=18a2db4401e14f6b67058fab942c7cd27cd42d4f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:4f:eb:b9:74:e5:c5:84:7a:c1:7e:f7:37:80:
6d:35:66:49:95:da:8f:1f:e7:75:f2:1a:d4:d3:9c:
99:ac:53:ed:c6:7b:5b:64:4e:c8:a6:5a:3b:7c:07:
bf:d4:6f:77:54:d5:79:90:bf:dd:ac:7e:70:25:b1:
5b:b9:6f:8b:52:0f:69:12:cb:56:21:b8:34:da:1b:
1e:41:a0:fb:b2:1d:19:b6:5c:4f:fa:27:d5:fb:a1:
16:1f:dd:14:4a:a0:c4:09:10:a7:5b:76:b2:ae:91:
1d:3f:0b:55:01:bb:d9:d2:7a:ca:70:d0:ad:9c:ca:
1f:0b:f6:28:4e:86:81:d6:ad:7d:0c:a6:ba:20:62:
b4:7c:1d:e1:02:f5:6c:6d:77:d4:61:7c:50:95:6b:
5c:d8:6b:b8:22:d8:7e:67:8f:57:b1:ea:e0:d5:ff:
d7:f8:65:f3:75:f6:f6:b2:ee:92:8e:53:f5:4f:6f:
8f:9d:e1:96:17:11:89:85:88:77:16:03:90:65:28:
69:ea:ce:1a:5d:71:a3:19:a6:69:88:19:88:65:1c:
82:9e:a7:63:26:9e:9d:a0:21:64:a3:f0:63:00:85:
0c:12:67:46:93:d9:3b:54:9c:30:a8:85:3d:4d:5a:
b2:75:ce:b8:2f:40:dc:6c:74:3e:fd:5e:7c:21:08:
d7:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
18:A2:DB:44:01:E1:4F:6B:67:05:8F:AB:94:2C:7C:D2:7C:D4:2D:4F
X509v3 Authority Key Identifier:
keyid:E9:AA:B1:44:61:00:A8:FC:E0:3D:F1:9D:75:5E:06:32:9E:E2:47:13
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6aqxRGEAqPzgPfGddV4GMp7iRxM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/71e09c-28f3-4825-806f-a0dc354f4ca3/1/GKLbRAHhT2tnBY-rlCx80nzULU8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/29/71e09c-28f3-4825-806f-a0dc354f4ca3/1/6aqxRGEAqPzgPfGddV4GMp7iRxM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.178.72.0/21
31.192.224.0/21
37.152.56.0/21
46.21.96.0/20
46.246.0.0/17
79.99.0.0/21
80.67.0.0/20
91.213.246.0/24
91.217.189.0/24
91.228.193.0-91.228.195.255
94.247.168.0/21
109.74.0.0/20
159.253.24.0/21
178.73.192.0/18
185.39.144.0/22
185.118.36.0/22
185.157.220.0/22
188.126.64.0/19
193.108.196.0/24
194.54.164.0/22
195.20.206.0/23
195.149.101.0/24
195.238.76.0/23
195.246.120.0/23
212.112.0.0/19
IPv6:
2a00:1a28::/32
2a02:750::/29
2a03:5e00::/32
Signature Algorithm: sha256WithRSAEncryption
65:da:db:7b:53:a6:d0:67:9f:00:cc:c3:05:af:93:3c:7b:08:
b1:48:48:2b:c6:53:c9:81:91:b2:2e:43:29:ae:0e:e8:e4:d9:
1a:ba:0d:8e:b8:1f:c7:13:77:df:0a:d0:36:2b:64:15:09:f2:
e7:40:21:b3:0a:f7:80:c7:45:38:8d:b4:94:b6:f0:b0:a8:61:
0e:36:73:f7:81:fc:88:4b:81:0c:5a:f7:07:74:dd:6c:2a:6b:
a6:9e:22:9d:79:73:db:bb:65:69:9d:2a:4e:41:53:a5:bc:45:
4c:ce:46:32:7e:ec:cb:df:e7:34:5c:d6:aa:5f:a4:d0:cf:8b:
ee:de:d2:fd:ed:9b:96:67:65:c4:ad:ff:ed:24:fc:82:d8:90:
f4:58:59:3a:aa:ae:51:cb:f2:63:3f:56:31:05:0f:4d:d3:cf:
7c:23:b4:22:41:9d:c0:cd:be:e8:70:78:08:af:1f:9c:7b:3a:
92:3a:65:7c:d5:6f:7c:5f:7b:a6:bb:26:7b:b9:2f:b5:ff:5e:
52:e5:b3:40:b5:1f:82:c9:cd:2e:4d:0d:b9:84:b2:f1:a3:c4:
99:22:4a:ba:ed:ac:53:28:24:a3:a1:be:f7:cd:88:fe:d4:9b:
ed:e9:8a:5f:71:d4:30:40:6f:a2:1b:5d:07:19:d5:87:5d:d1:
cc:f2:9d:24
-----BEGIN CERTIFICATE-----
MIIFtzCCBJ+gAwIBAgISAYMNvLdpIRKllbIGa5xKbfZAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU5YWFiMTQ0NjEwMGE4ZmNlMDNkZjE5ZDc1NWUwNjMyOWVl
MjQ3MTMwHhcNMjIwOTA1MTMwMDE0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxOGEyZGI0NDAxZTE0ZjZiNjcwNThmYWI5NDJjN2NkMjdjZDQyZDRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkk/ruXTlxYR6wX73N4BtNWZJldqP
H+d18hrU05yZrFPtxntbZE7Iplo7fAe/1G93VNV5kL/drH5wJbFbuW+LUg9pEstW
Ibg02hseQaD7sh0ZtlxP+ifV+6EWH90USqDECRCnW3ayrpEdPwtVAbvZ0nrKcNCt
nMofC/YoToaB1q19DKa6IGK0fB3hAvVsbXfUYXxQlWtc2Gu4Ith+Z49Xserg1f/X
+GXzdfb2su6SjlP1T2+PneGWFxGJhYh3FgOQZShp6s4aXXGjGaZpiBmIZRyCnqdj
Jp6doCFko/BjAIUMEmdGk9k7VJwwqIU9TVqydc64L0DcbHQ+/V58IQjXLwIDAQAB
o4ICwzCCAr8wHQYDVR0OBBYEFBii20QB4U9rZwWPq5QsfNJ81C1PMB8GA1UdIwQY
MBaAFOmqsURhAKj84D3xnXVeBjKe4kcTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNmFxeFJHRUFxUHpnUGZHZGRWNEdNcDdpUnhNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS83MWUwOWMtMjhmMy00ODI1LTgwNmYt
YTBkYzM1NGY0Y2EzLzEvR0tMYlJBSGhUMnRuQlktcmxDeDgwbnpVTFU4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOS83MWUwOWMtMjhmMy00ODI1LTgwNmYtYTBkYzM1NGY0Y2Ez
LzEvNmFxeFJHRUFxUHpnUGZHZGRWNEdNcDdpUnhNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHYBggrBgEFBQcBBwEB/wSByDCBxTCBpQQCAAEwgZ4DBAMF
skgDBAMfwOADBAMlmDgDBAQuFWADBAcu9gADBANPYwADBARQQwADBABb1fYDBABb
2b0wDAMEAFvkwQMEAlvkwAMEA173qAMEBG1KAAMEA5/9GAMEBrJJwAMEArknkAME
Arl2JAMEArmd3AMEBbx+QAMEAMFsxAMEAsI2pAMEAcMUzgMEAMOVZQMEAcPuTAME
AcP2eAMEBdRwADAbBAIAAjAVAwUAKgAaKAMFAyoCB1ADBQAqA14AMA0GCSqGSIb3
DQEBCwUAA4IBAQBl2tt7U6bQZ58AzMMFr5M8ewixSEgrxlPJgZGyLkMprg7o5Nka
ug2OuB/HE3ffCtA2K2QVCfLnQCGzCveAx0U4jbSUtvCwqGEONnP3gfyIS4EMWvcH
dN1sKmumniKdeXPbu2VpnSpOQVOlvEVMzkYyfuzL3+c0XNaqX6TQz4vu3tL97ZuW
Z2XErf/tJPyC2JD0WFk6qq5Ry/JjP1YxBQ9N0898I7QiQZ3Azb7ocHgIrx+cezqS
OmV81W98X3umuyZ7uS+1/15S5bNAtR+Cyc0uTQ25hLLxo8SZIkq67axTKCSjob73
zYj+1Jvt6YpfcdQwQG+iG10HGdWHXdHM8p0k
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:45:38 2023 by rpki-client on console-fra.rpki-client.org