Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/rGWGQetxiUOGlSG7KEkopQuonV4.roa
File: rGWGQetxiUOGlSG7KEkopQuonV4.roa (raw, json)
Hash identifier: 4jCBmJk2vAZR0TgJFZVoossc2wffn3Ms8ZldsApaS6w=
Subject key identifier: AC:65:86:41:EB:71:89:43:86:95:21:BB:28:49:28:A5:0B:A8:9D:5E
Certificate issuer: /CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Certificate serial: 1378B56E
Authority key identifier: 8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/rGWGQetxiUOGlSG7KEkopQuonV4.roa
Signing time: Sat 01 Jan 2022 05:56:10 +0000
ROA not before: Sat 01 Jan 2022 05:56:10 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 7018
IP address blocks: 194.50.206.0/23 maxlen: 23
195.138.96.0/19 maxlen: 24
194.50.200.0/23 maxlen: 23
91.242.105.0/24 maxlen: 24
91.242.100.0/23 maxlen: 23
91.242.108.0/22 maxlen: 22
91.242.120.0/21 maxlen: 21
185.173.244.0/22 maxlen: 24
91.242.64.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 326677870 (0x1378b56e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Validity
Not Before: Jan 1 05:56:10 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=ac658641eb718943869521bb284928a50ba89d5e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:1b:26:06:d0:a0:61:36:a9:d3:cd:e8:59:7d:
5b:f9:00:50:7c:8d:b8:7f:26:34:80:2b:02:fd:c6:
c9:e5:ad:0d:99:e9:ec:ba:a9:9b:0b:e5:79:d3:cc:
88:cb:be:eb:ce:e5:90:91:60:96:42:ae:71:77:1c:
19:6a:29:e9:8a:43:33:3c:28:e8:59:43:7e:bb:f7:
4f:67:16:86:d3:b6:27:40:ad:bc:63:27:da:17:b5:
fb:4e:6e:b8:58:cf:65:38:59:81:6f:17:74:12:a3:
6f:45:4d:2d:fc:57:2d:25:3f:d8:4f:34:40:96:77:
2d:b5:02:6c:87:db:2f:ac:3a:d9:44:90:cd:37:bf:
69:33:80:7a:13:8f:d8:24:40:2e:52:39:ec:55:60:
39:8e:34:83:50:32:e1:eb:3d:0e:4a:6d:88:51:a0:
7d:de:fa:a1:b7:25:6f:af:a3:ba:35:15:7c:a2:6c:
23:1c:6a:68:1f:f3:55:90:a5:5e:1f:13:fa:b9:a8:
b2:7f:b4:10:5b:70:35:99:f1:b0:58:fa:81:86:be:
f2:b1:e1:ae:84:4a:89:55:fe:0a:2e:21:ae:98:5c:
16:58:0d:ef:89:82:eb:7e:80:2c:97:cf:c9:f4:4e:
fc:ce:65:fe:e0:03:7f:4a:8a:f3:94:f5:22:7e:ec:
f9:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:65:86:41:EB:71:89:43:86:95:21:BB:28:49:28:A5:0B:A8:9D:5E
X509v3 Authority Key Identifier:
keyid:8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/rGWGQetxiUOGlSG7KEkopQuonV4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/i6swaDhZ7H4CBv6SZTY-jjlxqag.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.242.64.0/22
91.242.100.0/23
91.242.105.0/24
91.242.108.0/22
91.242.120.0/21
185.173.244.0/22
194.50.200.0/23
194.50.206.0/23
195.138.96.0/19
Signature Algorithm: sha256WithRSAEncryption
39:ff:85:94:3b:fb:cb:5f:06:1e:54:57:0e:b6:cd:5b:b3:7e:
34:a3:2a:d6:f2:40:6d:1d:24:6c:b1:d5:6a:f4:aa:b9:e8:6d:
f1:63:a9:ea:5d:1b:ad:24:03:7a:fb:c2:8c:94:cc:23:0e:11:
16:cc:64:44:02:aa:c5:1e:15:29:22:6b:5c:8d:da:3a:44:28:
d2:14:59:d8:6f:44:8d:27:39:9b:a5:c7:5b:2a:9c:ed:17:2e:
f6:5b:c4:ee:0a:24:11:39:43:b5:55:c8:73:29:82:ca:99:45:
22:a7:70:90:07:c5:1d:73:a5:7e:1a:4f:32:07:f5:62:48:23:
ae:fa:cc:b1:78:d6:fa:2c:6e:f5:64:01:82:62:64:ca:b3:c2:
0c:a7:46:0c:27:55:5d:e4:5c:ae:e3:f4:49:26:b1:1d:ce:79:
e6:57:ea:cd:d0:3a:ba:f3:f8:c8:4c:15:db:c1:f0:38:87:8f:
9e:a5:5e:48:bc:76:3b:1d:c6:69:cf:7f:11:15:07:c4:fe:51:
4b:d4:32:59:ba:d9:98:19:31:f5:51:21:15:cd:8e:1a:2b:54:
6b:47:89:dc:97:f1:5e:30:34:4f:22:12:eb:3e:be:b5:90:50:
f2:b7:79:60:b5:75:97:81:b1:74:c7:f8:b6:6e:7c:02:17:b4:
ac:ab:65:0d
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgIEE3i1bjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
YmFiMzA2ODM4NTllYzdlMDIwNmZlOTI2NTM2M2U4ZTM5NzFhOWE4MB4XDTIyMDEw
MTA1NTYxMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYWM2NTg2NDFlYjcx
ODk0Mzg2OTUyMWJiMjg0OTI4YTUwYmE4OWQ1ZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKcbJgbQoGE2qdPN6Fl9W/kAUHyNuH8mNIArAv3GyeWtDZnp
7LqpmwvledPMiMu+687lkJFglkKucXccGWop6YpDMzwo6FlDfrv3T2cWhtO2J0Ct
vGMn2he1+05uuFjPZThZgW8XdBKjb0VNLfxXLSU/2E80QJZ3LbUCbIfbL6w62USQ
zTe/aTOAehOP2CRALlI57FVgOY40g1Ay4es9DkptiFGgfd76obclb6+jujUVfKJs
IxxqaB/zVZClXh8T+rmosn+0EFtwNZnxsFj6gYa+8rHhroRKiVX+Ci4hrphcFlgN
74mC636ALJfPyfRO/M5l/uADf0qK85T1In7s+U0CAwEAAaOCAjkwggI1MB0GA1Ud
DgQWBBSsZYZB63GJQ4aVIbsoSSilC6idXjAfBgNVHSMEGDAWgBSLqzBoOFnsfgIG
/pJlNj6OOXGpqDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2k2c3dhRGhaN0g0Q0J2NlNaVFktampseHFhZy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMmIvODFmZDFhLTQ3YTctNDVkOC1iZTc0LTNhYzllNTZjMzA4OS8x
L3JHV0dRZXR4aVVPR2xTRzdLRWtvcFF1b25WNC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMmIv
ODFmZDFhLTQ3YTctNDVkOC1iZTc0LTNhYzllNTZjMzA4OS8xL2k2c3dhRGhaN0g0
Q0J2NlNaVFktampseHFhZy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBP
BggrBgEFBQcBBwEB/wRAMD4wPAQCAAEwNgMEAlvyQAMEAVvyZAMEAFvyaQMEAlvy
bAMEA1vyeAMEArmt9AMEAcIyyAMEAcIyzgMEBcOKYDANBgkqhkiG9w0BAQsFAAOC
AQEAOf+FlDv7y18GHlRXDrbNW7N+NKMq1vJAbR0kbLHVavSqueht8WOp6l0brSQD
evvCjJTMIw4RFsxkRAKqxR4VKSJrXI3aOkQo0hRZ2G9EjSc5m6XHWyqc7Rcu9lvE
7gokETlDtVXIcymCyplFIqdwkAfFHXOlfhpPMgf1YkgjrvrMsXjW+ixu9WQBgmJk
yrPCDKdGDCdVXeRcruP0SSaxHc555lfqzdA6uvP4yEwV28HwOIePnqVeSLx2Ox3G
ac9/ERUHxP5RS9QyWbrZmBkx9VEhFc2OGitUa0eJ3JfxXjA0TyIS6z6+tZBQ8rd5
YLV1l4GxdMf4tm58Ahe0rKtlDQ==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:49:36 2023 by rpki-client on console-ams.rpki-client.org