Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/48ef27-5858-424b-add1-0f6455f05276/1/G3_T6asHK01J29DVI8gBPmgwYfs.roa
File: G3_T6asHK01J29DVI8gBPmgwYfs.roa (raw, json)
Hash identifier: 9Aq7BOge6i/qoCtzrNcZ7SBD87QVFIzRfMgbgglPH5I=
Subject key identifier: 1B:7F:D3:E9:AB:07:2B:4D:49:DB:D0:D5:23:C8:01:3E:68:30:61:FB
Certificate issuer: /CN=d2f38d4aeb4d0288dbb854d1eae0bd8ad3f841fa
Certificate serial: 0778C733
Authority key identifier: D2:F3:8D:4A:EB:4D:02:88:DB:B8:54:D1:EA:E0:BD:8A:D3:F8:41:FA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0vONSutNAojbuFTR6uC9itP4Qfo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/48ef27-5858-424b-add1-0f6455f05276/1/G3_T6asHK01J29DVI8gBPmgwYfs.roa
Signing time: Fri 08 Apr 2022 07:07:56 +0000
ROA not before: Fri 08 Apr 2022 07:07:56 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 210303
IP address blocks: 194.107.252.0/22 maxlen: 22
2a09:8900::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 125355827 (0x778c733)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d2f38d4aeb4d0288dbb854d1eae0bd8ad3f841fa
Validity
Not Before: Apr 8 07:07:56 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=1b7fd3e9ab072b4d49dbd0d523c8013e683061fb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e8:8a:20:bf:6a:78:32:11:08:a9:33:f2:4d:86:
69:81:e4:10:a6:9b:52:c8:ed:e8:db:55:4b:ec:08:
29:8a:d7:6c:a2:c1:6a:a4:c5:38:e8:0a:41:b4:f4:
31:58:a2:11:49:a9:8f:64:01:fe:8a:91:1f:01:72:
b8:39:87:0f:fb:5b:50:77:54:8b:f2:eb:87:a3:8a:
a8:a7:58:99:b2:9d:17:e8:9c:c3:0e:8e:93:d0:e2:
c6:92:e1:84:01:3e:6a:f7:23:1a:b1:60:26:02:c4:
38:fd:1a:54:2a:40:d7:cd:fd:8d:f2:b9:a1:f7:05:
3d:39:c6:31:31:33:d7:99:a0:1f:43:5f:ac:fa:0d:
47:9e:9a:d5:5d:cb:76:be:49:a4:99:56:16:a0:84:
e0:c5:f5:62:5b:a8:3f:54:8e:f1:ad:e5:16:f6:01:
f5:77:18:c8:6a:11:a9:a9:d8:a4:de:4b:a7:41:22:
ba:c1:59:1c:26:94:42:e9:11:4b:1f:be:ed:cf:ef:
d3:0c:b7:b5:c5:8e:81:cc:ac:40:45:31:86:04:f1:
fe:7e:ea:8b:41:6c:af:4e:d6:fc:fa:ee:0c:c5:8d:
bf:31:b6:03:69:12:34:cb:d2:3c:77:a7:f6:ca:e3:
9f:99:45:52:da:dc:c1:98:2c:73:0a:c8:46:aa:cd:
4f:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1B:7F:D3:E9:AB:07:2B:4D:49:DB:D0:D5:23:C8:01:3E:68:30:61:FB
X509v3 Authority Key Identifier:
keyid:D2:F3:8D:4A:EB:4D:02:88:DB:B8:54:D1:EA:E0:BD:8A:D3:F8:41:FA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0vONSutNAojbuFTR6uC9itP4Qfo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/48ef27-5858-424b-add1-0f6455f05276/1/G3_T6asHK01J29DVI8gBPmgwYfs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/48ef27-5858-424b-add1-0f6455f05276/1/0vONSutNAojbuFTR6uC9itP4Qfo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.107.252.0/22
IPv6:
2a09:8900::/29
Signature Algorithm: sha256WithRSAEncryption
21:98:4d:b9:fd:c3:f8:76:c4:33:fb:84:60:72:b1:23:ca:fc:
fd:a3:73:89:98:7b:fa:ba:96:44:0d:88:2b:a4:ad:e4:9f:93:
3a:c7:a1:4a:a2:b4:c0:48:b1:45:e5:e3:a7:c8:4e:65:8e:ea:
69:4b:d9:a9:8a:75:89:86:be:76:00:00:bf:d7:8d:56:6f:da:
99:ee:5b:9d:88:a2:a3:d1:d7:5c:6a:44:65:26:71:23:91:00:
de:e9:dd:e0:89:89:3f:24:45:8b:46:30:b2:fd:7e:69:13:c5:
1a:e7:ed:30:87:08:8c:08:50:18:5d:3e:50:ed:fb:a2:5c:f0:
26:73:d5:26:c0:39:3a:d6:d8:fe:d0:b9:61:12:e2:41:c1:ac:
f4:d9:ca:96:26:87:03:9a:9c:4f:8e:38:19:9c:02:56:53:ee:
1a:c0:39:bb:e9:a0:35:ec:8a:34:82:03:b2:85:8c:83:c7:ce:
c4:91:13:f8:fd:ac:ca:03:85:34:0c:af:7b:46:ac:fd:e5:3d:
eb:20:d0:74:4a:c9:84:f5:22:cc:34:44:33:5e:dd:ab:bc:91:
e8:54:b0:c3:37:05:92:70:b1:46:b2:16:87:6e:df:8a:6e:fc:
bb:1b:c4:62:af:76:e8:4a:6d:a7:a9:12:ad:f2:38:ff:21:86:
5a:11:5c:5a
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIEB3jHMzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
MmYzOGQ0YWViNGQwMjg4ZGJiODU0ZDFlYWUwYmQ4YWQzZjg0MWZhMB4XDTIyMDQw
ODA3MDc1NloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMWI3ZmQzZTlhYjA3
MmI0ZDQ5ZGJkMGQ1MjNjODAxM2U2ODMwNjFmYjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOiKIL9qeDIRCKkz8k2GaYHkEKabUsjt6NtVS+wIKYrXbKLB
aqTFOOgKQbT0MViiEUmpj2QB/oqRHwFyuDmHD/tbUHdUi/Lrh6OKqKdYmbKdF+ic
ww6Ok9DixpLhhAE+avcjGrFgJgLEOP0aVCpA1839jfK5ofcFPTnGMTEz15mgH0Nf
rPoNR56a1V3Ldr5JpJlWFqCE4MX1YluoP1SO8a3lFvYB9XcYyGoRqanYpN5Lp0Ei
usFZHCaUQukRSx++7c/v0wy3tcWOgcysQEUxhgTx/n7qi0Fsr07W/PruDMWNvzG2
A2kSNMvSPHen9srjn5lFUtrcwZgscwrIRqrNT88CAwEAAaOCAhgwggIUMB0GA1Ud
DgQWBBQbf9PpqwcrTUnb0NUjyAE+aDBh+zAfBgNVHSMEGDAWgBTS841K600CiNu4
VNHq4L2K0/hB+jAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzB2T05TdXROQW9qYnVGVFI2dUM5aXRQNFFmby5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMmUvNDhlZjI3LTU4NTgtNDI0Yi1hZGQxLTBmNjQ1NWYwNTI3Ni8x
L0czX1Q2YXNISzAxSjI5RFZJOGdCUG1nd1lmcy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMmUv
NDhlZjI3LTU4NTgtNDI0Yi1hZGQxLTBmNjQ1NWYwNTI3Ni8xLzB2T05TdXROQW9q
YnVGVFI2dUM5aXRQNFFmby5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAu
BggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEAsJr/DANBAIAAjAHAwUDKgmJADAN
BgkqhkiG9w0BAQsFAAOCAQEAIZhNuf3D+HbEM/uEYHKxI8r8/aNziZh7+rqWRA2I
K6St5J+TOsehSqK0wEixReXjp8hOZY7qaUvZqYp1iYa+dgAAv9eNVm/ame5bnYii
o9HXXGpEZSZxI5EA3und4ImJPyRFi0Ywsv1+aRPFGuftMIcIjAhQGF0+UO37olzw
JnPVJsA5OtbY/tC5YRLiQcGs9NnKliaHA5qcT444GZwCVlPuGsA5u+mgNeyKNIID
soWMg8fOxJET+P2sygOFNAyve0as/eU96yDQdErJhPUizDREM17dq7yR6FSwwzcF
knCxRrIWh27fim78uxvEYq926Eptp6kSrfI4/yGGWhFcWg==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:45:59 2023 by rpki-client on console-fra.rpki-client.org