Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/31/b8cae4-b5af-4380-9817-46538ca5383c/1/G6BFEJI1_Y-E_1VIA2qNebOirqA.roa
File: G6BFEJI1_Y-E_1VIA2qNebOirqA.roa (raw, json)
Hash identifier: p+3ZUZ51EwTNNt1vMcpqCkO2hmjTMn+pzEapyUbmTE4=
Subject key identifier: 1B:A0:45:10:92:35:FD:8F:84:FF:55:48:03:6A:8D:79:B3:A2:AE:A0
Certificate issuer: /CN=3ad65216812ed24fd1c719871a59a971dec30a26
Certificate serial: 018409858A0B99A945072BC2191E4E359901
Authority key identifier: 3A:D6:52:16:81:2E:D2:4F:D1:C7:19:87:1A:59:A9:71:DE:C3:0A:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OtZSFoEu0k_RxxmHGlmpcd7DCiY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/31/b8cae4-b5af-4380-9817-46538ca5383c/1/G6BFEJI1_Y-E_1VIA2qNebOirqA.roa
Signing time: Mon 24 Oct 2022 10:24:17 +0000
ROA not before: Mon 24 Oct 2022 10:24:17 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 35579
IP address blocks: 92.63.213.0/24 maxlen: 24
78.142.66.0/23 maxlen: 23
78.142.85.0/24 maxlen: 24
78.142.80.0/22 maxlen: 24
78.142.86.0/23 maxlen: 23
78.142.91.0/24 maxlen: 24
78.142.90.0/24 maxlen: 24
78.142.88.0/23 maxlen: 23
195.16.244.0/24 maxlen: 24
2a04:5080::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:09:85:8a:0b:99:a9:45:07:2b:c2:19:1e:4e:35:99:01
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3ad65216812ed24fd1c719871a59a971dec30a26
Validity
Not Before: Oct 24 10:24:17 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=1ba045109235fd8f84ff5548036a8d79b3a2aea0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:29:73:de:80:0c:53:8a:aa:e6:fe:eb:a4:c3:
b3:c7:5b:87:5e:fa:18:14:c1:a0:69:fd:4f:e0:58:
88:8d:88:3f:f8:40:ce:10:db:b7:93:0c:76:a8:70:
74:a7:c8:37:cf:9c:93:d3:1d:ed:17:0f:db:e0:60:
35:a2:ae:47:15:06:e5:4d:21:9b:44:71:12:10:a7:
c5:4a:97:54:9c:13:92:b8:74:b2:16:a8:5d:fc:fb:
0e:e1:c7:8f:f5:02:5c:29:6e:7d:88:9d:bc:b0:64:
e2:9b:4d:04:70:bb:8a:71:d3:d2:c1:45:08:51:51:
93:71:82:d9:c7:69:ef:c6:4f:6a:23:81:db:2f:0b:
b1:b6:c6:a7:d6:36:16:82:df:f6:f8:f6:ac:ef:3a:
fa:b5:3c:17:1f:2d:a9:9a:0b:0a:36:b9:34:65:cf:
0b:28:5f:f3:14:23:ca:5a:e9:bf:2b:a4:fe:5b:dc:
47:87:5e:5b:d4:12:91:24:48:9a:b5:74:1c:14:3f:
4b:0d:4c:70:72:40:1b:52:de:4a:0c:1a:6f:fa:2d:
e6:dc:a2:d6:dd:73:75:f3:79:97:f3:a6:8d:8e:53:
5f:b6:bc:cf:0e:98:56:4c:ec:ed:6e:c7:15:06:91:
d2:fb:06:56:93:e1:9f:a2:12:00:bb:b0:d8:b5:d3:
e4:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1B:A0:45:10:92:35:FD:8F:84:FF:55:48:03:6A:8D:79:B3:A2:AE:A0
X509v3 Authority Key Identifier:
keyid:3A:D6:52:16:81:2E:D2:4F:D1:C7:19:87:1A:59:A9:71:DE:C3:0A:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OtZSFoEu0k_RxxmHGlmpcd7DCiY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/31/b8cae4-b5af-4380-9817-46538ca5383c/1/G6BFEJI1_Y-E_1VIA2qNebOirqA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/31/b8cae4-b5af-4380-9817-46538ca5383c/1/OtZSFoEu0k_RxxmHGlmpcd7DCiY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.142.66.0/23
78.142.80.0/22
78.142.85.0-78.142.91.255
92.63.213.0/24
195.16.244.0/24
IPv6:
2a04:5080::/29
Signature Algorithm: sha256WithRSAEncryption
29:c5:00:4b:87:7b:cf:20:71:a5:00:db:6d:f8:89:ab:02:d7:
4e:55:2e:2b:cf:e1:41:67:36:d3:d3:39:3b:4a:24:be:69:f2:
f9:6a:b8:5f:ff:71:a2:f1:cb:2f:74:92:ae:1e:cc:98:f7:b7:
cd:4e:59:6c:1f:ad:da:b3:55:f4:ba:13:8d:d7:3d:42:86:14:
41:78:38:8d:15:82:81:35:39:57:e3:88:50:84:02:ff:c1:84:
03:05:ab:ed:ec:79:be:ff:b2:59:1a:0e:cd:57:39:5f:b1:2e:
ed:89:98:b8:50:ae:8e:bf:d3:90:76:70:16:c0:b9:5f:7d:7a:
b5:94:9f:b8:dc:f3:0c:d7:33:b0:b8:82:7a:b6:2c:19:0b:be:
a3:97:99:7d:15:df:06:71:b5:9a:67:e1:0e:85:b1:b2:1e:a8:
93:00:e8:c8:1e:62:28:23:90:f0:69:16:7a:ed:7a:8d:8b:f2:
65:e8:52:5f:8b:6d:84:1a:12:01:02:84:66:ac:05:43:67:33:
2b:79:39:58:eb:ea:31:23:92:da:4a:00:c5:34:62:e3:60:c8:
29:69:5f:6c:e3:09:52:10:6b:20:02:54:a8:74:ac:b6:d3:39:
f5:41:7e:1b:cf:95:7c:86:94:6a:1f:30:f9:3a:6e:81:5f:63:
f9:78:e5:b5
-----BEGIN CERTIFICATE-----
MIIFLDCCBBSgAwIBAgISAYQJhYoLmalFByvCGR5ONZkBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhZDY1MjE2ODEyZWQyNGZkMWM3MTk4NzFhNTlhOTcxZGVj
MzBhMjYwHhcNMjIxMDI0MTAyNDE3WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYmEwNDUxMDkyMzVmZDhmODRmZjU1NDgwMzZhOGQ3OWIzYTJhZWEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgSlz3oAMU4qq5v7rpMOzx1uHXvoY
FMGgaf1P4FiIjYg/+EDOENu3kwx2qHB0p8g3z5yT0x3tFw/b4GA1oq5HFQblTSGb
RHESEKfFSpdUnBOSuHSyFqhd/PsO4ceP9QJcKW59iJ28sGTim00EcLuKcdPSwUUI
UVGTcYLZx2nvxk9qI4HbLwuxtsan1jYWgt/2+Pas7zr6tTwXHy2pmgsKNrk0Zc8L
KF/zFCPKWum/K6T+W9xHh15b1BKRJEiatXQcFD9LDUxwckAbUt5KDBpv+i3m3KLW
3XN183mX86aNjlNftrzPDphWTOztbscVBpHS+wZWk+GfohIAu7DYtdPk/wIDAQAB
o4ICODCCAjQwHQYDVR0OBBYEFBugRRCSNf2PhP9VSANqjXmzoq6gMB8GA1UdIwQY
MBaAFDrWUhaBLtJP0ccZhxpZqXHewwomMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT3RaU0ZvRXUwa19SeHhtSEdsbXBjZDdEQ2lZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMS9iOGNhZTQtYjVhZi00MzgwLTk4MTct
NDY1MzhjYTUzODNjLzEvRzZCRkVKSTFfWS1FXzFWSUEycU5lYk9pcnFBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMS9iOGNhZTQtYjVhZi00MzgwLTk4MTctNDY1MzhjYTUzODNj
LzEvT3RaU0ZvRXUwa19SeHhtSEdsbXBjZDdEQ2lZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME4GCCsGAQUFBwEHAQH/BD8wPTAsBAIAATAmAwQBTo5CAwQC
To5QMAwDBABOjlUDBAJOjlgDBABcP9UDBADDEPQwDQQCAAIwBwMFAyoEUIAwDQYJ
KoZIhvcNAQELBQADggEBACnFAEuHe88gcaUA2234iasC105VLivP4UFnNtPTOTtK
JL5p8vlquF//caLxyy90kq4ezJj3t81OWWwfrdqzVfS6E43XPUKGFEF4OI0VgoE1
OVfjiFCEAv/BhAMFq+3seb7/slkaDs1XOV+xLu2JmLhQro6/05B2cBbAuV99erWU
n7jc8wzXM7C4gnq2LBkLvqOXmX0V3wZxtZpn4Q6FsbIeqJMA6MgeYigjkPBpFnrt
eo2L8mXoUl+LbYQaEgEChGasBUNnMyt5OVjr6jEjktpKAMU0YuNgyClpX2zjCVIQ
ayACVKh0rLbTOfVBfhvPlXyGlGofMPk6boFfY/l45bU=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:24:37 2024 by rpki-client on console-fra.rpki-client.org