Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/GdEEtqMXosj8uczBs9ql9xefBkI.roa
File: GdEEtqMXosj8uczBs9ql9xefBkI.roa (raw, json)
Hash identifier: 4nB8WXmYXEN477jUPLL1zDTIwWIXwmeuG72C9tgrZ4I=
Subject key identifier: 19:D1:04:B6:A3:17:A2:C8:FC:B9:CC:C1:B3:DA:A5:F7:17:9F:06:42
Certificate issuer: /CN=d93da2019909d9fc37829fd9ec29d948ecff7c92
Certificate serial: 067B217F
Authority key identifier: D9:3D:A2:01:99:09:D9:FC:37:82:9F:D9:EC:29:D9:48:EC:FF:7C:92
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2T2iAZkJ2fw3gp_Z7CnZSOz_fJI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/GdEEtqMXosj8uczBs9ql9xefBkI.roa
Signing time: Sat 01 Jan 2022 07:00:53 +0000
ROA not before: Sat 01 Jan 2022 07:00:53 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 61317
IP address blocks: 194.15.96.0/22 maxlen: 24
188.209.128.0/20 maxlen: 24
45.11.188.0/22 maxlen: 24
185.83.200.0/22 maxlen: 24
45.154.156.0/22 maxlen: 24
45.65.112.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 108732799 (0x67b217f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d93da2019909d9fc37829fd9ec29d948ecff7c92
Validity
Not Before: Jan 1 07:00:53 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=19d104b6a317a2c8fcb9ccc1b3daa5f7179f0642
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:18:55:b0:17:17:e5:41:4a:bf:3d:4f:25:44:
ed:58:35:ec:dd:8e:32:6a:3d:37:f5:6e:ab:88:03:
03:ff:57:e1:e5:e4:b5:5c:13:d0:ed:1f:b1:4e:6a:
04:8e:15:b4:8a:1d:9c:5c:d9:94:7c:7d:35:83:61:
0b:0c:8b:76:fd:f6:c5:dc:d9:03:20:f6:5e:5f:8d:
e8:c4:00:ff:31:d1:d7:b7:8a:79:f1:ec:c7:c1:c0:
2c:72:28:47:64:65:bd:35:1a:6b:2d:07:30:54:64:
cc:4b:24:a3:33:9f:da:e1:fa:1d:3d:c7:d6:16:37:
6f:84:6b:1d:db:f5:fe:97:26:8b:84:16:44:3a:7e:
43:e9:f1:2a:37:6b:c3:a5:be:bb:17:74:7b:7e:d1:
d1:fd:31:75:7d:68:2f:80:85:47:7f:a6:28:2c:0b:
7b:ed:92:d2:8f:27:26:37:ae:a2:ed:17:7a:2c:32:
70:bb:2a:90:e0:7c:dd:bd:03:84:d6:6c:2c:26:29:
9c:71:ca:2f:7e:c4:5f:f0:5b:29:3b:4a:32:b9:ff:
2b:83:c1:0c:a4:cf:20:b7:70:52:aa:ce:6c:08:4a:
95:3e:7f:d4:5a:2b:d4:3c:c3:e0:47:de:79:aa:09:
1d:30:d5:c0:80:b6:6b:3a:38:df:25:57:b3:d7:3a:
0b:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
19:D1:04:B6:A3:17:A2:C8:FC:B9:CC:C1:B3:DA:A5:F7:17:9F:06:42
X509v3 Authority Key Identifier:
keyid:D9:3D:A2:01:99:09:D9:FC:37:82:9F:D9:EC:29:D9:48:EC:FF:7C:92
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2T2iAZkJ2fw3gp_Z7CnZSOz_fJI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/GdEEtqMXosj8uczBs9ql9xefBkI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/2T2iAZkJ2fw3gp_Z7CnZSOz_fJI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.11.188.0/22
45.65.112.0/22
45.154.156.0/22
185.83.200.0/22
188.209.128.0/20
194.15.96.0/22
Signature Algorithm: sha256WithRSAEncryption
58:5e:9e:f5:3c:ef:ce:83:8f:84:c5:2d:4b:9d:d4:21:31:71:
83:cd:ac:9d:c1:7e:7d:18:78:5c:b9:5a:5d:8d:ee:5a:88:ae:
18:23:c9:8e:6f:f2:66:85:e5:36:9a:82:96:9b:88:90:58:01:
02:ac:cb:8d:89:cd:10:0d:e5:d1:45:ba:aa:cd:44:c7:80:d3:
bd:18:61:3a:a4:b4:9d:e8:3e:9d:59:93:e6:dc:63:9e:76:40:
a8:c4:94:7b:f0:f3:4c:92:f3:4b:59:a9:18:1b:3b:63:e2:6a:
48:18:7e:91:1f:7e:26:a4:50:45:1f:bf:09:e4:b0:e1:9f:ba:
34:84:0a:f6:59:dd:b7:83:fb:be:af:a0:ef:3e:e4:68:b6:b1:
ee:bf:e7:ca:1b:f3:4d:20:ec:ed:0a:dc:47:6c:d2:28:90:9d:
fe:d3:d8:10:b5:7b:fe:0a:af:b2:35:bf:c3:e0:2a:85:15:5e:
70:38:4d:ec:83:9d:86:10:12:c8:22:0d:5a:8e:8e:63:6c:c0:
a1:1b:ec:83:9f:a8:0b:d6:70:fb:cf:29:fd:49:8d:c7:f2:25:
f3:2a:0d:29:4c:fe:f4:36:c0:89:d9:48:19:39:c0:af:ae:30:
49:38:25:c0:91:e7:24:62:a1:d4:6a:d8:53:23:e2:5b:c9:7c:
30:df:25:9f
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgIEBnshfzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
OTNkYTIwMTk5MDlkOWZjMzc4MjlmZDllYzI5ZDk0OGVjZmY3YzkyMB4XDTIyMDEw
MTA3MDA1M1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMTlkMTA0YjZhMzE3
YTJjOGZjYjljY2MxYjNkYWE1ZjcxNzlmMDY0MjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANsYVbAXF+VBSr89TyVE7Vg17N2OMmo9N/Vuq4gDA/9X4eXk
tVwT0O0fsU5qBI4VtIodnFzZlHx9NYNhCwyLdv32xdzZAyD2Xl+N6MQA/zHR17eK
efHsx8HALHIoR2RlvTUaay0HMFRkzEskozOf2uH6HT3H1hY3b4RrHdv1/pcmi4QW
RDp+Q+nxKjdrw6W+uxd0e37R0f0xdX1oL4CFR3+mKCwLe+2S0o8nJjeuou0Xeiwy
cLsqkOB83b0DhNZsLCYpnHHKL37EX/BbKTtKMrn/K4PBDKTPILdwUqrObAhKlT5/
1For1DzD4EfeeaoJHTDVwIC2azo43yVXs9c6C8cCAwEAAaOCAicwggIjMB0GA1Ud
DgQWBBQZ0QS2oxeiyPy5zMGz2qX3F58GQjAfBgNVHSMEGDAWgBTZPaIBmQnZ/DeC
n9nsKdlI7P98kjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzJUMmlBWmtKMmZ3M2dwX1o3Q25aU096X2ZKSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzIvNDdhZmEzLWNlMzEtNDA2MC1hMDc4LWY1YWRkZGRmMWVjNS8x
L0dkRUV0cU1Yb3NqOHVjekJzOXFsOXhlZkJrSS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzIv
NDdhZmEzLWNlMzEtNDA2MC1hMDc4LWY1YWRkZGRmMWVjNS8xLzJUMmlBWmtKMmZ3
M2dwX1o3Q25aU096X2ZKSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA9
BggrBgEFBQcBBwEB/wQuMCwwKgQCAAEwJAMEAi0LvAMEAi1BcAMEAi2anAMEArlT
yAMEBLzRgAMEAsIPYDANBgkqhkiG9w0BAQsFAAOCAQEAWF6e9TzvzoOPhMUtS53U
ITFxg82sncF+fRh4XLlaXY3uWoiuGCPJjm/yZoXlNpqClpuIkFgBAqzLjYnNEA3l
0UW6qs1Ex4DTvRhhOqS0neg+nVmT5txjnnZAqMSUe/DzTJLzS1mpGBs7Y+JqSBh+
kR9+JqRQRR+/CeSw4Z+6NIQK9lndt4P7vq+g7z7kaLax7r/nyhvzTSDs7QrcR2zS
KJCd/tPYELV7/gqvsjW/w+AqhRVecDhN7IOdhhASyCINWo6OY2zAoRvsg5+oC9Zw
+88p/UmNx/Il8yoNKUz+9DbAidlIGTnAr64wSTglwJHnJGKh1GrYUyPiW8l8MN8l
nw==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:46:13 2023 by rpki-client on console-fra.rpki-client.org