Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/f891c4-19ac-437c-b782-e1487a54c1e5/1/GQgEBFlv6k5ICecKA6VwWmn-fCg.roa
File: GQgEBFlv6k5ICecKA6VwWmn-fCg.roa (raw, json)
Hash identifier: J9sWBMBXLXtc8aPUc6mNJejZ2rg8ZGBYTWPoROfK5UA=
Subject key identifier: 19:08:04:04:59:6F:EA:4E:48:09:E7:0A:03:A5:70:5A:69:FE:7C:28
Certificate issuer: /CN=94a32e445c24ded9b85212d479b88008165ebdba
Certificate serial: 0184F71D40CE4E7D21B43D951DDFD0BA0414
Authority key identifier: 94:A3:2E:44:5C:24:DE:D9:B8:52:12:D4:79:B8:80:08:16:5E:BD:BA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lKMuRFwk3tm4UhLUebiACBZevbo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/40/f891c4-19ac-437c-b782-e1487a54c1e5/1/GQgEBFlv6k5ICecKA6VwWmn-fCg.roa
Signing time: Fri 09 Dec 2022 13:40:00 +0000
ROA not before: Fri 09 Dec 2022 13:40:00 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 29608
IP address blocks: 178.20.64.0/21 maxlen: 21
193.47.70.0/24 maxlen: 24
193.47.75.0/24 maxlen: 24
193.47.86.0/24 maxlen: 24
193.46.252.0/24 maxlen: 24
185.101.208.0/22 maxlen: 22
185.152.24.0/22 maxlen: 22
185.152.24.0/23 maxlen: 23
185.226.48.0/22 maxlen: 22
185.152.26.0/23 maxlen: 23
193.239.192.0/23 maxlen: 23
2a07:81c0::/29 maxlen: 29
2a01:40c0::/29 maxlen: 29
2a0f:8340::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:f7:1d:40:ce:4e:7d:21:b4:3d:95:1d:df:d0:ba:04:14
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=94a32e445c24ded9b85212d479b88008165ebdba
Validity
Not Before: Dec 9 13:40:00 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=19080404596fea4e4809e70a03a5705a69fe7c28
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:c1:d4:d7:9c:bc:f4:dd:ec:63:5a:b3:93:00:
38:3f:55:a0:91:f6:02:70:93:a7:3f:90:80:45:98:
7d:10:2f:d8:98:40:c0:bf:63:e4:33:17:b4:76:c2:
71:59:f1:68:68:b2:99:df:33:a4:34:eb:2e:53:73:
28:15:78:26:17:f2:83:ee:79:c4:11:af:8e:f7:f8:
53:c1:60:3a:43:0a:2e:72:4a:18:0b:a1:ad:b8:dc:
11:d5:c5:15:f2:26:e2:34:d3:bf:e5:47:a2:91:08:
14:c9:06:d7:b9:e0:83:35:ab:ca:b7:51:aa:62:7a:
9e:06:e1:a9:45:72:db:12:ad:b7:5c:90:c4:7f:38:
83:bd:a0:2f:e2:bd:ab:4f:2f:de:2f:b2:98:cc:2d:
a2:a8:68:39:e9:95:82:c6:22:f0:4e:c1:04:fd:22:
92:40:d7:2c:b0:db:47:de:ed:0f:ee:4b:d1:ed:fe:
e1:91:2b:38:13:4c:f4:a4:5d:2c:a0:f0:dd:1b:37:
c0:6c:da:55:10:75:f8:f6:02:5e:62:8c:94:48:3e:
0a:99:a6:b7:a4:4b:3d:55:41:78:93:b6:6b:8e:fa:
56:f8:e0:4c:f4:0c:36:5c:20:2b:16:4e:0c:bc:00:
9a:1b:a4:34:8f:25:02:9a:7f:6a:64:14:3c:fc:4d:
91:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
19:08:04:04:59:6F:EA:4E:48:09:E7:0A:03:A5:70:5A:69:FE:7C:28
X509v3 Authority Key Identifier:
keyid:94:A3:2E:44:5C:24:DE:D9:B8:52:12:D4:79:B8:80:08:16:5E:BD:BA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lKMuRFwk3tm4UhLUebiACBZevbo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/f891c4-19ac-437c-b782-e1487a54c1e5/1/GQgEBFlv6k5ICecKA6VwWmn-fCg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/40/f891c4-19ac-437c-b782-e1487a54c1e5/1/lKMuRFwk3tm4UhLUebiACBZevbo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.20.64.0/21
185.101.208.0/22
185.152.24.0/22
185.226.48.0/22
193.46.252.0/24
193.47.70.0/24
193.47.75.0/24
193.47.86.0/24
193.239.192.0/23
IPv6:
2a01:40c0::/29
2a07:81c0::/29
2a0f:8340::/29
Signature Algorithm: sha256WithRSAEncryption
82:97:fc:be:00:cd:91:97:4a:79:fc:60:a1:c4:6a:d6:73:c7:
e9:37:41:37:d0:18:58:46:39:cb:48:3c:a4:af:2c:4c:4d:fb:
bc:f0:f6:cd:b2:bd:d7:4f:fa:03:0c:11:2a:23:27:12:a9:de:
3d:e5:42:ee:94:ec:f2:7d:6b:5d:41:77:a7:67:be:44:62:02:
95:8c:e6:31:60:1b:24:5c:10:72:bb:a1:8e:bd:6c:62:b4:ad:
a9:af:42:e3:1e:9a:4c:98:87:54:60:53:25:dd:58:52:60:9a:
7e:77:6f:9d:cd:bf:9e:ec:72:f2:cb:6a:b2:0a:f4:f2:23:00:
5f:d6:a1:64:c9:8a:1d:62:03:c6:65:09:30:a6:a0:9f:29:e7:
97:48:c6:fc:3e:65:4a:8b:c3:2f:08:66:3b:a4:a9:0e:d8:55:
c9:33:4b:56:db:54:e6:5a:62:30:5f:70:26:c2:7b:44:d4:1a:
b3:2c:61:35:95:89:47:70:f0:af:4f:86:ed:fe:50:78:90:5a:
e6:5f:fa:f2:0c:6b:e3:ea:64:1d:17:cd:fe:b1:92:4b:7f:fc:
b8:0b:a3:33:08:a3:ed:cc:ba:31:e2:83:04:79:e5:66:1d:30:
50:f3:7c:70:f6:16:ea:45:98:aa:98:ef:d2:2a:26:4e:10:31:
fa:62:0c:ee
-----BEGIN CERTIFICATE-----
MIIFSjCCBDKgAwIBAgISAYT3HUDOTn0htD2VHd/QugQUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk0YTMyZTQ0NWMyNGRlZDliODUyMTJkNDc5Yjg4MDA4MTY1
ZWJkYmEwHhcNMjIxMjA5MTM0MDAwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxOTA4MDQwNDU5NmZlYTRlNDgwOWU3MGEwM2E1NzA1YTY5ZmU3YzI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhMHU15y89N3sY1qzkwA4P1WgkfYC
cJOnP5CARZh9EC/YmEDAv2PkMxe0dsJxWfFoaLKZ3zOkNOsuU3MoFXgmF/KD7nnE
Ea+O9/hTwWA6QwouckoYC6GtuNwR1cUV8ibiNNO/5UeikQgUyQbXueCDNavKt1Gq
YnqeBuGpRXLbEq23XJDEfziDvaAv4r2rTy/eL7KYzC2iqGg56ZWCxiLwTsEE/SKS
QNcssNtH3u0P7kvR7f7hkSs4E0z0pF0soPDdGzfAbNpVEHX49gJeYoyUSD4Kmaa3
pEs9VUF4k7ZrjvpW+OBM9Aw2XCArFk4MvACaG6Q0jyUCmn9qZBQ8/E2R+QIDAQAB
o4ICVjCCAlIwHQYDVR0OBBYEFBkIBARZb+pOSAnnCgOlcFpp/nwoMB8GA1UdIwQY
MBaAFJSjLkRcJN7ZuFIS1Hm4gAgWXr26MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbEtNdVJGd2szdG00VWhMVWViaUFDQlpldmJvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC9mODkxYzQtMTlhYy00MzdjLWI3ODIt
ZTE0ODdhNTRjMWU1LzEvR1FnRUJGbHY2azVJQ2VjS0E2VndXbW4tZkNnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC9mODkxYzQtMTlhYy00MzdjLWI3ODItZTE0ODdhNTRjMWU1
LzEvbEtNdVJGd2szdG00VWhMVWViaUFDQlpldmJvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGwGCCsGAQUFBwEHAQH/BF0wWzA8BAIAATA2AwQDshRAAwQC
uWXQAwQCuZgYAwQCueIwAwQAwS78AwQAwS9GAwQAwS9LAwQAwS9WAwQBwe/AMBsE
AgACMBUDBQMqAUDAAwUDKgeBwAMFAyoPg0AwDQYJKoZIhvcNAQELBQADggEBAIKX
/L4AzZGXSnn8YKHEatZzx+k3QTfQGFhGOctIPKSvLExN+7zw9s2yvddP+gMMESoj
JxKp3j3lQu6U7PJ9a11Bd6dnvkRiApWM5jFgGyRcEHK7oY69bGK0ramvQuMemkyY
h1RgUyXdWFJgmn53b53Nv57scvLLarIK9PIjAF/WoWTJih1iA8ZlCTCmoJ8p55dI
xvw+ZUqLwy8IZjukqQ7YVckzS1bbVOZaYjBfcCbCe0TUGrMsYTWViUdw8K9Phu3+
UHiQWuZf+vIMa+PqZB0Xzf6xkkt//LgLozMIo+3MujHigwR55WYdMFDzfHD2FupF
mKqY79IqJk4QMfpiDO4=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:05:09 2024 by rpki-client on console-ams.rpki-client.org