Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/bf58c5-f3e2-41ac-a216-4a67e4d056ab/1/Gt-tr1QUpFBYc0ZdILr_ijCpSrs.roa
File: Gt-tr1QUpFBYc0ZdILr_ijCpSrs.roa (raw, json)
Hash identifier: 2AnGduKNxiIIDUqPMMDruOc4N3UIIYhXszf2DXez8Hc=
Subject key identifier: 1A:DF:AD:AF:54:14:A4:50:58:73:46:5D:20:BA:FF:8A:30:A9:4A:BB
Certificate issuer: /CN=2ba7088e39e7ad8817b7d10ea2a5b8a098a47a0b
Certificate serial: 0875B0EC
Authority key identifier: 2B:A7:08:8E:39:E7:AD:88:17:B7:D1:0E:A2:A5:B8:A0:98:A4:7A:0B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/K6cIjjnnrYgXt9EOoqW4oJikegs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/42/bf58c5-f3e2-41ac-a216-4a67e4d056ab/1/Gt-tr1QUpFBYc0ZdILr_ijCpSrs.roa
Signing time: Sat 01 Jan 2022 09:00:36 +0000
ROA not before: Sat 01 Jan 2022 09:00:36 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 202113
IP address blocks: 185.52.244.0/22 maxlen: 22
185.52.247.0/24 maxlen: 24
2a04:c9c0::/29 maxlen: 29
2a04:c9c7::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 141930732 (0x875b0ec)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2ba7088e39e7ad8817b7d10ea2a5b8a098a47a0b
Validity
Not Before: Jan 1 09:00:36 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=1adfadaf5414a4505873465d20baff8a30a94abb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:c4:a5:c5:6a:13:e7:c0:af:83:a7:7b:e9:55:
24:2b:3e:ed:d6:80:de:49:43:51:59:4a:66:e0:84:
29:e2:28:e9:ba:f5:ee:4b:e8:0f:cb:7d:67:e2:5a:
01:91:01:a4:4b:2d:41:94:42:70:68:92:1c:d9:1b:
77:42:83:40:08:46:4c:03:78:9b:10:83:f0:5a:23:
e3:d6:d8:57:0f:42:c6:fb:fd:0d:ec:95:0e:46:4d:
25:c2:0e:63:ba:a8:d7:5c:65:a5:4f:41:45:78:cc:
b6:54:8f:03:70:23:03:23:22:61:91:49:1f:7c:51:
5a:9b:03:17:f4:52:5c:1f:cb:97:01:03:cc:d8:4b:
06:f9:cb:72:d6:56:50:4b:5a:34:00:90:e7:fb:0f:
c5:f5:01:f4:55:44:82:04:20:f8:98:d4:08:83:0c:
31:c4:22:c0:92:b5:28:70:36:10:4c:4d:d9:d0:d3:
f6:e0:d1:08:fa:29:eb:76:ed:ce:ad:9a:61:88:d0:
82:5f:51:45:2b:48:4a:b5:17:59:7c:60:5a:85:3a:
97:0d:dd:86:a2:10:e4:b5:70:5a:17:a2:6f:00:89:
78:6b:d9:78:e0:56:8a:de:2d:75:3c:9c:29:a4:e7:
b4:ab:49:67:7f:74:81:82:6d:b5:da:b1:48:cd:58:
47:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1A:DF:AD:AF:54:14:A4:50:58:73:46:5D:20:BA:FF:8A:30:A9:4A:BB
X509v3 Authority Key Identifier:
keyid:2B:A7:08:8E:39:E7:AD:88:17:B7:D1:0E:A2:A5:B8:A0:98:A4:7A:0B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/K6cIjjnnrYgXt9EOoqW4oJikegs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/bf58c5-f3e2-41ac-a216-4a67e4d056ab/1/Gt-tr1QUpFBYc0ZdILr_ijCpSrs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/42/bf58c5-f3e2-41ac-a216-4a67e4d056ab/1/K6cIjjnnrYgXt9EOoqW4oJikegs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.52.244.0/22
IPv6:
2a04:c9c0::/29
Signature Algorithm: sha256WithRSAEncryption
3c:83:d7:ab:fa:56:de:ea:d7:d5:d9:46:d1:83:f1:45:3e:a7:
19:a1:0a:48:4b:b3:47:4e:25:43:bc:60:da:d2:3d:90:78:c2:
02:b0:1f:d1:48:57:e2:09:ab:2f:34:43:ee:d1:81:55:3c:2c:
f2:04:2d:4c:39:34:63:a8:b4:d2:60:3e:7a:ee:ec:44:11:06:
81:3c:1c:54:22:3b:6f:ce:ca:26:64:21:cc:9a:5a:7d:3c:ba:
8e:ed:ec:d9:02:ac:4b:04:05:16:d1:03:2a:fa:7f:dd:f4:db:
57:ce:8c:da:22:aa:ee:bf:8c:78:d0:db:e0:61:25:e3:e6:1a:
e1:41:99:52:46:4b:92:7f:42:1d:a8:0c:0c:b9:ae:10:06:d4:
77:2d:f2:3c:2b:24:96:91:46:0a:f4:39:df:f1:90:ea:44:84:
ac:2e:6d:4d:cd:c4:e3:56:5e:34:94:95:51:39:85:26:8e:78:
e0:77:e5:34:25:6e:85:29:a0:c0:f6:3c:8c:8c:6d:4b:13:ae:
f6:bb:4e:c9:65:a9:5c:f4:31:e2:fd:a5:ff:1a:d3:12:82:28:
72:30:fa:42:07:a8:3a:c7:92:ec:dd:9b:63:0e:be:fb:ac:e4:
76:91:11:fc:64:2b:58:91:8f:92:75:c2:17:89:72:3c:ab:cf:
5f:ec:c3:ee
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIECHWw7DANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
YmE3MDg4ZTM5ZTdhZDg4MTdiN2QxMGVhMmE1YjhhMDk4YTQ3YTBiMB4XDTIyMDEw
MTA5MDAzNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMWFkZmFkYWY1NDE0
YTQ1MDU4NzM0NjVkMjBiYWZmOGEzMGE5NGFiYjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALvEpcVqE+fAr4One+lVJCs+7daA3klDUVlKZuCEKeIo6br1
7kvoD8t9Z+JaAZEBpEstQZRCcGiSHNkbd0KDQAhGTAN4mxCD8Foj49bYVw9Cxvv9
DeyVDkZNJcIOY7qo11xlpU9BRXjMtlSPA3AjAyMiYZFJH3xRWpsDF/RSXB/LlwED
zNhLBvnLctZWUEtaNACQ5/sPxfUB9FVEggQg+JjUCIMMMcQiwJK1KHA2EExN2dDT
9uDRCPop63btzq2aYYjQgl9RRStISrUXWXxgWoU6lw3dhqIQ5LVwWheibwCJeGvZ
eOBWit4tdTycKaTntKtJZ390gYJttdqxSM1YR/sCAwEAAaOCAhgwggIUMB0GA1Ud
DgQWBBQa362vVBSkUFhzRl0guv+KMKlKuzAfBgNVHSMEGDAWgBQrpwiOOeetiBe3
0Q6ipbigmKR6CzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0s2Y0lqam5ucllnWHQ5RU9vcVc0b0ppa2Vncy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNDIvYmY1OGM1LWYzZTItNDFhYy1hMjE2LTRhNjdlNGQwNTZhYi8x
L0d0LXRyMVFVcEZCWWMwWmRJTHJfaWpDcFNycy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNDIv
YmY1OGM1LWYzZTItNDFhYy1hMjE2LTRhNjdlNGQwNTZhYi8xL0s2Y0lqam5uclln
WHQ5RU9vcVc0b0ppa2Vncy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAu
BggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEArk09DANBAIAAjAHAwUDKgTJwDAN
BgkqhkiG9w0BAQsFAAOCAQEAPIPXq/pW3urX1dlG0YPxRT6nGaEKSEuzR04lQ7xg
2tI9kHjCArAf0UhX4gmrLzRD7tGBVTws8gQtTDk0Y6i00mA+eu7sRBEGgTwcVCI7
b87KJmQhzJpafTy6ju3s2QKsSwQFFtEDKvp/3fTbV86M2iKq7r+MeNDb4GEl4+Ya
4UGZUkZLkn9CHagMDLmuEAbUdy3yPCsklpFGCvQ53/GQ6kSErC5tTc3E41ZeNJSV
UTmFJo544HflNCVuhSmgwPY8jIxtSxOu9rtOyWWpXPQx4v2l/xrTEoIocjD6Qgeo
OseS7N2bYw6++6zkdpER/GQrWJGPknXCF4lyPKvPX+zD7g==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:47:10 2023 by rpki-client on console-fra.rpki-client.org