Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/50/00ddaf-3be5-420d-919f-3b4cb975a9bc/1/gAWpEH0b1X9Yg5gV2bSmvBzvddA.roa
File: gAWpEH0b1X9Yg5gV2bSmvBzvddA.roa (raw, json)
Hash identifier: ZMXn6f65xlgmd3NhaNBJRPNyUNLtjttXAprUtyCFywM=
Subject key identifier: 80:05:A9:10:7D:1B:D5:7F:58:83:98:15:D9:B4:A6:BC:1C:EF:75:D0
Certificate issuer: /CN=b9b87b3b09ccb69a6de20468e90ecbb18f5ecbb6
Certificate serial: 388710D3
Authority key identifier: B9:B8:7B:3B:09:CC:B6:9A:6D:E2:04:68:E9:0E:CB:B1:8F:5E:CB:B6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ubh7OwnMtppt4gRo6Q7LsY9ey7Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/50/00ddaf-3be5-420d-919f-3b4cb975a9bc/1/gAWpEH0b1X9Yg5gV2bSmvBzvddA.roa
Signing time: Sat 01 Jan 2022 12:00:54 +0000
ROA not before: Sat 01 Jan 2022 12:00:54 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 33923
IP address blocks: 194.6.246.0/24 maxlen: 24
185.183.236.0/22 maxlen: 24
194.145.184.0/22 maxlen: 22
94.246.128.0/18 maxlen: 24
2a00:1a40::/32 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 948375763 (0x388710d3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b9b87b3b09ccb69a6de20468e90ecbb18f5ecbb6
Validity
Not Before: Jan 1 12:00:54 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=8005a9107d1bd57f58839815d9b4a6bc1cef75d0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:d2:fa:91:3c:dd:27:11:84:05:8d:78:fe:9c:
3f:a5:74:68:c0:93:7f:3e:46:95:34:3f:83:b2:7e:
e3:5c:42:5f:b2:74:a7:4a:ca:af:87:9c:48:21:b1:
ac:37:67:22:4b:8d:c0:20:48:30:30:66:de:58:cb:
58:6c:d1:d8:72:c3:89:d8:65:d3:5e:ea:31:79:18:
c6:01:c4:9a:18:ac:20:1d:06:76:a4:4b:65:5d:cf:
e2:62:5d:b2:c9:cd:92:ec:e9:ce:d3:97:09:e9:ee:
4a:17:95:e8:03:cf:3f:bd:8b:23:78:8a:1e:d0:77:
a8:55:f0:93:c7:7f:36:c3:42:56:de:8c:40:6d:1e:
e1:b8:bf:72:b3:ff:1f:ba:c8:54:fa:ee:66:bb:61:
bb:e8:24:bc:63:5d:e2:0f:08:56:3d:45:94:6a:ac:
0a:f4:e8:dd:3f:66:48:9e:13:59:f7:43:d0:4a:ea:
b7:d3:7f:3e:86:49:a2:74:d0:8f:8d:e0:3d:58:ab:
af:16:5c:80:30:c2:a5:6e:a8:b0:9f:9f:29:ac:19:
23:d7:51:fc:8d:57:56:96:60:ce:4f:dd:3e:c1:ab:
a1:f8:8a:93:c9:3d:aa:bd:f9:f1:94:0f:db:9c:a0:
d0:29:af:f4:79:69:8a:ed:cd:ab:62:f3:b8:ac:07:
de:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
80:05:A9:10:7D:1B:D5:7F:58:83:98:15:D9:B4:A6:BC:1C:EF:75:D0
X509v3 Authority Key Identifier:
keyid:B9:B8:7B:3B:09:CC:B6:9A:6D:E2:04:68:E9:0E:CB:B1:8F:5E:CB:B6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ubh7OwnMtppt4gRo6Q7LsY9ey7Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/50/00ddaf-3be5-420d-919f-3b4cb975a9bc/1/gAWpEH0b1X9Yg5gV2bSmvBzvddA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/50/00ddaf-3be5-420d-919f-3b4cb975a9bc/1/ubh7OwnMtppt4gRo6Q7LsY9ey7Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.246.128.0/18
185.183.236.0/22
194.6.246.0/24
194.145.184.0/22
IPv6:
2a00:1a40::/32
Signature Algorithm: sha256WithRSAEncryption
ab:52:5c:68:98:97:75:96:70:50:4f:1c:05:1d:f1:cc:b0:a9:
ab:35:0c:6b:49:61:f1:b2:cb:28:42:89:06:4a:ba:f6:e8:a5:
b7:ba:0f:2d:f6:13:b0:4d:35:13:71:3c:31:7f:d6:dd:c5:a9:
17:11:13:c1:91:cc:b4:72:fc:bc:ea:cb:56:8f:5e:f5:bc:2a:
16:cd:bd:f7:9e:56:c3:3e:45:45:d5:c4:e9:77:be:61:35:62:
97:5b:60:be:39:27:85:27:10:e2:7c:64:91:a9:19:87:d2:42:
58:a0:fd:bf:2d:4b:25:12:5e:66:62:8c:87:f9:bf:ff:71:2b:
89:07:82:e5:62:89:75:96:15:05:b4:10:60:6b:bc:f2:ec:d1:
88:55:71:9d:36:c0:f2:b8:df:89:18:42:75:6d:74:c3:9b:01:
b0:8b:b9:e0:68:a0:f9:f2:e3:e9:25:bf:d3:f5:f3:72:85:e5:
17:ca:d5:3d:d5:d7:19:93:90:ac:79:90:ac:e0:ca:10:72:2d:
67:1e:9f:df:ac:47:88:42:99:f9:a8:e1:87:41:28:8d:e2:f7:
f9:93:35:36:02:92:37:bb:40:ae:dd:97:6a:79:c9:00:9f:55:
b0:ff:ab:1c:96:f7:73:0d:26:c5:24:be:c5:ad:f9:21:46:78:
43:9a:d4:37
-----BEGIN CERTIFICATE-----
MIIFEDCCA/igAwIBAgIEOIcQ0zANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
OWI4N2IzYjA5Y2NiNjlhNmRlMjA0NjhlOTBlY2JiMThmNWVjYmI2MB4XDTIyMDEw
MTEyMDA1NFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoODAwNWE5MTA3ZDFi
ZDU3ZjU4ODM5ODE1ZDliNGE2YmMxY2VmNzVkMDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANLS+pE83ScRhAWNeP6cP6V0aMCTfz5GlTQ/g7J+41xCX7J0
p0rKr4ecSCGxrDdnIkuNwCBIMDBm3ljLWGzR2HLDidhl017qMXkYxgHEmhisIB0G
dqRLZV3P4mJdssnNkuzpztOXCenuSheV6APPP72LI3iKHtB3qFXwk8d/NsNCVt6M
QG0e4bi/crP/H7rIVPruZrthu+gkvGNd4g8IVj1FlGqsCvTo3T9mSJ4TWfdD0Erq
t9N/PoZJonTQj43gPVirrxZcgDDCpW6osJ+fKawZI9dR/I1XVpZgzk/dPsGrofiK
k8k9qr358ZQP25yg0Cmv9Hlpiu3Nq2LzuKwH3r0CAwEAAaOCAiowggImMB0GA1Ud
DgQWBBSABakQfRvVf1iDmBXZtKa8HO910DAfBgNVHSMEGDAWgBS5uHs7Ccy2mm3i
BGjpDsuxj17LtjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3ViaDdPd25NdHBwdDRnUm82UTdMc1k5ZXk3WS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNTAvMDBkZGFmLTNiZTUtNDIwZC05MTlmLTNiNGNiOTc1YTliYy8x
L2dBV3BFSDBiMVg5WWc1Z1YyYlNtdkJ6dmRkQS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTAv
MDBkZGFmLTNiZTUtNDIwZC05MTlmLTNiNGNiOTc1YTliYy8xL3ViaDdPd25NdHBw
dDRnUm82UTdMc1k5ZXk3WS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBA
BggrBgEFBQcBBwEB/wQxMC8wHgQCAAEwGAMEBl72gAMEArm37AMEAMIG9gMEAsKR
uDANBAIAAjAHAwUAKgAaQDANBgkqhkiG9w0BAQsFAAOCAQEAq1JcaJiXdZZwUE8c
BR3xzLCpqzUMa0lh8bLLKEKJBkq69uilt7oPLfYTsE01E3E8MX/W3cWpFxETwZHM
tHL8vOrLVo9e9bwqFs29955Wwz5FRdXE6Xe+YTVil1tgvjknhScQ4nxkkakZh9JC
WKD9vy1LJRJeZmKMh/m//3EriQeC5WKJdZYVBbQQYGu88uzRiFVxnTbA8rjfiRhC
dW10w5sBsIu54Gig+fLj6SW/0/XzcoXlF8rVPdXXGZOQrHmQrODKEHItZx6f36xH
iEKZ+ajhh0EojeL3+ZM1NgKSN7tArt2XannJAJ9VsP+rHJb3cw0mxSS+xa35IUZ4
Q5rUNw==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:05 2023 by rpki-client on console-fra.rpki-client.org