Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/GaznLZh1ATTn10rMF5AWWlWQSTs.roa
File: GaznLZh1ATTn10rMF5AWWlWQSTs.roa (raw, json)
Hash identifier: uE+niJF6bgqI2PEmx7EalMFEeTFC8R5wa8tbeijd/js=
Subject key identifier: 19:AC:E7:2D:98:75:01:34:E7:D7:4A:CC:17:90:16:5A:55:90:49:3B
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 01850CD048F9737B243824B20DEB8785F515
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/GaznLZh1ATTn10rMF5AWWlWQSTs.roa
Signing time: Tue 13 Dec 2022 18:47:34 +0000
ROA not before: Tue 13 Dec 2022 18:47:34 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 58057
IP address blocks: 45.136.136.0/22 maxlen: 24
94.177.122.0/24 maxlen: 24
194.50.94.0/24 maxlen: 24
85.202.203.0/24 maxlen: 24
194.50.92.0/24 maxlen: 24
194.50.111.0/24 maxlen: 24
45.12.69.0/24 maxlen: 24
45.12.68.0/22 maxlen: 24
139.28.96.0/22 maxlen: 24
31.42.183.0/24 maxlen: 24
2a0e:97c0:260::/44 maxlen: 44
2a0e:b107:1165::/48 maxlen: 48
2a0c:3b80::/29 maxlen: 48
2a0e:97c1:200::/40 maxlen: 48
2001:7f8:119::/48 maxlen: 48
2a10:cc46:1000::/36 maxlen: 48
2a0e:97c0:170::/48 maxlen: 48
2a0e:b107:9f2::/48 maxlen: 48
2a10:cc40:250::/44 maxlen: 48
2a0f:e404:102::/48 maxlen: 48
2a09:4c0::/29 maxlen: 64
2a0e:b107:1786::/48 maxlen: 48
2a0e:97c4:100::/44 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:0c:d0:48:f9:73:7b:24:38:24:b2:0d:eb:87:85:f5:15
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Dec 13 18:47:34 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=19ace72d98750134e7d74acc1790165a5590493b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:0f:c5:0e:1a:74:72:95:a3:92:bc:ff:05:49:
5f:5d:39:2d:b1:e6:53:eb:9e:47:be:de:35:43:7b:
61:8f:bc:06:aa:8a:14:b1:30:ab:77:14:ae:79:46:
59:30:31:b5:b7:b9:21:80:d4:d8:28:42:99:b7:fa:
24:9c:c2:39:02:7d:78:f5:91:2b:20:86:1b:1c:b1:
5e:81:97:2d:1c:dc:08:3c:ee:42:5f:cc:6f:02:3b:
3b:58:d9:a8:1d:55:ab:04:9a:bb:81:61:d2:96:96:
e7:f8:54:28:67:3b:5e:49:60:13:49:34:30:01:80:
b0:e9:e2:d8:a0:b8:a9:d6:83:e9:7e:66:f8:77:46:
79:55:ab:f0:4e:d5:ac:b4:b2:e1:25:29:33:81:eb:
1b:27:4c:06:27:54:f2:b1:c0:67:1d:38:1b:17:f3:
3e:30:a9:b0:6d:d7:81:89:fa:ee:db:7f:a0:ea:ca:
d1:da:14:e2:cd:dc:0f:13:d2:cf:ae:c1:04:a3:38:
dd:54:4e:37:8b:cd:b8:02:b0:e7:81:62:44:44:fb:
b4:3f:54:27:63:58:c8:ed:c7:65:c9:06:49:4e:78:
bf:ef:cd:c2:a1:30:32:88:c9:fb:d7:55:e5:2c:ad:
ec:c4:9a:e8:3b:19:65:11:42:bf:02:a3:d1:1a:e6:
82:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
19:AC:E7:2D:98:75:01:34:E7:D7:4A:CC:17:90:16:5A:55:90:49:3B
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/GaznLZh1ATTn10rMF5AWWlWQSTs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.42.183.0/24
45.12.68.0/22
45.136.136.0/22
85.202.203.0/24
94.177.122.0/24
139.28.96.0/22
194.50.92.0/24
194.50.94.0/24
194.50.111.0/24
IPv6:
2001:7f8:119::/48
2a09:4c0::/29
2a0c:3b80::/29
2a0e:97c0:170::/48
2a0e:97c0:260::/44
2a0e:97c1:200::/40
2a0e:97c4:100::/44
2a0e:b107:9f2::/48
2a0e:b107:1165::/48
2a0e:b107:1786::/48
2a0f:e404:102::/48
2a10:cc40:250::/44
2a10:cc46:1000::/36
Signature Algorithm: sha256WithRSAEncryption
29:49:36:ef:b3:82:24:59:24:9b:f6:f1:ed:93:db:6d:e5:cf:
76:2e:d0:0f:b8:6d:64:d6:dc:24:aa:05:a6:18:b7:f9:1d:59:
0d:a2:05:0d:82:f2:7d:26:c7:88:9c:ed:90:59:ed:3c:8f:5a:
51:f5:90:cd:b4:fa:f5:bf:1b:41:f3:b3:95:ba:16:3f:9c:77:
14:e4:9d:89:2c:ae:0b:df:ed:7b:44:6a:ee:8f:0a:b7:41:3f:
44:4f:01:e4:6d:89:5c:fe:f9:79:f5:c1:e6:67:dc:26:7f:16:
bb:36:73:4b:3b:34:3d:75:8d:09:92:05:03:c9:22:f9:52:10:
99:48:10:1c:4f:74:3f:9d:dd:14:9f:4a:f8:88:ab:95:b8:88:
60:49:bb:00:0f:88:10:80:86:71:09:08:90:e2:4f:a5:9f:0c:
4d:0f:90:02:5d:0e:bf:43:79:ec:ac:b8:ad:c2:ef:da:6a:55:
f8:7b:37:73:3a:d2:44:00:d1:b3:6c:90:b7:0b:ad:fb:64:cd:
28:be:1c:27:d1:41:77:d4:9d:1a:82:99:e5:93:1e:61:2f:b3:
0e:8d:07:f9:a7:7f:37:18:bb:e8:14:75:f5:26:89:e2:09:0b:
aa:e6:49:52:3b:a9:36:90:15:c9:21:8d:29:83:35:09:18:88:
b9:18:26:6f
-----BEGIN CERTIFICATE-----
MIIFpzCCBI+gAwIBAgISAYUM0Ej5c3skOCSyDeuHhfUVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjIxMjEzMTg0NzM0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxOWFjZTcyZDk4NzUwMTM0ZTdkNzRhY2MxNzkwMTY1YTU1OTA0OTNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqA/FDhp0cpWjkrz/BUlfXTktseZT
655Hvt41Q3thj7wGqooUsTCrdxSueUZZMDG1t7khgNTYKEKZt/oknMI5An149ZEr
IIYbHLFegZctHNwIPO5CX8xvAjs7WNmoHVWrBJq7gWHSlpbn+FQoZzteSWATSTQw
AYCw6eLYoLip1oPpfmb4d0Z5VavwTtWstLLhJSkzgesbJ0wGJ1TyscBnHTgbF/M+
MKmwbdeBifru23+g6srR2hTizdwPE9LPrsEEozjdVE43i824ArDngWJERPu0P1Qn
Y1jI7cdlyQZJTni/783CoTAyiMn711XlLK3sxJroOxllEUK/AqPRGuaChQIDAQAB
o4ICszCCAq8wHQYDVR0OBBYEFBms5y2YdQE059dKzBeQFlpVkEk7MB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvR2F6bkxaaDFBVFRuMTByTUY1QVdXbFdRU1RzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHIBggrBgEFBQcBBwEB/wSBuDCBtTA8BAIAATA2AwQAHyq3
AwQCLQxEAwQCLYiIAwQAVcrLAwQAXrF6AwQCixxgAwQAwjJcAwQAwjJeAwQAwjJv
MHUEAgACMG8DBwAgAQf4ARkDBQMqCQTAAwUDKgw7gAMHACoOl8ABcAMHBCoOl8AC
YAMGACoOl8ECAwcEKg6XxAEAAwcAKg6xBwnyAwcAKg6xBxFlAwcAKg6xBxeGAwcA
Kg/kBAECAwcEKhDMQAJQAwYEKhDMRhAwDQYJKoZIhvcNAQELBQADggEBAClJNu+z
giRZJJv28e2T223lz3Yu0A+4bWTW3CSqBaYYt/kdWQ2iBQ2C8n0mx4ic7ZBZ7TyP
WlH1kM20+vW/G0Hzs5W6Fj+cdxTknYksrgvf7XtEau6PCrdBP0RPAeRtiVz++Xn1
weZn3CZ/Frs2c0s7ND11jQmSBQPJIvlSEJlIEBxPdD+d3RSfSviIq5W4iGBJuwAP
iBCAhnEJCJDiT6WfDE0PkAJdDr9DeeysuK3C79pqVfh7N3M60kQA0bNskLcLrftk
zSi+HCfRQXfUnRqCmeWTHmEvsw6NB/mnfzcYu+gUdfUmieIJC6rmSVI7qTaQFckh
jSmDNQkYiLkYJm8=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:51:57 2023 by rpki-client on console-ams.rpki-client.org