Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/1-aGG5i1x_lcmkK1Zcq8xUifThWY.roa
File: 1-aGG5i1x_lcmkK1Zcq8xUifThWY.roa (raw, json)
Hash identifier: u80Gxn0QQMjC/lUBlpi5jT+advk7l4iQDTFk+2BROKM=
Subject key identifier: F9:A1:86:E6:2D:71:FE:57:26:90:AD:59:72:AF:31:52:27:D3:85:66
Certificate issuer: /CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Certificate serial: 2A117CA2
Authority key identifier: 74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/1-aGG5i1x_lcmkK1Zcq8xUifThWY.roa
Signing time: Wed 01 Jun 2022 09:32:22 +0000
ROA not before: Wed 01 Jun 2022 09:32:22 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 50245
IP address blocks: 92.38.38.0/24 maxlen: 24
95.47.138.0/24 maxlen: 24
93.171.200.0/22 maxlen: 24
2a02:128:7::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 705789090 (0x2a117ca2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Validity
Not Before: Jun 1 09:32:22 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=f9a186e62d71fe572690ad5972af315227d38566
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:8b:bc:a8:61:dd:6b:ca:04:b0:e3:0b:46:99:
bb:89:7a:48:3d:60:04:95:f6:6b:70:0d:30:c8:49:
af:27:be:2a:72:32:d7:4e:50:13:bb:15:72:dd:16:
5e:29:6e:f9:b3:63:9d:24:b4:75:80:d6:f2:d5:89:
d1:e0:8f:58:d2:5e:7b:3a:b3:a0:dc:15:e0:27:89:
35:01:3b:5e:48:19:f8:2f:91:1f:3a:cc:11:f5:d9:
be:69:2e:e2:54:25:5c:4f:8a:68:de:8b:fe:ed:e1:
c3:c1:0f:ac:49:c5:24:aa:fe:40:e9:53:80:66:d4:
8b:57:86:2b:ea:a0:e4:df:cb:7c:a9:e2:69:d7:29:
90:e3:2b:95:bc:6c:07:fa:f0:be:7a:79:9b:f1:ca:
e2:eb:02:aa:ac:df:49:58:c8:27:03:0a:d9:0b:e9:
eb:6a:cb:fa:01:26:e7:28:e3:9a:25:ee:38:5c:72:
2b:bc:d8:89:64:c6:62:06:4e:ec:cc:0c:fc:e4:70:
c5:c6:6d:90:f8:4b:ae:1d:2c:6b:93:60:71:26:a2:
93:67:24:51:f2:05:8f:73:ef:02:45:7d:c9:6b:31:
b4:da:14:66:46:08:d0:32:ee:eb:5c:81:a8:d6:bd:
f5:a5:3c:3c:cd:1b:cd:fc:ac:9d:04:db:90:19:4b:
91:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:A1:86:E6:2D:71:FE:57:26:90:AD:59:72:AF:31:52:27:D3:85:66
X509v3 Authority Key Identifier:
keyid:74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/1-aGG5i1x_lcmkK1Zcq8xUifThWY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
92.38.38.0/24
93.171.200.0/22
95.47.138.0/24
IPv6:
2a02:128:7::/48
Signature Algorithm: sha256WithRSAEncryption
8d:09:a3:96:db:cb:20:8a:83:d4:70:65:41:5a:96:ab:7a:b7:
f3:fa:c2:ba:2f:82:e1:7f:76:09:b5:fe:ee:c9:f4:38:a4:35:
5a:1a:dd:5e:4c:78:7d:d1:66:65:17:39:71:10:a5:0e:78:7f:
8f:7c:ce:ab:58:86:af:35:cf:83:94:43:d6:e9:79:f8:21:ef:
2e:fa:0a:92:0e:a9:6b:54:12:4f:2d:ab:91:88:69:98:56:c2:
49:d6:4e:c8:f0:8b:b9:91:7c:03:b6:db:87:a6:07:84:bf:81:
d3:6d:04:c4:5e:e3:99:b0:f0:2a:68:3b:c2:87:11:c1:b8:b4:
a2:c4:32:22:a2:61:34:2c:65:f9:70:a5:d7:16:cd:bd:a3:37:
2a:b8:69:a7:57:e0:1c:88:01:d6:2c:05:ae:cd:db:8b:4c:4f:
5f:0f:13:2e:84:d5:a3:9c:5a:20:4c:0b:70:38:8d:47:bc:66:
8f:35:79:84:57:5d:b3:52:96:0c:19:e4:7a:be:65:0a:4f:41:
4d:71:7a:30:b1:6d:78:e5:c6:3f:87:d9:15:ad:65:64:8d:61:
ce:0a:7a:c2:e1:25:48:88:e8:d8:3f:9b:df:ce:ca:9b:c5:ba:
1e:e6:c4:06:1c:e0:4e:fd:68:af:74:3e:79:ca:56:1c:4c:de:
64:26:3e:5b
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgIEKhF8ojANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
NDkxMjJjMzU0MzhhNGViMjYyMzNmZGM2ZTRiYjFkZjJkYWFlZjQyMB4XDTIyMDYw
MTA5MzIyMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZjlhMTg2ZTYyZDcx
ZmU1NzI2OTBhZDU5NzJhZjMxNTIyN2QzODU2NjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANKLvKhh3WvKBLDjC0aZu4l6SD1gBJX2a3ANMMhJrye+KnIy
105QE7sVct0WXilu+bNjnSS0dYDW8tWJ0eCPWNJeezqzoNwV4CeJNQE7XkgZ+C+R
HzrMEfXZvmku4lQlXE+KaN6L/u3hw8EPrEnFJKr+QOlTgGbUi1eGK+qg5N/LfKni
adcpkOMrlbxsB/rwvnp5m/HK4usCqqzfSVjIJwMK2Qvp62rL+gEm5yjjmiXuOFxy
K7zYiWTGYgZO7MwM/ORwxcZtkPhLrh0sa5NgcSaik2ckUfIFj3PvAkV9yWsxtNoU
ZkYI0DLu61yBqNa99aU8PM0bzfysnQTbkBlLkccCAwEAAaOCAicwggIjMB0GA1Ud
DgQWBBT5oYbmLXH+VyaQrVlyrzFSJ9OFZjAfBgNVHSMEGDAWgBR0kSLDVDik6yYj
P9xuS7HfLarvQjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2RKRWl3MVE0cE9zbUl6X2Nia3V4M3kycTcwSS5jZXIwgY4GCCsGAQUFBwELBIGB
MH8wfQYIKwYBBQUHMAuGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNTgvMThhOTFjLTBlNzctNDVjOS04Y2M0LTA2MmM2OTMzYWJlZC8x
LzEtYUdHNWkxeF9sY21rSzFaY3E4eFVpZlRoV1kucm9hMIGBBgNVHR8EejB4MHag
dKByhnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzU4
LzE4YTkxYy0wZTc3LTQ1YzktOGNjNC0wNjJjNjkzM2FiZWQvMS9kSkVpdzFRNHBP
c21Jel9jYmt1eDN5MnE3MEkuY3JsMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIw
PAYIKwYBBQUHAQcBAf8ELTArMBgEAgABMBIDBABcJiYDBAJdq8gDBABfL4owDwQC
AAIwCQMHACoCASgABzANBgkqhkiG9w0BAQsFAAOCAQEAjQmjltvLIIqD1HBlQVqW
q3q38/rCui+C4X92CbX+7sn0OKQ1WhrdXkx4fdFmZRc5cRClDnh/j3zOq1iGrzXP
g5RD1ul5+CHvLvoKkg6pa1QSTy2rkYhpmFbCSdZOyPCLuZF8A7bbh6YHhL+B020E
xF7jmbDwKmg7wocRwbi0osQyIqJhNCxl+XCl1xbNvaM3Krhpp1fgHIgB1iwFrs3b
i0xPXw8TLoTVo5xaIEwLcDiNR7xmjzV5hFdds1KWDBnker5lCk9BTXF6MLFteOXG
P4fZFa1lZI1hzgp6wuElSIjo2D+b387Km8W6HubEBhzgTv1or3Q+ecpWHEzeZCY+
Ww==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:41 2023 by rpki-client on console-fra.rpki-client.org