Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/63/bdbfb0-f914-40d3-b2e2-b913e596707e/1/GKZ7h4p4jo9kc_pCt3Bxew_lsgA.roa
File: GKZ7h4p4jo9kc_pCt3Bxew_lsgA.roa (raw, json)
Hash identifier: mRE0mCiJZhuXg9ZNRsx7m0TpNO3YLirIXa8Ea5fd/fE=
Subject key identifier: 18:A6:7B:87:8A:78:8E:8F:64:73:FA:42:B7:70:71:7B:0F:E5:B2:00
Certificate issuer: /CN=26a98b6125f5243e3ed835015967cddb97148df1
Certificate serial: 02AFC328
Authority key identifier: 26:A9:8B:61:25:F5:24:3E:3E:D8:35:01:59:67:CD:DB:97:14:8D:F1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JqmLYSX1JD4-2DUBWWfN25cUjfE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/63/bdbfb0-f914-40d3-b2e2-b913e596707e/1/GKZ7h4p4jo9kc_pCt3Bxew_lsgA.roa
Signing time: Sat 01 Jan 2022 14:01:37 +0000
ROA not before: Sat 01 Jan 2022 14:01:37 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 59595
IP address blocks: 81.161.16.0/22 maxlen: 22
81.161.20.0/23 maxlen: 23
81.161.24.0/24 maxlen: 24
81.161.22.0/23 maxlen: 23
81.161.30.0/23 maxlen: 23
81.161.25.0/24 maxlen: 24
81.161.28.0/23 maxlen: 23
81.161.26.0/23 maxlen: 23
91.227.210.0/23 maxlen: 23
91.227.210.0/24 maxlen: 24
91.227.211.0/24 maxlen: 24
91.227.228.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 45073192 (0x2afc328)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=26a98b6125f5243e3ed835015967cddb97148df1
Validity
Not Before: Jan 1 14:01:37 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=18a67b878a788e8f6473fa42b770717b0fe5b200
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:a4:6b:ef:71:7d:88:7f:bb:62:f5:98:33:d0:
78:50:a1:cf:7c:28:cc:a9:bf:95:f7:dc:7c:16:9a:
ea:11:99:6f:b4:e1:ce:41:09:4f:99:d3:67:62:21:
3d:69:7d:73:a1:8c:00:0c:87:58:67:fe:5c:1a:7a:
d1:fd:8e:71:0d:b1:48:8d:53:12:34:10:79:a1:7a:
e5:56:6a:1d:9c:83:9d:d3:b6:f6:22:1f:24:eb:58:
cc:aa:ba:8a:7a:6b:df:6c:6a:8c:8d:a1:a0:9f:c5:
d3:33:12:8e:3e:23:ac:02:e7:25:8f:ef:45:69:56:
c8:d4:b2:06:6f:49:c6:57:00:99:d4:19:5f:f7:3b:
06:fe:9e:d5:30:b8:0f:f6:7b:f0:d3:fd:7d:95:a5:
a2:f0:9d:de:94:c2:06:45:a5:52:55:24:01:9b:f6:
d8:e3:d0:9f:47:af:d4:29:23:8f:bc:a7:f0:a8:ae:
d1:7e:71:80:12:90:ab:15:91:24:a6:75:fc:e7:33:
c7:0b:03:dd:eb:45:5c:7d:9c:90:db:30:a7:e8:ff:
50:ea:66:16:37:e0:f4:ac:46:18:db:87:92:72:7c:
d2:ca:79:ba:3e:f9:2a:ad:b6:82:b4:3f:52:7f:0d:
cd:93:94:6f:5c:a2:24:48:0f:3d:29:cb:be:c2:4e:
54:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
18:A6:7B:87:8A:78:8E:8F:64:73:FA:42:B7:70:71:7B:0F:E5:B2:00
X509v3 Authority Key Identifier:
keyid:26:A9:8B:61:25:F5:24:3E:3E:D8:35:01:59:67:CD:DB:97:14:8D:F1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JqmLYSX1JD4-2DUBWWfN25cUjfE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/63/bdbfb0-f914-40d3-b2e2-b913e596707e/1/GKZ7h4p4jo9kc_pCt3Bxew_lsgA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/63/bdbfb0-f914-40d3-b2e2-b913e596707e/1/JqmLYSX1JD4-2DUBWWfN25cUjfE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.161.16.0/20
91.227.210.0/23
91.227.228.0/24
Signature Algorithm: sha256WithRSAEncryption
36:d8:bb:1d:a8:31:e3:96:c4:01:70:cf:d7:87:41:8f:32:11:
53:15:f5:12:a3:be:c2:ca:30:7b:2b:c0:0e:83:dd:f3:a8:1a:
e8:43:99:f6:5c:6a:80:1a:5b:cf:ba:85:52:ce:ab:06:1d:32:
99:5f:06:6c:fa:fc:18:b0:e4:a4:e6:59:25:5e:e7:85:3e:c7:
55:d4:3d:1f:7a:88:cd:98:4c:f0:61:4e:7e:e7:7c:3d:5a:f1:
68:c5:03:05:63:b1:84:41:d2:68:32:a0:47:cc:35:57:80:d5:
8e:8f:95:01:26:59:3a:40:29:21:01:0f:e4:07:26:37:1d:9b:
32:cf:0d:3d:d1:ee:4c:a4:d6:c0:ec:40:67:16:72:bc:f8:37:
eb:89:b8:c3:29:7c:bf:93:be:15:9b:27:2d:1b:f8:33:9b:82:
b2:72:8c:35:65:48:b2:b7:f0:b8:57:6b:2b:e3:7b:57:0e:3e:
81:d8:2b:1b:16:b8:24:04:1d:5e:e4:f2:8b:ba:8d:9b:77:ff:
3a:19:d0:7b:6e:3c:c4:de:19:af:67:da:70:4b:f9:44:9a:d2:
c8:eb:4c:6c:d8:93:13:3d:2d:38:fd:a2:96:6c:18:b7:9c:11:
80:98:12:c8:ed:44:bd:d1:78:f3:4f:0c:4c:32:7b:ee:a3:4e:
97:4b:8d:5d
-----BEGIN CERTIFICATE-----
MIIE+zCCA+OgAwIBAgIEAq/DKDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
NmE5OGI2MTI1ZjUyNDNlM2VkODM1MDE1OTY3Y2RkYjk3MTQ4ZGYxMB4XDTIyMDEw
MTE0MDEzN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMThhNjdiODc4YTc4
OGU4ZjY0NzNmYTQyYjc3MDcxN2IwZmU1YjIwMDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKuka+9xfYh/u2L1mDPQeFChz3wozKm/lffcfBaa6hGZb7Th
zkEJT5nTZ2IhPWl9c6GMAAyHWGf+XBp60f2OcQ2xSI1TEjQQeaF65VZqHZyDndO2
9iIfJOtYzKq6inpr32xqjI2hoJ/F0zMSjj4jrALnJY/vRWlWyNSyBm9JxlcAmdQZ
X/c7Bv6e1TC4D/Z78NP9fZWlovCd3pTCBkWlUlUkAZv22OPQn0ev1Ckjj7yn8Kiu
0X5xgBKQqxWRJKZ1/OczxwsD3etFXH2ckNswp+j/UOpmFjfg9KxGGNuHknJ80sp5
uj75Kq22grQ/Un8NzZOUb1yiJEgPPSnLvsJOVEECAwEAAaOCAhUwggIRMB0GA1Ud
DgQWBBQYpnuHiniOj2Rz+kK3cHF7D+WyADAfBgNVHSMEGDAWgBQmqYthJfUkPj7Y
NQFZZ83blxSN8TAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0pxbUxZU1gxSkQ0LTJEVUJXV2ZOMjVjVWpmRS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNjMvYmRiZmIwLWY5MTQtNDBkMy1iMmUyLWI5MTNlNTk2NzA3ZS8x
L0dLWjdoNHA0am85a2NfcEN0M0J4ZXdfbHNnQS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNjMv
YmRiZmIwLWY5MTQtNDBkMy1iMmUyLWI5MTNlNTk2NzA3ZS8xL0pxbUxZU1gxSkQ0
LTJEVUJXV2ZOMjVjVWpmRS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAr
BggrBgEFBQcBBwEB/wQcMBowGAQCAAEwEgMEBFGhEAMEAVvj0gMEAFvj5DANBgkq
hkiG9w0BAQsFAAOCAQEANti7Hagx45bEAXDP14dBjzIRUxX1EqO+wsoweyvADoPd
86ga6EOZ9lxqgBpbz7qFUs6rBh0ymV8GbPr8GLDkpOZZJV7nhT7HVdQ9H3qIzZhM
8GFOfud8PVrxaMUDBWOxhEHSaDKgR8w1V4DVjo+VASZZOkApIQEP5AcmNx2bMs8N
PdHuTKTWwOxAZxZyvPg364m4wyl8v5O+FZsnLRv4M5uCsnKMNWVIsrfwuFdrK+N7
Vw4+gdgrGxa4JAQdXuTyi7qNm3f/OhnQe248xN4Zr2facEv5RJrSyOtMbNiTEz0t
OP2ilmwYt5wRgJgSyO1EvdF4808MTDJ77qNOl0uNXQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:32:42 2024 by rpki-client on console-fra.rpki-client.org