Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/e6efcf-e5d9-49f0-b11f-d52fdc9e8287/1/gkdKfiOdeJO4XwU9eFGQL66JMR8.roa
File: gkdKfiOdeJO4XwU9eFGQL66JMR8.roa (raw, json)
Hash identifier: obut9sDAwyMapxzv0xIG4oT1qysIkJOWFs21xdG4PJY=
Subject key identifier: 82:47:4A:7E:23:9D:78:93:B8:5F:05:3D:78:51:90:2F:AE:89:31:1F
Certificate issuer: /CN=e1baf90ed13d175452cf5e5a1632a794bf1f4c9a
Certificate serial: 15597C3B
Authority key identifier: E1:BA:F9:0E:D1:3D:17:54:52:CF:5E:5A:16:32:A7:94:BF:1F:4C:9A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4br5DtE9F1RSz15aFjKnlL8fTJo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/64/e6efcf-e5d9-49f0-b11f-d52fdc9e8287/1/gkdKfiOdeJO4XwU9eFGQL66JMR8.roa
Signing time: Sat 01 Jan 2022 09:53:10 +0000
ROA not before: Sat 01 Jan 2022 09:53:10 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 198977
IP address blocks: 185.69.70.0/23 maxlen: 23
2a05:2100::/30 maxlen: 30
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 358186043 (0x15597c3b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e1baf90ed13d175452cf5e5a1632a794bf1f4c9a
Validity
Not Before: Jan 1 09:53:10 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=82474a7e239d7893b85f053d7851902fae89311f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:66:ac:04:48:24:e0:7c:f1:84:0c:1c:8d:dc:
bd:33:91:20:3d:61:ec:03:44:86:41:a0:a0:e5:63:
83:fd:8d:26:47:62:63:9b:bd:82:f2:65:96:d4:b3:
a8:6b:07:3a:4e:1c:ae:ab:5c:a2:f3:d1:e3:f7:66:
03:04:42:dd:7a:d8:fc:39:80:54:44:e3:d8:c3:a7:
99:bd:54:ee:6c:f6:d8:3c:13:0d:ba:05:4e:e3:8e:
78:32:71:3f:b6:f3:e4:7a:58:a9:93:10:d7:88:30:
fe:1b:ac:24:ba:c5:54:8c:b6:4f:41:cb:17:05:f8:
d1:d0:a6:a4:ed:08:7d:20:07:48:a2:70:85:38:15:
d7:15:c5:23:e6:6f:d7:06:a0:c4:95:c5:44:cc:6f:
a9:6a:4d:e0:97:ef:1c:17:93:5c:10:d0:9a:db:1d:
31:ff:ab:e3:39:3a:b8:39:fe:d1:2b:6c:7a:22:fd:
3d:d8:d0:29:3d:c2:80:3d:ac:bd:e9:e2:8b:c1:e6:
b6:92:c7:d3:e7:c6:4e:fd:cc:55:71:40:e0:52:48:
b7:00:f2:19:3f:83:b8:9c:1b:3a:76:6a:54:e0:69:
ae:6a:d1:7e:e7:79:be:0e:8f:b0:2d:81:31:46:ee:
60:82:b9:dd:77:15:36:d6:67:9f:c4:f5:e4:d8:8b:
40:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
82:47:4A:7E:23:9D:78:93:B8:5F:05:3D:78:51:90:2F:AE:89:31:1F
X509v3 Authority Key Identifier:
keyid:E1:BA:F9:0E:D1:3D:17:54:52:CF:5E:5A:16:32:A7:94:BF:1F:4C:9A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4br5DtE9F1RSz15aFjKnlL8fTJo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/e6efcf-e5d9-49f0-b11f-d52fdc9e8287/1/gkdKfiOdeJO4XwU9eFGQL66JMR8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/64/e6efcf-e5d9-49f0-b11f-d52fdc9e8287/1/4br5DtE9F1RSz15aFjKnlL8fTJo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.69.70.0/23
IPv6:
2a05:2100::/30
Signature Algorithm: sha256WithRSAEncryption
70:b1:9f:b8:d1:b0:37:78:74:43:0c:94:80:88:d0:28:e0:aa:
d0:7f:2b:a7:12:84:19:f2:48:07:31:29:62:c7:3e:3b:8b:24:
bf:7a:87:91:ab:26:15:7f:f5:d8:73:8d:59:92:9d:a9:6a:1f:
10:85:c2:04:48:14:3d:a3:7e:b2:ca:5e:8d:ba:54:07:75:2d:
69:44:63:b1:2d:5d:78:c9:a9:93:84:f6:81:3e:a1:08:32:6b:
5e:6c:a6:ef:60:61:f2:cb:db:bd:6d:3c:0f:29:a6:81:fe:d5:
3f:7e:43:8a:32:fd:0d:fa:69:da:46:d6:7e:55:8a:b1:d3:f6:
f7:39:56:22:f3:bf:2c:80:2d:72:90:51:b4:d7:6c:dd:2c:7f:
03:91:db:68:9d:e5:c9:5c:7f:17:b4:fa:0a:74:66:49:c0:57:
42:11:d7:af:83:72:15:47:e8:7e:72:bf:46:4f:55:61:0f:9d:
b3:12:aa:55:aa:a0:b3:90:6a:55:c3:88:fa:66:8a:77:73:a6:
5c:32:9a:4c:29:44:21:88:7a:21:02:05:5c:50:19:62:1a:97:
69:9a:10:e4:96:77:0c:ef:57:81:68:a1:a5:58:7d:6f:51:c5:
43:86:c2:36:b0:7f:a0:4c:65:a7:5d:7a:2d:4b:d4:f0:f2:9a:
c9:2b:08:7a
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIEFVl8OzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhl
MWJhZjkwZWQxM2QxNzU0NTJjZjVlNWExNjMyYTc5NGJmMWY0YzlhMB4XDTIyMDEw
MTA5NTMxMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoODI0NzRhN2UyMzlk
Nzg5M2I4NWYwNTNkNzg1MTkwMmZhZTg5MzExZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOZmrARIJOB88YQMHI3cvTORID1h7ANEhkGgoOVjg/2NJkdi
Y5u9gvJlltSzqGsHOk4crqtcovPR4/dmAwRC3XrY/DmAVETj2MOnmb1U7mz22DwT
DboFTuOOeDJxP7bz5HpYqZMQ14gw/husJLrFVIy2T0HLFwX40dCmpO0IfSAHSKJw
hTgV1xXFI+Zv1wagxJXFRMxvqWpN4JfvHBeTXBDQmtsdMf+r4zk6uDn+0StseiL9
PdjQKT3CgD2svenii8HmtpLH0+fGTv3MVXFA4FJItwDyGT+DuJwbOnZqVOBprmrR
fud5vg6PsC2BMUbuYIK53XcVNtZnn8T15NiLQHkCAwEAAaOCAhgwggIUMB0GA1Ud
DgQWBBSCR0p+I514k7hfBT14UZAvrokxHzAfBgNVHSMEGDAWgBThuvkO0T0XVFLP
XloWMqeUvx9MmjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzRicjVEdEU5RjFSU3oxNWFGaktubEw4ZlRKby5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNjQvZTZlZmNmLWU1ZDktNDlmMC1iMTFmLWQ1MmZkYzllODI4Ny8x
L2drZEtmaU9kZUpPNFh3VTllRkdRTDY2Sk1SOC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNjQv
ZTZlZmNmLWU1ZDktNDlmMC1iMTFmLWQ1MmZkYzllODI4Ny8xLzRicjVEdEU5RjFS
U3oxNWFGaktubEw4ZlRKby5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAu
BggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEAblFRjANBAIAAjAHAwUCKgUhADAN
BgkqhkiG9w0BAQsFAAOCAQEAcLGfuNGwN3h0QwyUgIjQKOCq0H8rpxKEGfJIBzEp
Ysc+O4skv3qHkasmFX/12HONWZKdqWofEIXCBEgUPaN+sspejbpUB3UtaURjsS1d
eMmpk4T2gT6hCDJrXmym72Bh8svbvW08Dymmgf7VP35DijL9Dfpp2kbWflWKsdP2
9zlWIvO/LIAtcpBRtNds3Sx/A5HbaJ3lyVx/F7T6CnRmScBXQhHXr4NyFUfofnK/
Rk9VYQ+dsxKqVaqgs5BqVcOI+maKd3OmXDKaTClEIYh6IQIFXFAZYhqXaZoQ5JZ3
DO9XgWihpVh9b1HFQ4bCNrB/oExlp116LUvU8PKaySsIeg==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:57:08 2023 by rpki-client on console-fra.rpki-client.org