Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/1bb45a-551c-4967-95ca-77344bcc9191/1/GXErBkop0U7kVhFlDAKxCfdPVi8.roa
File: GXErBkop0U7kVhFlDAKxCfdPVi8.roa (raw, json)
Hash identifier: O85isvSHL2xGuzhBlIj8HBRFaNMb+eUbd6tvrCj9Sng=
Subject key identifier: 19:71:2B:06:4A:29:D1:4E:E4:56:11:65:0C:02:B1:09:F7:4F:56:2F
Certificate issuer: /CN=3c4ed942e5c742e77bfb9beb954f872534f52848
Certificate serial: 01D79E8C
Authority key identifier: 3C:4E:D9:42:E5:C7:42:E7:7B:FB:9B:EB:95:4F:87:25:34:F5:28:48
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PE7ZQuXHQud7-5vrlU-HJTT1KEg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/1bb45a-551c-4967-95ca-77344bcc9191/1/GXErBkop0U7kVhFlDAKxCfdPVi8.roa
Signing time: Thu 20 Jan 2022 12:36:53 +0000
ROA not before: Thu 20 Jan 2022 12:36:53 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 61317
IP address blocks: 194.15.152.0/22 maxlen: 24
185.65.68.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 30908044 (0x1d79e8c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3c4ed942e5c742e77bfb9beb954f872534f52848
Validity
Not Before: Jan 20 12:36:53 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=19712b064a29d14ee45611650c02b109f74f562f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:38:4c:74:33:94:e1:50:9e:33:58:f6:06:82:
ea:06:ed:7b:95:62:49:c0:e2:0f:48:2e:e1:22:00:
1b:23:5f:7b:24:61:bb:4c:bb:47:05:b7:40:46:86:
4d:2e:58:13:0f:45:36:41:38:3a:4a:bc:bd:bb:d6:
56:8e:6f:ab:5a:79:0c:45:55:61:11:69:95:03:be:
d6:c7:65:3d:4b:f7:02:f8:a9:58:24:a0:b2:03:e6:
b6:29:a6:17:e0:ef:a2:d5:34:a6:7d:84:ef:7b:b3:
ab:68:ea:3e:5c:b5:e0:8b:f8:2e:19:fe:d3:35:c3:
20:2b:f9:f6:43:26:08:e8:ce:32:62:61:9a:32:c1:
5d:c4:32:ed:03:d4:7e:4d:1b:09:28:96:f4:64:cb:
ec:02:47:0b:69:28:f1:76:59:9a:5b:8e:70:c4:82:
b8:a0:1d:bc:51:df:2d:4c:c3:79:3e:fb:7e:38:7c:
14:af:aa:f5:27:d5:25:9f:2f:2b:16:89:2c:89:d0:
d7:91:9d:39:6d:e8:57:b5:da:9e:89:46:6d:30:fb:
2c:79:e1:00:07:5e:d4:42:e3:ab:6e:24:35:29:33:
95:d8:df:b5:2d:46:56:28:54:f5:33:1a:28:e3:ef:
48:27:3b:df:d5:37:51:85:cc:d4:da:b9:47:f6:07:
64:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
19:71:2B:06:4A:29:D1:4E:E4:56:11:65:0C:02:B1:09:F7:4F:56:2F
X509v3 Authority Key Identifier:
keyid:3C:4E:D9:42:E5:C7:42:E7:7B:FB:9B:EB:95:4F:87:25:34:F5:28:48
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PE7ZQuXHQud7-5vrlU-HJTT1KEg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/1bb45a-551c-4967-95ca-77344bcc9191/1/GXErBkop0U7kVhFlDAKxCfdPVi8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/1bb45a-551c-4967-95ca-77344bcc9191/1/PE7ZQuXHQud7-5vrlU-HJTT1KEg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.65.68.0/24
194.15.152.0/22
Signature Algorithm: sha256WithRSAEncryption
27:99:17:27:0f:f2:ac:2e:d1:97:8d:31:c0:4c:5c:fd:4b:58:
f1:a6:4d:c2:ff:79:e2:91:50:d6:89:51:b8:43:85:d9:d0:ee:
c0:f4:06:25:25:f3:c1:6b:ca:2d:17:55:4e:e1:25:91:95:21:
aa:5d:25:5d:10:5d:a6:67:86:44:c5:5b:f3:7f:5d:14:1f:ab:
f2:01:03:40:e9:a7:6a:b4:e1:10:b1:ac:ca:48:fb:39:4e:c9:
db:94:46:44:ae:1a:14:45:c4:dd:1b:09:95:a9:22:1a:f7:03:
43:25:d9:ca:45:03:86:ec:e2:d7:24:46:6f:e4:d7:19:0a:88:
dc:4c:cd:97:5f:0c:fc:74:d5:66:6a:61:b1:7c:11:56:5f:0f:
fc:d9:42:4c:15:6f:1f:ed:09:46:21:98:02:d6:90:33:26:31:
89:0a:db:69:a1:1e:74:16:b1:9e:ad:0a:15:76:d0:82:09:ea:
c8:67:45:cc:2a:52:6a:34:f0:37:12:03:40:48:8d:3e:51:6f:
d3:4d:5a:dc:7e:d2:7d:8e:55:91:d9:90:2b:43:5c:ce:ee:99:
07:fe:b6:e3:a3:e9:9d:be:7e:72:40:e4:42:ce:d6:9e:f1:33:
56:2e:5f:13:dd:03:5f:1f:6d:69:0b:c2:3d:0f:c2:58:3e:59:
3e:5d:10:8c
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIEAdeejDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
YzRlZDk0MmU1Yzc0MmU3N2JmYjliZWI5NTRmODcyNTM0ZjUyODQ4MB4XDTIyMDEy
MDEyMzY1M1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMTk3MTJiMDY0YTI5
ZDE0ZWU0NTYxMTY1MGMwMmIxMDlmNzRmNTYyZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMw4THQzlOFQnjNY9gaC6gbte5ViScDiD0gu4SIAGyNfeyRh
u0y7RwW3QEaGTS5YEw9FNkE4Okq8vbvWVo5vq1p5DEVVYRFplQO+1sdlPUv3Avip
WCSgsgPmtimmF+DvotU0pn2E73uzq2jqPly14Iv4Lhn+0zXDICv59kMmCOjOMmJh
mjLBXcQy7QPUfk0bCSiW9GTL7AJHC2ko8XZZmluOcMSCuKAdvFHfLUzDeT77fjh8
FK+q9SfVJZ8vKxaJLInQ15GdOW3oV7XanolGbTD7LHnhAAde1ELjq24kNSkzldjf
tS1GVihU9TMaKOPvSCc739U3UYXM1Nq5R/YHZHkCAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBQZcSsGSinRTuRWEWUMArEJ909WLzAfBgNVHSMEGDAWgBQ8TtlC5cdC53v7
m+uVT4clNPUoSDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1BFN1pRdVhIUXVkNy01dnJsVS1ISlRUMUtFZy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNjYvMWJiNDVhLTU1MWMtNDk2Ny05NWNhLTc3MzQ0YmNjOTE5MS8x
L0dYRXJCa29wMFU3a1ZoRmxEQUt4Q2ZkUFZpOC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNjYv
MWJiNDVhLTU1MWMtNDk2Ny05NWNhLTc3MzQ0YmNjOTE5MS8xL1BFN1pRdVhIUXVk
Ny01dnJsVS1ISlRUMUtFZy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEALlBRAMEAsIPmDANBgkqhkiG9w0B
AQsFAAOCAQEAJ5kXJw/yrC7Rl40xwExc/UtY8aZNwv954pFQ1olRuEOF2dDuwPQG
JSXzwWvKLRdVTuElkZUhql0lXRBdpmeGRMVb839dFB+r8gEDQOmnarThELGsykj7
OU7J25RGRK4aFEXE3RsJlakiGvcDQyXZykUDhuzi1yRGb+TXGQqI3EzNl18M/HTV
ZmphsXwRVl8P/NlCTBVvH+0JRiGYAtaQMyYxiQrbaaEedBaxnq0KFXbQggnqyGdF
zCpSajTwNxIDQEiNPlFv001a3H7SfY5VkdmQK0Nczu6ZB/6246Ppnb5+ckDkQs7W
nvEzVi5fE90DXx9taQvCPQ/CWD5ZPl0QjA==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:57:12 2023 by rpki-client on console-fra.rpki-client.org