Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/68/edc238-4c0a-46ed-bc24-3b9e3c8a2fca/1/g1KoCqUvcVwCUfpHU6lkvNvJiOE.roa
File: g1KoCqUvcVwCUfpHU6lkvNvJiOE.roa (raw, json)
Hash identifier: DGvmiGkSFhkmTtcufMfv9bOUDzv2mUEh17t/FEIRHSw=
Subject key identifier: 83:52:A8:0A:A5:2F:71:5C:02:51:FA:47:53:A9:64:BC:DB:C9:88:E1
Certificate issuer: /CN=dd0b663c45d7bc2724d168485087581e14448fb6
Certificate serial: 307D3191
Authority key identifier: DD:0B:66:3C:45:D7:BC:27:24:D1:68:48:50:87:58:1E:14:44:8F:B6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3QtmPEXXvCck0WhIUIdYHhREj7Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/68/edc238-4c0a-46ed-bc24-3b9e3c8a2fca/1/g1KoCqUvcVwCUfpHU6lkvNvJiOE.roa
Signing time: Sat 01 Jan 2022 05:56:49 +0000
ROA not before: Sat 01 Jan 2022 05:56:49 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 9051
IP address blocks: 82.112.160.0/21 maxlen: 24
193.227.160.0/19 maxlen: 24
37.209.248.0/21 maxlen: 24
213.175.160.0/19 maxlen: 24
185.124.212.0/22 maxlen: 24
2a06:b540::/29 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 813511057 (0x307d3191)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dd0b663c45d7bc2724d168485087581e14448fb6
Validity
Not Before: Jan 1 05:56:49 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=8352a80aa52f715c0251fa4753a964bcdbc988e1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f9:0c:e1:16:d6:7c:e5:06:94:7b:28:35:0d:a8:
aa:0f:ae:a3:b5:26:4c:dd:59:2a:e9:ec:10:22:1f:
07:6c:dc:b7:27:68:61:c0:4f:f6:ff:2a:98:03:22:
fb:85:ae:2d:e4:f9:c6:4f:11:e6:dc:8c:e5:1f:4b:
ef:84:f8:ab:31:f8:f1:6c:61:54:0a:3c:88:19:90:
1a:76:5a:c0:ef:49:33:3e:00:9f:ce:2f:35:b6:cc:
b5:5d:8c:8a:18:40:3d:c0:31:0f:23:cd:7e:27:cd:
99:de:90:cd:37:30:8f:ba:b9:46:5e:f1:f2:c6:2f:
1e:67:19:3a:14:97:b8:9e:1e:e3:ee:23:d6:34:41:
73:1b:18:9b:89:d4:29:d9:2d:d8:27:ef:1a:8b:28:
21:a4:61:58:1c:ac:60:f4:0d:01:6b:09:cd:7d:49:
14:8b:a6:31:51:13:46:63:c9:ec:7b:bd:7c:ce:3c:
be:05:a0:4b:96:63:38:e0:4c:20:79:7c:60:9f:b1:
d6:40:1b:46:b8:b6:9b:39:d0:22:f9:d6:2f:16:b5:
58:bc:57:ac:43:f8:11:b5:ab:84:02:cf:81:a9:dd:
c6:59:b9:bd:c2:39:f0:15:79:51:9e:d1:df:ed:07:
02:09:dc:18:74:93:8e:4d:e6:1a:2b:e4:6f:36:c1:
6f:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
83:52:A8:0A:A5:2F:71:5C:02:51:FA:47:53:A9:64:BC:DB:C9:88:E1
X509v3 Authority Key Identifier:
keyid:DD:0B:66:3C:45:D7:BC:27:24:D1:68:48:50:87:58:1E:14:44:8F:B6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3QtmPEXXvCck0WhIUIdYHhREj7Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/68/edc238-4c0a-46ed-bc24-3b9e3c8a2fca/1/g1KoCqUvcVwCUfpHU6lkvNvJiOE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/68/edc238-4c0a-46ed-bc24-3b9e3c8a2fca/1/3QtmPEXXvCck0WhIUIdYHhREj7Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.209.248.0/21
82.112.160.0/21
185.124.212.0/22
193.227.160.0/19
213.175.160.0/19
IPv6:
2a06:b540::/29
Signature Algorithm: sha256WithRSAEncryption
17:76:26:ce:6c:36:93:43:35:d5:e6:16:a8:c3:32:7e:14:10:
2e:f9:84:07:a9:32:46:67:17:f0:70:bf:cf:18:1b:b6:bb:6b:
ad:68:ed:9b:97:fc:e8:96:21:09:17:5b:95:b8:00:79:c4:5b:
da:f4:e5:fc:83:0c:6d:b7:46:ed:fd:c1:b5:7a:21:0e:bf:cf:
bb:b1:2b:ee:ca:34:8c:7b:99:b7:f0:ac:39:dd:3c:1e:8e:48:
df:75:42:9b:5a:ff:64:1d:f5:19:be:15:60:c9:ff:30:da:37:
7b:c5:bc:d5:7c:92:b0:36:0a:40:84:83:77:70:86:10:30:df:
fc:24:9e:ce:77:67:57:64:aa:61:01:15:48:e0:da:99:e0:cb:
20:75:b0:9a:54:a5:4a:ae:c3:72:13:35:3e:b2:e5:98:fc:2e:
30:e2:f8:ee:28:5e:d1:6d:cc:f4:19:d3:7c:af:ba:3b:81:3c:
3e:69:b2:e4:f0:70:85:85:42:11:4f:af:b2:a2:9b:26:2c:6f:
42:ec:7e:cd:3c:e2:a0:a8:a5:08:84:5a:67:ae:a0:6f:d4:6a:
d6:1f:c9:b5:1a:5e:45:25:fa:21:dd:10:70:c5:77:b3:1a:73:
75:37:fb:5b:8d:4d:e7:98:92:b5:d6:21:16:5a:69:b0:29:97:
11:e5:f2:ac
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgIEMH0xkTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
ZDBiNjYzYzQ1ZDdiYzI3MjRkMTY4NDg1MDg3NTgxZTE0NDQ4ZmI2MB4XDTIyMDEw
MTA1NTY0OVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoODM1MmE4MGFhNTJm
NzE1YzAyNTFmYTQ3NTNhOTY0YmNkYmM5ODhlMTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAPkM4RbWfOUGlHsoNQ2oqg+uo7UmTN1ZKunsECIfB2zctydo
YcBP9v8qmAMi+4WuLeT5xk8R5tyM5R9L74T4qzH48WxhVAo8iBmQGnZawO9JMz4A
n84vNbbMtV2MihhAPcAxDyPNfifNmd6QzTcwj7q5Rl7x8sYvHmcZOhSXuJ4e4+4j
1jRBcxsYm4nUKdkt2CfvGosoIaRhWBysYPQNAWsJzX1JFIumMVETRmPJ7Hu9fM48
vgWgS5ZjOOBMIHl8YJ+x1kAbRri2mznQIvnWLxa1WLxXrEP4EbWrhALPgandxlm5
vcI58BV5UZ7R3+0HAgncGHSTjk3mGivkbzbBb3ECAwEAAaOCAjAwggIsMB0GA1Ud
DgQWBBSDUqgKpS9xXAJR+kdTqWS828mI4TAfBgNVHSMEGDAWgBTdC2Y8Rde8JyTR
aEhQh1geFESPtjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzNRdG1QRVhYdkNjazBXaElVSWRZSGhSRWo3WS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNjgvZWRjMjM4LTRjMGEtNDZlZC1iYzI0LTNiOWUzYzhhMmZjYS8x
L2cxS29DcVV2Y1Z3Q1VmcEhVNmxrdk52SmlPRS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNjgv
ZWRjMjM4LTRjMGEtNDZlZC1iYzI0LTNiOWUzYzhhMmZjYS8xLzNRdG1QRVhYdkNj
azBXaElVSWRZSGhSRWo3WS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBG
BggrBgEFBQcBBwEB/wQ3MDUwJAQCAAEwHgMEAyXR+AMEA1JwoAMEArl81AMEBcHj
oAMEBdWvoDANBAIAAjAHAwUDKga1QDANBgkqhkiG9w0BAQsFAAOCAQEAF3Ymzmw2
k0M11eYWqMMyfhQQLvmEB6kyRmcX8HC/zxgbtrtrrWjtm5f86JYhCRdblbgAecRb
2vTl/IMMbbdG7f3BtXohDr/Pu7Er7so0jHuZt/CsOd08Ho5I33VCm1r/ZB31Gb4V
YMn/MNo3e8W81XySsDYKQISDd3CGEDDf/CSezndnV2SqYQEVSODameDLIHWwmlSl
Sq7DchM1PrLlmPwuMOL47ihe0W3M9BnTfK+6O4E8Pmmy5PBwhYVCEU+vsqKbJixv
Qux+zTzioKilCIRaZ66gb9Rq1h/JtRpeRSX6Id0QcMV3sxpzdTf7W41N55iStdYh
FlppsCmXEeXyrA==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:01:01 2023 by rpki-client on console-ams.rpki-client.org