Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6f/83ff8f-16ca-4249-b774-62a28f3e001c/1/GXgNrGnKlS8SuSktnEwP-zaOPXY.roa
File: GXgNrGnKlS8SuSktnEwP-zaOPXY.roa (raw, json)
Hash identifier: 9x20WDO4jsVnfvebBFMIep7/GjBL/A2RQwYbIu6VHww=
Subject key identifier: 19:78:0D:AC:69:CA:95:2F:12:B9:29:2D:9C:4C:0F:FB:36:8E:3D:76
Certificate issuer: /CN=e10fbb9b3cd1c216adc699e5edad5f531d9afcb6
Certificate serial: 02909F
Authority key identifier: E1:0F:BB:9B:3C:D1:C2:16:AD:C6:99:E5:ED:AD:5F:53:1D:9A:FC:B6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4Q-7mzzRwhatxpnl7a1fUx2a_LY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6f/83ff8f-16ca-4249-b774-62a28f3e001c/1/GXgNrGnKlS8SuSktnEwP-zaOPXY.roa
Signing time: Wed 11 May 2022 08:11:31 +0000
ROA not before: Wed 11 May 2022 08:11:31 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 43530
IP address blocks: 176.62.240.0/20 maxlen: 20
78.110.144.0/20 maxlen: 20
37.75.192.0/21 maxlen: 21
46.245.128.0/21 maxlen: 21
5.35.128.0/19 maxlen: 19
185.222.236.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 168095 (0x2909f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e10fbb9b3cd1c216adc699e5edad5f531d9afcb6
Validity
Not Before: May 11 08:11:31 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=19780dac69ca952f12b9292d9c4c0ffb368e3d76
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:64:98:99:92:13:fd:1f:ef:92:77:25:f4:b3:
8a:58:c7:45:c1:dd:ad:a5:0c:cf:53:1e:fd:b2:9e:
69:7c:38:ad:4c:51:64:d2:80:27:3a:69:63:e7:8e:
6a:ee:b5:6f:62:71:df:eb:b7:78:25:c5:77:43:1f:
8d:4d:e9:e4:50:54:2a:71:8c:f1:7b:3b:3d:54:06:
6d:f0:72:66:13:ef:85:bf:f8:f8:52:bb:b2:70:b0:
64:44:7f:fc:6d:19:81:e9:28:95:82:9a:c4:2d:25:
98:f4:aa:cf:cf:dc:42:d1:57:dd:c4:84:c4:3f:03:
db:bb:2f:24:ee:aa:8c:57:bc:79:f4:53:25:e4:fd:
0a:7a:9a:4c:c3:4b:cb:59:76:89:50:01:3e:a0:16:
16:96:f9:0f:d8:37:e7:5c:72:f3:ce:05:63:f1:27:
23:ef:94:a3:9c:9d:31:13:8f:b4:15:46:6d:c1:71:
47:af:bc:93:e7:9e:4e:49:e1:84:b2:92:78:6f:e2:
ae:af:66:10:bf:aa:a8:56:1c:15:d4:03:b2:23:69:
5c:cd:65:b7:cf:16:0b:c8:62:f6:f4:c2:39:5b:30:
7c:ec:cd:17:d8:9d:56:33:db:14:95:e9:21:13:aa:
77:a3:f0:4b:0f:68:20:86:ff:4c:3f:d4:b8:9a:bd:
c9:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
19:78:0D:AC:69:CA:95:2F:12:B9:29:2D:9C:4C:0F:FB:36:8E:3D:76
X509v3 Authority Key Identifier:
keyid:E1:0F:BB:9B:3C:D1:C2:16:AD:C6:99:E5:ED:AD:5F:53:1D:9A:FC:B6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4Q-7mzzRwhatxpnl7a1fUx2a_LY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/83ff8f-16ca-4249-b774-62a28f3e001c/1/GXgNrGnKlS8SuSktnEwP-zaOPXY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/83ff8f-16ca-4249-b774-62a28f3e001c/1/4Q-7mzzRwhatxpnl7a1fUx2a_LY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.35.128.0/19
37.75.192.0/21
46.245.128.0/21
78.110.144.0/20
176.62.240.0/20
185.222.236.0/22
Signature Algorithm: sha256WithRSAEncryption
50:eb:82:2d:95:ab:be:0e:b5:83:5c:fa:9d:c9:1b:2f:91:d1:
ef:79:d8:34:99:a6:9d:97:dd:1d:85:09:36:66:c8:0c:52:8f:
a5:7f:82:01:08:61:74:0f:ed:e9:33:cd:0b:b5:7e:f2:87:67:
85:e3:bf:d8:aa:0d:6b:4e:f0:de:ec:21:31:22:d6:b7:42:52:
65:4c:91:e1:d9:bd:4b:8b:a5:bd:95:71:03:4f:df:98:5a:9b:
bc:74:aa:8b:24:18:ec:a5:6c:5b:62:fb:88:9d:37:a7:88:d4:
34:d7:ae:00:e0:62:04:09:78:1d:c7:e5:58:71:be:8b:31:68:
2e:51:88:5d:72:b4:e4:fc:cb:8e:9f:4d:ee:bf:3c:dd:ce:8c:
f4:ff:ab:df:9e:cd:af:a8:1d:e1:f7:c1:60:a0:83:cc:58:97:
65:f8:b9:08:ea:01:af:2f:2c:c7:3f:e2:c6:64:59:dd:87:12:
84:a5:ac:e2:26:47:7d:2b:4b:6b:7d:61:90:09:b0:11:da:51:
7b:2f:7e:bf:08:76:e2:bb:54:6c:39:27:b8:bc:23:c0:a5:57:
92:4b:47:86:f5:47:bf:83:a8:ea:e6:ab:70:36:54:7c:19:c6:
bf:d6:52:28:45:7f:75:bc:41:35:17:86:b3:d7:ee:5b:c4:b8:
b3:b3:97:c9
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgIDApCfMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGUx
MGZiYjliM2NkMWMyMTZhZGM2OTllNWVkYWQ1ZjUzMWQ5YWZjYjYwHhcNMjIwNTEx
MDgxMTMxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEygxOTc4MGRhYzY5Y2E5
NTJmMTJiOTI5MmQ5YzRjMGZmYjM2OGUzZDc2MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAimSYmZIT/R/vkncl9LOKWMdFwd2tpQzPUx79sp5pfDitTFFk
0oAnOmlj545q7rVvYnHf67d4JcV3Qx+NTenkUFQqcYzxezs9VAZt8HJmE++Fv/j4
UruycLBkRH/8bRmB6SiVgprELSWY9KrPz9xC0VfdxITEPwPbuy8k7qqMV7x59FMl
5P0KeppMw0vLWXaJUAE+oBYWlvkP2DfnXHLzzgVj8Scj75SjnJ0xE4+0FUZtwXFH
r7yT555OSeGEspJ4b+Kur2YQv6qoVhwV1AOyI2lczWW3zxYLyGL29MI5WzB87M0X
2J1WM9sUlekhE6p3o/BLD2gghv9MP9S4mr3J+QIDAQABo4ICJzCCAiMwHQYDVR0O
BBYEFBl4DaxpypUvErkpLZxMD/s2jj12MB8GA1UdIwQYMBaAFOEPu5s80cIWrcaZ
5e2tX1Mdmvy2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
NFEtN216elJ3aGF0eHBubDdhMWZVeDJhX0xZLmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC82Zi84M2ZmOGYtMTZjYS00MjQ5LWI3NzQtNjJhMjhmM2UwMDFjLzEv
R1hnTnJHbktsUzhTdVNrdG5Fd1AtemFPUFhZLnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Zi84
M2ZmOGYtMTZjYS00MjQ5LWI3NzQtNjJhMjhmM2UwMDFjLzEvNFEtN216elJ3aGF0
eHBubDdhMWZVeDJhX0xZLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMD0G
CCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQFBSOAAwQDJUvAAwQDLvWAAwQETm6Q
AwQEsD7wAwQCud7sMA0GCSqGSIb3DQEBCwUAA4IBAQBQ64Itlau+DrWDXPqdyRsv
kdHvedg0maadl90dhQk2ZsgMUo+lf4IBCGF0D+3pM80LtX7yh2eF47/Yqg1rTvDe
7CExIta3QlJlTJHh2b1Li6W9lXEDT9+YWpu8dKqLJBjspWxbYvuInTeniNQ0164A
4GIECXgdx+VYcb6LMWguUYhdcrTk/MuOn03uvzzdzoz0/6vfns2vqB3h98FgoIPM
WJdl+LkI6gGvLyzHP+LGZFndhxKEpaziJkd9K0trfWGQCbAR2lF7L36/CHbiu1Rs
OSe4vCPApVeSS0eG9Ue/g6jq5qtwNlR8Gca/1lIoRX91vEE1F4az1+5bxLizs5fJ
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:57:39 2023 by rpki-client on console-fra.rpki-client.org