Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/75/8065d5-04d0-43e5-a2f4-041a48d2123f/1/gKZlaB2nOehaohbg3whnHtFyXzY.roa
File: gKZlaB2nOehaohbg3whnHtFyXzY.roa (raw, json)
Hash identifier: s76KGERhcH6xoJUp9gAtb+djiVd2AWEwv0KHDmqmdWw=
Subject key identifier: 80:A6:65:68:1D:A7:39:E8:5A:A2:16:E0:DF:08:67:1E:D1:72:5F:36
Certificate issuer: /CN=a4767bc5fbcbcefb1c1c747bb0eb5337dab691c0
Certificate serial: 37ABC760
Authority key identifier: A4:76:7B:C5:FB:CB:CE:FB:1C:1C:74:7B:B0:EB:53:37:DA:B6:91:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pHZ7xfvLzvscHHR7sOtTN9q2kcA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/75/8065d5-04d0-43e5-a2f4-041a48d2123f/1/gKZlaB2nOehaohbg3whnHtFyXzY.roa
Signing time: Sat 01 Jan 2022 12:05:32 +0000
ROA not before: Sat 01 Jan 2022 12:05:32 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 30880
IP address blocks: 185.98.192.0/22 maxlen: 22
185.98.195.0/24 maxlen: 24
193.42.215.0/24 maxlen: 24
193.27.201.0/24 maxlen: 24
193.27.200.0/23 maxlen: 23
193.27.200.0/24 maxlen: 24
212.63.192.0/19 maxlen: 19
2a01:298::/32 maxlen: 32
2a01:299::/32 maxlen: 32
2a01:298:fd::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 934004576 (0x37abc760)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a4767bc5fbcbcefb1c1c747bb0eb5337dab691c0
Validity
Not Before: Jan 1 12:05:32 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=80a665681da739e85aa216e0df08671ed1725f36
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:e2:96:3e:f5:ec:89:37:f9:1b:02:18:d4:2a:
28:43:a6:7a:b6:15:71:8b:46:15:a2:09:49:30:39:
fe:e7:c3:bf:3c:d1:4d:86:69:53:44:66:b3:e5:80:
d2:d5:04:d7:2e:fb:26:a9:06:a4:83:2b:55:6f:46:
7e:1e:a0:13:97:fc:10:67:b0:9e:cb:12:a7:a3:7a:
ae:ea:0c:b4:f4:60:00:53:48:ac:9e:4c:7d:d6:b5:
1e:95:2a:a4:e5:4e:b2:94:65:e5:9c:05:b9:f9:7c:
ac:11:44:89:c4:3c:83:02:4d:d1:57:c9:73:24:31:
0b:09:2f:50:15:a7:cd:74:72:26:7d:4a:89:06:1c:
cd:42:7f:ad:27:36:af:0f:56:11:99:da:66:ab:3f:
e3:de:b7:27:d9:59:b2:4a:57:7f:83:7d:8d:ee:85:
7f:69:a5:27:f9:65:83:13:d0:d9:e6:0f:3c:3e:56:
6f:e6:a7:21:e0:d4:be:83:26:6f:5a:cb:a5:43:f8:
6f:52:bd:24:d6:f0:1e:31:d8:8b:1e:57:68:c9:aa:
20:2d:fa:1b:98:bf:cf:76:18:f1:75:e1:67:14:38:
40:c4:63:5f:36:87:69:04:bb:03:79:65:6e:59:cd:
e0:6a:86:00:2b:41:24:ba:90:8e:10:24:0e:72:9e:
22:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
80:A6:65:68:1D:A7:39:E8:5A:A2:16:E0:DF:08:67:1E:D1:72:5F:36
X509v3 Authority Key Identifier:
keyid:A4:76:7B:C5:FB:CB:CE:FB:1C:1C:74:7B:B0:EB:53:37:DA:B6:91:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pHZ7xfvLzvscHHR7sOtTN9q2kcA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/75/8065d5-04d0-43e5-a2f4-041a48d2123f/1/gKZlaB2nOehaohbg3whnHtFyXzY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/75/8065d5-04d0-43e5-a2f4-041a48d2123f/1/pHZ7xfvLzvscHHR7sOtTN9q2kcA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.98.192.0/22
193.27.200.0/23
193.42.215.0/24
212.63.192.0/19
IPv6:
2a01:298::/31
Signature Algorithm: sha256WithRSAEncryption
2f:06:7c:a0:2e:78:5f:01:d2:fb:35:6d:f7:47:ca:f1:f6:a2:
74:7b:a6:22:95:46:a0:7b:5e:a8:db:dd:72:f6:49:36:d2:ee:
4b:80:ae:d8:f1:65:10:bf:24:62:12:e2:99:bb:c7:b5:0e:ee:
06:e8:4f:54:e7:27:9f:05:b5:ec:c1:87:5b:c0:43:d8:52:9c:
2b:df:a6:af:a9:bb:d3:89:26:a5:c3:e6:57:00:fb:a6:c5:2e:
de:11:09:d2:55:21:f5:61:ed:50:99:31:b5:33:0d:4b:91:3b:
a4:62:53:96:4c:6a:76:b4:7e:91:25:96:fe:db:3f:73:d9:75:
cb:d9:be:25:37:e3:18:70:88:c1:9c:dc:b8:a7:12:da:92:6b:
5c:07:f3:8f:64:21:e8:a0:2b:78:e8:1a:39:18:cc:47:45:6a:
5a:8c:e8:44:f3:23:63:54:0e:e5:6e:08:89:24:da:13:d9:a7:
a7:ae:f7:71:8d:02:6a:6c:57:f2:e6:d2:98:31:40:43:aa:74:
bc:f4:84:7b:47:ad:14:53:89:09:5e:ff:62:98:14:06:77:d9:
ca:d8:14:c7:8e:74:ab:22:61:d0:dc:1b:e0:a7:14:9b:9a:f1:
63:3c:96:e2:b7:38:dc:8e:19:9b:10:f7:c3:90:a2:a6:3c:d4:
76:f1:64:98
-----BEGIN CERTIFICATE-----
MIIFEDCCA/igAwIBAgIEN6vHYDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
NDc2N2JjNWZiY2JjZWZiMWMxYzc0N2JiMGViNTMzN2RhYjY5MWMwMB4XDTIyMDEw
MTEyMDUzMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoODBhNjY1NjgxZGE3
MzllODVhYTIxNmUwZGYwODY3MWVkMTcyNWYzNjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAL7ilj717Ik3+RsCGNQqKEOmerYVcYtGFaIJSTA5/ufDvzzR
TYZpU0Rms+WA0tUE1y77JqkGpIMrVW9Gfh6gE5f8EGewnssSp6N6ruoMtPRgAFNI
rJ5Mfda1HpUqpOVOspRl5ZwFufl8rBFEicQ8gwJN0VfJcyQxCwkvUBWnzXRyJn1K
iQYczUJ/rSc2rw9WEZnaZqs/4963J9lZskpXf4N9je6Ff2mlJ/llgxPQ2eYPPD5W
b+anIeDUvoMmb1rLpUP4b1K9JNbwHjHYix5XaMmqIC36G5i/z3YY8XXhZxQ4QMRj
XzaHaQS7A3llblnN4GqGACtBJLqQjhAkDnKeIu0CAwEAAaOCAiowggImMB0GA1Ud
DgQWBBSApmVoHac56FqiFuDfCGce0XJfNjAfBgNVHSMEGDAWgBSkdnvF+8vO+xwc
dHuw61M32raRwDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3BIWjd4ZnZMenZzY0hIUjdzT3RUTjlxMmtjQS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNzUvODA2NWQ1LTA0ZDAtNDNlNS1hMmY0LTA0MWE0OGQyMTIzZi8x
L2dLWmxhQjJuT2VoYW9oYmczd2huSHRGeVh6WS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzUv
ODA2NWQ1LTA0ZDAtNDNlNS1hMmY0LTA0MWE0OGQyMTIzZi8xL3BIWjd4ZnZMenZz
Y0hIUjdzT3RUTjlxMmtjQS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBA
BggrBgEFBQcBBwEB/wQxMC8wHgQCAAEwGAMEArliwAMEAcEbyAMEAMEq1wMEBdQ/
wDANBAIAAjAHAwUBKgECmDANBgkqhkiG9w0BAQsFAAOCAQEALwZ8oC54XwHS+zVt
90fK8faidHumIpVGoHteqNvdcvZJNtLuS4Cu2PFlEL8kYhLimbvHtQ7uBuhPVOcn
nwW17MGHW8BD2FKcK9+mr6m704kmpcPmVwD7psUu3hEJ0lUh9WHtUJkxtTMNS5E7
pGJTlkxqdrR+kSWW/ts/c9l1y9m+JTfjGHCIwZzcuKcS2pJrXAfzj2Qh6KAreOga
ORjMR0VqWozoRPMjY1QO5W4IiSTaE9mnp673cY0CamxX8ubSmDFAQ6p0vPSEe0et
FFOJCV7/YpgUBnfZytgUx450qyJh0Nwb4KcUm5rxYzyW4rc43I4ZmxD3w5CipjzU
dvFkmA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:35:14 2024 by rpki-client on console-fra.rpki-client.org