Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/81/dcfa2a-76f7-4443-a495-6bb30a8730ed/1/gRKnvbAoNo3FNlBaobQCsqhcj0E.roa
File: gRKnvbAoNo3FNlBaobQCsqhcj0E.roa (raw, json)
Hash identifier: zK8PHDWh7KdDiulmd1Ca5Pws7ohABMok0q7V6fBmSUM=
Subject key identifier: 81:12:A7:BD:B0:28:36:8D:C5:36:50:5A:A1:B4:02:B2:A8:5C:8F:41
Certificate issuer: /CN=3556e7fb5772f979edd5e5c5aa63eb2b9c0ddc8e
Certificate serial: 1C318189
Authority key identifier: 35:56:E7:FB:57:72:F9:79:ED:D5:E5:C5:AA:63:EB:2B:9C:0D:DC:8E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NVbn-1dy-Xnt1eXFqmPrK5wN3I4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/81/dcfa2a-76f7-4443-a495-6bb30a8730ed/1/gRKnvbAoNo3FNlBaobQCsqhcj0E.roa
Signing time: Sat 11 Jun 2022 17:26:02 +0000
ROA not before: Sat 11 Jun 2022 17:26:02 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 61135
IP address blocks: 46.31.76.0/24 maxlen: 24
185.73.203.0/24 maxlen: 24
185.73.201.0/24 maxlen: 24
185.73.200.0/24 maxlen: 24
185.73.202.0/24 maxlen: 32
185.17.112.0/24 maxlen: 24
185.17.113.0/24 maxlen: 32
185.17.115.0/24 maxlen: 24
185.17.114.0/24 maxlen: 24
2a05:4640::/29 maxlen: 48
2a04:7c0:1::/48 maxlen: 48
2a04:7c0::/29 maxlen: 48
2a04:7c0::/33 maxlen: 48
2a04:7c0:2::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 473006473 (0x1c318189)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3556e7fb5772f979edd5e5c5aa63eb2b9c0ddc8e
Validity
Not Before: Jun 11 17:26:02 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=8112a7bdb028368dc536505aa1b402b2a85c8f41
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:79:bf:c0:e1:57:cd:0b:be:85:d6:63:e1:b0:
c1:e3:c3:61:37:8f:b2:62:dc:24:9b:17:3b:7e:28:
c5:1b:dc:1b:24:fc:5a:18:17:93:8b:83:2d:9d:09:
8b:8e:5e:41:f1:60:ec:1c:47:68:77:ef:ea:36:e2:
e1:63:74:5f:d0:b2:f4:09:ed:95:64:47:78:01:1d:
5c:8c:ad:38:f8:c3:1c:e1:4d:05:b7:09:df:6a:b2:
1c:3f:d2:b9:77:f8:44:16:4c:c6:0d:f8:86:20:dd:
04:4b:7e:8d:3b:03:c2:86:27:dc:56:0a:61:08:7a:
b1:21:37:4d:15:11:c3:af:53:52:2a:ac:9f:bf:c4:
c8:e3:e8:7b:38:18:97:e5:28:b7:81:92:37:60:45:
ed:0a:09:5c:3a:80:a7:d0:30:00:b5:dc:51:7a:90:
82:71:58:0e:1e:1a:c2:69:05:6e:0f:00:41:f4:80:
d0:8f:23:28:06:0b:eb:d4:95:06:da:48:e4:82:63:
09:d8:5f:a7:2b:90:71:5e:04:94:c6:ce:c3:e3:dd:
3d:21:8a:d0:aa:1b:7e:10:68:44:ee:69:dd:76:83:
35:7c:6e:8a:39:d7:e6:12:e8:ca:e3:8e:dc:50:e1:
41:87:b6:d3:e6:f0:9f:88:65:47:18:38:85:61:5d:
5b:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
81:12:A7:BD:B0:28:36:8D:C5:36:50:5A:A1:B4:02:B2:A8:5C:8F:41
X509v3 Authority Key Identifier:
keyid:35:56:E7:FB:57:72:F9:79:ED:D5:E5:C5:AA:63:EB:2B:9C:0D:DC:8E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NVbn-1dy-Xnt1eXFqmPrK5wN3I4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/81/dcfa2a-76f7-4443-a495-6bb30a8730ed/1/gRKnvbAoNo3FNlBaobQCsqhcj0E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/81/dcfa2a-76f7-4443-a495-6bb30a8730ed/1/NVbn-1dy-Xnt1eXFqmPrK5wN3I4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.31.76.0/24
185.17.112.0/22
185.73.200.0/22
IPv6:
2a04:7c0::/29
2a05:4640::/29
Signature Algorithm: sha256WithRSAEncryption
48:5a:f5:09:76:e1:3e:09:de:7f:81:e0:c3:2c:0f:1b:21:e4:
16:2e:9a:1d:a3:0a:0d:a8:a4:26:8b:7e:b9:b4:e8:42:62:fd:
c6:07:ce:c6:b4:75:22:93:d5:b8:5f:4f:3e:4c:79:2c:28:0b:
84:53:e6:3e:c6:cb:d2:24:4a:85:65:19:dd:3c:f4:e2:a4:92:
7c:df:38:28:ae:e4:fb:08:28:5a:80:79:47:34:17:ef:b5:1e:
b0:53:a4:83:23:12:88:60:6f:a7:c9:67:19:ad:aa:d5:70:f0:
bc:c9:fd:eb:c2:ae:06:d6:1e:ee:5f:99:80:c1:2f:85:c4:bb:
f3:61:44:e2:d7:c9:e9:12:27:3f:73:33:f1:18:42:83:30:22:
b6:d4:63:d6:6e:b1:5b:ce:24:41:90:c9:ef:d0:6b:f0:c6:09:
61:12:82:0f:ae:02:fc:00:13:93:59:f2:f8:ce:b4:53:9d:5a:
b3:b7:6e:a3:a5:86:f3:2f:de:e4:27:51:43:7b:97:19:8b:f6:
f8:c5:e6:4e:8b:f5:3a:22:52:4f:93:67:13:41:08:ea:61:a2:
cd:2c:73:6b:7a:f8:90:63:46:5f:94:e0:4e:ae:c7:dd:3e:58:
80:bf:ef:2e:96:ab:c3:a8:2f:fb:99:cd:03:03:60:fb:10:1f:
c4:52:b6:7c
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgIEHDGBiTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
NTU2ZTdmYjU3NzJmOTc5ZWRkNWU1YzVhYTYzZWIyYjljMGRkYzhlMB4XDTIyMDYx
MTE3MjYwMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoODExMmE3YmRiMDI4
MzY4ZGM1MzY1MDVhYTFiNDAyYjJhODVjOGY0MTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALJ5v8DhV80LvoXWY+GwwePDYTePsmLcJJsXO34oxRvcGyT8
WhgXk4uDLZ0Ji45eQfFg7BxHaHfv6jbi4WN0X9Cy9AntlWRHeAEdXIytOPjDHOFN
BbcJ32qyHD/SuXf4RBZMxg34hiDdBEt+jTsDwoYn3FYKYQh6sSE3TRURw69TUiqs
n7/EyOPoezgYl+Uot4GSN2BF7QoJXDqAp9AwALXcUXqQgnFYDh4awmkFbg8AQfSA
0I8jKAYL69SVBtpI5IJjCdhfpyuQcV4ElMbOw+PdPSGK0KobfhBoRO5p3XaDNXxu
ijnX5hLoyuOO3FDhQYe20+bwn4hlRxg4hWFdW+ECAwEAAaOCAiswggInMB0GA1Ud
DgQWBBSBEqe9sCg2jcU2UFqhtAKyqFyPQTAfBgNVHSMEGDAWgBQ1Vuf7V3L5ee3V
5cWqY+srnA3cjjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L05WYm4tMWR5LVhudDFlWEZxbVBySzV3TjNJNC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvODEvZGNmYTJhLTc2ZjctNDQ0My1hNDk1LTZiYjMwYTg3MzBlZC8x
L2dSS252YkFvTm8zRk5sQmFvYlFDc3FoY2owRS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvODEv
ZGNmYTJhLTc2ZjctNDQ0My1hNDk1LTZiYjMwYTg3MzBlZC8xL05WYm4tMWR5LVhu
dDFlWEZxbVBySzV3TjNJNC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBB
BggrBgEFBQcBBwEB/wQyMDAwGAQCAAEwEgMEAC4fTAMEArkRcAMEArlJyDAUBAIA
AjAOAwUDKgQHwAMFAyoFRkAwDQYJKoZIhvcNAQELBQADggEBAEha9Ql24T4J3n+B
4MMsDxsh5BYumh2jCg2opCaLfrm06EJi/cYHzsa0dSKT1bhfTz5MeSwoC4RT5j7G
y9IkSoVlGd089OKkknzfOCiu5PsIKFqAeUc0F++1HrBTpIMjEohgb6fJZxmtqtVw
8LzJ/evCrgbWHu5fmYDBL4XEu/NhROLXyekSJz9zM/EYQoMwIrbUY9ZusVvOJEGQ
ye/Qa/DGCWESgg+uAvwAE5NZ8vjOtFOdWrO3bqOlhvMv3uQnUUN7lxmL9vjF5k6L
9ToiUk+TZxNBCOphos0sc2t6+JBjRl+U4E6ux90+WIC/7y6Wq8OoL/uZzQMDYPsQ
H8RStnw=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:20:46 2024 by rpki-client on console-ams.rpki-client.org