Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/82/37aedf-5bc0-40d5-84cc-00b0137f29ff/1/GXwO1zgXZ_Denos_Rri_w3OGplk.roa
File: GXwO1zgXZ_Denos_Rri_w3OGplk.roa (raw, json)
Hash identifier: o0vOVmhkkOpPYVtGXJ/+0ShbD1Turxp03ZcDS9UIfT4=
Subject key identifier: 19:7C:0E:D7:38:17:67:F0:DE:9E:8B:3F:46:B8:BF:C3:73:86:A6:59
Certificate issuer: /CN=1a7d610942d4d9f96d5731b9538fd4c78ba0f20d
Certificate serial: 0D298252
Authority key identifier: 1A:7D:61:09:42:D4:D9:F9:6D:57:31:B9:53:8F:D4:C7:8B:A0:F2:0D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Gn1hCULU2fltVzG5U4_Ux4ug8g0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/82/37aedf-5bc0-40d5-84cc-00b0137f29ff/1/GXwO1zgXZ_Denos_Rri_w3OGplk.roa
Signing time: Sat 01 Jan 2022 16:04:47 +0000
ROA not before: Sat 01 Jan 2022 16:04:47 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 203520
IP address blocks: 185.16.196.0/22 maxlen: 24
2a03:dfc0::/32 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 220824146 (0xd298252)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1a7d610942d4d9f96d5731b9538fd4c78ba0f20d
Validity
Not Before: Jan 1 16:04:47 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=197c0ed7381767f0de9e8b3f46b8bfc37386a659
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:19:ca:30:9b:1a:35:19:08:e5:71:3d:d9:eb:
5d:f9:ec:4f:c6:ae:67:70:b2:48:a3:c1:c8:9f:a1:
9f:23:90:d4:7f:02:03:ce:56:7c:17:93:9c:56:45:
a0:d1:9f:63:7d:63:42:14:49:4d:4a:0b:71:89:cc:
6a:0e:51:98:a7:76:ec:d3:13:e2:24:87:3d:45:8d:
ad:2b:cf:bc:42:53:20:a3:79:3c:de:02:7d:07:04:
10:79:8f:86:f3:8c:c2:b5:c2:8c:a3:48:57:3f:00:
68:f6:b3:99:56:f5:3a:06:c2:7d:7b:7f:02:62:a5:
38:79:99:dc:d9:2c:db:bf:ac:1e:d8:82:12:23:40:
f9:74:23:bc:15:6d:b0:f0:22:87:17:bc:25:65:09:
55:e3:da:24:29:38:a0:34:9e:92:7c:74:88:4c:b1:
72:29:2b:a0:23:6a:6e:12:94:d3:b8:bc:5f:fe:b8:
e2:a9:60:44:c6:85:f7:71:be:e6:dc:4a:78:c8:58:
14:9c:6c:20:b3:2e:1c:6f:cb:3f:a9:0e:71:f9:b3:
77:a3:75:9c:67:96:cb:96:75:3e:22:49:75:d8:94:
a1:be:2f:2b:2e:b9:a6:32:e6:8b:bc:db:f3:e9:50:
d3:fd:48:77:cf:b1:cb:81:c5:fa:80:c8:ab:43:97:
3d:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
19:7C:0E:D7:38:17:67:F0:DE:9E:8B:3F:46:B8:BF:C3:73:86:A6:59
X509v3 Authority Key Identifier:
keyid:1A:7D:61:09:42:D4:D9:F9:6D:57:31:B9:53:8F:D4:C7:8B:A0:F2:0D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Gn1hCULU2fltVzG5U4_Ux4ug8g0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/82/37aedf-5bc0-40d5-84cc-00b0137f29ff/1/GXwO1zgXZ_Denos_Rri_w3OGplk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/82/37aedf-5bc0-40d5-84cc-00b0137f29ff/1/Gn1hCULU2fltVzG5U4_Ux4ug8g0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.16.196.0/22
IPv6:
2a03:dfc0::/32
Signature Algorithm: sha256WithRSAEncryption
a2:03:b1:d9:a8:fd:9c:f8:06:d0:34:c8:64:33:48:51:f2:1a:
2b:4a:f6:4e:e9:96:07:0a:3e:5e:3a:6e:6c:a1:a0:97:be:db:
1f:5c:9a:48:4b:3a:38:d7:ec:f4:77:a8:48:52:66:29:23:e4:
a1:61:8d:61:ad:db:da:4e:ba:40:89:ff:60:7d:2b:5e:a2:8e:
39:35:a1:64:af:9d:89:2f:da:90:a2:80:ec:53:24:ff:5c:64:
e9:7c:90:d6:6b:07:c9:a0:c8:5b:9c:70:30:22:42:22:3e:80:
cd:d9:85:c9:0f:b5:81:45:a9:91:af:e4:1a:99:14:aa:7c:af:
5b:b9:53:95:dc:6b:33:55:19:57:9f:b8:da:6f:db:31:cc:39:
bd:2d:89:b1:4c:8b:2e:36:32:e9:39:13:b6:a4:37:86:2c:51:
6e:44:b6:b6:5a:4e:e0:e5:da:09:80:35:00:24:f4:39:37:c4:
f9:15:94:04:39:8c:fa:7c:3e:94:05:db:39:5d:d4:cf:28:e2:
67:ce:55:43:7f:24:c8:4f:05:81:33:a2:e3:69:29:58:e9:72:
17:55:5c:21:72:5b:ae:58:8a:ce:5c:4e:cc:ec:cd:8b:10:d7:
1c:56:18:96:fc:92:3b:2c:24:75:04:14:7a:0c:99:62:7f:c6:
1a:4c:13:07
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIEDSmCUjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
YTdkNjEwOTQyZDRkOWY5NmQ1NzMxYjk1MzhmZDRjNzhiYTBmMjBkMB4XDTIyMDEw
MTE2MDQ0N1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMTk3YzBlZDczODE3
NjdmMGRlOWU4YjNmNDZiOGJmYzM3Mzg2YTY1OTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAN0ZyjCbGjUZCOVxPdnrXfnsT8auZ3CySKPByJ+hnyOQ1H8C
A85WfBeTnFZFoNGfY31jQhRJTUoLcYnMag5RmKd27NMT4iSHPUWNrSvPvEJTIKN5
PN4CfQcEEHmPhvOMwrXCjKNIVz8AaPazmVb1OgbCfXt/AmKlOHmZ3Nks27+sHtiC
EiNA+XQjvBVtsPAihxe8JWUJVePaJCk4oDSeknx0iEyxcikroCNqbhKU07i8X/64
4qlgRMaF93G+5txKeMhYFJxsILMuHG/LP6kOcfmzd6N1nGeWy5Z1PiJJddiUob4v
Ky65pjLmi7zb8+lQ0/1Id8+xy4HF+oDIq0OXPY8CAwEAAaOCAhgwggIUMB0GA1Ud
DgQWBBQZfA7XOBdn8N6eiz9GuL/Dc4amWTAfBgNVHSMEGDAWgBQafWEJQtTZ+W1X
MblTj9THi6DyDTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0duMWhDVUxVMmZsdFZ6RzVVNF9VeDR1ZzhnMC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvODIvMzdhZWRmLTViYzAtNDBkNS04NGNjLTAwYjAxMzdmMjlmZi8x
L0dYd08xemdYWl9EZW5vc19ScmlfdzNPR3Bsay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvODIv
MzdhZWRmLTViYzAtNDBkNS04NGNjLTAwYjAxMzdmMjlmZi8xL0duMWhDVUxVMmZs
dFZ6RzVVNF9VeDR1ZzhnMC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAu
BggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEArkQxDANBAIAAjAHAwUAKgPfwDAN
BgkqhkiG9w0BAQsFAAOCAQEAogOx2aj9nPgG0DTIZDNIUfIaK0r2TumWBwo+Xjpu
bKGgl77bH1yaSEs6ONfs9HeoSFJmKSPkoWGNYa3b2k66QIn/YH0rXqKOOTWhZK+d
iS/akKKA7FMk/1xk6XyQ1msHyaDIW5xwMCJCIj6AzdmFyQ+1gUWpka/kGpkUqnyv
W7lTldxrM1UZV5+42m/bMcw5vS2JsUyLLjYy6TkTtqQ3hixRbkS2tlpO4OXaCYA1
ACT0OTfE+RWUBDmM+nw+lAXbOV3UzyjiZ85VQ38kyE8FgTOi42kpWOlyF1VcIXJb
rliKzlxOzOzNixDXHFYYlvySOywkdQQUegyZYn/GGkwTBw==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:58:44 2023 by rpki-client on console-fra.rpki-client.org