Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/85/506801-b94d-4b5d-94ab-6163b997b642/1/GyncTVHo-1e8SZsRKQtbss6EU-s.roa
File: GyncTVHo-1e8SZsRKQtbss6EU-s.roa (raw, json)
Hash identifier: QyjzQYXAlGSh1l+9yoxLHhixMQFaO1kcXJqpGlDIga4=
Subject key identifier: 1B:29:DC:4D:51:E8:FB:57:BC:49:9B:11:29:0B:5B:B2:CE:84:53:EB
Certificate issuer: /CN=038b9963c972c1d7a03df96fad25f68ebd4fa149
Certificate serial: 0F898E78
Authority key identifier: 03:8B:99:63:C9:72:C1:D7:A0:3D:F9:6F:AD:25:F6:8E:BD:4F:A1:49
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/A4uZY8lywdegPflvrSX2jr1PoUk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/85/506801-b94d-4b5d-94ab-6163b997b642/1/GyncTVHo-1e8SZsRKQtbss6EU-s.roa
Signing time: Tue 17 May 2022 14:13:29 +0000
ROA not before: Tue 17 May 2022 14:13:29 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 31662
IP address blocks: 185.251.56.0/22 maxlen: 22
217.151.112.0/20 maxlen: 20
94.228.144.0/20 maxlen: 20
185.27.4.0/22 maxlen: 22
2a00:d28::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 260673144 (0xf898e78)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=038b9963c972c1d7a03df96fad25f68ebd4fa149
Validity
Not Before: May 17 14:13:29 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=1b29dc4d51e8fb57bc499b11290b5bb2ce8453eb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:b0:7f:28:7a:36:08:66:7e:f3:7c:d6:1f:45:
0e:8d:d6:21:bb:b6:97:d8:d1:15:1b:c0:20:f3:e3:
67:61:22:09:a2:e2:f9:63:32:4a:ee:65:b8:18:ec:
7a:92:ef:46:ac:2d:4b:12:9a:19:10:06:a1:7b:3f:
2d:06:1e:2a:fe:2f:fc:a2:8e:bc:c1:d1:54:af:83:
17:67:aa:bb:84:59:cb:70:e9:62:f4:e2:b8:8c:0c:
8d:4e:31:82:80:c5:0d:08:88:dd:9a:d8:d1:94:1a:
65:21:61:d3:e5:f6:b3:3b:c4:f2:61:24:7b:5d:46:
77:b7:c6:12:cb:ed:f2:7f:0e:06:9a:44:75:ee:b3:
cb:d8:da:61:80:2c:dc:aa:16:9b:c7:dc:fa:b8:df:
99:5a:ea:ed:83:a9:dd:6d:1f:7f:c3:56:2c:8e:ab:
ab:84:d5:0e:36:d2:1b:11:5b:fa:39:18:02:5f:3c:
10:cc:c0:c2:a8:fe:9f:79:11:23:25:8f:25:2b:5c:
18:51:fe:35:80:5d:0b:30:c9:20:cb:02:e0:e9:0e:
03:cc:cc:32:a9:de:4c:af:2b:89:54:90:a7:7c:c1:
37:4c:ac:0b:b2:51:7e:86:8c:25:f6:df:6a:bb:1b:
a5:a9:1f:bc:d5:88:e1:66:f1:30:9b:17:25:80:1d:
96:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1B:29:DC:4D:51:E8:FB:57:BC:49:9B:11:29:0B:5B:B2:CE:84:53:EB
X509v3 Authority Key Identifier:
keyid:03:8B:99:63:C9:72:C1:D7:A0:3D:F9:6F:AD:25:F6:8E:BD:4F:A1:49
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/A4uZY8lywdegPflvrSX2jr1PoUk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/85/506801-b94d-4b5d-94ab-6163b997b642/1/GyncTVHo-1e8SZsRKQtbss6EU-s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/85/506801-b94d-4b5d-94ab-6163b997b642/1/A4uZY8lywdegPflvrSX2jr1PoUk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.228.144.0/20
185.27.4.0/22
185.251.56.0/22
217.151.112.0/20
IPv6:
2a00:d28::/32
Signature Algorithm: sha256WithRSAEncryption
76:49:66:b1:3d:aa:02:25:93:af:86:20:d4:1d:84:ef:58:af:
b3:7a:58:fa:cd:2e:62:3d:d7:93:ff:d6:4d:46:63:ed:3f:da:
ea:4f:69:bd:85:40:47:76:39:d3:55:37:52:56:3f:e8:af:fd:
e1:7a:f6:ac:37:2b:da:39:09:73:92:17:dc:5b:fd:7a:d3:dc:
45:1d:09:cc:7a:21:43:d1:e4:25:19:01:12:f6:d2:ba:33:99:
56:51:20:c1:03:de:d9:7e:42:13:e2:c7:95:18:c5:02:c2:10:
58:40:dd:8f:53:fb:83:61:ee:32:c4:e5:f9:c8:5a:df:c4:20:
0e:2b:57:20:aa:d4:65:40:c9:c9:9e:fc:6e:51:da:a9:6d:4f:
52:d7:64:fa:73:4d:14:76:33:0a:53:f9:42:b3:40:ac:19:40:
b9:d8:99:c1:0e:d7:38:35:93:5c:ee:53:8b:8e:a5:16:88:40:
80:1d:24:93:9f:2f:be:4d:7c:d4:33:aa:ef:60:d0:5e:29:38:
fe:9d:83:5c:f6:8a:9b:8e:f5:35:80:b6:e7:5a:08:5f:29:0d:
da:9f:c3:46:c9:aa:f5:2f:10:ea:6a:e2:bc:b0:ec:40:98:8e:
22:ef:12:91:68:25:0c:56:82:0c:e0:2d:3b:85:c7:26:1a:b6:
e7:1d:fc:38
-----BEGIN CERTIFICATE-----
MIIFEDCCA/igAwIBAgIED4mOeDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
MzhiOTk2M2M5NzJjMWQ3YTAzZGY5NmZhZDI1ZjY4ZWJkNGZhMTQ5MB4XDTIyMDUx
NzE0MTMyOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMWIyOWRjNGQ1MWU4
ZmI1N2JjNDk5YjExMjkwYjViYjJjZTg0NTNlYjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAIawfyh6NghmfvN81h9FDo3WIbu2l9jRFRvAIPPjZ2EiCaLi
+WMySu5luBjsepLvRqwtSxKaGRAGoXs/LQYeKv4v/KKOvMHRVK+DF2equ4RZy3Dp
YvTiuIwMjU4xgoDFDQiI3ZrY0ZQaZSFh0+X2szvE8mEke11Gd7fGEsvt8n8OBppE
de6zy9jaYYAs3KoWm8fc+rjfmVrq7YOp3W0ff8NWLI6rq4TVDjbSGxFb+jkYAl88
EMzAwqj+n3kRIyWPJStcGFH+NYBdCzDJIMsC4OkOA8zMMqneTK8riVSQp3zBN0ys
C7JRfoaMJfbfarsbpakfvNWI4WbxMJsXJYAdltUCAwEAAaOCAiowggImMB0GA1Ud
DgQWBBQbKdxNUej7V7xJmxEpC1uyzoRT6zAfBgNVHSMEGDAWgBQDi5ljyXLB16A9
+W+tJfaOvU+hSTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0E0dVpZOGx5d2RlZ1BmbHZyU1gyanIxUG9Vay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvODUvNTA2ODAxLWI5NGQtNGI1ZC05NGFiLTYxNjNiOTk3YjY0Mi8x
L0d5bmNUVkhvLTFlOFNac1JLUXRic3M2RVUtcy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvODUv
NTA2ODAxLWI5NGQtNGI1ZC05NGFiLTYxNjNiOTk3YjY0Mi8xL0E0dVpZOGx5d2Rl
Z1BmbHZyU1gyanIxUG9Vay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBA
BggrBgEFBQcBBwEB/wQxMC8wHgQCAAEwGAMEBF7kkAMEArkbBAMEArn7OAMEBNmX
cDANBAIAAjAHAwUAKgANKDANBgkqhkiG9w0BAQsFAAOCAQEAdklmsT2qAiWTr4Yg
1B2E71ivs3pY+s0uYj3Xk//WTUZj7T/a6k9pvYVAR3Y501U3UlY/6K/94Xr2rDcr
2jkJc5IX3Fv9etPcRR0JzHohQ9HkJRkBEvbSujOZVlEgwQPe2X5CE+LHlRjFAsIQ
WEDdj1P7g2HuMsTl+cha38QgDitXIKrUZUDJyZ78blHaqW1PUtdk+nNNFHYzClP5
QrNArBlAudiZwQ7XODWTXO5Ti46lFohAgB0kk58vvk181DOq72DQXik4/p2DXPaK
m471NYC251oIXykN2p/DRsmq9S8Q6mrivLDsQJiOIu8SkWglDFaCDOAtO4XHJhq2
5x38OA==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:02:28 2023 by rpki-client on console-ams.rpki-client.org