Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/96dbcd-6a39-4c20-9128-d8c351d93ec6/1/GruVq6LZd8BjgDkJyO2dW7ESbBU.roa
File: GruVq6LZd8BjgDkJyO2dW7ESbBU.roa (raw, json)
Hash identifier: RpPJSve8TiTgRqGMAOL5pxe84kYkVsI6oGxdu4Zv9+o=
Subject key identifier: 1A:BB:95:AB:A2:D9:77:C0:63:80:39:09:C8:ED:9D:5B:B1:12:6C:15
Certificate issuer: /CN=845d042f65e1b1303a44e43e0e02748a75837b44
Certificate serial: 05B833A5
Authority key identifier: 84:5D:04:2F:65:E1:B1:30:3A:44:E4:3E:0E:02:74:8A:75:83:7B:44
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hF0EL2XhsTA6ROQ-DgJ0inWDe0Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/96dbcd-6a39-4c20-9128-d8c351d93ec6/1/GruVq6LZd8BjgDkJyO2dW7ESbBU.roa
Signing time: Sat 01 Jan 2022 15:07:30 +0000
ROA not before: Sat 01 Jan 2022 15:07:30 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 201789
IP address blocks: 185.54.161.0/24 maxlen: 24
185.54.163.0/24 maxlen: 24
185.54.160.0/24 maxlen: 24
185.54.162.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 95957925 (0x5b833a5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=845d042f65e1b1303a44e43e0e02748a75837b44
Validity
Not Before: Jan 1 15:07:30 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=1abb95aba2d977c063803909c8ed9d5bb1126c15
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:4f:4a:99:21:42:90:17:cf:c7:00:c7:0f:dc:
19:a6:23:16:c8:db:e7:20:12:8b:7d:69:4f:ea:d2:
90:88:33:6d:f4:3b:e6:13:e5:69:a9:20:3e:08:d4:
f1:6e:3f:7b:3f:c5:3e:8e:79:0c:05:12:21:d4:4a:
19:88:d4:a4:55:f5:0f:1a:53:da:69:20:29:47:ab:
0a:e1:b0:7d:47:7e:bd:3e:cd:d6:e2:cd:46:61:91:
34:55:1e:f9:a3:18:bf:f0:aa:89:b2:60:27:1c:ac:
0c:fa:3d:7d:e2:d5:94:e0:5e:64:e8:9b:0e:8b:0e:
53:16:39:f5:e2:f1:44:eb:42:ca:ab:02:15:eb:12:
10:71:6a:90:bb:81:86:52:3e:a8:10:ab:ed:89:e4:
25:d2:f6:d5:86:f6:4a:a5:3e:f1:52:91:75:94:29:
45:45:4f:32:dd:6e:71:7b:15:ad:9e:c8:dd:1f:ce:
2f:62:17:27:84:ac:74:85:67:7f:43:f9:b7:82:09:
d8:f2:63:4f:b9:37:73:39:c3:92:2f:ad:f5:fc:6d:
e2:e5:08:c8:d1:59:02:3a:f5:e7:45:72:5b:ca:6b:
28:19:9f:86:4e:84:27:45:7e:47:4a:20:8a:ff:62:
4c:a7:48:6a:1b:9e:08:48:09:1a:e4:8d:94:33:26:
6c:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1A:BB:95:AB:A2:D9:77:C0:63:80:39:09:C8:ED:9D:5B:B1:12:6C:15
X509v3 Authority Key Identifier:
keyid:84:5D:04:2F:65:E1:B1:30:3A:44:E4:3E:0E:02:74:8A:75:83:7B:44
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hF0EL2XhsTA6ROQ-DgJ0inWDe0Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/96dbcd-6a39-4c20-9128-d8c351d93ec6/1/GruVq6LZd8BjgDkJyO2dW7ESbBU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/96dbcd-6a39-4c20-9128-d8c351d93ec6/1/hF0EL2XhsTA6ROQ-DgJ0inWDe0Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.54.160.0/22
Signature Algorithm: sha256WithRSAEncryption
de:b7:d7:6c:b3:3a:aa:20:6b:aa:92:e8:cb:c9:a2:5e:3e:46:
41:65:72:e2:c3:2a:a0:82:9e:40:b6:5f:a1:59:fd:4e:33:3b:
bd:9f:57:62:fa:fa:29:02:d9:6b:b4:a6:9d:0f:81:22:0c:74:
21:74:cd:96:47:88:08:2b:57:51:dd:a9:98:8b:6c:0f:1f:b8:
9d:4a:6d:80:04:d9:85:f9:14:7f:36:ca:b6:8a:c0:ce:14:25:
32:86:2b:46:97:3a:19:76:50:0d:44:d1:2d:22:5a:96:27:60:
aa:9b:01:c3:37:c8:f1:8e:e1:55:2a:42:f3:a1:f0:f5:cc:99:
25:27:1f:da:de:10:3e:e2:6f:1c:a9:fb:10:f6:a3:6d:16:43:
85:7f:7f:d3:d0:b3:e0:23:b7:38:cc:8c:5d:43:9b:58:12:cf:
67:a3:3d:69:03:a3:7b:39:8b:a2:07:5d:dc:2b:53:a6:a3:a4:
19:0e:41:1f:99:83:09:2d:23:63:99:57:e8:d8:69:38:b3:5f:
ef:13:0e:1b:86:a6:12:15:f8:90:8a:27:40:a8:51:2c:99:d9:
cb:b0:f7:66:52:df:c9:5c:cb:8d:96:10:58:7e:5b:a8:99:f7:
81:ff:9a:3e:82:9e:c5:b4:c2:7f:c2:57:ff:ad:7f:5b:ae:87:
ac:e1:aa:9e
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEBbgzpTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
NDVkMDQyZjY1ZTFiMTMwM2E0NGU0M2UwZTAyNzQ4YTc1ODM3YjQ0MB4XDTIyMDEw
MTE1MDczMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMWFiYjk1YWJhMmQ5
NzdjMDYzODAzOTA5YzhlZDlkNWJiMTEyNmMxNTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMxPSpkhQpAXz8cAxw/cGaYjFsjb5yASi31pT+rSkIgzbfQ7
5hPlaakgPgjU8W4/ez/FPo55DAUSIdRKGYjUpFX1DxpT2mkgKUerCuGwfUd+vT7N
1uLNRmGRNFUe+aMYv/CqibJgJxysDPo9feLVlOBeZOibDosOUxY59eLxROtCyqsC
FesSEHFqkLuBhlI+qBCr7YnkJdL21Yb2SqU+8VKRdZQpRUVPMt1ucXsVrZ7I3R/O
L2IXJ4SsdIVnf0P5t4IJ2PJjT7k3cznDki+t9fxt4uUIyNFZAjr150VyW8prKBmf
hk6EJ0V+R0ogiv9iTKdIahueCEgJGuSNlDMmbFkCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQau5Wrotl3wGOAOQnI7Z1bsRJsFTAfBgNVHSMEGDAWgBSEXQQvZeGxMDpE
5D4OAnSKdYN7RDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2hGMEVMMlhoc1RBNlJPUS1EZ0owaW5XRGUwUS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOGUvOTZkYmNkLTZhMzktNGMyMC05MTI4LWQ4YzM1MWQ5M2VjNi8x
L0dydVZxNkxaZDhCamdEa0p5TzJkVzdFU2JCVS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOGUv
OTZkYmNkLTZhMzktNGMyMC05MTI4LWQ4YzM1MWQ5M2VjNi8xL2hGMEVMMlhoc1RB
NlJPUS1EZ0owaW5XRGUwUS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEArk2oDANBgkqhkiG9w0BAQsFAAOC
AQEA3rfXbLM6qiBrqpLoy8miXj5GQWVy4sMqoIKeQLZfoVn9TjM7vZ9XYvr6KQLZ
a7SmnQ+BIgx0IXTNlkeICCtXUd2pmItsDx+4nUptgATZhfkUfzbKtorAzhQlMoYr
Rpc6GXZQDUTRLSJalidgqpsBwzfI8Y7hVSpC86Hw9cyZJScf2t4QPuJvHKn7EPaj
bRZDhX9/09Cz4CO3OMyMXUObWBLPZ6M9aQOjezmLogdd3CtTpqOkGQ5BH5mDCS0j
Y5lX6NhpOLNf7xMOG4amEhX4kIonQKhRLJnZy7D3ZlLfyVzLjZYQWH5bqJn3gf+a
PoKexbTCf8JX/61/W66HrOGqng==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:03:07 2023 by rpki-client on console-ams.rpki-client.org