Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9a/11c52c-41aa-4e95-ad67-a021a63ddfc3/1/G6tnQIuelawpeG8dsAL5KOlZaBs.roa
File: G6tnQIuelawpeG8dsAL5KOlZaBs.roa (raw, json)
Hash identifier: E/4Z9fgB+S5ybHoZJSR/U0FcgA1/NH5YBM8rLX0OIag=
Subject key identifier: 1B:AB:67:40:8B:9E:95:AC:29:78:6F:1D:B0:02:F9:28:E9:59:68:1B
Certificate issuer: /CN=1a0489dc9c0a74c2ed53e1d9e1fbfdd8c8773b94
Certificate serial: 02253F0D
Authority key identifier: 1A:04:89:DC:9C:0A:74:C2:ED:53:E1:D9:E1:FB:FD:D8:C8:77:3B:94
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GgSJ3JwKdMLtU-HZ4fv92Mh3O5Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9a/11c52c-41aa-4e95-ad67-a021a63ddfc3/1/G6tnQIuelawpeG8dsAL5KOlZaBs.roa
Signing time: Sat 01 Jan 2022 14:03:57 +0000
ROA not before: Sat 01 Jan 2022 14:03:57 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 13335
IP address blocks: 185.146.172.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 35995405 (0x2253f0d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1a0489dc9c0a74c2ed53e1d9e1fbfdd8c8773b94
Validity
Not Before: Jan 1 14:03:57 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=1bab67408b9e95ac29786f1db002f928e959681b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:7a:81:b0:8c:5d:6a:f3:ba:a4:11:7c:f2:b7:
6f:45:80:a9:63:eb:72:45:72:8f:82:c0:ba:2e:8a:
fe:2e:95:ba:32:83:d6:55:9a:3c:dd:79:97:49:a7:
be:95:0e:60:57:62:2f:37:97:c7:22:41:68:b6:db:
59:aa:69:96:73:d1:90:19:40:37:48:ab:49:3b:f1:
c3:ec:51:94:e0:2e:7c:9b:2f:3d:15:a9:23:20:8a:
10:4d:ba:c3:92:ee:61:3c:5e:cd:f7:cc:d2:25:06:
4c:42:d9:d1:c1:4c:47:ca:43:b6:b4:f0:60:8f:cf:
a7:21:c8:1b:49:8c:cb:d7:4a:e5:64:f0:0b:16:4f:
50:6c:e1:e9:ff:29:bf:07:46:95:80:4b:36:92:97:
55:68:3c:f8:5e:0f:f2:dc:3e:54:05:02:da:6c:b1:
45:7a:62:08:66:0a:63:a9:cd:f3:61:0f:bc:99:de:
6f:bf:b6:80:29:94:b0:8a:aa:91:9e:dc:a7:07:09:
b9:92:6b:10:0f:22:a0:fe:92:66:4f:36:eb:26:6a:
71:7e:9d:a9:41:69:c0:79:00:53:51:f1:bb:35:42:
55:0a:3a:5f:35:08:bb:f4:2a:fa:65:b6:0e:b5:c5:
07:eb:13:13:8d:d8:53:d3:97:3b:1e:26:f5:de:c6:
f0:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1B:AB:67:40:8B:9E:95:AC:29:78:6F:1D:B0:02:F9:28:E9:59:68:1B
X509v3 Authority Key Identifier:
keyid:1A:04:89:DC:9C:0A:74:C2:ED:53:E1:D9:E1:FB:FD:D8:C8:77:3B:94
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GgSJ3JwKdMLtU-HZ4fv92Mh3O5Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/11c52c-41aa-4e95-ad67-a021a63ddfc3/1/G6tnQIuelawpeG8dsAL5KOlZaBs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/11c52c-41aa-4e95-ad67-a021a63ddfc3/1/GgSJ3JwKdMLtU-HZ4fv92Mh3O5Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.146.172.0/24
Signature Algorithm: sha256WithRSAEncryption
43:11:c7:ae:bf:b8:cc:bf:42:b2:a7:fe:fd:6a:2e:9d:63:e4:
52:4e:09:f2:70:34:68:c2:7f:4a:cd:50:e7:cd:0c:4a:b6:52:
53:02:b8:bd:32:cc:70:2d:f2:dc:bb:79:4c:df:eb:b3:03:34:
56:48:68:7c:65:cb:ae:04:0e:d2:fe:60:e5:4a:da:3c:fd:ad:
0c:fd:8c:9f:64:50:43:a9:48:04:e6:b0:bb:fe:19:f0:79:e4:
cc:0d:06:da:a0:f1:78:ae:d3:e4:28:58:3f:84:3b:18:56:77:
69:bb:2f:aa:41:93:3d:bd:3a:71:64:c9:dc:81:c8:e5:83:5f:
34:8d:1d:4b:36:06:0d:e6:b8:09:d8:04:da:e0:1f:4b:09:32:
56:0c:7c:74:0a:ba:a5:56:a2:11:4f:7d:54:b7:4f:60:28:a1:
37:94:53:2d:ee:16:b8:81:5b:15:e2:0e:1d:12:a2:da:23:92:
a4:c5:3e:1a:59:ef:28:b8:01:68:63:42:f2:17:e2:28:06:c4:
e1:0f:b5:2d:01:c4:08:f9:02:84:57:99:96:a0:14:b9:dd:f6:
89:ce:97:4f:ea:68:2d:a5:eb:89:c9:a4:a5:dc:b6:ee:22:d4:
9b:96:eb:81:79:b1:64:4a:87:ab:85:85:6e:3d:a1:d3:2c:6c:
8d:51:dd:6f
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAiU/DTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
YTA0ODlkYzljMGE3NGMyZWQ1M2UxZDllMWZiZmRkOGM4NzczYjk0MB4XDTIyMDEw
MTE0MDM1N1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMWJhYjY3NDA4Yjll
OTVhYzI5Nzg2ZjFkYjAwMmY5MjhlOTU5NjgxYjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALR6gbCMXWrzuqQRfPK3b0WAqWPrckVyj4LAui6K/i6VujKD
1lWaPN15l0mnvpUOYFdiLzeXxyJBaLbbWapplnPRkBlAN0irSTvxw+xRlOAufJsv
PRWpIyCKEE26w5LuYTxezffM0iUGTELZ0cFMR8pDtrTwYI/PpyHIG0mMy9dK5WTw
CxZPUGzh6f8pvwdGlYBLNpKXVWg8+F4P8tw+VAUC2myxRXpiCGYKY6nN82EPvJne
b7+2gCmUsIqqkZ7cpwcJuZJrEA8ioP6SZk826yZqcX6dqUFpwHkAU1HxuzVCVQo6
XzUIu/Qq+mW2DrXFB+sTE43YU9OXOx4m9d7G8B0CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQbq2dAi56VrCl4bx2wAvko6VloGzAfBgNVHSMEGDAWgBQaBIncnAp0wu1T
4dnh+/3YyHc7lDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0dnU0ozSndLZE1MdFUtSFo0ZnY5Mk1oM081US5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOWEvMTFjNTJjLTQxYWEtNGU5NS1hZDY3LWEwMjFhNjNkZGZjMy8x
L0c2dG5RSXVlbGF3cGVHOGRzQUw1S09sWmFCcy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOWEv
MTFjNTJjLTQxYWEtNGU5NS1hZDY3LWEwMjFhNjNkZGZjMy8xL0dnU0ozSndLZE1M
dFUtSFo0ZnY5Mk1oM081US5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEALmSrDANBgkqhkiG9w0BAQsFAAOC
AQEAQxHHrr+4zL9Csqf+/WounWPkUk4J8nA0aMJ/Ss1Q580MSrZSUwK4vTLMcC3y
3Lt5TN/rswM0VkhofGXLrgQO0v5g5UraPP2tDP2Mn2RQQ6lIBOawu/4Z8HnkzA0G
2qDxeK7T5ChYP4Q7GFZ3absvqkGTPb06cWTJ3IHI5YNfNI0dSzYGDea4CdgE2uAf
SwkyVgx8dAq6pVaiEU99VLdPYCihN5RTLe4WuIFbFeIOHRKi2iOSpMU+GlnvKLgB
aGNC8hfiKAbE4Q+1LQHECPkChFeZlqAUud32ic6XT+poLaXricmkpdy27iLUm5br
gXmxZEqHq4WFbj2h0yxsjVHdbw==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:59:53 2023 by rpki-client on console-fra.rpki-client.org