Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a2/1b8d92-e157-4141-82c9-87e1f3866362/1/G3i7R5GxwHmWU_gdT0MROI5G3cw.roa
File: G3i7R5GxwHmWU_gdT0MROI5G3cw.roa (raw, json)
Hash identifier: Q9oLLvNm0F3fzTCqLXhglXl7FEVkD1Vw3ss6y/wYUGg=
Subject key identifier: 1B:78:BB:47:91:B1:C0:79:96:53:F8:1D:4F:43:11:38:8E:46:DD:CC
Certificate issuer: /CN=d34ffee7e762f9a06fe2f47e7a1e52d9eba7fafd
Certificate serial: 01A14ADE
Authority key identifier: D3:4F:FE:E7:E7:62:F9:A0:6F:E2:F4:7E:7A:1E:52:D9:EB:A7:FA:FD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/00_-5-di-aBv4vR-eh5S2eun-v0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a2/1b8d92-e157-4141-82c9-87e1f3866362/1/G3i7R5GxwHmWU_gdT0MROI5G3cw.roa
Signing time: Sat 01 Jan 2022 14:01:36 +0000
ROA not before: Sat 01 Jan 2022 14:01:36 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 208704
IP address blocks: 193.56.184.0/24 maxlen: 24
45.87.176.0/24 maxlen: 24
45.87.179.0/24 maxlen: 24
45.87.178.0/24 maxlen: 24
45.87.177.0/24 maxlen: 24
45.87.176.0/22 maxlen: 22
2a02:f2c0::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 27347678 (0x1a14ade)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d34ffee7e762f9a06fe2f47e7a1e52d9eba7fafd
Validity
Not Before: Jan 1 14:01:36 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=1b78bb4791b1c0799653f81d4f4311388e46ddcc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:a3:44:fc:51:81:20:59:cc:da:be:e0:65:2a:
d0:50:5c:61:b1:4d:08:e0:48:4e:2b:2c:d1:59:41:
87:28:62:95:e9:27:29:9d:41:83:41:ce:9c:b2:99:
30:c4:d3:42:fd:58:e4:c1:4c:b6:d8:52:6a:35:bd:
f2:9c:98:58:ed:1f:99:45:59:79:24:b6:18:ab:98:
97:dd:2a:4f:e6:14:47:6c:e2:a8:d2:36:0b:d9:90:
02:c7:29:82:2a:de:bd:a1:72:3e:b2:b2:b9:78:3a:
bc:fb:c0:45:e2:bb:5a:ba:47:78:f5:00:0e:8d:d9:
b1:53:41:82:1d:dd:aa:e9:c9:96:47:7b:fd:8e:4f:
a4:d5:02:8e:92:46:3d:3e:91:ff:a9:cf:c2:02:9e:
d1:04:80:f2:c9:fb:96:07:1c:0f:ce:b2:d0:6b:03:
12:3d:ba:e9:ba:c9:56:74:d5:6b:b4:2e:cc:ea:6c:
50:90:07:0e:78:27:96:57:bd:1f:fb:9b:f5:8c:1e:
21:83:14:f8:78:63:a8:e2:90:08:3e:4b:f9:49:b4:
4c:29:a2:7d:88:70:55:82:4f:ea:3a:91:cf:c6:67:
6a:8e:d3:9f:c0:ac:de:54:b4:a8:c4:93:db:a4:85:
a3:64:46:41:84:26:57:e8:7e:c0:66:f5:2a:37:56:
2b:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1B:78:BB:47:91:B1:C0:79:96:53:F8:1D:4F:43:11:38:8E:46:DD:CC
X509v3 Authority Key Identifier:
keyid:D3:4F:FE:E7:E7:62:F9:A0:6F:E2:F4:7E:7A:1E:52:D9:EB:A7:FA:FD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/00_-5-di-aBv4vR-eh5S2eun-v0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/1b8d92-e157-4141-82c9-87e1f3866362/1/G3i7R5GxwHmWU_gdT0MROI5G3cw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/1b8d92-e157-4141-82c9-87e1f3866362/1/00_-5-di-aBv4vR-eh5S2eun-v0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.87.176.0/22
193.56.184.0/24
IPv6:
2a02:f2c0::/29
Signature Algorithm: sha256WithRSAEncryption
3a:16:bb:63:86:4b:e9:4a:d6:5d:46:b4:6e:a9:26:5f:af:b3:
05:72:34:d4:51:ed:91:14:98:49:33:4c:e1:6d:a2:25:cc:6f:
4b:e9:e9:d6:45:97:7a:99:f6:a9:b9:ae:53:1c:df:8d:04:09:
c5:03:fd:4a:49:29:40:36:d3:59:4d:14:89:c7:f2:10:42:f7:
63:61:05:f8:72:02:a3:1c:a5:b5:40:5a:c6:58:c0:4e:32:57:
b7:be:cb:90:71:96:dd:cc:eb:b0:61:18:0e:c2:4d:a2:fe:8b:
24:a1:ed:51:7b:e8:f7:95:4c:a6:25:5b:d8:40:b3:c4:67:70:
25:c1:ef:75:83:d6:b8:40:57:da:a4:8e:25:1d:a0:bc:b2:c8:
bc:34:4d:22:f6:92:11:c8:bf:ef:e8:7a:fe:36:44:c1:4f:60:
c3:f2:78:96:10:68:79:3d:23:90:2a:f2:9b:5b:25:32:21:4b:
dd:92:44:42:e8:fb:2a:66:9d:2f:0f:ca:e1:43:ee:0d:ab:15:
58:1a:5c:f1:dc:8f:6d:a0:e8:9b:da:3b:a5:da:d6:3a:a6:75:
89:a9:90:dd:1d:72:e8:38:09:20:50:36:d0:e6:61:52:34:7c:
75:31:d6:9b:32:45:8a:fd:1c:5b:bb:fc:8f:45:d9:d3:63:0d:
39:7c:b5:98
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgIEAaFK3jANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
MzRmZmVlN2U3NjJmOWEwNmZlMmY0N2U3YTFlNTJkOWViYTdmYWZkMB4XDTIyMDEw
MTE0MDEzNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMWI3OGJiNDc5MWIx
YzA3OTk2NTNmODFkNGY0MzExMzg4ZTQ2ZGRjYzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOOjRPxRgSBZzNq+4GUq0FBcYbFNCOBITiss0VlBhyhilekn
KZ1Bg0HOnLKZMMTTQv1Y5MFMtthSajW98pyYWO0fmUVZeSS2GKuYl90qT+YUR2zi
qNI2C9mQAscpgirevaFyPrKyuXg6vPvAReK7WrpHePUADo3ZsVNBgh3dqunJlkd7
/Y5PpNUCjpJGPT6R/6nPwgKe0QSA8sn7lgccD86y0GsDEj266brJVnTVa7QuzOps
UJAHDngnlle9H/ub9YweIYMU+HhjqOKQCD5L+Um0TCmifYhwVYJP6jqRz8Znao7T
n8Cs3lS0qMST26SFo2RGQYQmV+h+wGb1KjdWK60CAwEAAaOCAh4wggIaMB0GA1Ud
DgQWBBQbeLtHkbHAeZZT+B1PQxE4jkbdzDAfBgNVHSMEGDAWgBTTT/7n52L5oG/i
9H56HlLZ66f6/TAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzAwXy01LWRpLWFCdjR2Ui1laDVTMmV1bi12MC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYTIvMWI4ZDkyLWUxNTctNDE0MS04MmM5LTg3ZTFmMzg2NjM2Mi8x
L0czaTdSNUd4d0htV1VfZ2RUME1ST0k1RzNjdy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYTIv
MWI4ZDkyLWUxNTctNDE0MS04MmM5LTg3ZTFmMzg2NjM2Mi8xLzAwXy01LWRpLWFC
djR2Ui1laDVTMmV1bi12MC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA0
BggrBgEFBQcBBwEB/wQlMCMwEgQCAAEwDAMEAi1XsAMEAME4uDANBAIAAjAHAwUD
KgLywDANBgkqhkiG9w0BAQsFAAOCAQEAOha7Y4ZL6UrWXUa0bqkmX6+zBXI01FHt
kRSYSTNM4W2iJcxvS+np1kWXepn2qbmuUxzfjQQJxQP9SkkpQDbTWU0UicfyEEL3
Y2EF+HICoxyltUBaxljATjJXt77LkHGW3czrsGEYDsJNov6LJKHtUXvo95VMpiVb
2ECzxGdwJcHvdYPWuEBX2qSOJR2gvLLIvDRNIvaSEci/7+h6/jZEwU9gw/J4lhBo
eT0jkCrym1slMiFL3ZJEQuj7KmadLw/K4UPuDasVWBpc8dyPbaDom9o7pdrWOqZ1
iamQ3R1y6DgJIFA20OZhUjR8dTHWmzJFiv0cW7v8j0XZ02MNOXy1mA==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:01:36 2023 by rpki-client on console-fra.rpki-client.org