Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/68303f-e8b0-4fe0-96b6-a9657eb1f8d7/1/GHRn2lupIz35WYxGxU-JYhqR9co.roa
File: GHRn2lupIz35WYxGxU-JYhqR9co.roa (raw, json)
Hash identifier: C2nmYxXzMS6GluXXJSmpFIMseEFpatQmQK+E5M03XZ8=
Subject key identifier: 18:74:67:DA:5B:A9:23:3D:F9:59:8C:46:C5:4F:89:62:1A:91:F5:CA
Certificate issuer: /CN=f571bbf1d3d3c0efe36de110392be0c7ac447a84
Certificate serial: 11C0F433
Authority key identifier: F5:71:BB:F1:D3:D3:C0:EF:E3:6D:E1:10:39:2B:E0:C7:AC:44:7A:84
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9XG78dPTwO_jbeEQOSvgx6xEeoQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/68303f-e8b0-4fe0-96b6-a9657eb1f8d7/1/GHRn2lupIz35WYxGxU-JYhqR9co.roa
Signing time: Wed 02 Feb 2022 12:40:58 +0000
ROA not before: Wed 02 Feb 2022 12:40:58 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 42926
IP address blocks: 176.53.74.0/24 maxlen: 24
213.128.64.0/19 maxlen: 24
46.45.186.0/24 maxlen: 24
46.45.185.0/24 maxlen: 24
94.101.80.0/20 maxlen: 24
46.45.188.0/24 maxlen: 24
46.45.187.0/24 maxlen: 24
94.101.90.0/24 maxlen: 24
176.53.96.0/24 maxlen: 24
213.128.94.0/24 maxlen: 24
213.128.93.0/24 maxlen: 24
185.184.208.0/22 maxlen: 24
46.45.128.0/18 maxlen: 24
185.25.102.0/24 maxlen: 24
185.25.100.0/22 maxlen: 24
77.75.32.0/21 maxlen: 24
176.53.0.0/17 maxlen: 24
79.98.128.0/21 maxlen: 24
185.157.40.0/22 maxlen: 24
31.210.64.0/18 maxlen: 24
178.211.32.0/19 maxlen: 24
2a00:56a0::/32 maxlen: 48
2a01:790::/32 maxlen: 48
2a0b:5f40::/29 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 297858099 (0x11c0f433)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f571bbf1d3d3c0efe36de110392be0c7ac447a84
Validity
Not Before: Feb 2 12:40:58 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=187467da5ba9233df9598c46c54f89621a91f5ca
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:9a:36:09:e2:6d:cb:5b:39:e6:6b:b5:44:8f:
0b:cf:5a:47:99:f5:bc:67:e6:11:11:87:86:54:11:
f6:90:fa:f1:65:34:8d:65:e9:f1:9c:5e:a8:f7:1f:
5b:c9:f2:d3:7b:09:c4:e3:b1:33:a6:07:f5:6f:e3:
ca:56:87:69:c0:db:03:ca:61:44:7a:87:d0:17:b9:
75:22:c5:23:39:d2:37:a9:1d:49:91:56:71:5f:ab:
60:f0:c4:9d:98:29:5b:3f:61:09:fc:af:52:63:33:
b9:cf:a8:df:15:b7:50:e4:62:f6:0d:6d:67:9c:f6:
d4:67:9c:62:52:93:44:1c:23:f9:b6:39:66:03:4f:
06:4f:5f:10:bb:86:ce:92:1b:f3:1f:37:85:cd:df:
a3:35:c2:1d:25:a3:5e:10:c5:0d:bd:a7:69:1a:72:
51:1b:13:76:2a:7b:ea:d7:23:e9:b6:97:d0:45:eb:
80:37:76:e8:d7:55:84:4b:0f:b5:6c:b9:72:91:f7:
19:9e:50:88:95:ef:67:23:bb:83:57:b5:25:3c:3c:
da:19:20:fa:09:de:a6:23:55:be:c3:5a:3f:23:a6:
74:b0:bf:9a:4d:4f:96:b1:93:5f:af:d7:63:56:de:
d7:b8:28:24:e0:15:fa:15:cc:4a:d5:e8:77:e5:f8:
fe:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
18:74:67:DA:5B:A9:23:3D:F9:59:8C:46:C5:4F:89:62:1A:91:F5:CA
X509v3 Authority Key Identifier:
keyid:F5:71:BB:F1:D3:D3:C0:EF:E3:6D:E1:10:39:2B:E0:C7:AC:44:7A:84
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9XG78dPTwO_jbeEQOSvgx6xEeoQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/68303f-e8b0-4fe0-96b6-a9657eb1f8d7/1/GHRn2lupIz35WYxGxU-JYhqR9co.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/68303f-e8b0-4fe0-96b6-a9657eb1f8d7/1/9XG78dPTwO_jbeEQOSvgx6xEeoQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.210.64.0/18
46.45.128.0/18
77.75.32.0/21
79.98.128.0/21
94.101.80.0/20
176.53.0.0/17
178.211.32.0/19
185.25.100.0/22
185.157.40.0/22
185.184.208.0/22
213.128.64.0/19
IPv6:
2a00:56a0::/32
2a01:790::/32
2a0b:5f40::/29
Signature Algorithm: sha256WithRSAEncryption
28:1b:de:72:22:4b:e0:3d:a2:de:54:c1:35:62:68:16:f1:96:
55:3f:c0:a6:17:11:46:64:e2:fb:a9:8f:00:a3:ee:14:a4:28:
34:d1:cc:b4:6a:3d:60:93:5f:36:f2:7f:cb:2d:94:fc:92:b0:
11:96:42:cb:e3:c0:24:f1:7c:ec:97:78:d8:12:19:f9:93:56:
fb:4e:a3:2f:a1:e6:4e:20:9d:4d:4f:48:59:8e:f8:8f:5e:bb:
70:7d:80:6c:b7:44:d8:bb:dc:bc:ce:c2:4e:4d:c3:89:b0:39:
ce:31:2a:59:69:d5:a2:50:c6:af:d0:e3:3f:e3:43:b0:be:cd:
b9:bb:ed:c2:68:a2:aa:19:11:69:16:b6:5b:46:66:99:a6:47:
91:6a:4b:80:d7:c9:fd:eb:39:1b:2e:d1:c1:01:da:11:d8:ba:
b0:ce:98:ba:88:d1:8c:a7:d6:97:9f:78:ec:d9:8c:d3:1c:f1:
25:09:23:81:95:ad:83:18:bc:41:d0:7f:4f:35:db:8b:ef:db:
d8:74:e3:97:ab:3d:63:66:0f:75:89:fd:3e:18:99:d0:1b:34:
6b:2f:b1:6a:23:9f:bf:5e:5c:17:df:7a:4c:a4:bf:84:bc:89:
09:f9:2f:79:4f:b6:1e:f9:d8:ad:f4:4f:65:18:b6:d2:e0:4c:
a9:91:1d:3f
-----BEGIN CERTIFICATE-----
MIIFSDCCBDCgAwIBAgIEEcD0MzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
NTcxYmJmMWQzZDNjMGVmZTM2ZGUxMTAzOTJiZTBjN2FjNDQ3YTg0MB4XDTIyMDIw
MjEyNDA1OFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMTg3NDY3ZGE1YmE5
MjMzZGY5NTk4YzQ2YzU0Zjg5NjIxYTkxZjVjYTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAN2aNgnibctbOeZrtUSPC89aR5n1vGfmERGHhlQR9pD68WU0
jWXp8ZxeqPcfW8ny03sJxOOxM6YH9W/jylaHacDbA8phRHqH0Be5dSLFIznSN6kd
SZFWcV+rYPDEnZgpWz9hCfyvUmMzuc+o3xW3UORi9g1tZ5z21GecYlKTRBwj+bY5
ZgNPBk9fELuGzpIb8x83hc3fozXCHSWjXhDFDb2naRpyURsTdip76tcj6baX0EXr
gDd26NdVhEsPtWy5cpH3GZ5QiJXvZyO7g1e1JTw82hkg+gnepiNVvsNaPyOmdLC/
mk1PlrGTX6/XY1be17goJOAV+hXMStXod+X4/lUCAwEAAaOCAmIwggJeMB0GA1Ud
DgQWBBQYdGfaW6kjPflZjEbFT4liGpH1yjAfBgNVHSMEGDAWgBT1cbvx09PA7+Nt
4RA5K+DHrER6hDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzlYRzc4ZFBUd09famJlRVFPU3ZneDZ4RWVvUS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYWIvNjgzMDNmLWU4YjAtNGZlMC05NmI2LWE5NjU3ZWIxZjhkNy8x
L0dIUm4ybHVwSXozNVdZeEd4VS1KWWhxUjljby5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYWIv
NjgzMDNmLWU4YjAtNGZlMC05NmI2LWE5NjU3ZWIxZjhkNy8xLzlYRzc4ZFBUd09f
amJlRVFPU3ZneDZ4RWVvUS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjB4
BggrBgEFBQcBBwEB/wRpMGcwSAQCAAEwQgMEBh/SQAMEBi4tgAMEA01LIAMEA09i
gAMEBF5lUAMEB7A1AAMEBbLTIAMEArkZZAMEArmdKAMEArm40AMEBdWAQDAbBAIA
AjAVAwUAKgBWoAMFACoBB5ADBQMqC19AMA0GCSqGSIb3DQEBCwUAA4IBAQAoG95y
IkvgPaLeVME1YmgW8ZZVP8CmFxFGZOL7qY8Ao+4UpCg00cy0aj1gk1828n/LLZT8
krARlkLL48Ak8Xzsl3jYEhn5k1b7TqMvoeZOIJ1NT0hZjviPXrtwfYBst0TYu9y8
zsJOTcOJsDnOMSpZadWiUMav0OM/40Owvs25u+3CaKKqGRFpFrZbRmaZpkeRakuA
18n96zkbLtHBAdoR2Lqwzpi6iNGMp9aXn3js2YzTHPElCSOBla2DGLxB0H9PNduL
79vYdOOXqz1jZg91if0+GJnQGzRrL7FqI5+/XlwX33pMpL+EvIkJ+S95T7Ye+dit
9E9lGLbS4EypkR0/
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:05:55 2023 by rpki-client on console-ams.rpki-client.org