Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ac/4d200d-eae5-44da-8ee3-09595e9cd6c2/1/gXKGPc1wjh-Zk9sWD69bdaTgN5s.roa
File: gXKGPc1wjh-Zk9sWD69bdaTgN5s.roa (raw, json)
Hash identifier: Us5UA/ZbM3aDVGSGxpSysKgqKu5NegPzk91gewFRsDM=
Subject key identifier: 81:72:86:3D:CD:70:8E:1F:99:93:DB:16:0F:AF:5B:75:A4:E0:37:9B
Certificate issuer: /CN=e740eed28f2d994eb2b831cb8efc6470306d7461
Certificate serial: 12BD8D
Authority key identifier: E7:40:EE:D2:8F:2D:99:4E:B2:B8:31:CB:8E:FC:64:70:30:6D:74:61
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/50Du0o8tmU6yuDHLjvxkcDBtdGE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ac/4d200d-eae5-44da-8ee3-09595e9cd6c2/1/gXKGPc1wjh-Zk9sWD69bdaTgN5s.roa
Signing time: Thu 20 Jan 2022 11:20:45 +0000
ROA not before: Thu 20 Jan 2022 11:20:45 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 42600
IP address blocks: 185.139.200.0/22 maxlen: 22
185.46.88.0/22 maxlen: 22
185.46.88.0/24 maxlen: 24
185.46.90.0/24 maxlen: 24
185.46.89.0/24 maxlen: 24
185.46.91.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1228173 (0x12bd8d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e740eed28f2d994eb2b831cb8efc6470306d7461
Validity
Not Before: Jan 20 11:20:45 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=8172863dcd708e1f9993db160faf5b75a4e0379b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:3c:81:48:3f:e7:33:24:b0:7d:91:fa:9b:aa:
ae:64:1f:9c:84:fe:55:d1:d4:75:fb:10:e8:8a:3d:
d6:15:c9:dd:27:93:32:48:28:12:2f:51:c6:99:4c:
c3:81:6d:90:6b:d5:46:bf:73:9d:ae:71:93:77:12:
17:2c:45:02:53:27:fe:3b:92:d2:0e:3b:e2:31:68:
52:7c:fd:b5:fd:09:85:41:57:33:d1:cf:88:19:5e:
92:77:ad:fa:12:d3:73:8f:f5:67:f5:7e:ac:6a:72:
8f:ef:63:a0:55:86:7d:88:7e:b0:26:3b:98:c0:61:
44:9c:f8:39:57:73:57:ce:f7:7c:83:1e:04:7d:36:
f5:d6:20:81:5c:20:77:a6:77:d1:a4:cc:6d:ed:29:
ac:e2:57:4f:4f:e9:58:b4:8f:c0:19:79:ae:a0:0c:
1d:a8:65:cc:59:4e:b2:dc:d1:f3:4e:86:d3:e2:50:
4a:a2:24:31:45:06:1f:cb:7b:26:07:11:bd:ef:09:
4c:cd:f3:93:8f:c6:b0:9b:ea:3e:a9:a0:76:5e:76:
0f:82:89:7e:0b:81:77:04:75:49:e7:65:79:da:ca:
33:3a:88:16:b1:3c:7b:17:e3:dd:0f:a5:3c:3a:5c:
6d:ba:f9:44:f8:d5:7e:9f:b0:d2:1f:c5:aa:fe:bf:
4b:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
81:72:86:3D:CD:70:8E:1F:99:93:DB:16:0F:AF:5B:75:A4:E0:37:9B
X509v3 Authority Key Identifier:
keyid:E7:40:EE:D2:8F:2D:99:4E:B2:B8:31:CB:8E:FC:64:70:30:6D:74:61
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/50Du0o8tmU6yuDHLjvxkcDBtdGE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/4d200d-eae5-44da-8ee3-09595e9cd6c2/1/gXKGPc1wjh-Zk9sWD69bdaTgN5s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/4d200d-eae5-44da-8ee3-09595e9cd6c2/1/50Du0o8tmU6yuDHLjvxkcDBtdGE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.46.88.0/22
185.139.200.0/22
Signature Algorithm: sha256WithRSAEncryption
59:05:64:48:29:5f:09:98:6a:71:85:e2:3c:0a:2a:1f:f6:d9:
b6:6b:88:16:58:28:5c:45:10:5b:38:36:4e:fe:4b:34:71:de:
c6:fb:59:1a:c3:91:4d:2b:c0:cc:f6:ec:7e:9d:ff:16:a8:8f:
30:80:b5:88:77:46:2c:bd:d3:4d:b8:1b:2c:e4:e9:04:11:61:
46:5f:8e:7b:14:aa:bf:f0:a5:a2:4e:56:f8:df:c6:4a:d4:96:
e3:28:52:8d:26:6c:1a:2f:63:18:1f:bf:d1:48:d7:39:42:38:
ac:8f:e1:15:5f:26:32:33:2d:9a:75:c5:e9:02:90:3a:e5:d4:
bf:ce:92:96:bb:cb:4b:02:5a:d0:2b:ee:44:8e:54:94:94:1b:
b2:a6:85:ed:d7:d8:a5:8a:b9:56:ed:8b:55:d8:2c:d2:f9:00:
48:5b:d7:74:d9:46:4c:15:7f:fb:97:c7:97:05:9f:69:f9:1b:
62:17:8c:cc:e8:46:20:e7:dc:27:a9:19:de:d8:56:be:c8:34:
8b:c2:5c:ad:43:78:ad:45:14:9f:b4:1c:29:ae:67:97:50:ff:
94:b3:36:e6:57:b8:55:55:cb:31:aa:5c:51:ac:7e:3f:49:ea:
0b:cf:7e:2a:31:11:3a:d4:4e:8f:7f:94:06:cf:75:b5:e4:e1:
bc:23:a3:57
-----BEGIN CERTIFICATE-----
MIIE9DCCA9ygAwIBAgIDEr2NMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGU3
NDBlZWQyOGYyZDk5NGViMmI4MzFjYjhlZmM2NDcwMzA2ZDc0NjEwHhcNMjIwMTIw
MTEyMDQ1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyg4MTcyODYzZGNkNzA4
ZTFmOTk5M2RiMTYwZmFmNWI3NWE0ZTAzNzliMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAnjyBSD/nMySwfZH6m6quZB+chP5V0dR1+xDoij3WFcndJ5My
SCgSL1HGmUzDgW2Qa9VGv3OdrnGTdxIXLEUCUyf+O5LSDjviMWhSfP21/QmFQVcz
0c+IGV6Sd636EtNzj/Vn9X6sanKP72OgVYZ9iH6wJjuYwGFEnPg5V3NXzvd8gx4E
fTb11iCBXCB3pnfRpMxt7Sms4ldPT+lYtI/AGXmuoAwdqGXMWU6y3NHzTobT4lBK
oiQxRQYfy3smBxG97wlMzfOTj8awm+o+qaB2XnYPgol+C4F3BHVJ52V52sozOogW
sTx7F+PdD6U8OlxtuvlE+NV+n7DSH8Wq/r9LBQIDAQABo4ICDzCCAgswHQYDVR0O
BBYEFIFyhj3NcI4fmZPbFg+vW3Wk4DebMB8GA1UdIwQYMBaAFOdA7tKPLZlOsrgx
y478ZHAwbXRhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
NTBEdTBvOHRtVTZ5dURITGp2eGtjREJ0ZEdFLmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9hYy80ZDIwMGQtZWFlNS00NGRhLThlZTMtMDk1OTVlOWNkNmMyLzEv
Z1hLR1BjMXdqaC1aazlzV0Q2OWJkYVRnTjVzLnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYy80
ZDIwMGQtZWFlNS00NGRhLThlZTMtMDk1OTVlOWNkNmMyLzEvNTBEdTBvOHRtVTZ5
dURITGp2eGtjREJ0ZEdFLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCUG
CCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCuS5YAwQCuYvIMA0GCSqGSIb3DQEB
CwUAA4IBAQBZBWRIKV8JmGpxheI8Ciof9tm2a4gWWChcRRBbODZO/ks0cd7G+1ka
w5FNK8DM9ux+nf8WqI8wgLWId0YsvdNNuBss5OkEEWFGX457FKq/8KWiTlb438ZK
1JbjKFKNJmwaL2MYH7/RSNc5Qjisj+EVXyYyMy2adcXpApA65dS/zpKWu8tLAlrQ
K+5EjlSUlBuypoXt19ilirlW7YtV2CzS+QBIW9d02UZMFX/7l8eXBZ9p+RtiF4zM
6EYg59wnqRne2Fa+yDSLwlytQ3itRRSftBwprmeXUP+UszbmV7hVVcsxqlxRrH4/
SeoLz34qMRE61E6Pf5QGz3W15OG8I6NX
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:02:05 2023 by rpki-client on console-fra.rpki-client.org