Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ad/f505b5-0e46-4b3f-bf1b-849d3a6b9c2d/1/gns3Ds6yvv56VDYOgNRGVaB3v90.roa
File: gns3Ds6yvv56VDYOgNRGVaB3v90.roa (raw, json)
Hash identifier: BR3msFlYRFEkTCS2HJsx2dXbefvNHqLuIfvkuFys0Hg=
Subject key identifier: 82:7B:37:0E:CE:B2:BE:FE:7A:54:36:0E:80:D4:46:55:A0:77:BF:DD
Certificate issuer: /CN=870c589a4f22a9ca2ff99b4c48f8bdf492871725
Certificate serial: 01821FD2782965C11FC9A70979DBDB312BB4
Authority key identifier: 87:0C:58:9A:4F:22:A9:CA:2F:F9:9B:4C:48:F8:BD:F4:92:87:17:25
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hwxYmk8iqcov-ZtMSPi99JKHFyU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ad/f505b5-0e46-4b3f-bf1b-849d3a6b9c2d/1/gns3Ds6yvv56VDYOgNRGVaB3v90.roa
Signing time: Thu 21 Jul 2022 08:14:23 +0000
ROA not before: Thu 21 Jul 2022 08:14:23 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 8447
IP address blocks: 212.183.0.0/17 maxlen: 17
80.75.56.0/21 maxlen: 21
192.164.128.0/19 maxlen: 19
178.188.0.0/14 maxlen: 14
93.82.0.0/15 maxlen: 15
188.45.0.0/16 maxlen: 16
192.164.64.0/21 maxlen: 21
193.187.216.0/21 maxlen: 21
193.187.224.0/20 maxlen: 20
192.164.80.0/20 maxlen: 20
91.112.0.0/14 maxlen: 14
193.187.240.0/22 maxlen: 22
192.164.96.0/19 maxlen: 19
213.33.0.0/17 maxlen: 17
80.75.34.0/24 maxlen: 24
192.164.224.0/19 maxlen: 19
88.116.0.0/15 maxlen: 15
93.111.0.0/16 maxlen: 16
195.3.64.0/18 maxlen: 18
188.20.0.0/14 maxlen: 14
89.144.192.0/18 maxlen: 18
46.74.0.0/15 maxlen: 15
194.48.136.0/24 maxlen: 24
192.164.208.0/20 maxlen: 20
176.66.0.0/18 maxlen: 18
80.240.224.0/20 maxlen: 20
192.164.0.0/19 maxlen: 19
88.116.217.0/24 maxlen: 24
192.164.32.0/22 maxlen: 22
192.164.40.0/21 maxlen: 21
192.164.39.0/24 maxlen: 24
176.66.128.0/17 maxlen: 17
192.164.48.0/20 maxlen: 20
92.248.0.0/17 maxlen: 17
84.20.160.0/19 maxlen: 19
80.120.0.0/14 maxlen: 14
46.206.0.0/15 maxlen: 15
62.46.0.0/15 maxlen: 15
2001:4bb8::/29 maxlen: 29
2001:890::/29 maxlen: 29
2001:870::/29 maxlen: 29
2001:850::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:1f:d2:78:29:65:c1:1f:c9:a7:09:79:db:db:31:2b:b4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=870c589a4f22a9ca2ff99b4c48f8bdf492871725
Validity
Not Before: Jul 21 08:14:23 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=827b370eceb2befe7a54360e80d44655a077bfdd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:5c:ec:56:2d:f5:82:ec:29:57:8c:90:4b:2e:
69:a2:d2:68:a0:fd:f6:53:83:a6:13:b2:89:6a:f7:
9c:f2:6c:e3:89:b7:3c:f0:0b:48:a0:7a:8e:19:4a:
d3:28:ed:2c:67:66:03:d3:97:99:27:67:24:36:0a:
7e:c3:fa:3e:18:b9:cc:0b:9b:6f:6c:60:f0:1e:3d:
23:82:87:a0:9a:7d:fe:68:db:ec:c2:f3:0c:12:7b:
3d:c4:3e:14:40:55:4b:b1:ff:04:12:74:13:14:4f:
6d:67:8d:f1:b7:8f:ab:20:28:4a:8d:14:37:08:a5:
17:1f:53:f3:b0:dd:b5:a2:4a:6e:fc:3d:7a:c5:f8:
40:88:30:cb:20:ac:0d:a5:71:2b:1d:bf:4a:1f:9d:
3f:fc:24:f0:ad:a7:27:fd:24:47:fc:67:f6:d3:74:
6b:01:5e:70:48:bc:b4:ea:cd:bf:74:16:37:d6:d8:
5d:21:e6:bb:0e:e9:0c:46:09:01:a8:ff:4f:e8:b2:
59:87:25:f6:cc:b4:6f:35:0d:3c:90:bb:29:1f:09:
69:12:ef:e0:5a:5c:d7:44:66:ea:9d:4e:80:d0:0b:
2d:0a:24:c3:ad:db:05:99:98:bd:0b:9e:4f:74:4c:
69:d3:f8:a0:9d:11:b2:5c:87:e5:76:47:87:b9:c0:
dc:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
82:7B:37:0E:CE:B2:BE:FE:7A:54:36:0E:80:D4:46:55:A0:77:BF:DD
X509v3 Authority Key Identifier:
keyid:87:0C:58:9A:4F:22:A9:CA:2F:F9:9B:4C:48:F8:BD:F4:92:87:17:25
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hwxYmk8iqcov-ZtMSPi99JKHFyU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ad/f505b5-0e46-4b3f-bf1b-849d3a6b9c2d/1/gns3Ds6yvv56VDYOgNRGVaB3v90.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ad/f505b5-0e46-4b3f-bf1b-849d3a6b9c2d/1/hwxYmk8iqcov-ZtMSPi99JKHFyU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.74.0.0/15
46.206.0.0/15
62.46.0.0/15
80.75.34.0/24
80.75.56.0/21
80.120.0.0/14
80.240.224.0/20
84.20.160.0/19
88.116.0.0/15
89.144.192.0/18
91.112.0.0/14
92.248.0.0/17
93.82.0.0/15
93.111.0.0/16
176.66.0.0/18
176.66.128.0/17
178.188.0.0/14
188.20.0.0/14
188.45.0.0/16
192.164.0.0-192.164.35.255
192.164.39.0-192.164.71.255
192.164.80.0-192.164.159.255
192.164.208.0-192.164.255.255
193.187.216.0-193.187.243.255
194.48.136.0/24
195.3.64.0/18
212.183.0.0/17
213.33.0.0/17
IPv6:
2001:850::/29
2001:870::/29
2001:890::/29
2001:4bb8::/29
Signature Algorithm: sha256WithRSAEncryption
a1:63:2c:80:43:59:51:f9:1d:68:d7:12:85:ad:0d:1e:cd:10:
d7:79:ce:aa:ea:f8:76:7c:03:cb:41:25:2e:c6:3b:6f:e1:f6:
b2:02:6f:55:51:98:22:88:b0:9f:c3:e5:ef:5e:be:ce:c3:87:
ae:91:43:68:d1:d4:d1:4f:e0:90:4b:60:31:52:e8:2f:49:e7:
63:9d:49:fc:ca:d3:0f:2d:66:c8:f3:56:e2:2b:c3:6b:2c:e7:
ed:ba:f9:62:66:f9:6a:a6:da:78:34:8e:fb:88:d5:e7:af:88:
97:0f:29:ea:1d:55:5a:ab:f0:49:98:65:3d:b1:bb:f0:f4:fc:
56:15:46:6b:7b:7e:38:2a:b5:c3:c9:09:bc:51:a0:ed:56:b4:
c2:d3:21:2e:2c:d6:22:42:0b:e0:e9:85:44:01:95:2d:e4:c5:
52:3b:04:0a:ef:ce:78:bf:9e:27:4d:45:5a:03:98:8b:76:a9:
fc:54:da:bc:13:7f:d0:5f:a8:76:0c:69:88:fe:c0:0a:b6:0c:
bc:56:d9:73:c7:d7:7f:1c:d6:71:2f:f0:34:26:27:6f:ec:ed:
f6:e5:2a:32:76:8c:a8:65:55:9a:34:71:ef:7c:94:07:9c:12:
78:07:37:2c:d8:47:a7:cf:d5:64:e9:ee:7c:6a:93:fc:47:2e:
1b:05:c8:f6
-----BEGIN CERTIFICATE-----
MIIF5DCCBMygAwIBAgISAYIf0ngpZcEfyacJedvbMSu0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg3MGM1ODlhNGYyMmE5Y2EyZmY5OWI0YzQ4ZjhiZGY0OTI4
NzE3MjUwHhcNMjIwNzIxMDgxNDIzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MjdiMzcwZWNlYjJiZWZlN2E1NDM2MGU4MGQ0NDY1NWEwNzdiZmRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApVzsVi31guwpV4yQSy5potJooP32
U4OmE7KJavec8mzjibc88AtIoHqOGUrTKO0sZ2YD05eZJ2ckNgp+w/o+GLnMC5tv
bGDwHj0jgoegmn3+aNvswvMMEns9xD4UQFVLsf8EEnQTFE9tZ43xt4+rIChKjRQ3
CKUXH1PzsN21okpu/D16xfhAiDDLIKwNpXErHb9KH50//CTwracn/SRH/Gf203Rr
AV5wSLy06s2/dBY31thdIea7DukMRgkBqP9P6LJZhyX2zLRvNQ08kLspHwlpEu/g
WlzXRGbqnU6A0AstCiTDrdsFmZi9C55PdExp0/ignRGyXIfldkeHucDcawIDAQAB
o4IC8DCCAuwwHQYDVR0OBBYEFIJ7Nw7Osr7+elQ2DoDURlWgd7/dMB8GA1UdIwQY
MBaAFIcMWJpPIqnKL/mbTEj4vfSShxclMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHd4WW1rOGlxY292LVp0TVNQaTk5SktIRnlVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZC9mNTA1YjUtMGU0Ni00YjNmLWJmMWIt
ODQ5ZDNhNmI5YzJkLzEvZ25zM0RzNnl2djU2VkRZT2dOUkdWYUIzdjkwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZC9mNTA1YjUtMGU0Ni00YjNmLWJmMWItODQ5ZDNhNmI5YzJk
LzEvaHd4WW1rOGlxY292LVp0TVNQaTk5SktIRnlVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBBAYIKwYBBQUHAQcBAf8EgfQwgfEwgcoEAgABMIHDAwMB
LkoDAwEuzgMDAT4uAwQAUEsiAwQDUEs4AwMCUHgDBARQ8OADBAVUFKADAwFYdAME
BlmQwAMDAltwAwQHXPgAAwMBXVIDAwBdbwMEBrBCAAMEB7BCgAMDArK8AwMCvBQD
AwC8LTALAwMCwKQDBALApCAwDAMEAMCkJwMEA8CkQDAMAwQEwKRQAwQFwKSAMAsD
BATApNADAwDApDAMAwQDwbvYAwQCwbvwAwQAwjCIAwQGwwNAAwQH1LcAAwQH1SEA
MCIEAgACMBwDBQMgAQhQAwUDIAEIcAMFAyABCJADBQMgAUu4MA0GCSqGSIb3DQEB
CwUAA4IBAQChYyyAQ1lR+R1o1xKFrQ0ezRDXec6q6vh2fAPLQSUuxjtv4fayAm9V
UZgiiLCfw+XvXr7Ow4eukUNo0dTRT+CQS2AxUugvSedjnUn8ytMPLWbI81biK8Nr
LOftuvliZvlqptp4NI77iNXnr4iXDynqHVVaq/BJmGU9sbvw9PxWFUZre344KrXD
yQm8UaDtVrTC0yEuLNYiQgvg6YVEAZUt5MVSOwQK7854v54nTUVaA5iLdqn8VNq8
E3/QX6h2DGmI/sAKtgy8Vtlzx9d/HNZxL/A0Jidv7O325SoydoyoZVWaNHHvfJQH
nBJ4Bzcs2Eenz9Vk6e58apP8Ry4bBcj2
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:02:09 2023 by rpki-client on console-fra.rpki-client.org