Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bd/f70e1a-732e-4e6b-b3b5-f562b8974d8b/1/gbD6PErK-woAW3MXG3F3q9jCmY4.roa
File: gbD6PErK-woAW3MXG3F3q9jCmY4.roa (raw, json)
Hash identifier: Mdbi2+lnYCTd1kSIhDFR13+172z0e5lmwJ6amq7sMaM=
Subject key identifier: 81:B0:FA:3C:4A:CA:FB:0A:00:5B:73:17:1B:71:77:AB:D8:C2:99:8E
Certificate issuer: /CN=f10d39eddb008d1b89df9741960dbf2044f657fb
Certificate serial: 08E99CA4
Authority key identifier: F1:0D:39:ED:DB:00:8D:1B:89:DF:97:41:96:0D:BF:20:44:F6:57:FB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8Q057dsAjRuJ35dBlg2_IET2V_s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bd/f70e1a-732e-4e6b-b3b5-f562b8974d8b/1/gbD6PErK-woAW3MXG3F3q9jCmY4.roa
Signing time: Wed 23 Feb 2022 12:43:17 +0000
ROA not before: Wed 23 Feb 2022 12:43:17 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 39923
IP address blocks: 185.58.96.0/22 maxlen: 22
185.35.164.0/22 maxlen: 22
195.189.202.0/23 maxlen: 23
194.146.23.0/24 maxlen: 24
185.111.204.0/22 maxlen: 22
185.111.204.0/24 maxlen: 24
185.111.205.0/24 maxlen: 24
185.111.206.0/24 maxlen: 24
109.68.160.0/21 maxlen: 21
109.68.164.0/24 maxlen: 24
91.238.219.0/24 maxlen: 24
2a02:2a08::/32 maxlen: 32
2a04:6480::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 149527716 (0x8e99ca4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f10d39eddb008d1b89df9741960dbf2044f657fb
Validity
Not Before: Feb 23 12:43:17 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=81b0fa3c4acafb0a005b73171b7177abd8c2998e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:e2:ba:11:6d:13:86:f6:93:b3:5b:3d:ed:66:
ab:a5:af:80:b1:29:86:a5:34:e8:69:00:b9:f1:1b:
d1:71:8b:6d:e4:fd:1d:a1:dd:58:1b:1c:1c:e7:46:
50:c9:31:de:7b:b7:7d:41:92:55:c4:c4:70:ca:76:
c8:ae:06:09:af:f8:2f:5b:f6:6c:1e:20:d1:01:08:
b8:27:67:f0:83:7f:aa:83:8c:7e:ab:02:5e:f1:31:
1e:6c:80:c5:19:1b:3b:65:64:ab:92:1b:41:22:39:
08:bd:99:3f:ab:8a:34:d4:75:64:f2:ec:a8:94:6b:
9b:54:8d:67:d2:9d:93:94:21:ef:47:00:07:57:8e:
ad:aa:d2:61:a3:a2:d5:20:45:c6:23:22:5d:47:af:
0f:c8:d0:cd:ff:46:4b:f3:ad:93:f0:e7:cc:8a:c9:
f1:8e:5a:ab:d5:fc:75:22:aa:87:f0:7f:6f:b4:b8:
df:c7:b7:7e:b8:43:f5:84:f6:e4:61:11:f3:d6:f4:
36:7d:99:fa:d5:2a:a8:69:46:1c:e8:f8:90:1b:17:
e5:31:86:d6:ad:5d:63:15:70:c6:56:fe:f4:56:21:
c4:9a:26:4a:31:a7:3c:44:e8:cc:d0:69:ab:f4:ed:
e0:02:f1:c5:41:be:c5:73:ea:05:b8:07:38:fe:ed:
56:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
81:B0:FA:3C:4A:CA:FB:0A:00:5B:73:17:1B:71:77:AB:D8:C2:99:8E
X509v3 Authority Key Identifier:
keyid:F1:0D:39:ED:DB:00:8D:1B:89:DF:97:41:96:0D:BF:20:44:F6:57:FB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8Q057dsAjRuJ35dBlg2_IET2V_s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/f70e1a-732e-4e6b-b3b5-f562b8974d8b/1/gbD6PErK-woAW3MXG3F3q9jCmY4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/f70e1a-732e-4e6b-b3b5-f562b8974d8b/1/8Q057dsAjRuJ35dBlg2_IET2V_s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.238.219.0/24
109.68.160.0/21
185.35.164.0/22
185.58.96.0/22
185.111.204.0/22
194.146.23.0/24
195.189.202.0/23
IPv6:
2a02:2a08::/32
2a04:6480::/29
Signature Algorithm: sha256WithRSAEncryption
47:09:14:67:75:72:a9:4d:dc:dc:36:ce:e1:a0:54:75:53:2f:
4f:db:c7:8f:3c:cb:5e:2f:f3:14:d2:96:4b:0e:48:63:34:d8:
4c:50:60:58:c7:3a:85:9d:11:1a:5d:94:5a:6b:2b:38:3b:5e:
c5:95:b1:dd:46:ff:ff:5d:45:74:29:90:91:f5:85:b7:6e:cb:
a6:31:d7:70:c1:40:c0:a6:fa:83:be:cd:b8:8b:b9:c4:2e:c6:
ee:70:74:2c:db:57:a7:d0:ac:6e:35:ba:78:7d:b9:c8:86:c7:
32:d7:a6:1f:c1:88:22:4f:be:d9:a5:96:e3:be:ee:28:02:72:
5c:5e:5d:1d:cf:cc:1d:f2:83:5e:67:38:2f:a2:96:fb:58:54:
10:e4:09:f1:38:62:23:78:4a:8d:0a:aa:a0:33:42:14:f1:0c:
b9:68:92:a7:9b:b0:80:9a:ce:c9:ae:c8:74:15:60:2a:42:20:
60:5a:e3:ba:25:c7:be:e5:5d:e3:da:3a:64:7a:75:5f:e9:d1:
99:e2:25:1e:e8:8f:75:dc:20:34:ba:fd:86:5e:f0:87:ee:13:
4f:82:84:35:c8:44:df:d0:82:ff:e4:5b:2b:62:c8:01:46:25:
39:08:bf:a0:27:82:1d:be:19:a8:eb:69:a8:5d:eb:83:00:f3:
a9:ec:99:fc
-----BEGIN CERTIFICATE-----
MIIFKTCCBBGgAwIBAgIECOmcpDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
MTBkMzllZGRiMDA4ZDFiODlkZjk3NDE5NjBkYmYyMDQ0ZjY1N2ZiMB4XDTIyMDIy
MzEyNDMxN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoODFiMGZhM2M0YWNh
ZmIwYTAwNWI3MzE3MWI3MTc3YWJkOGMyOTk4ZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANLiuhFtE4b2k7NbPe1mq6WvgLEphqU06GkAufEb0XGLbeT9
HaHdWBscHOdGUMkx3nu3fUGSVcTEcMp2yK4GCa/4L1v2bB4g0QEIuCdn8IN/qoOM
fqsCXvExHmyAxRkbO2Vkq5IbQSI5CL2ZP6uKNNR1ZPLsqJRrm1SNZ9Kdk5Qh70cA
B1eOrarSYaOi1SBFxiMiXUevD8jQzf9GS/Otk/DnzIrJ8Y5aq9X8dSKqh/B/b7S4
38e3frhD9YT25GER89b0Nn2Z+tUqqGlGHOj4kBsX5TGG1q1dYxVwxlb+9FYhxJom
SjGnPETozNBpq/Tt4ALxxUG+xXPqBbgHOP7tVskCAwEAAaOCAkMwggI/MB0GA1Ud
DgQWBBSBsPo8Ssr7CgBbcxcbcXer2MKZjjAfBgNVHSMEGDAWgBTxDTnt2wCNG4nf
l0GWDb8gRPZX+zAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzhRMDU3ZHNBalJ1SjM1ZEJsZzJfSUVUMlZfcy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYmQvZjcwZTFhLTczMmUtNGU2Yi1iM2I1LWY1NjJiODk3NGQ4Yi8x
L2diRDZQRXJLLXdvQVczTVhHM0YzcTlqQ21ZNC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYmQv
ZjcwZTFhLTczMmUtNGU2Yi1iM2I1LWY1NjJiODk3NGQ4Yi8xLzhRMDU3ZHNBalJ1
SjM1ZEJsZzJfSUVUMlZfcy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZ
BggrBgEFBQcBBwEB/wRKMEgwMAQCAAEwKgMEAFvu2wMEA21EoAMEArkjpAMEArk6
YAMEArlvzAMEAMKSFwMEAcO9yjAUBAIAAjAOAwUAKgIqCAMFAyoEZIAwDQYJKoZI
hvcNAQELBQADggEBAEcJFGd1cqlN3Nw2zuGgVHVTL0/bx488y14v8xTSlksOSGM0
2ExQYFjHOoWdERpdlFprKzg7XsWVsd1G//9dRXQpkJH1hbduy6Yx13DBQMCm+oO+
zbiLucQuxu5wdCzbV6fQrG41unh9uciGxzLXph/BiCJPvtmlluO+7igCclxeXR3P
zB3yg15nOC+ilvtYVBDkCfE4YiN4So0KqqAzQhTxDLlokqebsICazsmuyHQVYCpC
IGBa47olx77lXePaOmR6dV/p0ZniJR7oj3XcIDS6/YZe8IfuE0+ChDXIRN/Qgv/k
WytiyAFGJTkIv6Angh2+Gajraahd64MA86nsmfw=
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:07:02 2023 by rpki-client on console-ams.rpki-client.org