Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/1f6458-dc75-4add-ae72-91e3184bb0ab/1/f9GrvynF2RkZUHZuc1alrzTj_1U.roa
File: f9GrvynF2RkZUHZuc1alrzTj_1U.roa (raw, json)
Hash identifier: BTGUUkJIx14gCTHJ2ipQTHIszwwZbI8MuocZg0A1bhs=
Subject key identifier: 7F:D1:AB:BF:29:C5:D9:19:19:50:76:6E:73:56:A5:AF:34:E3:FF:55
Certificate issuer: /CN=1aca63df248b7adf3ddd07e8c2d3eedd02cef933
Certificate serial: 39EE579D
Authority key identifier: 1A:CA:63:DF:24:8B:7A:DF:3D:DD:07:E8:C2:D3:EE:DD:02:CE:F9:33
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Gspj3ySLet893QfowtPu3QLO-TM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/1f6458-dc75-4add-ae72-91e3184bb0ab/1/f9GrvynF2RkZUHZuc1alrzTj_1U.roa
Signing time: Sat 01 Jan 2022 14:00:28 +0000
ROA not before: Sat 01 Jan 2022 14:00:28 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 5588
IP address blocks: 217.8.160.0/19 maxlen: 19
94.42.0.0/16 maxlen: 16
195.94.192.0/19 maxlen: 19
78.133.128.0/17 maxlen: 17
85.219.128.0/17 maxlen: 17
89.174.0.0/16 maxlen: 16
89.174.23.0/24 maxlen: 24
217.153.0.0/16 maxlen: 16
157.25.0.0/16 maxlen: 16
2001:4190::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 971921309 (0x39ee579d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1aca63df248b7adf3ddd07e8c2d3eedd02cef933
Validity
Not Before: Jan 1 14:00:28 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=7fd1abbf29c5d9191950766e7356a5af34e3ff55
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:75:65:ab:67:cc:73:6c:72:7f:37:d7:ca:13:
33:85:fe:c2:90:01:73:95:f0:0c:74:22:a6:5b:25:
e3:8b:ba:c0:7e:fe:94:e5:8a:4b:d3:c5:74:6e:e8:
f1:c2:fa:e4:39:dd:b7:0e:ee:d3:ef:cd:3f:f1:66:
90:b0:0c:ec:62:89:ca:80:9e:35:21:25:2c:7e:27:
fc:48:5b:02:af:a1:40:ec:9f:8f:07:57:98:a8:08:
9b:e9:a3:53:e8:2f:ef:c3:85:fb:37:c0:cb:b1:5d:
b7:95:38:80:9b:46:69:71:2d:97:21:74:47:63:92:
7f:ff:e6:f7:fa:ec:ae:9c:35:b9:3f:20:61:c7:ab:
51:0e:b2:4c:c6:0d:33:d0:e5:6c:e7:08:e6:f4:53:
5f:33:9e:86:c5:40:8a:f6:99:39:6e:4a:3f:00:dc:
2f:da:89:88:c6:40:55:80:04:9b:74:ca:7e:7c:f0:
dd:1a:ef:e3:a1:8a:ba:e4:2d:d0:45:a1:c1:72:e7:
e0:67:45:bc:64:bf:87:12:19:ab:ed:63:51:75:6a:
21:aa:9b:9d:d9:f0:40:d7:31:03:a5:12:1f:d6:12:
0f:1d:e9:0e:ba:ae:de:7d:d7:53:1f:dd:69:a4:31:
71:c3:00:04:96:0b:5f:5a:0b:05:0f:88:1f:57:7a:
05:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7F:D1:AB:BF:29:C5:D9:19:19:50:76:6E:73:56:A5:AF:34:E3:FF:55
X509v3 Authority Key Identifier:
keyid:1A:CA:63:DF:24:8B:7A:DF:3D:DD:07:E8:C2:D3:EE:DD:02:CE:F9:33
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Gspj3ySLet893QfowtPu3QLO-TM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/1f6458-dc75-4add-ae72-91e3184bb0ab/1/f9GrvynF2RkZUHZuc1alrzTj_1U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/be/1f6458-dc75-4add-ae72-91e3184bb0ab/1/Gspj3ySLet893QfowtPu3QLO-TM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.133.128.0/17
85.219.128.0/17
89.174.0.0/16
94.42.0.0/16
157.25.0.0/16
195.94.192.0/19
217.8.160.0/19
217.153.0.0/16
IPv6:
2001:4190::/32
Signature Algorithm: sha256WithRSAEncryption
91:20:51:b2:21:b0:42:72:b2:49:2b:5d:2f:73:9a:7c:96:ab:
56:73:1d:3f:ea:89:1b:e2:62:ba:72:b1:aa:6c:92:64:d8:99:
0d:33:72:26:34:19:94:d9:93:ea:cc:52:94:d0:34:54:08:c5:
33:8e:c3:48:58:9c:cf:6d:48:b3:6a:49:06:29:ef:09:d7:74:
9f:d7:5c:32:ea:f5:f8:57:b5:88:17:bb:f3:d9:6a:a5:d7:dc:
49:f2:04:0f:fe:83:f4:d9:52:1f:7a:06:61:29:9a:2e:21:b4:
21:2b:c5:b9:79:c7:ff:18:b8:64:92:1c:7d:c6:6a:08:7d:1b:
07:e8:2d:8d:87:ee:4b:47:8e:3a:ad:4f:b3:b4:10:02:a6:fd:
a8:85:52:ba:3b:b1:00:e0:3b:2e:8c:06:c9:ca:2c:ac:ee:f5:
d1:6e:3a:f7:b8:e2:8a:e5:53:7b:c7:94:ee:b7:92:31:35:3e:
4b:8c:71:fa:0e:65:f6:2d:85:1d:7d:d0:b9:3c:80:71:4f:46:
2c:89:59:1c:86:fc:4c:7d:57:ce:4b:a7:17:f4:4b:ed:f4:db:
7d:fd:4b:99:77:79:8c:92:e5:7a:e9:5d:be:67:04:c7:e1:dd:
8d:13:d7:d2:0f:9e:2f:f0:0e:d9:b3:b1:68:23:7f:ff:f6:0e:
9a:ee:ec:e3
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgIEOe5XnTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
YWNhNjNkZjI0OGI3YWRmM2RkZDA3ZThjMmQzZWVkZDAyY2VmOTMzMB4XDTIyMDEw
MTE0MDAyOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoN2ZkMWFiYmYyOWM1
ZDkxOTE5NTA3NjZlNzM1NmE1YWYzNGUzZmY1NTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAM91ZatnzHNscn8318oTM4X+wpABc5XwDHQiplsl44u6wH7+
lOWKS9PFdG7o8cL65Dndtw7u0+/NP/FmkLAM7GKJyoCeNSElLH4n/EhbAq+hQOyf
jwdXmKgIm+mjU+gv78OF+zfAy7Fdt5U4gJtGaXEtlyF0R2OSf//m9/rsrpw1uT8g
YcerUQ6yTMYNM9DlbOcI5vRTXzOehsVAivaZOW5KPwDcL9qJiMZAVYAEm3TKfnzw
3Rrv46GKuuQt0EWhwXLn4GdFvGS/hxIZq+1jUXVqIaqbndnwQNcxA6USH9YSDx3p
Drqu3n3XUx/daaQxccMABJYLX1oLBQ+IH1d6BXMCAwEAAaOCAj4wggI6MB0GA1Ud
DgQWBBR/0au/KcXZGRlQdm5zVqWvNOP/VTAfBgNVHSMEGDAWgBQaymPfJIt63z3d
B+jC0+7dAs75MzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0dzcGozeVNMZXQ4OTNRZm93dFB1M1FMTy1UTS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYmUvMWY2NDU4LWRjNzUtNGFkZC1hZTcyLTkxZTMxODRiYjBhYi8x
L2Y5R3J2eW5GMlJrWlVIWnVjMWFscnpUal8xVS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYmUv
MWY2NDU4LWRjNzUtNGFkZC1hZTcyLTkxZTMxODRiYjBhYi8xL0dzcGozeVNMZXQ4
OTNRZm93dFB1M1FMTy1UTS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBU
BggrBgEFBQcBBwEB/wRFMEMwMgQCAAEwLAMEB06FgAMEB1XbgAMDAFmuAwMAXioD
AwCdGQMEBcNewAMEBdkIoAMDANmZMA0EAgACMAcDBQAgAUGQMA0GCSqGSIb3DQEB
CwUAA4IBAQCRIFGyIbBCcrJJK10vc5p8lqtWcx0/6okb4mK6crGqbJJk2JkNM3Im
NBmU2ZPqzFKU0DRUCMUzjsNIWJzPbUizakkGKe8J13Sf11wy6vX4V7WIF7vz2Wql
19xJ8gQP/oP02VIfegZhKZouIbQhK8W5ecf/GLhkkhx9xmoIfRsH6C2Nh+5LR446
rU+ztBACpv2ohVK6O7EA4DsujAbJyiys7vXRbjr3uOKK5VN7x5Tut5IxNT5LjHH6
DmX2LYUdfdC5PIBxT0YsiVkchvxMfVfOS6cX9Evt9Nt9/UuZd3mMkuV66V2+ZwTH
4d2NE9fSD54v8A7Zs7FoI3//9g6a7uzj
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:07:02 2023 by rpki-client on console-ams.rpki-client.org