Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/7d3f00-d48c-416f-919e-dc0389f9167d/1/GVXCvyXxAHIKkdxE74yNyTeg6VA.roa
File: GVXCvyXxAHIKkdxE74yNyTeg6VA.roa (raw, json)
Hash identifier: h2Ak/z4mEa9AcFHwSTPxAI3/2IlRQm11n701AaOSV4s=
Subject key identifier: 19:55:C2:BF:25:F1:00:72:0A:91:DC:44:EF:8C:8D:C9:37:A0:E9:50
Certificate issuer: /CN=971a6cbb2df6e7faccc5853ba5400f1f470eab16
Certificate serial: 1AA7E5D9
Authority key identifier: 97:1A:6C:BB:2D:F6:E7:FA:CC:C5:85:3B:A5:40:0F:1F:47:0E:AB:16
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lxpsuy325_rMxYU7pUAPH0cOqxY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/7d3f00-d48c-416f-919e-dc0389f9167d/1/GVXCvyXxAHIKkdxE74yNyTeg6VA.roa
Signing time: Tue 22 Mar 2022 20:45:01 +0000
ROA not before: Tue 22 Mar 2022 20:45:01 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 59989
IP address blocks: 185.22.34.0/24 maxlen: 24
185.22.32.0/22 maxlen: 22
185.22.33.0/24 maxlen: 24
185.22.35.0/24 maxlen: 24
185.22.32.0/24 maxlen: 24
185.100.202.0/24 maxlen: 24
185.100.201.0/24 maxlen: 24
185.100.200.0/22 maxlen: 22
185.100.203.0/24 maxlen: 24
185.100.200.0/24 maxlen: 24
2a00:5e60::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 447210969 (0x1aa7e5d9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=971a6cbb2df6e7faccc5853ba5400f1f470eab16
Validity
Not Before: Mar 22 20:45:01 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=1955c2bf25f100720a91dc44ef8c8dc937a0e950
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:ef:ac:4e:79:dd:09:59:bb:c2:32:00:4c:12:
80:b1:36:ac:e3:a9:01:7f:af:90:1d:f2:dc:f1:07:
64:e4:f6:a4:78:dd:86:a4:88:25:4a:7a:b0:9e:01:
3a:16:d7:cc:a8:c7:37:e2:44:22:b4:82:84:e4:64:
74:86:5b:b2:6d:e9:9e:99:e4:66:61:05:a7:8c:cb:
a6:0f:b9:cf:4e:b6:d5:55:c4:0d:31:3d:06:91:14:
d8:6e:10:84:7f:14:01:a2:f1:c5:63:75:c4:cb:39:
9a:06:b4:43:6f:2c:54:b4:23:eb:f7:0c:28:b4:eb:
1f:d7:65:15:2a:62:54:92:37:b3:b0:96:bd:2f:b8:
a6:3c:3a:cb:d7:74:e9:61:3e:5d:b1:94:f7:de:76:
38:44:02:90:f8:a9:4b:20:2a:d6:7d:c2:18:a8:e8:
5c:3d:27:12:fd:ee:ad:06:9e:68:f5:0a:9c:b8:bd:
5d:54:88:e9:12:96:05:9a:72:b2:62:4f:1c:cc:d0:
ef:1d:96:62:f2:ee:e1:d4:96:05:47:1f:e5:41:ec:
7a:cb:e3:97:c6:a2:71:3c:30:11:f4:b9:95:51:50:
ac:74:1c:c7:fe:0a:b1:c6:89:e1:28:2c:9c:5d:86:
a8:82:ec:f4:3e:b8:8f:f9:8d:a0:1d:6d:4a:41:b7:
80:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
19:55:C2:BF:25:F1:00:72:0A:91:DC:44:EF:8C:8D:C9:37:A0:E9:50
X509v3 Authority Key Identifier:
keyid:97:1A:6C:BB:2D:F6:E7:FA:CC:C5:85:3B:A5:40:0F:1F:47:0E:AB:16
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lxpsuy325_rMxYU7pUAPH0cOqxY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/7d3f00-d48c-416f-919e-dc0389f9167d/1/GVXCvyXxAHIKkdxE74yNyTeg6VA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/be/7d3f00-d48c-416f-919e-dc0389f9167d/1/lxpsuy325_rMxYU7pUAPH0cOqxY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.22.32.0/22
185.100.200.0/22
IPv6:
2a00:5e60::/32
Signature Algorithm: sha256WithRSAEncryption
16:bf:cc:30:2b:56:68:16:9f:08:7a:02:ba:9d:e4:88:ca:97:
b4:24:d0:51:c8:42:e9:5e:c3:38:6a:de:93:a9:87:58:d0:50:
41:78:0a:41:9a:31:8e:78:d6:b6:f7:a3:6b:d9:6f:e1:83:23:
0f:00:20:76:ba:ec:7a:69:c6:d0:95:66:1e:25:aa:de:1b:d6:
73:62:19:20:1f:45:d5:d7:d8:5a:6d:df:ad:2b:75:73:a2:0b:
03:75:cb:8f:05:04:c5:f4:2a:90:e0:e0:a1:4c:31:1d:fb:58:
5e:40:69:3c:a8:2d:79:8b:2f:28:ac:dd:a0:4f:c1:25:13:e4:
68:6e:96:06:3c:a4:b5:6b:58:1d:15:92:9f:08:d4:bc:5e:27:
67:6b:7c:67:75:0e:bf:3b:39:a9:bc:05:a6:0d:18:db:9c:54:
90:1d:83:ad:a8:ca:eb:42:37:d3:bb:cb:24:0e:b8:25:97:b7:
09:ba:02:e8:34:26:0b:05:e3:5a:bc:ce:b6:eb:87:c3:83:01:
34:1b:f6:82:38:b7:b5:7e:79:41:94:76:87:e0:62:9f:6f:24:
c0:0d:33:f7:a8:12:c9:b2:75:c4:59:d6:63:2a:91:e6:29:65:
aa:01:dc:e0:5d:2c:24:db:ec:b4:9d:ab:56:a1:15:91:94:52:
8b:96:ab:f3
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgIEGqfl2TANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
NzFhNmNiYjJkZjZlN2ZhY2NjNTg1M2JhNTQwMGYxZjQ3MGVhYjE2MB4XDTIyMDMy
MjIwNDUwMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMTk1NWMyYmYyNWYx
MDA3MjBhOTFkYzQ0ZWY4YzhkYzkzN2EwZTk1MDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANfvrE553QlZu8IyAEwSgLE2rOOpAX+vkB3y3PEHZOT2pHjd
hqSIJUp6sJ4BOhbXzKjHN+JEIrSChORkdIZbsm3pnpnkZmEFp4zLpg+5z0621VXE
DTE9BpEU2G4QhH8UAaLxxWN1xMs5mga0Q28sVLQj6/cMKLTrH9dlFSpiVJI3s7CW
vS+4pjw6y9d06WE+XbGU9952OEQCkPipSyAq1n3CGKjoXD0nEv3urQaeaPUKnLi9
XVSI6RKWBZpysmJPHMzQ7x2WYvLu4dSWBUcf5UHsesvjl8aicTwwEfS5lVFQrHQc
x/4KscaJ4SgsnF2GqILs9D64j/mNoB1tSkG3gPsCAwEAAaOCAh4wggIaMB0GA1Ud
DgQWBBQZVcK/JfEAcgqR3ETvjI3JN6DpUDAfBgNVHSMEGDAWgBSXGmy7Lfbn+szF
hTulQA8fRw6rFjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2x4cHN1eTMyNV9yTXhZVTdwVUFQSDBjT3F4WS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYmUvN2QzZjAwLWQ0OGMtNDE2Zi05MTllLWRjMDM4OWY5MTY3ZC8x
L0dWWEN2eVh4QUhJS2tkeEU3NHlOeVRlZzZWQS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYmUv
N2QzZjAwLWQ0OGMtNDE2Zi05MTllLWRjMDM4OWY5MTY3ZC8xL2x4cHN1eTMyNV9y
TXhZVTdwVUFQSDBjT3F4WS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA0
BggrBgEFBQcBBwEB/wQlMCMwEgQCAAEwDAMEArkWIAMEArlkyDANBAIAAjAHAwUA
KgBeYDANBgkqhkiG9w0BAQsFAAOCAQEAFr/MMCtWaBafCHoCup3kiMqXtCTQUchC
6V7DOGrek6mHWNBQQXgKQZoxjnjWtveja9lv4YMjDwAgdrrsemnG0JVmHiWq3hvW
c2IZIB9F1dfYWm3frSt1c6ILA3XLjwUExfQqkODgoUwxHftYXkBpPKgteYsvKKzd
oE/BJRPkaG6WBjyktWtYHRWSnwjUvF4nZ2t8Z3UOvzs5qbwFpg0Y25xUkB2DrajK
60I307vLJA64JZe3CboC6DQmCwXjWrzOtuuHw4MBNBv2gji3tX55QZR2h+Bin28k
wA0z96gSybJ1xFnWYyqR5illqgHc4F0sJNvstJ2rVqEVkZRSi5ar8w==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:03:11 2023 by rpki-client on console-fra.rpki-client.org