Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/gEsprNIrkKWJcu6CFFhUGwBPeyc.roa
File: gEsprNIrkKWJcu6CFFhUGwBPeyc.roa (raw, json)
Hash identifier: zOn/blLvvusVrFBJqYaKonXx0LOP4EEJXmgPc4yoCLI=
Subject key identifier: 80:4B:29:AC:D2:2B:90:A5:89:72:EE:82:14:58:54:1B:00:4F:7B:27
Certificate issuer: /CN=72b78f6682fc39c55b41d48f80b8838d5d2dbf07
Certificate serial: 01830F876460CC87692F257391E6CEFAC7EC
Authority key identifier: 72:B7:8F:66:82:FC:39:C5:5B:41:D4:8F:80:B8:83:8D:5D:2D:BF:07
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/crePZoL8OcVbQdSPgLiDjV0tvwc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/gEsprNIrkKWJcu6CFFhUGwBPeyc.roa
Signing time: Mon 05 Sep 2022 21:21:14 +0000
ROA not before: Mon 05 Sep 2022 21:21:14 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 9009
IP address blocks: 212.60.13.0/24 maxlen: 24
185.205.204.0/24 maxlen: 24
185.253.120.0/24 maxlen: 24
185.253.121.0/24 maxlen: 24
5.182.196.0/24 maxlen: 24
5.182.197.0/24 maxlen: 24
185.161.190.0/24 maxlen: 24
79.98.183.0/24 maxlen: 24
78.31.205.0/24 maxlen: 24
92.249.29.0/24 maxlen: 24
185.201.42.0/24 maxlen: 24
5.182.185.0/24 maxlen: 24
147.78.204.0/24 maxlen: 24
147.78.207.0/24 maxlen: 24
94.154.171.0/24 maxlen: 24
94.154.178.0/24 maxlen: 24
185.208.152.0/24 maxlen: 24
217.197.170.0/24 maxlen: 24
185.208.153.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:0f:87:64:60:cc:87:69:2f:25:73:91:e6:ce:fa:c7:ec
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72b78f6682fc39c55b41d48f80b8838d5d2dbf07
Validity
Not Before: Sep 5 21:21:14 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=804b29acd22b90a58972ee821458541b004f7b27
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:e0:98:0c:0a:e6:74:0b:ed:da:41:ef:1b:d6:
5e:28:6b:3c:ec:40:61:43:eb:13:7b:5c:f8:41:a4:
6e:ff:04:00:ef:24:3f:0f:32:89:30:53:73:58:e2:
40:75:6f:68:f1:8f:3c:21:5d:88:c9:1b:9e:b2:57:
fc:00:4e:f2:10:b3:94:77:f8:ed:12:eb:be:02:ff:
15:ed:34:48:de:ad:e4:b1:bb:92:ba:0d:75:85:15:
13:3c:ab:18:a1:37:3c:b7:35:38:8f:00:ff:94:d1:
5a:b7:bf:7a:34:73:0e:73:a3:32:10:64:d9:6d:c5:
6a:bc:9a:a0:fd:9e:43:09:c0:6c:53:c4:9b:4c:c8:
d6:88:c5:67:c2:b2:d5:0c:8f:5c:48:e4:ab:32:29:
42:4d:de:5e:3b:f4:bf:2d:2d:8a:8b:9a:76:1c:ed:
fe:7a:25:8a:a7:8b:a9:72:bf:07:2c:ec:4a:2c:df:
8d:ca:7d:2e:43:59:bb:b1:fd:9b:6b:fd:23:55:3d:
5a:55:a0:79:4a:28:f6:cc:f1:2c:df:2f:f4:3d:59:
fd:2d:3f:df:fe:1a:f4:bb:12:b6:a4:c5:c0:79:99:
c2:21:09:99:8c:57:78:88:14:4e:4c:34:c5:9b:f3:
da:42:54:82:d8:66:5a:0d:65:8f:1a:f6:73:eb:03:
76:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
80:4B:29:AC:D2:2B:90:A5:89:72:EE:82:14:58:54:1B:00:4F:7B:27
X509v3 Authority Key Identifier:
keyid:72:B7:8F:66:82:FC:39:C5:5B:41:D4:8F:80:B8:83:8D:5D:2D:BF:07
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/crePZoL8OcVbQdSPgLiDjV0tvwc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/gEsprNIrkKWJcu6CFFhUGwBPeyc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/crePZoL8OcVbQdSPgLiDjV0tvwc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.182.185.0/24
5.182.196.0/23
78.31.205.0/24
79.98.183.0/24
92.249.29.0/24
94.154.171.0/24
94.154.178.0/24
147.78.204.0/24
147.78.207.0/24
185.161.190.0/24
185.201.42.0/24
185.205.204.0/24
185.208.152.0/23
185.253.120.0/23
212.60.13.0/24
217.197.170.0/24
Signature Algorithm: sha256WithRSAEncryption
35:de:db:0c:69:57:9c:d5:a2:68:29:5d:f6:d9:28:3a:06:50:
1f:93:1e:07:95:e3:66:09:a6:7b:96:0a:8d:64:82:4f:3e:bc:
0d:47:20:df:4f:bf:7f:ac:db:3a:95:cc:ba:40:30:a6:53:2c:
60:35:22:a3:35:b2:8c:d5:38:12:81:d9:11:3a:42:43:2f:4c:
1e:43:99:43:27:6f:6a:cd:ec:a4:2f:4a:33:09:ae:68:f7:44:
cf:f4:e1:cb:be:54:e9:af:94:b9:ea:50:9a:e3:f0:02:11:cb:
08:8a:41:6f:33:21:74:aa:57:e6:a7:31:4b:29:8c:24:86:2d:
32:e5:cd:10:89:45:81:97:fb:3f:25:db:04:87:bf:b8:b8:3e:
aa:4a:04:80:16:d0:47:49:57:d8:bf:92:70:54:41:3d:c6:5f:
8c:bf:77:54:d5:24:a4:b2:4f:3b:0c:63:9a:9a:4e:a1:0b:f5:
ad:d4:f5:5e:7a:82:08:42:5b:4e:a3:97:3f:aa:3c:3c:81:d3:
4b:77:17:8c:9b:52:f4:a8:ee:84:40:3b:fe:bc:8d:d5:c7:b0:
87:e6:cd:a9:28:0e:a5:0c:67:cc:0c:db:92:a0:d3:70:22:76:
e3:6b:8e:17:06:a3:0b:33:44:89:8d:18:79:4d:83:9a:5c:e1:
17:5f:41:6d
-----BEGIN CERTIFICATE-----
MIIFVzCCBD+gAwIBAgISAYMPh2RgzIdpLyVzkebO+sfsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyYjc4ZjY2ODJmYzM5YzU1YjQxZDQ4ZjgwYjg4MzhkNWQy
ZGJmMDcwHhcNMjIwOTA1MjEyMTE0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MDRiMjlhY2QyMmI5MGE1ODk3MmVlODIxNDU4NTQxYjAwNGY3YjI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj+CYDArmdAvt2kHvG9ZeKGs87EBh
Q+sTe1z4QaRu/wQA7yQ/DzKJMFNzWOJAdW9o8Y88IV2IyRueslf8AE7yELOUd/jt
Euu+Av8V7TRI3q3ksbuSug11hRUTPKsYoTc8tzU4jwD/lNFat796NHMOc6MyEGTZ
bcVqvJqg/Z5DCcBsU8SbTMjWiMVnwrLVDI9cSOSrMilCTd5eO/S/LS2Ki5p2HO3+
eiWKp4upcr8HLOxKLN+Nyn0uQ1m7sf2ba/0jVT1aVaB5Sij2zPEs3y/0PVn9LT/f
/hr0uxK2pMXAeZnCIQmZjFd4iBROTDTFm/PaQlSC2GZaDWWPGvZz6wN2RQIDAQAB
o4ICYzCCAl8wHQYDVR0OBBYEFIBLKazSK5CliXLughRYVBsAT3snMB8GA1UdIwQY
MBaAFHK3j2aC/DnFW0HUj4C4g41dLb8HMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY3JlUFpvTDhPY1ZiUWRTUGdMaURqVjB0dndjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS8zYzRiOGEtYmZjNy00MWU5LTk5ZTEt
ZjNlNTA2YWVhYTAxLzEvZ0VzcHJOSXJrS1dKY3U2Q0ZGaFVHd0JQZXljLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYS8zYzRiOGEtYmZjNy00MWU5LTk5ZTEtZjNlNTA2YWVhYTAx
LzEvY3JlUFpvTDhPY1ZiUWRTUGdMaURqVjB0dndjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHkGCCsGAQUFBwEHAQH/BGowaDBmBAIAATBgAwQABba5AwQB
BbbEAwQATh/NAwQAT2K3AwQAXPkdAwQAXpqrAwQAXpqyAwQAk07MAwQAk07PAwQA
uaG+AwQAuckqAwQAuc3MAwQBudCYAwQBuf14AwQA1DwNAwQA2cWqMA0GCSqGSIb3
DQEBCwUAA4IBAQA13tsMaVec1aJoKV322Sg6BlAfkx4HleNmCaZ7lgqNZIJPPrwN
RyDfT79/rNs6lcy6QDCmUyxgNSKjNbKM1TgSgdkROkJDL0weQ5lDJ29qzeykL0oz
Ca5o90TP9OHLvlTpr5S56lCa4/ACEcsIikFvMyF0qlfmpzFLKYwkhi0y5c0QiUWB
l/s/JdsEh7+4uD6qSgSAFtBHSVfYv5JwVEE9xl+Mv3dU1SSksk87DGOamk6hC/Wt
1PVeeoIIQltOo5c/qjw8gdNLdxeMm1L0qO6EQDv+vI3Vx7CH5s2pKA6lDGfMDNuS
oNNwInbja44XBqMLM0SJjRh5TYOaXOEXX0Ft
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:03:58 2023 by rpki-client on console-fra.rpki-client.org