Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cc/051fa2-c580-4a02-a186-e69f7a5d2d90/1/gAI5b-Zdqo8xGwgQhG6iRjwFEik.roa
File: gAI5b-Zdqo8xGwgQhG6iRjwFEik.roa (raw, json)
Hash identifier: 3GYSoKnwThvEFG51zEQSE49dG52bfSE51ZZKH5PUVaA=
Subject key identifier: 80:02:39:6F:E6:5D:AA:8F:31:1B:08:10:84:6E:A2:46:3C:05:12:29
Certificate issuer: /CN=f0ff2c6229af763a99f5349a32510df4a4526143
Certificate serial: 2759791F
Authority key identifier: F0:FF:2C:62:29:AF:76:3A:99:F5:34:9A:32:51:0D:F4:A4:52:61:43
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8P8sYimvdjqZ9TSaMlEN9KRSYUM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cc/051fa2-c580-4a02-a186-e69f7a5d2d90/1/gAI5b-Zdqo8xGwgQhG6iRjwFEik.roa
Signing time: Thu 20 Jan 2022 07:33:32 +0000
ROA not before: Thu 20 Jan 2022 07:33:32 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 29286
IP address blocks: 193.92.8.0/22 maxlen: 22
193.92.9.0/24 maxlen: 24
193.92.11.0/24 maxlen: 24
213.16.192.0/20 maxlen: 20
185.4.88.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 660175135 (0x2759791f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f0ff2c6229af763a99f5349a32510df4a4526143
Validity
Not Before: Jan 20 07:33:32 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=8002396fe65daa8f311b0810846ea2463c051229
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:cb:80:20:70:0b:5d:24:50:a9:0d:f4:00:47:
c2:73:bf:64:15:e9:3a:79:d6:6f:48:84:5f:76:01:
94:4b:4e:e1:44:dd:e0:30:6c:1c:c1:68:1e:72:b9:
21:24:64:ad:5f:f5:8d:d1:58:c7:d7:e5:a0:e1:80:
b7:74:ad:6a:c4:14:a5:49:20:1c:4e:51:70:b2:66:
a0:bd:97:5a:a3:90:8a:d1:11:e6:20:5a:cd:13:6a:
ab:46:cb:b2:45:91:23:27:5c:c9:81:33:5a:7f:31:
88:6c:2d:17:2d:7c:87:8e:32:04:ef:6a:82:9b:a4:
f6:b9:32:5b:7c:ef:18:32:77:a6:82:f1:1a:55:d0:
6f:e6:72:85:64:fa:a7:15:e0:1f:ce:32:85:df:9b:
6d:59:48:9e:0c:3a:40:44:78:58:7a:08:a0:1b:0f:
e6:c0:29:15:17:b9:40:08:e9:3c:b1:0a:e8:ac:6a:
e9:bf:df:f8:3e:52:2e:c0:65:5c:b6:5b:0e:90:c1:
1f:f4:94:b2:ef:ff:fc:9a:b9:30:f4:71:58:4f:d4:
cf:e9:66:4f:50:0f:9d:30:73:4c:17:2d:73:e1:aa:
69:a6:15:ac:fd:f4:ef:f8:a3:41:e2:7a:76:c1:fc:
7e:ce:ee:c4:82:03:c6:cc:0b:61:79:4b:28:85:2c:
33:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
80:02:39:6F:E6:5D:AA:8F:31:1B:08:10:84:6E:A2:46:3C:05:12:29
X509v3 Authority Key Identifier:
keyid:F0:FF:2C:62:29:AF:76:3A:99:F5:34:9A:32:51:0D:F4:A4:52:61:43
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8P8sYimvdjqZ9TSaMlEN9KRSYUM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/051fa2-c580-4a02-a186-e69f7a5d2d90/1/gAI5b-Zdqo8xGwgQhG6iRjwFEik.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/051fa2-c580-4a02-a186-e69f7a5d2d90/1/8P8sYimvdjqZ9TSaMlEN9KRSYUM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.4.88.0/22
193.92.8.0/22
213.16.192.0/20
Signature Algorithm: sha256WithRSAEncryption
65:b6:aa:36:dd:3e:bf:e4:43:10:14:91:24:53:2f:be:67:fd:
ac:b0:8e:67:26:56:72:2f:09:dd:2d:6b:63:de:fb:80:2f:41:
c3:11:5e:b4:8f:2b:64:d7:7e:76:8c:9b:14:79:86:c6:70:54:
50:7c:d7:37:01:6d:9f:a2:18:91:5f:45:8d:bf:f6:19:b5:cd:
27:5b:a4:9f:d6:6f:78:d2:b8:b4:20:87:85:7f:23:3c:0c:f9:
68:39:b4:70:9c:5b:2b:d7:4b:e0:5a:45:51:eb:03:47:c0:0e:
62:4b:d6:bf:a6:35:8b:cd:ba:c5:dc:f5:d8:cb:2f:4d:f2:61:
bb:10:ab:58:b3:e4:b9:de:0a:d0:5d:7a:8a:8f:6b:9b:e6:53:
d5:b9:57:82:79:cb:83:2d:d6:de:fc:e4:c6:c1:8c:c5:d5:3e:
06:82:df:bd:98:25:04:88:f3:af:84:a7:cf:c7:ce:19:96:50:
c0:4c:fe:ac:39:47:bb:cd:fd:39:9f:74:b1:7b:b7:b5:42:65:
1d:09:ce:f3:95:17:b3:ea:0c:c2:4f:c3:bc:74:3e:15:53:ac:
c3:0d:b7:5c:74:32:34:9a:35:7a:b3:20:44:dc:9d:77:52:fc:
dd:6d:48:88:c5:f2:82:53:12:7f:c7:be:35:3f:71:fb:60:7d:
42:1c:c7:23
-----BEGIN CERTIFICATE-----
MIIE+zCCA+OgAwIBAgIEJ1l5HzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
MGZmMmM2MjI5YWY3NjNhOTlmNTM0OWEzMjUxMGRmNGE0NTI2MTQzMB4XDTIyMDEy
MDA3MzMzMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoODAwMjM5NmZlNjVk
YWE4ZjMxMWIwODEwODQ2ZWEyNDYzYzA1MTIyOTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALTLgCBwC10kUKkN9ABHwnO/ZBXpOnnWb0iEX3YBlEtO4UTd
4DBsHMFoHnK5ISRkrV/1jdFYx9floOGAt3StasQUpUkgHE5RcLJmoL2XWqOQitER
5iBazRNqq0bLskWRIydcyYEzWn8xiGwtFy18h44yBO9qgpuk9rkyW3zvGDJ3poLx
GlXQb+ZyhWT6pxXgH84yhd+bbVlIngw6QER4WHoIoBsP5sApFRe5QAjpPLEK6Kxq
6b/f+D5SLsBlXLZbDpDBH/SUsu///Jq5MPRxWE/Uz+lmT1APnTBzTBctc+GqaaYV
rP307/ijQeJ6dsH8fs7uxIIDxswLYXlLKIUsM4sCAwEAAaOCAhUwggIRMB0GA1Ud
DgQWBBSAAjlv5l2qjzEbCBCEbqJGPAUSKTAfBgNVHSMEGDAWgBTw/yxiKa92Opn1
NJoyUQ30pFJhQzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzhQOHNZaW12ZGpxWjlUU2FNbEVOOUtSU1lVTS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvY2MvMDUxZmEyLWM1ODAtNGEwMi1hMTg2LWU2OWY3YTVkMmQ5MC8x
L2dBSTViLVpkcW84eEd3Z1FoRzZpUmp3RkVpay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvY2Mv
MDUxZmEyLWM1ODAtNGEwMi1hMTg2LWU2OWY3YTVkMmQ5MC8xLzhQOHNZaW12ZGpx
WjlUU2FNbEVOOUtSU1lVTS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAr
BggrBgEFBQcBBwEB/wQcMBowGAQCAAEwEgMEArkEWAMEAsFcCAMEBNUQwDANBgkq
hkiG9w0BAQsFAAOCAQEAZbaqNt0+v+RDEBSRJFMvvmf9rLCOZyZWci8J3S1rY977
gC9BwxFetI8rZNd+doybFHmGxnBUUHzXNwFtn6IYkV9Fjb/2GbXNJ1ukn9ZveNK4
tCCHhX8jPAz5aDm0cJxbK9dL4FpFUesDR8AOYkvWv6Y1i826xdz12MsvTfJhuxCr
WLPkud4K0F16io9rm+ZT1blXgnnLgy3W3vzkxsGMxdU+BoLfvZglBIjzr4Snz8fO
GZZQwEz+rDlHu839OZ90sXu3tUJlHQnO85UXs+oMwk/DvHQ+FVOsww23XHQyNJo1
erMgRNydd1L83W1IiMXyglMSf8e+NT9x+2B9QhzHIw==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:04:03 2023 by rpki-client on console-fra.rpki-client.org