Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/70b33b-d1eb-4bbb-97d6-0592453df7d2/1/GYuvQ5u_WRjNgmyfrPo3jPWzwOo.roa
File: GYuvQ5u_WRjNgmyfrPo3jPWzwOo.roa (raw, json)
Hash identifier: S/tQLmvnPwmAFF2NwiLjOy4TD+Zo+JdG8R+xuUUDbqk=
Subject key identifier: 19:8B:AF:43:9B:BF:59:18:CD:82:6C:9F:AC:FA:37:8C:F5:B3:C0:EA
Certificate issuer: /CN=04c5f1d1779eb709090365db982917adfd0f8049
Certificate serial: 0184337059C56A6BD47AD17D4B4D711C5E32
Authority key identifier: 04:C5:F1:D1:77:9E:B7:09:09:03:65:DB:98:29:17:AD:FD:0F:80:49
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BMXx0XeetwkJA2XbmCkXrf0PgEk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/70b33b-d1eb-4bbb-97d6-0592453df7d2/1/GYuvQ5u_WRjNgmyfrPo3jPWzwOo.roa
Signing time: Tue 01 Nov 2022 13:45:11 +0000
ROA not before: Tue 01 Nov 2022 13:45:11 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 39358
IP address blocks: 195.114.107.0/24 maxlen: 24
195.114.106.0/24 maxlen: 24
195.114.106.0/23 maxlen: 24
194.126.231.0/24 maxlen: 24
2001:67c:3e9::/48 maxlen: 48
2001:67c:3e8::/48 maxlen: 48
2001:67c:3e8::/47 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:33:70:59:c5:6a:6b:d4:7a:d1:7d:4b:4d:71:1c:5e:32
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=04c5f1d1779eb709090365db982917adfd0f8049
Validity
Not Before: Nov 1 13:45:11 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=198baf439bbf5918cd826c9facfa378cf5b3c0ea
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:e4:2b:5a:56:3e:c2:75:93:f0:e8:5d:18:49:
4a:99:94:d8:16:eb:23:61:b9:9c:cf:c0:02:f3:4d:
b2:5f:0a:c9:6f:ba:ce:14:01:78:9a:42:de:d1:a5:
0f:50:3c:d2:d9:4a:3f:7f:73:c6:c9:2d:73:05:05:
a8:16:c5:f4:07:7e:c8:ca:7a:02:6f:c2:33:56:77:
d5:11:64:cd:6d:c8:fd:fe:91:b4:b8:98:ce:a7:7b:
3d:d9:3d:f9:4e:d6:06:cf:57:67:f6:91:60:f1:51:
51:5a:07:89:1b:44:b4:bc:8d:70:62:d5:81:68:87:
ff:76:47:c2:54:1d:c6:15:a8:4c:0e:56:13:4c:da:
24:4c:02:92:96:47:f4:53:fc:a7:0c:2c:6c:57:95:
5c:50:b5:6f:4f:c8:37:a0:0a:f4:97:f3:61:b6:84:
bf:33:64:ec:e0:ee:22:aa:17:41:35:db:f3:3f:eb:
13:d1:c4:33:b7:a3:c8:14:c3:83:84:63:e5:d4:e2:
08:c8:e7:d0:51:5e:95:bb:77:55:22:26:d6:8e:ca:
76:a1:a3:af:e4:cc:41:7f:a8:5f:1c:5c:ac:72:51:
fb:b2:2a:93:28:c9:10:c0:d2:2e:42:a9:d4:ca:04:
b9:41:ec:7e:59:2b:75:07:b9:e2:e6:e4:3e:14:da:
ac:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
19:8B:AF:43:9B:BF:59:18:CD:82:6C:9F:AC:FA:37:8C:F5:B3:C0:EA
X509v3 Authority Key Identifier:
keyid:04:C5:F1:D1:77:9E:B7:09:09:03:65:DB:98:29:17:AD:FD:0F:80:49
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BMXx0XeetwkJA2XbmCkXrf0PgEk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/70b33b-d1eb-4bbb-97d6-0592453df7d2/1/GYuvQ5u_WRjNgmyfrPo3jPWzwOo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/70b33b-d1eb-4bbb-97d6-0592453df7d2/1/BMXx0XeetwkJA2XbmCkXrf0PgEk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.126.231.0/24
195.114.106.0/23
IPv6:
2001:67c:3e8::/47
Signature Algorithm: sha256WithRSAEncryption
2c:09:cb:a9:93:b3:4d:97:f3:83:30:49:84:cb:b2:4a:c6:1b:
de:09:83:5b:5a:b2:33:5b:c8:7a:30:e8:88:95:dd:c6:bf:24:
fa:ef:73:88:51:8b:f4:3f:cb:95:52:ed:9f:7a:3a:42:ef:7b:
3c:0f:09:6c:0c:fa:48:61:98:15:b6:37:4d:c9:d0:c7:7a:5d:
f8:9b:7d:2f:7b:21:dc:09:c3:c2:6d:2f:bb:bb:42:4a:a0:53:
2c:13:4a:ce:ee:2e:68:e3:1a:a2:72:74:00:46:9f:91:f0:c2:
c5:1c:d9:e1:3f:48:a0:bc:fd:de:df:40:ba:f9:23:5d:32:c9:
0a:94:a3:ca:2d:cd:15:02:c2:e2:6e:06:5f:59:c8:c8:ed:e4:
7a:22:ec:7a:b7:64:b0:44:2b:96:36:2b:0f:80:95:60:37:33:
f8:6c:8a:d5:5f:e3:71:41:d0:1b:92:1b:a8:d2:87:b0:40:f4:
19:ea:f5:08:00:4a:78:32:20:72:c4:35:64:f6:a1:3d:b0:5f:
bf:d2:e5:71:02:b9:80:ef:bb:ad:bf:9c:e8:2a:b1:dc:37:51:
89:87:ee:3b:67:55:43:7e:fc:5b:d0:d7:c2:9a:d7:44:3a:b9:
c4:9e:4a:ec:22:f2:6e:8c:12:d8:0a:45:2c:95:2c:27:5b:65:
4a:a1:6a:89
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAYQzcFnFamvUetF9S01xHF4yMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA0YzVmMWQxNzc5ZWI3MDkwOTAzNjVkYjk4MjkxN2FkZmQw
ZjgwNDkwHhcNMjIxMTAxMTM0NTExWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxOThiYWY0MzliYmY1OTE4Y2Q4MjZjOWZhY2ZhMzc4Y2Y1YjNjMGVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqeQrWlY+wnWT8OhdGElKmZTYFusj
Ybmcz8AC802yXwrJb7rOFAF4mkLe0aUPUDzS2Uo/f3PGyS1zBQWoFsX0B37IynoC
b8IzVnfVEWTNbcj9/pG0uJjOp3s92T35TtYGz1dn9pFg8VFRWgeJG0S0vI1wYtWB
aIf/dkfCVB3GFahMDlYTTNokTAKSlkf0U/ynDCxsV5VcULVvT8g3oAr0l/NhtoS/
M2Ts4O4iqhdBNdvzP+sT0cQzt6PIFMODhGPl1OIIyOfQUV6Vu3dVIibWjsp2oaOv
5MxBf6hfHFysclH7siqTKMkQwNIuQqnUygS5Qex+WSt1B7ni5uQ+FNqsbQIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFBmLr0Obv1kYzYJsn6z6N4z1s8DqMB8GA1UdIwQY
MBaAFATF8dF3nrcJCQNl25gpF639D4BJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQk1YeDBYZWV0d2tKQTJYYm1Da1hyZjBQZ0VrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC83MGIzM2ItZDFlYi00YmJiLTk3ZDYt
MDU5MjQ1M2RmN2QyLzEvR1l1dlE1dV9XUmpOZ215ZnJQbzNqUFd6d09vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC83MGIzM2ItZDFlYi00YmJiLTk3ZDYtMDU5MjQ1M2RmN2Qy
LzEvQk1YeDBYZWV0d2tKQTJYYm1Da1hyZjBQZ0VrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQAwn7nAwQB
w3JqMA8EAgACMAkDBwEgAQZ8A+gwDQYJKoZIhvcNAQELBQADggEBACwJy6mTs02X
84MwSYTLskrGG94Jg1tasjNbyHow6IiV3ca/JPrvc4hRi/Q/y5VS7Z96OkLvezwP
CWwM+khhmBW2N03J0Md6XfibfS97IdwJw8JtL7u7QkqgUywTSs7uLmjjGqJydABG
n5HwwsUc2eE/SKC8/d7fQLr5I10yyQqUo8otzRUCwuJuBl9ZyMjt5Hoi7Hq3ZLBE
K5Y2Kw+AlWA3M/hsitVf43FB0BuSG6jSh7BA9Bnq9QgASngyIHLENWT2oT2wX7/S
5XECuYDvu62/nOgqsdw3UYmH7jtnVUN+/FvQ18Ka10Q6ucSeSuwi8m6MEtgKRSyV
LCdbZUqhaok=
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:04:07 2023 by rpki-client on console-fra.rpki-client.org