Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ce/1e1a97-f276-4a51-b1b5-8c10909a485c/1/gcapaLcZ7e5VPAUahPOVt9jcMII.roa
File: gcapaLcZ7e5VPAUahPOVt9jcMII.roa (raw, json)
Hash identifier: e0/hYGF20VrplEyKi+WrMkQ4trPAN3/QktXFqCN22Uw=
Subject key identifier: 81:C6:A9:68:B7:19:ED:EE:55:3C:05:1A:84:F3:95:B7:D8:DC:30:82
Certificate issuer: /CN=0b9d86096a49110cf9bf670240b519315b66abcb
Certificate serial: 0B5ADB72
Authority key identifier: 0B:9D:86:09:6A:49:11:0C:F9:BF:67:02:40:B5:19:31:5B:66:AB:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/C52GCWpJEQz5v2cCQLUZMVtmq8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ce/1e1a97-f276-4a51-b1b5-8c10909a485c/1/gcapaLcZ7e5VPAUahPOVt9jcMII.roa
Signing time: Tue 01 Feb 2022 12:35:50 +0000
ROA not before: Tue 01 Feb 2022 12:35:50 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 200020
IP address blocks: 185.122.116.0/22 maxlen: 24
194.213.112.0/23 maxlen: 24
5.172.40.0/21 maxlen: 24
31.200.208.0/21 maxlen: 24
91.224.248.0/23 maxlen: 24
45.13.164.0/22 maxlen: 24
46.226.88.0/21 maxlen: 24
185.51.56.0/22 maxlen: 24
45.133.196.0/22 maxlen: 24
193.37.204.0/22 maxlen: 24
185.46.64.0/22 maxlen: 24
193.187.188.0/22 maxlen: 24
45.146.124.0/22 maxlen: 24
88.218.152.0/22 maxlen: 24
185.113.84.0/22 maxlen: 24
91.218.148.0/22 maxlen: 24
46.19.216.0/21 maxlen: 24
85.209.108.0/22 maxlen: 24
93.186.176.0/20 maxlen: 24
2a03:3400::/32 maxlen: 48
2a00:d10::/32 maxlen: 48
2a06:6940::/29 maxlen: 48
2a04:a840::/29 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 190503794 (0xb5adb72)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0b9d86096a49110cf9bf670240b519315b66abcb
Validity
Not Before: Feb 1 12:35:50 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=81c6a968b719edee553c051a84f395b7d8dc3082
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:e2:9a:65:bc:d5:31:55:78:52:c0:1e:eb:29:
1d:14:1b:d5:2c:31:b6:14:06:0d:43:f5:0c:be:e0:
c8:5b:a5:fc:ec:ca:4f:0d:8b:dc:ee:64:af:b9:89:
0f:2e:3f:46:36:5c:4f:ae:dc:b4:0a:c3:77:9c:6d:
f6:cb:4f:3f:c2:e5:24:18:d9:2f:bb:c5:04:70:e9:
a1:b1:52:f4:96:aa:c8:80:1c:37:d4:00:ac:bc:d8:
61:28:6d:d0:5c:f2:6a:58:33:f3:a0:a3:02:37:b9:
1d:e2:3e:e2:ed:64:49:6c:53:1c:92:62:87:d6:66:
a3:e6:13:96:31:35:3f:23:e5:fd:bc:40:ce:43:bb:
07:3f:17:d2:d9:86:3b:c3:a8:dd:c6:fe:1d:cf:41:
88:97:a4:bb:cd:90:f3:30:83:e2:37:ad:3a:10:b6:
96:30:16:34:96:9b:06:33:8f:fe:10:36:95:90:10:
8b:0a:80:4c:06:a6:f7:c3:b5:a5:04:5a:a4:57:42:
fb:cc:1e:6d:3b:cf:8c:52:80:2a:92:58:5d:6a:f0:
8e:9d:cb:68:4b:f6:30:af:5e:8b:0e:8f:39:aa:a1:
48:6e:f6:3d:93:29:e4:64:05:4a:9b:a2:33:eb:5e:
c6:56:06:7c:11:a2:a4:26:65:8e:ab:85:53:f6:30:
aa:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
81:C6:A9:68:B7:19:ED:EE:55:3C:05:1A:84:F3:95:B7:D8:DC:30:82
X509v3 Authority Key Identifier:
keyid:0B:9D:86:09:6A:49:11:0C:F9:BF:67:02:40:B5:19:31:5B:66:AB:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/C52GCWpJEQz5v2cCQLUZMVtmq8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ce/1e1a97-f276-4a51-b1b5-8c10909a485c/1/gcapaLcZ7e5VPAUahPOVt9jcMII.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ce/1e1a97-f276-4a51-b1b5-8c10909a485c/1/C52GCWpJEQz5v2cCQLUZMVtmq8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.172.40.0/21
31.200.208.0/21
45.13.164.0/22
45.133.196.0/22
45.146.124.0/22
46.19.216.0/21
46.226.88.0/21
85.209.108.0/22
88.218.152.0/22
91.218.148.0/22
91.224.248.0/23
93.186.176.0/20
185.46.64.0/22
185.51.56.0/22
185.113.84.0/22
185.122.116.0/22
193.37.204.0/22
193.187.188.0/22
194.213.112.0/23
IPv6:
2a00:d10::/32
2a03:3400::/32
2a04:a840::/29
2a06:6940::/29
Signature Algorithm: sha256WithRSAEncryption
39:eb:8d:6a:fc:69:0f:38:5e:85:2d:c1:90:4c:42:80:e6:6c:
f3:7c:dc:ea:52:2b:c3:a3:ee:e4:8a:87:c8:dc:e2:5e:94:fe:
0e:5d:84:7b:12:14:df:3b:78:34:13:3f:8f:8f:6a:de:48:66:
8d:50:36:a3:ee:77:f1:0c:7f:8f:5f:6c:e2:e3:83:98:e7:97:
c6:12:aa:3e:1d:1a:a5:66:eb:f7:98:94:35:1a:b4:ac:10:52:
c0:79:3f:0f:79:88:e9:d4:e8:bc:77:1b:59:8e:02:44:8e:4b:
12:a2:21:43:48:60:79:8d:b8:09:c8:ff:a7:64:c7:1a:4c:a9:
37:fb:da:ca:6a:91:7b:2a:cc:ce:84:5a:11:63:9d:ab:f2:dc:
78:ce:62:2d:6a:4f:6a:7e:57:92:1e:3f:d7:fe:14:4f:85:9e:
c0:7e:ef:23:c0:01:24:bd:d2:97:ca:fc:25:51:ee:d2:fe:3c:
dd:2c:da:76:61:04:ed:e3:19:20:c7:09:c4:19:ec:dc:e1:32:
db:b7:38:26:f6:29:1d:60:5e:a3:a2:11:0f:ea:13:f3:63:f6:
f2:2d:46:ff:39:f7:4f:ef:a9:63:54:28:27:6f:9e:1a:36:4d:
92:cc:df:cc:69:d1:4d:ee:6b:dd:d1:fc:5e:14:2e:07:e9:99:
38:3e:42:ab
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgIEC1rbcjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
YjlkODYwOTZhNDkxMTBjZjliZjY3MDI0MGI1MTkzMTViNjZhYmNiMB4XDTIyMDIw
MTEyMzU1MFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoODFjNmE5NjhiNzE5
ZWRlZTU1M2MwNTFhODRmMzk1YjdkOGRjMzA4MjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANzimmW81TFVeFLAHuspHRQb1SwxthQGDUP1DL7gyFul/OzK
Tw2L3O5kr7mJDy4/RjZcT67ctArDd5xt9stPP8LlJBjZL7vFBHDpobFS9JaqyIAc
N9QArLzYYSht0Fzyalgz86CjAje5HeI+4u1kSWxTHJJih9Zmo+YTljE1PyPl/bxA
zkO7Bz8X0tmGO8Oo3cb+Hc9BiJeku82Q8zCD4jetOhC2ljAWNJabBjOP/hA2lZAQ
iwqATAam98O1pQRapFdC+8webTvPjFKAKpJYXWrwjp3LaEv2MK9eiw6POaqhSG72
PZMp5GQFSpuiM+texlYGfBGipCZljquFU/YwqtkCAwEAAaOCApwwggKYMB0GA1Ud
DgQWBBSBxqlotxnt7lU8BRqE85W32NwwgjAfBgNVHSMEGDAWgBQLnYYJakkRDPm/
ZwJAtRkxW2aryzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0M1MkdDV3BKRVF6NXYyY0NRTFVaTVZ0bXE4cy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvY2UvMWUxYTk3LWYyNzYtNGE1MS1iMWI1LThjMTA5MDlhNDg1Yy8x
L2djYXBhTGNaN2U1VlBBVWFoUE9WdDlqY01JSS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvY2Uv
MWUxYTk3LWYyNzYtNGE1MS1iMWI1LThjMTA5MDlhNDg1Yy8xL0M1MkdDV3BKRVF6
NXYyY0NRTFVaTVZ0bXE4cy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCB
sQYIKwYBBQUHAQcBAf8EgaEwgZ4weAQCAAEwcgMEAwWsKAMEAx/I0AMEAi0NpAME
Ai2FxAMEAi2SfAMEAy4T2AMEAy7iWAMEAlXRbAMEAljamAMEAlvalAMEAVvg+AME
BF26sAMEArkuQAMEArkzOAMEArlxVAMEArl6dAMEAsElzAMEAsG7vAMEAcLVcDAi
BAIAAjAcAwUAKgANEAMFACoDNAADBQMqBKhAAwUDKgZpQDANBgkqhkiG9w0BAQsF
AAOCAQEAOeuNavxpDzhehS3BkExCgOZs83zc6lIrw6Pu5IqHyNziXpT+Dl2EexIU
3zt4NBM/j49q3khmjVA2o+538Qx/j19s4uODmOeXxhKqPh0apWbr95iUNRq0rBBS
wHk/D3mI6dTovHcbWY4CRI5LEqIhQ0hgeY24Ccj/p2THGkypN/vaymqReyrMzoRa
EWOdq/LceM5iLWpPan5Xkh4/1/4UT4WewH7vI8ABJL3Sl8r8JVHu0v483SzadmEE
7eMZIMcJxBns3OEy27c4JvYpHWBeo6IRD+oT82P28i1G/zn3T++pY1QoJ2+eGjZN
kszfzGnRTe5r3dH8XhQuB+mZOD5Cqw==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:08:00 2023 by rpki-client on console-ams.rpki-client.org