Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ce/3eaa70-0520-4559-841a-4ca956b08a41/1/GAbHqeHztMMlvtYRNLfSWVlv0pI.roa
File: GAbHqeHztMMlvtYRNLfSWVlv0pI.roa (raw, json)
Hash identifier: YGa5Aity1AavkcHmBd/UGW8ojpldk4AvaJH7I0QK8Ng=
Subject key identifier: 18:06:C7:A9:E1:F3:B4:C3:25:BE:D6:11:34:B7:D2:59:59:6F:D2:92
Certificate issuer: /CN=b49eb50cb8bac92dc176e8a87cf25552822194fa
Certificate serial: 14178558
Authority key identifier: B4:9E:B5:0C:B8:BA:C9:2D:C1:76:E8:A8:7C:F2:55:52:82:21:94:FA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tJ61DLi6yS3BduiofPJVUoIhlPo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ce/3eaa70-0520-4559-841a-4ca956b08a41/1/GAbHqeHztMMlvtYRNLfSWVlv0pI.roa
Signing time: Sat 01 Jan 2022 04:03:33 +0000
ROA not before: Sat 01 Jan 2022 04:03:33 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 55081
IP address blocks: 185.117.196.0/22 maxlen: 22
2a06:8641::/32 maxlen: 32
2a06:8646::/32 maxlen: 32
2a06:8644::/32 maxlen: 32
2a06:8643::/32 maxlen: 32
2a06:8647::/32 maxlen: 32
2a06:8640::/32 maxlen: 32
2a06:8642::/32 maxlen: 32
2a06:8645::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 337085784 (0x14178558)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b49eb50cb8bac92dc176e8a87cf25552822194fa
Validity
Not Before: Jan 1 04:03:33 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=1806c7a9e1f3b4c325bed61134b7d259596fd292
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:ee:ee:29:a0:d1:03:29:a6:65:97:cb:32:b3:
1d:4e:19:1c:bd:e6:35:2c:4d:f3:ce:fa:0d:27:a9:
7b:e5:9f:ef:06:4b:3d:13:6f:ad:c3:f7:76:0e:93:
b0:e3:92:9f:27:e8:41:db:38:67:2a:f6:55:f4:a5:
af:9a:78:d0:ec:d2:d6:b6:73:5c:c6:e8:2d:10:22:
36:20:2d:65:61:9c:5c:7b:91:e7:fd:1a:c0:9c:fe:
d3:1d:a9:1f:fa:33:e7:06:4c:64:c2:b2:b2:af:03:
9a:13:ab:1c:64:c7:f4:6e:a0:06:5f:ac:0b:34:96:
ea:04:35:c4:e5:f4:95:29:5a:ab:f9:01:49:b3:11:
d9:a3:9d:97:13:8b:62:8a:97:ab:5f:52:68:db:b7:
7d:5b:d6:af:f1:cd:4b:5d:49:a7:e0:ce:20:41:05:
4a:57:f9:6f:23:61:3c:c2:75:27:43:7f:cb:2c:0c:
dd:cf:c1:0c:c3:4b:af:c3:ef:2c:1e:76:42:28:9f:
b9:a2:64:e6:cd:e0:c6:cd:13:61:6b:24:3f:a7:f1:
6f:c9:5f:c9:eb:9d:01:20:90:51:95:30:64:53:04:
cf:88:9c:6f:7f:1d:e8:53:60:f7:38:07:1e:bd:e9:
d3:66:88:97:2a:18:73:40:c8:df:9e:8b:09:61:89:
af:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
18:06:C7:A9:E1:F3:B4:C3:25:BE:D6:11:34:B7:D2:59:59:6F:D2:92
X509v3 Authority Key Identifier:
keyid:B4:9E:B5:0C:B8:BA:C9:2D:C1:76:E8:A8:7C:F2:55:52:82:21:94:FA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tJ61DLi6yS3BduiofPJVUoIhlPo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ce/3eaa70-0520-4559-841a-4ca956b08a41/1/GAbHqeHztMMlvtYRNLfSWVlv0pI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ce/3eaa70-0520-4559-841a-4ca956b08a41/1/tJ61DLi6yS3BduiofPJVUoIhlPo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.117.196.0/22
IPv6:
2a06:8640::/29
Signature Algorithm: sha256WithRSAEncryption
4a:7d:27:46:17:f4:f1:f6:06:08:9f:a5:85:a2:1d:e5:a7:ff:
0a:fd:d9:4e:19:eb:5c:65:68:04:83:74:32:ab:63:e3:f2:75:
f0:00:f1:6a:8d:c1:bf:de:b7:c4:0e:a3:72:a3:d7:db:00:66:
bc:fb:fb:8e:64:e0:7b:44:ac:56:1d:d6:66:60:d4:72:3a:27:
dc:34:b7:f7:4a:1f:f6:94:8b:06:85:58:33:ad:28:fc:84:86:
cb:fd:41:e0:ea:e0:a0:85:ba:60:a0:fa:5e:82:67:9e:2e:9b:
52:ad:01:02:27:25:27:9f:d3:b2:81:c7:55:c3:8b:d0:c4:de:
0b:72:29:a6:fd:84:89:e0:52:57:d4:8b:24:1c:ba:fc:d8:28:
d2:50:a8:d7:fe:38:7b:77:49:c1:1d:70:be:c7:63:f6:74:6b:
6e:2b:cf:68:89:91:0e:fc:64:91:92:d9:42:bd:62:d4:77:66:
84:75:2a:ac:63:dc:17:9c:9d:5f:6f:71:68:16:b1:d4:a5:01:
35:3d:7b:b4:1f:76:5f:c6:03:1b:ee:15:f9:37:47:f1:5b:3b:
bf:4c:21:68:9c:ad:00:16:72:be:e6:51:e3:97:2a:f7:c4:e4:
1d:24:7e:5d:b9:ff:a4:67:bc:ad:53:bd:08:d1:ef:7b:08:81:
1a:98:d1:3c
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIEFBeFWDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
NDllYjUwY2I4YmFjOTJkYzE3NmU4YTg3Y2YyNTU1MjgyMjE5NGZhMB4XDTIyMDEw
MTA0MDMzM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMTgwNmM3YTllMWYz
YjRjMzI1YmVkNjExMzRiN2QyNTk1OTZmZDI5MjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOLu7img0QMppmWXyzKzHU4ZHL3mNSxN8876DSepe+Wf7wZL
PRNvrcP3dg6TsOOSnyfoQds4Zyr2VfSlr5p40OzS1rZzXMboLRAiNiAtZWGcXHuR
5/0awJz+0x2pH/oz5wZMZMKysq8DmhOrHGTH9G6gBl+sCzSW6gQ1xOX0lSlaq/kB
SbMR2aOdlxOLYoqXq19SaNu3fVvWr/HNS11Jp+DOIEEFSlf5byNhPMJ1J0N/yywM
3c/BDMNLr8PvLB52QiifuaJk5s3gxs0TYWskP6fxb8lfyeudASCQUZUwZFMEz4ic
b38d6FNg9zgHHr3p02aIlyoYc0DI356LCWGJr6MCAwEAAaOCAhgwggIUMB0GA1Ud
DgQWBBQYBsep4fO0wyW+1hE0t9JZWW/SkjAfBgNVHSMEGDAWgBS0nrUMuLrJLcF2
6Kh88lVSgiGU+jAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3RKNjFETGk2eVMzQmR1aW9mUEpWVW9JaGxQby5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvY2UvM2VhYTcwLTA1MjAtNDU1OS04NDFhLTRjYTk1NmIwOGE0MS8x
L0dBYkhxZUh6dE1NbHZ0WVJOTGZTV1ZsdjBwSS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvY2Uv
M2VhYTcwLTA1MjAtNDU1OS04NDFhLTRjYTk1NmIwOGE0MS8xL3RKNjFETGk2eVMz
QmR1aW9mUEpWVW9JaGxQby5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAu
BggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEArl1xDANBAIAAjAHAwUDKgaGQDAN
BgkqhkiG9w0BAQsFAAOCAQEASn0nRhf08fYGCJ+lhaId5af/Cv3ZThnrXGVoBIN0
Mqtj4/J18ADxao3Bv963xA6jcqPX2wBmvPv7jmTge0SsVh3WZmDUcjon3DS390of
9pSLBoVYM60o/ISGy/1B4OrgoIW6YKD6XoJnni6bUq0BAiclJ5/TsoHHVcOL0MTe
C3Ippv2EieBSV9SLJBy6/Ngo0lCo1/44e3dJwR1wvsdj9nRrbivPaImRDvxkkZLZ
Qr1i1HdmhHUqrGPcF5ydX29xaBax1KUBNT17tB92X8YDG+4V+TdH8Vs7v0whaJyt
ABZyvuZR45cq98TkHSR+Xbn/pGe8rVO9CNHvewiBGpjRPA==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:08:01 2023 by rpki-client on console-ams.rpki-client.org