Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ce/910f67-1ffc-41c4-a2ea-f1e65f97c89a/1/G0k-7bUo3sLn7lFs-0mU_AHZBf0.roa
File: G0k-7bUo3sLn7lFs-0mU_AHZBf0.roa (raw, json)
Hash identifier: EoZb5U07MgacBOgZrY0TzN9JDoO1oREXwXoGBxcjdA4=
Subject key identifier: 1B:49:3E:ED:B5:28:DE:C2:E7:EE:51:6C:FB:49:94:FC:01:D9:05:FD
Certificate issuer: /CN=fa307821230e7ba81a4d471a591e78ea759c6934
Certificate serial: 025750BE
Authority key identifier: FA:30:78:21:23:0E:7B:A8:1A:4D:47:1A:59:1E:78:EA:75:9C:69:34
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-jB4ISMOe6gaTUcaWR546nWcaTQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ce/910f67-1ffc-41c4-a2ea-f1e65f97c89a/1/G0k-7bUo3sLn7lFs-0mU_AHZBf0.roa
Signing time: Sat 01 Jan 2022 06:03:45 +0000
ROA not before: Sat 01 Jan 2022 06:03:45 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 203034
IP address blocks: 185.147.20.0/22 maxlen: 22
2a07:5480::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 39276734 (0x25750be)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fa307821230e7ba81a4d471a591e78ea759c6934
Validity
Not Before: Jan 1 06:03:45 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=1b493eedb528dec2e7ee516cfb4994fc01d905fd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:22:ac:d3:0f:49:f8:0f:6d:81:0e:78:dc:ca:
eb:de:57:9f:02:a3:86:fd:27:c2:d4:a4:10:ae:f9:
86:68:1c:ae:a5:a4:e0:f5:2a:d4:2a:c9:b1:30:bc:
a0:f7:51:5e:40:54:f7:8a:14:bd:f3:c5:99:ab:3b:
6f:1e:df:2e:2b:5a:1e:56:6f:ee:98:45:ce:74:e5:
4b:99:2a:10:31:e8:30:0e:1e:2f:6a:be:65:36:bb:
98:f7:5d:d2:99:b8:96:f6:9b:3d:86:55:98:6e:2b:
8f:bc:96:82:65:91:f2:68:d9:9a:59:88:da:d9:48:
07:67:69:b1:95:94:99:d5:82:48:54:f0:37:04:bb:
fe:5c:9f:95:39:66:12:e6:d0:14:e5:24:78:54:2c:
04:e4:97:ab:dd:f4:86:36:75:75:1c:94:d9:eb:48:
42:64:2b:b2:03:37:22:6a:e7:61:69:ea:65:3d:43:
ae:c5:bd:7b:ad:76:6b:6b:c6:7f:85:f3:ab:10:53:
cf:3d:6f:4c:02:00:02:df:9a:97:6f:f8:8b:90:d5:
73:f3:85:86:e2:36:50:8f:d0:7c:60:fe:17:d1:b7:
4c:2c:79:bc:df:02:fd:48:10:9e:03:57:b1:2e:ce:
0f:eb:69:1a:35:b9:01:46:e1:eb:e4:ff:f9:e7:c5:
61:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1B:49:3E:ED:B5:28:DE:C2:E7:EE:51:6C:FB:49:94:FC:01:D9:05:FD
X509v3 Authority Key Identifier:
keyid:FA:30:78:21:23:0E:7B:A8:1A:4D:47:1A:59:1E:78:EA:75:9C:69:34
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-jB4ISMOe6gaTUcaWR546nWcaTQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ce/910f67-1ffc-41c4-a2ea-f1e65f97c89a/1/G0k-7bUo3sLn7lFs-0mU_AHZBf0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ce/910f67-1ffc-41c4-a2ea-f1e65f97c89a/1/1-jB4ISMOe6gaTUcaWR546nWcaTQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.147.20.0/22
IPv6:
2a07:5480::/29
Signature Algorithm: sha256WithRSAEncryption
ae:83:e0:5a:8a:df:61:75:6e:f2:f3:17:2d:80:d2:2d:07:9c:
f8:bd:a0:32:8f:c3:3f:79:4b:e6:b4:bc:a2:f5:3c:88:87:b4:
c2:9e:48:52:d9:48:58:86:fb:5e:89:3d:e4:a9:b5:77:93:e5:
8f:ab:4e:39:b8:13:16:49:8e:3e:f8:ed:19:20:ff:f4:e9:45:
d4:4f:de:7d:61:02:d3:f3:31:02:28:b6:1d:bb:d9:f2:96:eb:
89:73:1e:8e:6e:42:af:8c:3b:39:bb:de:66:86:1b:ac:b6:06:
d7:84:19:7b:6a:ba:dc:d7:89:ed:a9:04:84:6c:d9:f9:da:e1:
39:ea:57:f5:ef:26:7f:76:a4:e1:89:91:36:02:83:c2:04:14:
f1:2c:20:6f:9b:4e:6e:7c:5f:25:61:71:5e:fc:90:a1:26:52:
60:a0:14:35:31:7e:9c:1c:9e:46:62:27:3b:08:7e:7e:21:26:
59:0b:09:ce:d9:98:57:ca:ac:0d:cb:12:8c:63:30:4d:58:26:
7c:dd:de:a5:8d:9b:bc:75:02:98:f1:ac:d0:a4:aa:87:48:72:
7d:bc:8c:83:11:4e:0b:7f:af:38:ef:3e:6b:3c:1c:bb:2a:9a:
17:7a:ff:3f:df:9a:66:e0:60:d7:46:e8:a1:7e:6b:8d:3a:2f:
88:86:61:61
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIEAldQvjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
YTMwNzgyMTIzMGU3YmE4MWE0ZDQ3MWE1OTFlNzhlYTc1OWM2OTM0MB4XDTIyMDEw
MTA2MDM0NVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMWI0OTNlZWRiNTI4
ZGVjMmU3ZWU1MTZjZmI0OTk0ZmMwMWQ5MDVmZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAL4irNMPSfgPbYEOeNzK695XnwKjhv0nwtSkEK75hmgcrqWk
4PUq1CrJsTC8oPdRXkBU94oUvfPFmas7bx7fLitaHlZv7phFznTlS5kqEDHoMA4e
L2q+ZTa7mPdd0pm4lvabPYZVmG4rj7yWgmWR8mjZmlmI2tlIB2dpsZWUmdWCSFTw
NwS7/lyflTlmEubQFOUkeFQsBOSXq930hjZ1dRyU2etIQmQrsgM3ImrnYWnqZT1D
rsW9e612a2vGf4XzqxBTzz1vTAIAAt+al2/4i5DVc/OFhuI2UI/QfGD+F9G3TCx5
vN8C/UgQngNXsS7OD+tpGjW5AUbh6+T/+efFYT0CAwEAAaOCAhowggIWMB0GA1Ud
DgQWBBQbST7ttSjewufuUWz7SZT8AdkF/TAfBgNVHSMEGDAWgBT6MHghIw57qBpN
RxpZHnjqdZxpNDAOBgNVHQ8BAf8EBAMCB4AwZQYIKwYBBQUHAQEEWTBXMFUGCCsG
AQUFBzAChklyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzEtakI0SVNNT2U2Z2FUVWNhV1I1NDZuV2NhVFEuY2VyMIGNBggrBgEFBQcBCwSB
gDB+MHwGCCsGAQUFBzALhnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS9ERUZBVUxUL2NlLzkxMGY2Ny0xZmZjLTQxYzQtYTJlYS1mMWU2NWY5N2M4OWEv
MS9HMGstN2JVbzNzTG43bEZzLTBtVV9BSFpCZjAucm9hMIGCBgNVHR8EezB5MHeg
daBzhnFyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2Nl
LzkxMGY2Ny0xZmZjLTQxYzQtYTJlYS1mMWU2NWY5N2M4OWEvMS8xLWpCNElTTU9l
NmdhVFVjYVdSNTQ2bldjYVRRLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4C
MC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuZMUMA0EAgACMAcDBQMqB1SA
MA0GCSqGSIb3DQEBCwUAA4IBAQCug+Bait9hdW7y8xctgNItB5z4vaAyj8M/eUvm
tLyi9TyIh7TCnkhS2UhYhvteiT3kqbV3k+WPq045uBMWSY4++O0ZIP/06UXUT959
YQLT8zECKLYdu9nyluuJcx6ObkKvjDs5u95mhhustgbXhBl7arrc14ntqQSEbNn5
2uE56lf17yZ/dqThiZE2AoPCBBTxLCBvm05ufF8lYXFe/JChJlJgoBQ1MX6cHJ5G
Yic7CH5+ISZZCwnO2ZhXyqwNyxKMYzBNWCZ83d6ljZu8dQKY8azQpKqHSHJ9vIyD
EU4Lf6847z5rPBy7KpoXev8/35pm4GDXRuihfmuNOi+IhmFh
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:04:10 2023 by rpki-client on console-fra.rpki-client.org