Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cf/b74aa2-25e0-4ad5-8cc3-69061ef2c499/1/GdjyiV34l9u1XPvZym6d662cic8.roa
File: GdjyiV34l9u1XPvZym6d662cic8.roa (raw, json)
Hash identifier: VetpUFGzhnIieIahEoTpYpwuJPwmA4Mbr01k60zQHIE=
Subject key identifier: 19:D8:F2:89:5D:F8:97:DB:B5:5C:FB:D9:CA:6E:9D:EB:AD:9C:89:CF
Certificate issuer: /CN=b8d23b1e6c07e62af2d2e7eb6de0893b09119abb
Certificate serial: 01856E8B5F91BF68C3CC3B9D68C4C701657E
Authority key identifier: B8:D2:3B:1E:6C:07:E6:2A:F2:D2:E7:EB:6D:E0:89:3B:09:11:9A:BB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uNI7HmwH5iry0ufrbeCJOwkRmrs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cf/b74aa2-25e0-4ad5-8cc3-69061ef2c499/1/GdjyiV34l9u1XPvZym6d662cic8.roa
Signing time: Sun 01 Jan 2023 18:15:05 +0000
ROA not before: Sun 01 Jan 2023 18:15:05 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 204141
IP address blocks: 185.140.0.0/22 maxlen: 22
82.211.192.0/19 maxlen: 19
2a03:19c0::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:8b:5f:91:bf:68:c3:cc:3b:9d:68:c4:c7:01:65:7e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b8d23b1e6c07e62af2d2e7eb6de0893b09119abb
Validity
Not Before: Jan 1 18:15:05 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=19d8f2895df897dbb55cfbd9ca6e9debad9c89cf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:64:81:37:38:2c:0f:0b:6b:e7:9b:29:89:4a:
45:0f:e9:2f:aa:93:2c:b0:cb:65:dd:d5:30:64:53:
05:12:5c:ef:f3:22:23:ac:aa:7b:f2:91:1d:12:99:
36:b6:a9:09:27:06:1e:20:3b:b6:91:f6:ff:3a:fe:
6a:a2:76:38:29:d2:2a:6d:08:18:3f:68:cb:9d:63:
d6:0b:b7:b6:7c:f7:1c:f3:37:f5:7c:bf:b9:41:99:
3e:72:78:2a:be:e0:2a:1d:f6:cb:c9:7f:35:0d:5b:
ba:6b:f1:14:ab:f1:85:a0:11:0b:a9:86:5d:25:ab:
0b:97:4a:63:36:48:d4:e0:29:56:9c:9a:1f:b2:11:
48:fc:49:5d:c5:ea:6e:f9:94:ec:ad:3f:e9:95:03:
83:f7:8e:a9:f4:27:f8:78:6d:d3:6c:fc:81:0f:3e:
f0:63:a1:53:f7:42:c6:53:dd:bb:86:3d:f5:26:fd:
ec:51:67:6f:28:07:a8:9f:09:df:79:c2:ee:53:d5:
84:e5:e7:d8:9b:db:aa:29:d4:e8:cc:9b:ad:2f:98:
fe:1c:9f:21:31:2a:1f:b4:cb:89:6a:02:a9:ce:4c:
da:94:c7:e0:3f:0a:1d:bf:0d:6d:14:8c:75:bc:2f:
bb:c9:75:fb:33:88:83:81:ba:ed:66:f1:88:60:f1:
16:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
19:D8:F2:89:5D:F8:97:DB:B5:5C:FB:D9:CA:6E:9D:EB:AD:9C:89:CF
X509v3 Authority Key Identifier:
keyid:B8:D2:3B:1E:6C:07:E6:2A:F2:D2:E7:EB:6D:E0:89:3B:09:11:9A:BB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uNI7HmwH5iry0ufrbeCJOwkRmrs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/b74aa2-25e0-4ad5-8cc3-69061ef2c499/1/GdjyiV34l9u1XPvZym6d662cic8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/b74aa2-25e0-4ad5-8cc3-69061ef2c499/1/uNI7HmwH5iry0ufrbeCJOwkRmrs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.211.192.0/19
185.140.0.0/22
IPv6:
2a03:19c0::/32
Signature Algorithm: sha256WithRSAEncryption
55:f8:5d:8b:fb:00:fa:d0:a1:f1:84:17:aa:61:e8:ec:8b:f3:
47:0e:e8:13:94:79:d3:ad:75:91:52:3b:66:37:92:87:ba:de:
37:5d:a2:54:9d:44:54:42:a1:82:a1:68:e7:62:a4:7b:7b:b4:
6f:fd:ef:af:8c:5d:b1:58:3b:b4:1a:93:6c:a5:cc:5a:71:96:
5e:c0:26:3d:4b:91:c2:21:f7:a7:60:50:3d:fc:2c:74:c5:29:
97:ae:65:74:dd:9c:81:2b:b3:10:39:1e:09:2e:15:38:c0:31:
31:1d:c1:c1:09:66:14:a4:8d:0d:89:17:2f:aa:20:5a:d0:26:
d3:10:4a:0d:a9:9f:6b:c9:8c:d0:47:39:47:92:f3:be:aa:e4:
a8:86:ef:4c:cc:ed:41:81:ca:22:87:4f:d1:4f:eb:4d:e2:9c:
de:fc:65:fe:3c:30:f7:92:1a:e2:85:23:08:a7:bf:d4:2a:e2:
fc:77:d4:01:5e:8b:69:e1:ed:33:62:27:07:1d:10:49:cd:e2:
f8:6d:8b:14:dc:da:96:bd:6d:eb:19:3a:f7:ab:96:b1:78:40:
eb:f7:d7:0b:a3:0d:d7:42:b2:77:12:1a:44:ed:01:95:29:71:
e1:82:2d:23:a3:b4:ec:91:f6:f8:7b:c4:0e:30:94:5c:37:93:
9e:7c:64:6e
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYVui1+Rv2jDzDudaMTHAWV+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI4ZDIzYjFlNmMwN2U2MmFmMmQyZTdlYjZkZTA4OTNiMDkx
MTlhYmIwHhcNMjMwMTAxMTgxNTA1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxOWQ4ZjI4OTVkZjg5N2RiYjU1Y2ZiZDljYTZlOWRlYmFkOWM4OWNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtmSBNzgsDwtr55spiUpFD+kvqpMs
sMtl3dUwZFMFElzv8yIjrKp78pEdEpk2tqkJJwYeIDu2kfb/Ov5qonY4KdIqbQgY
P2jLnWPWC7e2fPcc8zf1fL+5QZk+cngqvuAqHfbLyX81DVu6a/EUq/GFoBELqYZd
JasLl0pjNkjU4ClWnJofshFI/Eldxepu+ZTsrT/plQOD946p9Cf4eG3TbPyBDz7w
Y6FT90LGU927hj31Jv3sUWdvKAeonwnfecLuU9WE5efYm9uqKdTozJutL5j+HJ8h
MSoftMuJagKpzkzalMfgPwodvw1tFIx1vC+7yXX7M4iDgbrtZvGIYPEWTQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFBnY8old+JfbtVz72cpuneutnInPMB8GA1UdIwQY
MBaAFLjSOx5sB+Yq8tLn623giTsJEZq7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdU5JN0htd0g1aXJ5MHVmcmJlQ0pPd2tSbXJzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZi9iNzRhYTItMjVlMC00YWQ1LThjYzMt
NjkwNjFlZjJjNDk5LzEvR2RqeWlWMzRsOXUxWFB2WnltNmQ2NjJjaWM4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZi9iNzRhYTItMjVlMC00YWQ1LThjYzMtNjkwNjFlZjJjNDk5
LzEvdU5JN0htd0g1aXJ5MHVmcmJlQ0pPd2tSbXJzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQFUtPAAwQC
uYwAMA0EAgACMAcDBQAqAxnAMA0GCSqGSIb3DQEBCwUAA4IBAQBV+F2L+wD60KHx
hBeqYejsi/NHDugTlHnTrXWRUjtmN5KHut43XaJUnURUQqGCoWjnYqR7e7Rv/e+v
jF2xWDu0GpNspcxacZZewCY9S5HCIfenYFA9/Cx0xSmXrmV03ZyBK7MQOR4JLhU4
wDExHcHBCWYUpI0NiRcvqiBa0CbTEEoNqZ9ryYzQRzlHkvO+quSohu9MzO1Bgcoi
h0/RT+tN4pze/GX+PDD3khrihSMIp7/UKuL8d9QBXotp4e0zYicHHRBJzeL4bYsU
3NqWvW3rGTr3q5axeEDr99cLow3XQrJ3EhpE7QGVKXHhgi0jo7Tskfb4e8QOMJRc
N5OefGRu
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:11:20 2025 by rpki-client