Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/ccdd8b-7720-4de0-8c43-dacb5f356ea3/1/AXD_GCkzPXRnmECTIIIB85Y1wts.roa
File: AXD_GCkzPXRnmECTIIIB85Y1wts.roa (raw, json)
Hash identifier: 7IOXruPRFD6ZLRPjHU/VNk1llUwJLLsnzWSG4Wxh74g=
Subject key identifier: 01:70:FF:18:29:33:3D:74:67:98:40:93:20:82:01:F3:96:35:C2:DB
Certificate issuer: /CN=c35eac64ea4802e6824686f7c0d201f2c85cb2aa
Certificate serial: 018263A65CC4E891302706789F1A35157AE1
Authority key identifier: C3:5E:AC:64:EA:48:02:E6:82:46:86:F7:C0:D2:01:F2:C8:5C:B2:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/w16sZOpIAuaCRob3wNIB8shcsqo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/ccdd8b-7720-4de0-8c43-dacb5f356ea3/1/AXD_GCkzPXRnmECTIIIB85Y1wts.roa
Signing time: Wed 03 Aug 2022 12:20:23 +0000
ROA not before: Wed 03 Aug 2022 12:20:23 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 25374
IP address blocks: 79.124.11.0/24 maxlen: 24
79.124.10.0/24 maxlen: 24
79.124.10.0/23 maxlen: 23
79.124.12.0/24 maxlen: 24
79.124.19.0/24 maxlen: 24
79.124.18.0/23 maxlen: 23
79.124.18.0/24 maxlen: 24
79.124.46.0/24 maxlen: 24
130.185.230.0/23 maxlen: 23
130.185.230.0/24 maxlen: 24
130.185.233.0/24 maxlen: 24
130.185.231.0/24 maxlen: 24
80.72.84.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:63:a6:5c:c4:e8:91:30:27:06:78:9f:1a:35:15:7a:e1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c35eac64ea4802e6824686f7c0d201f2c85cb2aa
Validity
Not Before: Aug 3 12:20:23 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=0170ff1829333d7467984093208201f39635c2db
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:65:c3:95:db:21:d1:9a:b7:69:bb:f1:8a:c8:
69:7b:37:18:1a:7a:de:f1:20:59:7f:fd:58:35:6f:
4c:d1:6a:41:22:d0:a5:98:26:45:e2:e2:d4:85:37:
b5:66:c0:57:b3:37:8a:08:d5:d9:90:a3:01:27:33:
a0:2f:18:39:3c:63:ff:68:09:be:99:e9:01:93:3d:
64:d0:38:e5:a5:b6:30:f6:5e:23:0b:db:e0:63:02:
3b:20:0c:9b:95:b3:ea:00:0c:fd:a3:2f:1f:d2:74:
c4:53:8e:6a:c9:f1:42:ae:7c:b3:2b:ae:8c:ed:1e:
c0:d5:5d:96:00:ff:95:95:1c:b2:d7:8f:12:bb:b7:
6f:38:56:f4:ac:e0:e6:06:cb:eb:85:b8:3f:f8:a1:
0b:3a:ac:6e:fa:32:8d:c7:cb:03:d3:1f:39:bd:d5:
03:6c:2d:4c:2e:95:58:e4:56:6d:57:c6:75:ad:79:
2c:75:15:fe:56:e8:a5:7a:44:06:0f:69:53:b2:e2:
3c:90:f0:6b:5d:b7:27:1e:70:19:fb:30:09:ff:72:
c5:25:a3:fc:0f:4b:95:62:e6:e8:ba:74:84:06:48:
8a:a3:be:fb:95:dd:ba:e5:89:6c:1d:bd:40:95:5c:
dc:8a:c3:42:2e:13:ce:a3:27:9d:dc:ca:07:cb:0f:
38:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
01:70:FF:18:29:33:3D:74:67:98:40:93:20:82:01:F3:96:35:C2:DB
X509v3 Authority Key Identifier:
keyid:C3:5E:AC:64:EA:48:02:E6:82:46:86:F7:C0:D2:01:F2:C8:5C:B2:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/w16sZOpIAuaCRob3wNIB8shcsqo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/ccdd8b-7720-4de0-8c43-dacb5f356ea3/1/AXD_GCkzPXRnmECTIIIB85Y1wts.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/ccdd8b-7720-4de0-8c43-dacb5f356ea3/1/w16sZOpIAuaCRob3wNIB8shcsqo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.124.10.0-79.124.12.255
79.124.18.0/23
79.124.46.0/24
80.72.84.0/22
130.185.230.0/23
130.185.233.0/24
Signature Algorithm: sha256WithRSAEncryption
b5:f4:c9:d9:af:53:0b:ef:1c:fd:d9:7c:4b:aa:6d:49:c6:d4:
76:6a:72:dc:30:11:42:bc:eb:de:1e:f0:8a:a0:ac:fc:c6:45:
cd:16:65:3d:83:95:f4:56:ca:3b:98:b4:91:c0:7d:07:9a:f8:
bd:eb:8d:56:9f:7a:03:46:2e:b8:8a:a9:cf:b7:81:45:57:14:
9c:e8:ae:18:04:ee:bf:b8:5b:ed:1d:7d:90:34:11:69:43:1e:
9c:df:57:ad:f4:9e:4f:11:e9:48:a4:38:a4:98:c4:17:c5:cd:
88:10:0a:d0:81:6c:87:7f:69:8e:ea:ce:88:e1:55:ca:35:af:
54:fd:f3:b7:79:7e:71:f6:d7:e9:5f:27:70:38:9a:5b:29:53:
5d:12:11:68:44:30:f7:7b:1e:43:22:ae:f9:5c:9d:48:2d:8c:
a1:3d:63:e1:74:dc:a6:7b:08:b1:e2:65:0f:12:81:f0:12:35:
01:6a:bd:73:db:2f:9a:d2:ac:ef:33:43:9d:36:2b:cb:8c:c8:
d0:89:0b:9a:88:aa:5e:eb:52:fd:e4:0d:4f:85:b8:50:30:be:
a4:56:f9:55:9c:55:e6:bb:9b:d4:16:7d:e3:8b:92:06:7a:b5:
f1:d8:e2:da:ad:ad:8f:36:96:14:70:e8:8b:5f:61:e6:4d:f8:
1a:f3:b7:c6
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgISAYJjplzE6JEwJwZ4nxo1FXrhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMzNWVhYzY0ZWE0ODAyZTY4MjQ2ODZmN2MwZDIwMWYyYzg1
Y2IyYWEwHhcNMjIwODAzMTIyMDIzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMTcwZmYxODI5MzMzZDc0Njc5ODQwOTMyMDgyMDFmMzk2MzVjMmRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiGXDldsh0Zq3abvxishpezcYGnre
8SBZf/1YNW9M0WpBItClmCZF4uLUhTe1ZsBXszeKCNXZkKMBJzOgLxg5PGP/aAm+
mekBkz1k0DjlpbYw9l4jC9vgYwI7IAyblbPqAAz9oy8f0nTEU45qyfFCrnyzK66M
7R7A1V2WAP+VlRyy148Su7dvOFb0rODmBsvrhbg/+KELOqxu+jKNx8sD0x85vdUD
bC1MLpVY5FZtV8Z1rXksdRX+VuilekQGD2lTsuI8kPBrXbcnHnAZ+zAJ/3LFJaP8
D0uVYubounSEBkiKo777ld265YlsHb1AlVzcisNCLhPOoyed3MoHyw845wIDAQAB
o4ICLzCCAiswHQYDVR0OBBYEFAFw/xgpMz10Z5hAkyCCAfOWNcLbMB8GA1UdIwQY
MBaAFMNerGTqSALmgkaG98DSAfLIXLKqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdzE2c1pPcElBdWFDUm9iM3dOSUI4c2hjc3FvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9jY2RkOGItNzcyMC00ZGUwLThjNDMt
ZGFjYjVmMzU2ZWEzLzEvQVhEX0dDa3pQWFJubUVDVElJSUI4NVkxd3RzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy9jY2RkOGItNzcyMC00ZGUwLThjNDMtZGFjYjVmMzU2ZWEz
LzEvdzE2c1pPcElBdWFDUm9iM3dOSUI4c2hjc3FvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEUGCCsGAQUFBwEHAQH/BDYwNDAyBAIAATAsMAwDBAFPfAoD
BABPfAwDBAFPfBIDBABPfC4DBAJQSFQDBAGCueYDBACCuekwDQYJKoZIhvcNAQEL
BQADggEBALX0ydmvUwvvHP3ZfEuqbUnG1HZqctwwEUK8694e8IqgrPzGRc0WZT2D
lfRWyjuYtJHAfQea+L3rjVafegNGLriKqc+3gUVXFJzorhgE7r+4W+0dfZA0EWlD
HpzfV630nk8R6UikOKSYxBfFzYgQCtCBbId/aY7qzojhVco1r1T987d5fnH21+lf
J3A4mlspU10SEWhEMPd7HkMirvlcnUgtjKE9Y+F03KZ7CLHiZQ8SgfASNQFqvXPb
L5rSrO8zQ502K8uMyNCJC5qIql7rUv3kDU+FuFAwvqRW+VWcVea7m9QWfeOLkgZ6
tfHY4tqtrY82lhRw6ItfYeZN+Brzt8Y=
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:04:28 2023 by rpki-client on console-fra.rpki-client.org