Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d8/892a27-fdb6-4285-829a-87f5b6479d1e/1/dk6RYbznb8dE5-1ho8fYRbfYf8Q.roa
File: dk6RYbznb8dE5-1ho8fYRbfYf8Q.roa (raw, json)
Hash identifier: 7JiPTJSEkl9Y2BaCfuayf8H+dXQ6dMWVblgY90ZKdsQ=
Subject key identifier: 76:4E:91:61:BC:E7:6F:C7:44:E7:ED:61:A3:C7:D8:45:B7:D8:7F:C4
Certificate issuer: /CN=18a84a8e475f6606e7a12f92b330d63d8f880be0
Certificate serial: 016038E3
Authority key identifier: 18:A8:4A:8E:47:5F:66:06:E7:A1:2F:92:B3:30:D6:3D:8F:88:0B:E0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GKhKjkdfZgbnoS-SszDWPY-IC-A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d8/892a27-fdb6-4285-829a-87f5b6479d1e/1/dk6RYbznb8dE5-1ho8fYRbfYf8Q.roa
Signing time: Mon 23 May 2022 11:52:15 +0000
ROA not before: Mon 23 May 2022 11:52:15 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 209811
IP address blocks: 2.57.232.0/23 maxlen: 23
95.215.202.0/23 maxlen: 23
95.215.200.0/23 maxlen: 23
2.57.234.0/23 maxlen: 23
185.151.230.0/23 maxlen: 23
185.151.228.0/23 maxlen: 23
194.31.160.0/23 maxlen: 23
194.31.162.0/23 maxlen: 23
2a09:1680::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 23083235 (0x16038e3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=18a84a8e475f6606e7a12f92b330d63d8f880be0
Validity
Not Before: May 23 11:52:15 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=764e9161bce76fc744e7ed61a3c7d845b7d87fc4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:1d:03:2d:da:57:e3:ed:70:b0:9a:50:df:ec:
ca:3e:97:41:a8:e7:99:cb:e6:5c:90:5f:f9:08:e5:
25:06:26:d1:1d:a1:2e:b3:25:e9:11:81:80:40:bd:
10:79:12:c7:1b:7b:88:81:0e:79:cf:3d:3d:ca:aa:
ee:87:61:23:46:53:f5:f0:4c:a6:ba:3e:fc:ba:de:
ff:82:09:b6:42:2b:cd:8c:3b:9d:d4:02:a7:78:52:
7d:7f:b6:a4:19:1b:d6:54:a3:7b:5b:69:26:3d:cc:
4f:e9:4e:7a:82:93:d0:06:fb:03:14:87:5f:87:7e:
c6:70:9c:62:5f:bd:c1:af:76:27:b6:6c:9b:b3:87:
60:e1:91:58:92:67:e4:0b:7a:23:63:74:be:b1:12:
78:3d:b7:f3:c5:db:31:39:38:54:4b:12:58:3e:f7:
08:4e:23:4f:28:52:13:1e:65:71:8c:97:0a:60:fc:
da:bb:a8:51:fb:a5:ec:da:fc:6e:f2:23:66:35:78:
d8:84:a2:f2:28:5f:96:6b:af:c5:89:e7:f6:ee:89:
ff:bd:d2:40:01:ed:6f:3b:77:91:44:3a:00:3d:03:
67:d7:0e:04:a0:b2:ea:5d:f6:51:59:79:e2:ab:6e:
bc:05:51:9a:f5:8b:63:7a:68:98:16:22:41:ce:76:
ec:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:4E:91:61:BC:E7:6F:C7:44:E7:ED:61:A3:C7:D8:45:B7:D8:7F:C4
X509v3 Authority Key Identifier:
keyid:18:A8:4A:8E:47:5F:66:06:E7:A1:2F:92:B3:30:D6:3D:8F:88:0B:E0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GKhKjkdfZgbnoS-SszDWPY-IC-A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/892a27-fdb6-4285-829a-87f5b6479d1e/1/dk6RYbznb8dE5-1ho8fYRbfYf8Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/892a27-fdb6-4285-829a-87f5b6479d1e/1/GKhKjkdfZgbnoS-SszDWPY-IC-A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.57.232.0/22
95.215.200.0/22
185.151.228.0/22
194.31.160.0/22
IPv6:
2a09:1680::/48
Signature Algorithm: sha256WithRSAEncryption
35:ba:4f:d9:37:20:61:37:69:d2:c4:fe:8e:cd:8b:a8:93:77:
42:88:b3:59:3e:f5:95:c9:30:2e:a5:14:3e:da:57:d4:4c:07:
24:d1:bf:fa:b4:4e:96:63:20:7f:3f:d2:fd:e3:cb:45:0e:8a:
b8:6d:c7:95:c0:30:d7:6e:2b:24:fd:70:f6:6e:cf:a7:d8:77:
2b:65:30:4b:61:c5:fc:f4:50:95:d6:cc:33:79:2c:9c:23:8c:
70:19:87:a1:88:b6:1a:af:53:69:38:aa:9d:80:47:eb:16:89:
8f:91:a6:29:97:81:1c:2e:26:db:7e:f9:d3:d1:38:5c:3f:ba:
dc:3a:4b:a3:e9:c3:f2:0e:a7:dd:99:94:c7:0b:7f:7d:2a:6a:
9a:96:7a:54:6f:79:63:ea:66:25:8b:99:2a:42:76:f0:21:ae:
62:d4:de:a8:2b:35:d9:20:1e:87:08:f6:39:9d:0f:fa:2d:ca:
87:b8:d7:f3:5d:e2:a0:9f:16:30:4c:34:75:88:f9:8a:f4:24:
c7:87:24:68:aa:48:f3:f7:bd:b1:66:d6:33:ab:b5:cd:0f:ac:
0c:5d:ad:df:bf:d8:f7:56:e1:e3:0c:ea:a9:21:ac:3e:5a:b4:
f3:a4:a3:9b:d0:21:34:52:c2:e8:b1:8d:82:17:51:de:0e:aa:
0e:3b:70:21
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgIEAWA44zANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
OGE4NGE4ZTQ3NWY2NjA2ZTdhMTJmOTJiMzMwZDYzZDhmODgwYmUwMB4XDTIyMDUy
MzExNTIxNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNzY0ZTkxNjFiY2U3
NmZjNzQ0ZTdlZDYxYTNjN2Q4NDViN2Q4N2ZjNDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANgdAy3aV+PtcLCaUN/syj6XQajnmcvmXJBf+QjlJQYm0R2h
LrMl6RGBgEC9EHkSxxt7iIEOec89Pcqq7odhI0ZT9fBMpro+/Lre/4IJtkIrzYw7
ndQCp3hSfX+2pBkb1lSje1tpJj3MT+lOeoKT0Ab7AxSHX4d+xnCcYl+9wa92J7Zs
m7OHYOGRWJJn5At6I2N0vrESeD2388XbMTk4VEsSWD73CE4jTyhSEx5lcYyXCmD8
2ruoUful7Nr8bvIjZjV42ISi8ihflmuvxYnn9u6J/73SQAHtbzt3kUQ6AD0DZ9cO
BKCy6l32UVl54qtuvAVRmvWLY3pomBYiQc527H8CAwEAAaOCAiwwggIoMB0GA1Ud
DgQWBBR2TpFhvOdvx0Tn7WGjx9hFt9h/xDAfBgNVHSMEGDAWgBQYqEqOR19mBueh
L5KzMNY9j4gL4DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0dLaEtqa2RmWmdibm9TLVNzekRXUFktSUMtQS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZDgvODkyYTI3LWZkYjYtNDI4NS04MjlhLTg3ZjViNjQ3OWQxZS8x
L2RrNlJZYnpuYjhkRTUtMWhvOGZZUmJmWWY4US5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDgv
ODkyYTI3LWZkYjYtNDI4NS04MjlhLTg3ZjViNjQ3OWQxZS8xL0dLaEtqa2RmWmdi
bm9TLVNzekRXUFktSUMtQS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBC
BggrBgEFBQcBBwEB/wQzMDEwHgQCAAEwGAMEAgI56AMEAl/XyAMEArmX5AMEAsIf
oDAPBAIAAjAJAwcAKgkWgAAAMA0GCSqGSIb3DQEBCwUAA4IBAQA1uk/ZNyBhN2nS
xP6OzYuok3dCiLNZPvWVyTAupRQ+2lfUTAck0b/6tE6WYyB/P9L948tFDoq4bceV
wDDXbisk/XD2bs+n2HcrZTBLYcX89FCV1swzeSycI4xwGYehiLYar1NpOKqdgEfr
FomPkaYpl4EcLibbfvnT0ThcP7rcOkuj6cPyDqfdmZTHC399KmqalnpUb3lj6mYl
i5kqQnbwIa5i1N6oKzXZIB6HCPY5nQ/6LcqHuNfzXeKgnxYwTDR1iPmK9CTHhyRo
qkjz972xZtYzq7XND6wMXa3fv9j3VuHjDOqpIaw+WrTzpKOb0CE0UsLosY2CF1He
DqoOO3Ah
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:08:36 2023 by rpki-client on console-ams.rpki-client.org