Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/da/bb6e7e-ab1d-4da5-9c96-ff68e9225f7d/1/G1m1-5UQijRv6SiMRMb9o7D-WvQ.roa
File: G1m1-5UQijRv6SiMRMb9o7D-WvQ.roa (raw, json)
Hash identifier: kun1KXjXtwT7cBrpgGBG1RcbNQ42v8gOg3I/azAAKeo=
Subject key identifier: 1B:59:B5:FB:95:10:8A:34:6F:E9:28:8C:44:C6:FD:A3:B0:FE:5A:F4
Certificate issuer: /CN=9334a82fdc08f0e8de5d848d377e0cc5d97799bf
Certificate serial: 0D835D72
Authority key identifier: 93:34:A8:2F:DC:08:F0:E8:DE:5D:84:8D:37:7E:0C:C5:D9:77:99:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kzSoL9wI8OjeXYSNN34Mxdl3mb8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/da/bb6e7e-ab1d-4da5-9c96-ff68e9225f7d/1/G1m1-5UQijRv6SiMRMb9o7D-WvQ.roa
Signing time: Sat 01 Jan 2022 10:57:51 +0000
ROA not before: Sat 01 Jan 2022 10:57:51 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 57928
IP address blocks: 185.49.120.0/22 maxlen: 22
2a01:4fe0::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 226712946 (0xd835d72)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9334a82fdc08f0e8de5d848d377e0cc5d97799bf
Validity
Not Before: Jan 1 10:57:51 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=1b59b5fb95108a346fe9288c44c6fda3b0fe5af4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:72:48:3b:59:20:5a:5c:d6:68:20:b7:3b:49:
3c:1f:2c:a0:0b:96:9b:cd:79:54:ac:91:08:f3:2e:
ce:7c:a7:10:2f:a6:83:82:f5:2f:e7:69:ad:8e:3f:
cd:8d:fe:8e:7c:3c:1a:fc:18:16:19:f6:52:3c:6f:
90:9b:f6:95:79:a2:6d:39:77:ef:0f:e8:9a:25:4d:
bd:10:ab:8e:60:19:83:cc:a4:88:aa:0b:15:2a:1f:
66:03:0b:ff:c5:e7:2c:13:28:e2:22:69:56:d6:12:
0e:95:bf:cb:cd:b9:a3:82:9f:87:6a:ab:33:50:03:
bb:d3:a2:f5:f9:18:9b:55:6f:33:cc:9b:95:3f:58:
2f:25:43:8e:ee:ec:cf:19:09:8b:61:02:e9:fa:72:
f2:41:ed:ed:8d:f3:7b:e7:64:0b:b1:aa:68:6c:c7:
28:f1:a5:31:d3:22:1e:e2:ec:60:3f:23:3e:96:c6:
56:1e:44:40:69:2d:68:52:cc:21:65:92:d3:16:c8:
1d:cf:7a:b2:2d:99:ac:5d:4f:6c:3b:39:a8:ec:ab:
01:9e:91:9f:f7:e7:2f:68:2f:f5:92:95:36:73:2a:
21:06:fd:8e:1e:78:6a:0e:5e:97:13:a5:4a:5a:69:
d7:8d:d7:d7:19:89:f6:fc:94:87:ce:bf:20:6f:07:
83:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1B:59:B5:FB:95:10:8A:34:6F:E9:28:8C:44:C6:FD:A3:B0:FE:5A:F4
X509v3 Authority Key Identifier:
keyid:93:34:A8:2F:DC:08:F0:E8:DE:5D:84:8D:37:7E:0C:C5:D9:77:99:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kzSoL9wI8OjeXYSNN34Mxdl3mb8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/da/bb6e7e-ab1d-4da5-9c96-ff68e9225f7d/1/G1m1-5UQijRv6SiMRMb9o7D-WvQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/da/bb6e7e-ab1d-4da5-9c96-ff68e9225f7d/1/kzSoL9wI8OjeXYSNN34Mxdl3mb8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.49.120.0/22
IPv6:
2a01:4fe0::/32
Signature Algorithm: sha256WithRSAEncryption
88:59:d6:39:1d:35:20:cd:87:74:29:f9:1e:5d:12:04:8f:bb:
8f:fd:f0:74:20:a9:63:13:83:47:54:bc:80:3c:6d:d2:d6:63:
d8:bc:ef:c7:54:b9:66:09:c0:94:44:2d:54:f1:23:b8:dc:4d:
ae:69:41:2f:c2:34:b6:55:ef:03:f9:4e:48:b2:d7:2a:44:e1:
82:bf:05:94:80:5a:7e:51:4c:87:8e:6a:c8:32:a4:ad:c8:cb:
56:2f:54:19:1f:c6:a3:6a:48:58:44:17:b3:cc:90:75:7a:89:
b6:90:7d:d5:2e:8b:72:37:84:5b:71:5e:a3:56:15:fa:a6:d7:
60:7d:46:22:fa:90:b1:bf:8c:0a:55:b8:db:a5:90:17:86:a4:
ea:0e:37:2b:5c:80:74:bc:bd:a1:5c:ad:f6:9d:00:85:b1:b1:
fe:ff:a0:78:e7:b4:14:fc:9e:f2:ce:63:5e:cc:a9:ff:aa:c3:
bd:dc:cd:1a:9a:2d:0d:51:b9:7e:ba:c5:e9:cf:9a:9d:da:0b:
8a:ac:3c:35:cb:17:4b:85:ae:ab:35:e6:3f:85:97:b7:05:0b:
79:b2:97:6c:49:3c:6d:bc:21:81:21:f9:18:5f:1a:e1:cb:68:
83:81:c4:ce:60:16:4b:96:69:d0:ea:34:bf:08:83:c7:07:a0:
fb:7b:7f:0d
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIEDYNdcjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
MzM0YTgyZmRjMDhmMGU4ZGU1ZDg0OGQzNzdlMGNjNWQ5Nzc5OWJmMB4XDTIyMDEw
MTEwNTc1MVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMWI1OWI1ZmI5NTEw
OGEzNDZmZTkyODhjNDRjNmZkYTNiMGZlNWFmNDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAM5ySDtZIFpc1mggtztJPB8soAuWm815VKyRCPMuznynEC+m
g4L1L+dprY4/zY3+jnw8GvwYFhn2UjxvkJv2lXmibTl37w/omiVNvRCrjmAZg8yk
iKoLFSofZgML/8XnLBMo4iJpVtYSDpW/y825o4Kfh2qrM1ADu9Oi9fkYm1VvM8yb
lT9YLyVDju7szxkJi2EC6fpy8kHt7Y3ze+dkC7GqaGzHKPGlMdMiHuLsYD8jPpbG
Vh5EQGktaFLMIWWS0xbIHc96si2ZrF1PbDs5qOyrAZ6Rn/fnL2gv9ZKVNnMqIQb9
jh54ag5elxOlSlpp143X1xmJ9vyUh86/IG8HgwUCAwEAAaOCAhgwggIUMB0GA1Ud
DgQWBBQbWbX7lRCKNG/pKIxExv2jsP5a9DAfBgNVHSMEGDAWgBSTNKgv3Ajw6N5d
hI03fgzF2XeZvzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2t6U29MOXdJOE9qZVhZU05OMzRNeGRsM21iOC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZGEvYmI2ZTdlLWFiMWQtNGRhNS05Yzk2LWZmNjhlOTIyNWY3ZC8x
L0cxbTEtNVVRaWpSdjZTaU1STWI5bzdELVd2US5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZGEv
YmI2ZTdlLWFiMWQtNGRhNS05Yzk2LWZmNjhlOTIyNWY3ZC8xL2t6U29MOXdJOE9q
ZVhZU05OMzRNeGRsM21iOC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAu
BggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEArkxeDANBAIAAjAHAwUAKgFP4DAN
BgkqhkiG9w0BAQsFAAOCAQEAiFnWOR01IM2HdCn5Hl0SBI+7j/3wdCCpYxODR1S8
gDxt0tZj2Lzvx1S5ZgnAlEQtVPEjuNxNrmlBL8I0tlXvA/lOSLLXKkThgr8FlIBa
flFMh45qyDKkrcjLVi9UGR/Go2pIWEQXs8yQdXqJtpB91S6LcjeEW3Feo1YV+qbX
YH1GIvqQsb+MClW426WQF4ak6g43K1yAdLy9oVyt9p0AhbGx/v+geOe0FPye8s5j
Xsyp/6rDvdzNGpotDVG5frrF6c+andoLiqw8NcsXS4WuqzXmP4WXtwULebKXbEk8
bbwhgSH5GF8a4ctog4HEzmAWS5Zp0Oo0vwiDxweg+3t/DQ==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:04:52 2023 by rpki-client on console-fra.rpki-client.org