Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f2/648c75-2be8-4bfd-a1b1-cb8b3a094209/1/gx-hTDZatWWdCD34xaJcuF59h4Y.roa
File: gx-hTDZatWWdCD34xaJcuF59h4Y.roa (raw, json)
Hash identifier: linTIqnqEMSZPI8RJoAu/ygb0FGNWQ8KvwoEehB1P78=
Subject key identifier: 83:1F:A1:4C:36:5A:B5:65:9D:08:3D:F8:C5:A2:5C:B8:5E:7D:87:86
Certificate issuer: /CN=4ecf53007c79cc5e2f2d7356ba9121a78c0c7714
Certificate serial: 018413CA4050AC3947C2F25350F2764DD69F
Authority key identifier: 4E:CF:53:00:7C:79:CC:5E:2F:2D:73:56:BA:91:21:A7:8C:0C:77:14
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ts9TAHx5zF4vLXNWupEhp4wMdxQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f2/648c75-2be8-4bfd-a1b1-cb8b3a094209/1/gx-hTDZatWWdCD34xaJcuF59h4Y.roa
Signing time: Wed 26 Oct 2022 10:15:32 +0000
ROA not before: Wed 26 Oct 2022 10:15:32 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 29535
IP address blocks: 83.2.0.0/20 maxlen: 20
83.2.8.0/22 maxlen: 22
79.191.255.0/24 maxlen: 24
195.149.235.0/24 maxlen: 24
195.149.236.0/22 maxlen: 22
80.54.110.0/23 maxlen: 24
83.2.56.0/22 maxlen: 22
193.110.120.0/22 maxlen: 22
2a01:1101:5::/48 maxlen: 48
2001:7f8:27::/48 maxlen: 48
2a01:11f0::/28 maxlen: 28
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:13:ca:40:50:ac:39:47:c2:f2:53:50:f2:76:4d:d6:9f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4ecf53007c79cc5e2f2d7356ba9121a78c0c7714
Validity
Not Before: Oct 26 10:15:32 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=831fa14c365ab5659d083df8c5a25cb85e7d8786
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:a2:42:35:95:44:ee:ce:30:43:c0:f9:81:b3:
5c:93:3a:ba:47:11:fa:2c:b9:dc:55:a2:27:76:67:
b5:82:85:9f:c5:39:eb:b7:fb:12:c3:dc:75:9f:9a:
82:10:f3:97:52:5a:1d:47:85:e0:8b:5e:09:39:8a:
0c:4c:7f:02:05:ba:a9:49:dd:b7:ab:ff:9c:b1:5d:
01:95:13:ae:4b:e5:7a:f7:4e:65:96:9e:98:a0:05:
e9:5d:be:0b:42:78:3e:a5:c0:78:e3:4e:fe:2c:13:
60:c1:40:14:97:d5:d3:62:1a:1d:9c:0c:c5:4a:cb:
bb:8f:e4:9d:d4:20:3f:4b:17:40:37:b4:38:d1:7b:
7e:ae:7a:b2:09:85:99:39:46:7d:83:91:36:89:61:
7a:c3:e8:8e:ca:c8:2a:34:6d:ef:f7:ea:42:1c:df:
32:c1:cd:18:20:42:4c:14:38:d1:90:0b:64:6f:73:
50:2c:68:6b:21:39:0f:9e:f7:65:dd:a2:49:1a:dd:
24:e0:31:b9:df:d3:a8:ec:25:e0:d8:90:1e:d1:1f:
90:95:39:d6:c3:82:bf:2a:c6:ab:bc:3c:80:f4:c7:
e8:bd:25:92:cf:c8:1b:ed:5e:11:e7:fb:aa:3a:b1:
67:73:20:d4:a8:23:fb:f1:c8:9a:83:79:e8:0d:f3:
36:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
83:1F:A1:4C:36:5A:B5:65:9D:08:3D:F8:C5:A2:5C:B8:5E:7D:87:86
X509v3 Authority Key Identifier:
keyid:4E:CF:53:00:7C:79:CC:5E:2F:2D:73:56:BA:91:21:A7:8C:0C:77:14
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ts9TAHx5zF4vLXNWupEhp4wMdxQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/648c75-2be8-4bfd-a1b1-cb8b3a094209/1/gx-hTDZatWWdCD34xaJcuF59h4Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/648c75-2be8-4bfd-a1b1-cb8b3a094209/1/Ts9TAHx5zF4vLXNWupEhp4wMdxQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.191.255.0/24
80.54.110.0/23
83.2.0.0/20
83.2.56.0/22
193.110.120.0/22
195.149.235.0-195.149.239.255
IPv6:
2001:7f8:27::/48
2a01:1101:5::/48
2a01:11f0::/28
Signature Algorithm: sha256WithRSAEncryption
48:81:63:ff:9d:51:47:22:5d:26:97:98:36:ac:ec:52:2d:5b:
72:a2:d8:15:73:9a:97:29:1b:4d:04:c7:e4:48:db:9c:f3:59:
68:5d:69:fe:a1:ee:d8:cb:36:86:f0:b0:81:c7:53:a5:f6:19:
95:61:53:e6:93:dc:3a:6a:e7:de:13:50:62:f1:e2:f0:03:d6:
d8:55:91:13:6b:96:d4:0b:2e:2a:c8:74:ce:29:34:26:af:b2:
6b:e1:34:19:6f:55:81:d7:5a:09:f1:51:ef:ae:b2:f5:be:35:
59:c4:4e:6f:ff:16:aa:72:d0:6e:4c:88:f2:13:3f:a0:96:41:
77:5f:b1:98:2f:5c:51:56:32:fc:26:f0:49:10:1f:c8:83:c0:
ab:08:5a:61:f5:57:b3:74:46:35:d9:b4:76:a8:66:d3:02:d9:
70:71:f5:81:85:28:e2:22:09:74:28:82:fb:35:1f:5f:a3:21:
c4:d0:87:1b:06:d1:c9:56:29:8d:28:46:1f:29:06:77:08:c4:
e7:c8:81:50:b8:c8:1f:16:f4:80:dc:5f:a3:d6:03:07:96:fa:
66:7f:5e:7b:c1:6b:77:f1:83:6d:6c:6f:30:44:e7:89:da:d7:
3f:41:7a:87:4a:3e:36:2a:ea:d4:c6:ee:2c:22:08:39:07:5e:
07:0a:74:0b
-----BEGIN CERTIFICATE-----
MIIFRDCCBCygAwIBAgISAYQTykBQrDlHwvJTUPJ2TdafMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRlY2Y1MzAwN2M3OWNjNWUyZjJkNzM1NmJhOTEyMWE3OGMw
Yzc3MTQwHhcNMjIxMDI2MTAxNTMyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MzFmYTE0YzM2NWFiNTY1OWQwODNkZjhjNWEyNWNiODVlN2Q4Nzg2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnaJCNZVE7s4wQ8D5gbNckzq6RxH6
LLncVaIndme1goWfxTnrt/sSw9x1n5qCEPOXUlodR4Xgi14JOYoMTH8CBbqpSd23
q/+csV0BlROuS+V6905llp6YoAXpXb4LQng+pcB4407+LBNgwUAUl9XTYhodnAzF
Ssu7j+Sd1CA/SxdAN7Q40Xt+rnqyCYWZOUZ9g5E2iWF6w+iOysgqNG3v9+pCHN8y
wc0YIEJMFDjRkAtkb3NQLGhrITkPnvdl3aJJGt0k4DG539Oo7CXg2JAe0R+QlTnW
w4K/KsarvDyA9MfovSWSz8gb7V4R5/uqOrFncyDUqCP78ciag3noDfM2mQIDAQAB
o4ICUDCCAkwwHQYDVR0OBBYEFIMfoUw2WrVlnQg9+MWiXLhefYeGMB8GA1UdIwQY
MBaAFE7PUwB8ecxeLy1zVrqRIaeMDHcUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHM5VEFIeDV6RjR2TFhOV3VwRWhwNHdNZHhRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMi82NDhjNzUtMmJlOC00YmZkLWExYjEt
Y2I4YjNhMDk0MjA5LzEvZ3gtaFREWmF0V1dkQ0QzNHhhSmN1RjU5aDRZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMi82NDhjNzUtMmJlOC00YmZkLWExYjEtY2I4YjNhMDk0MjA5
LzEvVHM5VEFIeDV6RjR2TFhOV3VwRWhwNHdNZHhRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGYGCCsGAQUFBwEHAQH/BFcwVTAyBAIAATAsAwQAT7//AwQB
UDZuAwQEUwIAAwQCUwI4AwQCwW54MAwDBADDlesDBATDleAwHwQCAAIwGQMHACAB
B/gAJwMHACoBEQEABQMFBCoBEfAwDQYJKoZIhvcNAQELBQADggEBAEiBY/+dUUci
XSaXmDas7FItW3Ki2BVzmpcpG00Ex+RI25zzWWhdaf6h7tjLNobwsIHHU6X2GZVh
U+aT3Dpq594TUGLx4vAD1thVkRNrltQLLirIdM4pNCavsmvhNBlvVYHXWgnxUe+u
svW+NVnETm//Fqpy0G5MiPITP6CWQXdfsZgvXFFWMvwm8EkQH8iDwKsIWmH1V7N0
RjXZtHaoZtMC2XBx9YGFKOIiCXQogvs1H1+jIcTQhxsG0clWKY0oRh8pBncIxOfI
gVC4yB8W9IDcX6PWAweW+mZ/XnvBa3fxg21sbzBE54na1z9BeodKPjYq6tTG7iwi
CDkHXgcKdAs=
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:10:14 2023 by rpki-client on console-ams.rpki-client.org