Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fa/57e08c-ca3a-4099-ae74-e7daec194a69/1/gsa3e9T7Z4bEdcwTQKQBOiOafHE.roa
File: gsa3e9T7Z4bEdcwTQKQBOiOafHE.roa (raw, json)
Hash identifier: k2n1NB6K3gVnjcugKpL0gyRT8fkPeqbjNh2PF5oNwus=
Subject key identifier: 82:C6:B7:7B:D4:FB:67:86:C4:75:CC:13:40:A4:01:3A:23:9A:7C:71
Certificate issuer: /CN=25776c77f8ebe7094ca007ace1a9c0bfdc2b3aec
Certificate serial: 0559608A
Authority key identifier: 25:77:6C:77:F8:EB:E7:09:4C:A0:07:AC:E1:A9:C0:BF:DC:2B:3A:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JXdsd_jr5wlMoAes4anAv9wrOuw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fa/57e08c-ca3a-4099-ae74-e7daec194a69/1/gsa3e9T7Z4bEdcwTQKQBOiOafHE.roa
Signing time: Tue 31 May 2022 03:46:13 +0000
ROA not before: Tue 31 May 2022 03:46:13 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 21859
IP address blocks: 193.118.32.0/19 maxlen: 24
185.207.112.0/22 maxlen: 24
23.90.128.0/18 maxlen: 24
193.118.96.0/19 maxlen: 19
192.169.96.0/19 maxlen: 24
192.169.104.0/22 maxlen: 24
199.182.232.0/21 maxlen: 24
104.166.128.0/18 maxlen: 24
2a0b:21c0::/29 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 89743498 (0x559608a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=25776c77f8ebe7094ca007ace1a9c0bfdc2b3aec
Validity
Not Before: May 31 03:46:13 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=82c6b77bd4fb6786c475cc1340a4013a239a7c71
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:87:2d:d8:11:da:64:6e:93:e6:2f:30:62:60:
c5:5f:74:04:31:be:30:5c:0b:b8:9e:76:42:91:a8:
89:a4:ee:c1:b8:d7:2c:e4:c2:88:35:c8:aa:d7:f8:
42:e7:d6:f4:79:b2:69:b4:4c:94:cd:af:7c:af:3d:
5f:fb:29:e9:03:83:9f:dd:0c:7c:91:79:57:b3:96:
88:e2:70:0c:b9:7c:e4:2d:6d:53:f0:60:88:4a:e9:
52:03:60:e1:36:23:97:f8:83:8b:f5:27:6b:16:be:
23:f0:ec:ca:53:a0:3a:d0:01:8b:8d:6e:57:3b:66:
75:2d:50:3c:26:6f:19:1d:71:4c:00:f6:86:ac:8b:
9d:e1:e0:a3:9b:88:fe:5f:8e:23:0a:e5:2b:fd:50:
47:5a:6d:73:65:ae:43:54:a2:29:5b:12:d5:3a:44:
8c:8b:f6:b2:00:a4:b2:86:75:e8:71:5b:ee:cc:9e:
5b:28:d5:58:9f:ce:97:51:5d:3e:49:fe:a9:c9:db:
37:7e:81:8c:a6:a3:05:68:c8:9a:89:c2:ff:e2:3e:
70:98:51:04:bd:82:d8:21:13:ac:26:ff:da:b1:9d:
ef:dd:fb:2b:dd:73:b0:ad:49:4d:93:e3:3a:3f:c9:
2a:e9:6c:da:10:2c:8b:8d:26:24:24:3b:88:c9:b6:
57:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
82:C6:B7:7B:D4:FB:67:86:C4:75:CC:13:40:A4:01:3A:23:9A:7C:71
X509v3 Authority Key Identifier:
keyid:25:77:6C:77:F8:EB:E7:09:4C:A0:07:AC:E1:A9:C0:BF:DC:2B:3A:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JXdsd_jr5wlMoAes4anAv9wrOuw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/57e08c-ca3a-4099-ae74-e7daec194a69/1/gsa3e9T7Z4bEdcwTQKQBOiOafHE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/57e08c-ca3a-4099-ae74-e7daec194a69/1/JXdsd_jr5wlMoAes4anAv9wrOuw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
23.90.128.0/18
104.166.128.0/18
185.207.112.0/22
192.169.96.0/19
193.118.32.0/19
193.118.96.0/19
199.182.232.0/21
IPv6:
2a0b:21c0::/29
Signature Algorithm: sha256WithRSAEncryption
13:81:d1:f3:26:4b:47:60:07:6a:50:0e:3c:e4:52:26:da:64:
7f:3f:4b:c4:4e:2d:7b:c2:32:d8:2c:5f:a9:a1:30:b4:a1:f3:
a2:f5:3f:37:6c:43:fa:16:68:fd:b6:e7:1f:d9:2f:95:5f:2a:
f9:00:59:7b:51:c3:b5:8d:4c:95:49:d9:e3:cb:20:3f:6a:d0:
48:02:16:7a:f6:a8:2c:9c:16:e5:37:24:b7:30:d6:d1:52:4e:
86:44:44:0e:29:e8:a9:14:16:90:79:00:1f:40:99:98:18:22:
42:4b:34:0f:2c:e4:09:61:90:57:94:20:29:62:1d:a3:3f:c1:
18:f4:fd:e9:1d:d3:23:6d:ed:1d:b1:56:9a:9e:d8:78:6f:08:
e5:fe:f0:80:cd:13:8a:2a:25:e8:95:81:af:9d:7b:90:e3:73:
b2:33:2e:e6:18:14:ff:fd:48:23:56:65:b3:bf:25:02:25:21:
8c:5a:9b:ac:46:89:1a:1d:d3:5b:54:f1:fa:d4:91:9a:df:d2:
84:ca:6f:72:ca:33:8f:69:18:54:20:db:9d:2b:ae:4b:9a:05:
5a:54:f0:f3:de:b3:20:31:be:70:f9:5f:ea:ae:b5:ea:a5:16:
b5:c3:5b:0a:5a:6e:9d:7b:e9:14:3e:e0:31:d0:25:e5:c7:c2:
99:44:17:1d
-----BEGIN CERTIFICATE-----
MIIFIjCCBAqgAwIBAgIEBVlgijANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
NTc3NmM3N2Y4ZWJlNzA5NGNhMDA3YWNlMWE5YzBiZmRjMmIzYWVjMB4XDTIyMDUz
MTAzNDYxM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoODJjNmI3N2JkNGZi
Njc4NmM0NzVjYzEzNDBhNDAxM2EyMzlhN2M3MTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJuHLdgR2mRuk+YvMGJgxV90BDG+MFwLuJ52QpGoiaTuwbjX
LOTCiDXIqtf4QufW9HmyabRMlM2vfK89X/sp6QODn90MfJF5V7OWiOJwDLl85C1t
U/BgiErpUgNg4TYjl/iDi/Unaxa+I/DsylOgOtABi41uVztmdS1QPCZvGR1xTAD2
hqyLneHgo5uI/l+OIwrlK/1QR1ptc2WuQ1SiKVsS1TpEjIv2sgCksoZ16HFb7sye
WyjVWJ/Ol1FdPkn+qcnbN36BjKajBWjImonC/+I+cJhRBL2C2CETrCb/2rGd7937
K91zsK1JTZPjOj/JKuls2hAsi40mJCQ7iMm2V10CAwEAAaOCAjwwggI4MB0GA1Ud
DgQWBBSCxrd71PtnhsR1zBNApAE6I5p8cTAfBgNVHSMEGDAWgBQld2x3+OvnCUyg
B6zhqcC/3Cs67DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0pYZHNkX2pyNXdsTW9BZXM0YW5Bdjl3ck91dy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZmEvNTdlMDhjLWNhM2EtNDA5OS1hZTc0LWU3ZGFlYzE5NGE2OS8x
L2dzYTNlOVQ3WjRiRWRjd1RRS1FCT2lPYWZIRS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZmEv
NTdlMDhjLWNhM2EtNDA5OS1hZTc0LWU3ZGFlYzE5NGE2OS8xL0pYZHNkX2pyNXds
TW9BZXM0YW5Bdjl3ck91dy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBS
BggrBgEFBQcBBwEB/wRDMEEwMAQCAAEwKgMEBhdagAMEBmimgAMEArnPcAMEBcCp
YAMEBcF2IAMEBcF2YAMEA8e26DANBAIAAjAHAwUDKgshwDANBgkqhkiG9w0BAQsF
AAOCAQEAE4HR8yZLR2AHalAOPORSJtpkfz9LxE4te8Iy2CxfqaEwtKHzovU/N2xD
+hZo/bbnH9kvlV8q+QBZe1HDtY1MlUnZ48sgP2rQSAIWevaoLJwW5TcktzDW0VJO
hkREDinoqRQWkHkAH0CZmBgiQks0DyzkCWGQV5QgKWIdoz/BGPT96R3TI23tHbFW
mp7YeG8I5f7wgM0Tiiol6JWBr517kONzsjMu5hgU//1II1Zls78lAiUhjFqbrEaJ
Gh3TW1Tx+tSRmt/ShMpvcsozj2kYVCDbnSuuS5oFWlTw896zIDG+cPlf6q616qUW
tcNbClpunXvpFD7gMdAl5cfCmUQXHQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:00:30 2024 by rpki-client on console-fra.rpki-client.org