Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ed/a6fcc9-d251-42dc-ad02-967c2285ea62/1/giEwayNZxKidsXlf9oAxXegyQS0.roa
File: giEwayNZxKidsXlf9oAxXegyQS0.roa (raw, json)
Hash identifier: YxXgSuL/IzVPMA6H/nWz1wAo/3t2+/AG1NU06N75s4A=
Subject key identifier: 82:21:30:6B:23:59:C4:A8:9D:B1:79:5F:F6:80:31:5D:E8:32:41:2D
Certificate issuer: /CN=407d2dc10c02f5ec24f690f9f660555486562e59
Certificate serial: 039604A9
Authority key identifier: 40:7D:2D:C1:0C:02:F5:EC:24:F6:90:F9:F6:60:55:54:86:56:2E:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QH0twQwC9ewk9pD59mBVVIZWLlk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ed/a6fcc9-d251-42dc-ad02-967c2285ea62/1/giEwayNZxKidsXlf9oAxXegyQS0.roa
Signing time: Sat 01 Jan 2022 07:53:50 +0000
ROA not before: Sat 01 Jan 2022 07:53:50 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 29436
IP address blocks: 192.162.80.0/22 maxlen: 22
193.238.36.0/22 maxlen: 22
195.149.108.0/24 maxlen: 24
192.166.112.0/23 maxlen: 23
2001:67c:2d9c::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 60163241 (0x39604a9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=407d2dc10c02f5ec24f690f9f660555486562e59
Validity
Not Before: Jan 1 07:53:50 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=8221306b2359c4a89db1795ff680315de832412d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:ba:45:34:93:62:1b:e5:07:9b:4f:77:27:ca:
0d:60:5e:c3:7b:7c:f1:bc:e2:b9:21:40:67:1c:08:
f2:86:16:b5:81:9d:f6:72:70:59:be:f3:2c:09:f5:
ed:6b:83:71:84:19:9c:a2:99:b6:13:e5:87:03:b2:
c6:2c:66:fd:87:59:cb:b8:ff:18:65:30:33:5d:02:
14:56:b3:b3:e0:06:1b:cc:31:74:02:be:4c:b2:ac:
eb:ff:73:1f:0d:30:fe:7a:f1:24:09:c2:ef:28:f2:
b8:80:39:b5:c0:a6:5c:b3:0f:99:59:72:c7:bd:c4:
50:57:2a:a2:e0:5a:72:44:2b:4f:75:22:84:50:46:
91:8e:07:c7:22:02:16:ee:c8:13:c3:b0:54:57:bd:
00:77:1f:c1:23:51:45:3d:a4:e8:bf:d0:0b:b4:3b:
fd:18:3e:6d:12:d6:64:f7:00:25:6e:72:cd:4a:1f:
e7:1a:51:b9:9d:66:ec:97:ff:d5:d7:af:d6:0f:72:
8a:3e:ab:44:c8:4e:18:4e:ea:fb:f0:07:0a:88:05:
ce:a0:5f:f4:f8:28:75:c8:6c:8b:ee:55:11:74:31:
1e:18:21:c1:fa:68:0f:9a:5a:3a:e7:8a:48:9a:2a:
21:ac:39:e6:ab:0c:3c:4d:4a:ef:39:18:9d:b8:5f:
0c:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
82:21:30:6B:23:59:C4:A8:9D:B1:79:5F:F6:80:31:5D:E8:32:41:2D
X509v3 Authority Key Identifier:
keyid:40:7D:2D:C1:0C:02:F5:EC:24:F6:90:F9:F6:60:55:54:86:56:2E:59
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QH0twQwC9ewk9pD59mBVVIZWLlk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/a6fcc9-d251-42dc-ad02-967c2285ea62/1/giEwayNZxKidsXlf9oAxXegyQS0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/a6fcc9-d251-42dc-ad02-967c2285ea62/1/QH0twQwC9ewk9pD59mBVVIZWLlk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.162.80.0/22
192.166.112.0/23
193.238.36.0/22
195.149.108.0/24
IPv6:
2001:67c:2d9c::/48
Signature Algorithm: sha256WithRSAEncryption
1a:e4:de:f5:fe:d8:7c:c5:98:7b:d2:16:95:ad:49:ff:8a:0a:
8a:16:51:69:98:e7:5a:bf:ec:f0:68:b7:dc:7f:f3:f6:76:9b:
63:45:13:b9:80:f6:7e:f8:6c:a8:b4:74:b7:55:6a:9a:18:c2:
1d:bc:23:5d:88:06:2e:e6:73:80:a4:1e:b2:d8:7e:1c:7a:bc:
b8:46:4d:08:ed:dc:2e:39:c4:79:c9:1d:05:45:2b:0b:2c:7a:
39:8b:82:71:4b:d4:89:78:54:64:b9:d5:30:e0:b7:a5:51:9c:
a6:e2:44:4a:26:56:b0:f1:ac:53:f2:43:0b:ff:a0:5d:e1:eb:
59:51:67:df:c8:f3:22:63:ca:72:57:23:a8:55:da:5a:c4:b2:
87:64:f1:1e:25:a2:7f:d7:36:fa:22:cc:48:cd:91:1a:43:e3:
33:da:ec:20:9f:c8:59:c8:7b:06:40:45:ec:1e:5a:8f:8b:74:
5c:73:03:41:45:09:8a:bb:38:c5:e3:f7:25:14:66:52:d5:65:
4d:b1:9a:72:2f:23:a4:69:1e:a9:83:8f:0b:93:a0:c3:59:7e:
e4:5d:82:1d:40:86:5d:fa:8e:25:4f:97:2f:6f:d4:96:a8:fd:
05:37:fb:c7:6d:62:32:bf:6f:b5:a7:a3:59:c0:7e:ac:f6:10:
f9:16:1f:b6
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgIEA5YEqTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0
MDdkMmRjMTBjMDJmNWVjMjRmNjkwZjlmNjYwNTU1NDg2NTYyZTU5MB4XDTIyMDEw
MTA3NTM1MFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoODIyMTMwNmIyMzU5
YzRhODlkYjE3OTVmZjY4MDMxNWRlODMyNDEyZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALm6RTSTYhvlB5tPdyfKDWBew3t88bziuSFAZxwI8oYWtYGd
9nJwWb7zLAn17WuDcYQZnKKZthPlhwOyxixm/YdZy7j/GGUwM10CFFazs+AGG8wx
dAK+TLKs6/9zHw0w/nrxJAnC7yjyuIA5tcCmXLMPmVlyx73EUFcqouBackQrT3Ui
hFBGkY4HxyICFu7IE8OwVFe9AHcfwSNRRT2k6L/QC7Q7/Rg+bRLWZPcAJW5yzUof
5xpRuZ1m7Jf/1dev1g9yij6rRMhOGE7q+/AHCogFzqBf9Pgodchsi+5VEXQxHhgh
wfpoD5paOueKSJoqIaw55qsMPE1K7zkYnbhfDGcCAwEAAaOCAiwwggIoMB0GA1Ud
DgQWBBSCITBrI1nEqJ2xeV/2gDFd6DJBLTAfBgNVHSMEGDAWgBRAfS3BDAL17CT2
kPn2YFVUhlYuWTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1FIMHR3UXdDOWV3azlwRDU5bUJWVklaV0xsay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZWQvYTZmY2M5LWQyNTEtNDJkYy1hZDAyLTk2N2MyMjg1ZWE2Mi8x
L2dpRXdheU5aeEtpZHNYbGY5b0F4WGVneVFTMC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZWQv
YTZmY2M5LWQyNTEtNDJkYy1hZDAyLTk2N2MyMjg1ZWE2Mi8xL1FIMHR3UXdDOWV3
azlwRDU5bUJWVklaV0xsay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBC
BggrBgEFBQcBBwEB/wQzMDEwHgQCAAEwGAMEAsCiUAMEAcCmcAMEAsHuJAMEAMOV
bDAPBAIAAjAJAwcAIAEGfC2cMA0GCSqGSIb3DQEBCwUAA4IBAQAa5N71/th8xZh7
0haVrUn/igqKFlFpmOdav+zwaLfcf/P2dptjRRO5gPZ++GyotHS3VWqaGMIdvCNd
iAYu5nOApB6y2H4cery4Rk0I7dwuOcR5yR0FRSsLLHo5i4JxS9SJeFRkudUw4Lel
UZym4kRKJlaw8axT8kML/6Bd4etZUWffyPMiY8pyVyOoVdpaxLKHZPEeJaJ/1zb6
IsxIzZEaQ+Mz2uwgn8hZyHsGQEXsHlqPi3RccwNBRQmKuzjF4/clFGZS1WVNsZpy
LyOkaR6pg48Lk6DDWX7kXYIdQIZd+o4lT5cvb9SWqP0FN/vHbWIyv2+1p6NZwH6s
9hD5Fh+2
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:42:36 2023 by rpki-client on console.sobornost.net