Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/76/8357e2-a106-44ae-b866-8fa7b4c53073/1/GyC9UUZJXZQZ9n_fQOV1fmCBuLM.roa
File: GyC9UUZJXZQZ9n_fQOV1fmCBuLM.roa (raw, json)
Hash identifier: nZhk9Am6adVVvY/nZIt3qLH5pt+EUI9Qgo1DOT70AUc=
Subject key identifier: 1B:20:BD:51:46:49:5D:94:19:F6:7F:DF:40:E5:75:7E:60:81:B8:B3
Certificate issuer: /CN=17dd9c23af69ec2cdb6fe2b9936eb494cfd1621f
Certificate serial: 0182CAB6D3FDA25C3DD1B5CB36803E7FAA49
Authority key identifier: 17:DD:9C:23:AF:69:EC:2C:DB:6F:E2:B9:93:6E:B4:94:CF:D1:62:1F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/F92cI69p7Czbb-K5k260lM_RYh8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/76/8357e2-a106-44ae-b866-8fa7b4c53073/1/GyC9UUZJXZQZ9n_fQOV1fmCBuLM.roa
Signing time: Tue 23 Aug 2022 12:39:15 +0000
ROA not before: Tue 23 Aug 2022 12:39:15 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 14618
IP address blocks: 157.167.225.0/24 maxlen: 24
157.167.226.0/24 maxlen: 24
157.167.224.0/24 maxlen: 24
157.167.227.0/24 maxlen: 24
157.167.230.0/24 maxlen: 24
157.167.231.0/24 maxlen: 24
157.167.228.0/24 maxlen: 24
157.167.229.0/24 maxlen: 24
157.167.233.0/24 maxlen: 24
157.167.232.0/24 maxlen: 24
157.167.152.0/24 maxlen: 24
157.167.155.0/24 maxlen: 24
157.167.156.0/24 maxlen: 24
157.167.153.0/24 maxlen: 24
157.167.184.0/21 maxlen: 21
157.167.134.0/24 maxlen: 24
157.167.135.0/24 maxlen: 24
157.167.136.0/21 maxlen: 21
157.167.144.0/21 maxlen: 21
85.115.38.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:ca:b6:d3:fd:a2:5c:3d:d1:b5:cb:36:80:3e:7f:aa:49
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=17dd9c23af69ec2cdb6fe2b9936eb494cfd1621f
Validity
Not Before: Aug 23 12:39:15 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=1b20bd5146495d9419f67fdf40e5757e6081b8b3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:85:03:b9:d4:1b:31:3a:54:30:af:2d:29:c8:
4e:98:c8:7f:9c:2c:09:90:1a:46:85:a0:c6:ee:81:
cb:44:4b:eb:6c:53:e6:e8:35:5d:7a:76:e8:cd:57:
7f:04:ae:ec:40:61:03:39:2b:a1:9a:48:6c:a3:44:
2b:ae:5e:c3:dc:cc:84:01:ff:e2:7c:2b:63:a0:ae:
17:db:6e:7c:48:6c:c2:91:d7:ff:6a:6b:48:1e:a3:
06:6e:25:82:e4:61:2f:b4:07:4a:f1:00:57:2e:c7:
36:6d:bc:1b:f8:06:25:bd:d2:5a:00:88:82:0f:69:
12:57:33:c9:82:b3:1e:51:2b:81:9b:49:e9:b2:a2:
70:51:5a:0c:3c:b4:a0:10:0c:92:f6:98:30:6b:c3:
28:e5:3b:1d:56:aa:73:c7:0a:1b:b5:2c:0e:51:5e:
44:38:85:b1:0e:c9:1c:da:0e:fd:ef:92:3c:84:8b:
fe:a2:75:f3:0c:f1:03:c8:1d:f9:69:4f:f7:04:07:
7c:83:d6:89:20:55:80:89:e2:27:70:04:82:1c:41:
0b:3d:b1:1b:13:9b:b1:8a:3d:4b:86:50:17:fc:09:
e4:de:fe:3d:9f:82:2e:ce:b9:c7:ba:1d:7a:c1:00:
63:7f:e3:57:32:5d:db:9e:14:62:3b:55:8c:a7:b9:
93:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1B:20:BD:51:46:49:5D:94:19:F6:7F:DF:40:E5:75:7E:60:81:B8:B3
X509v3 Authority Key Identifier:
keyid:17:DD:9C:23:AF:69:EC:2C:DB:6F:E2:B9:93:6E:B4:94:CF:D1:62:1F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/F92cI69p7Czbb-K5k260lM_RYh8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/76/8357e2-a106-44ae-b866-8fa7b4c53073/1/GyC9UUZJXZQZ9n_fQOV1fmCBuLM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/76/8357e2-a106-44ae-b866-8fa7b4c53073/1/F92cI69p7Czbb-K5k260lM_RYh8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.115.38.0/24
157.167.134.0-157.167.153.255
157.167.155.0-157.167.156.255
157.167.184.0/21
157.167.224.0-157.167.233.255
Signature Algorithm: sha256WithRSAEncryption
24:51:5f:b5:87:0f:ea:2c:b2:ad:9c:42:d3:06:b8:92:b7:00:
3e:bb:2a:3a:16:d8:df:d6:b6:66:85:a5:18:10:83:91:3e:f2:
3c:bc:4c:c0:eb:f7:b6:c9:5d:ae:a1:3b:6f:e9:41:3c:c9:5c:
86:d8:4a:4c:64:8f:94:2c:a7:79:87:f0:c0:8a:97:d4:24:45:
4f:af:22:de:ce:61:59:68:cd:62:7f:da:1a:58:17:7c:da:db:
bf:18:7a:d4:2c:7f:a2:4e:67:47:c1:33:05:cd:56:00:69:46:
73:b9:e2:06:67:22:d2:82:ae:ce:50:b3:7c:15:97:b1:c9:66:
fc:41:26:15:30:92:8b:b2:c2:33:c5:72:17:6e:ee:40:ab:67:
4c:86:b7:dd:24:ce:ae:1a:67:6a:2b:ef:4d:13:b1:d9:4e:ad:
ed:91:86:86:24:3f:61:fc:89:84:79:55:5d:49:27:cf:8d:ef:
fc:34:d8:86:a8:bf:81:be:a3:a2:4e:62:a3:02:8a:00:5a:a6:
e5:17:b9:94:80:3c:2e:99:77:0b:04:49:bd:7b:6e:71:4e:7a:
ed:e7:c3:98:4d:0b:53:51:31:6b:9c:a4:3e:0b:f2:ce:01:23:
b7:c1:10:15:d3:fe:61:d6:87:bf:d7:2a:b9:66:1f:d2:38:24:
44:e0:95:2f
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAYLKttP9olw90bXLNoA+f6pJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE3ZGQ5YzIzYWY2OWVjMmNkYjZmZTJiOTkzNmViNDk0Y2Zk
MTYyMWYwHhcNMjIwODIzMTIzOTE1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYjIwYmQ1MTQ2NDk1ZDk0MTlmNjdmZGY0MGU1NzU3ZTYwODFiOGIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtoUDudQbMTpUMK8tKchOmMh/nCwJ
kBpGhaDG7oHLREvrbFPm6DVdenbozVd/BK7sQGEDOSuhmkhso0Qrrl7D3MyEAf/i
fCtjoK4X2258SGzCkdf/amtIHqMGbiWC5GEvtAdK8QBXLsc2bbwb+AYlvdJaAIiC
D2kSVzPJgrMeUSuBm0npsqJwUVoMPLSgEAyS9pgwa8Mo5TsdVqpzxwobtSwOUV5E
OIWxDskc2g7975I8hIv+onXzDPEDyB35aU/3BAd8g9aJIFWAieIncASCHEELPbEb
E5uxij1LhlAX/Ank3v49n4IuzrnHuh16wQBjf+NXMl3bnhRiO1WMp7mTMwIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFBsgvVFGSV2UGfZ/30DldX5ggbizMB8GA1UdIwQY
MBaAFBfdnCOvaews22/iuZNutJTP0WIfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRjkyY0k2OXA3Q3piYi1LNWsyNjBsTV9SWWg4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Ni84MzU3ZTItYTEwNi00NGFlLWI4NjYt
OGZhN2I0YzUzMDczLzEvR3lDOVVVWkpYWlFaOW5fZlFPVjFmbUNCdUxNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Ni84MzU3ZTItYTEwNi00NGFlLWI4NjYtOGZhN2I0YzUzMDcz
LzEvRjkyY0k2OXA3Q3piYi1LNWsyNjBsTV9SWWg4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAATA2AwQAVXMmMAwD
BAGdp4YDBAGdp5gwDAMEAJ2nmwMEAJ2nnAMEA52nuDAMAwQFnafgAwQBnafoMA0G
CSqGSIb3DQEBCwUAA4IBAQAkUV+1hw/qLLKtnELTBriStwA+uyo6Ftjf1rZmhaUY
EIORPvI8vEzA6/e2yV2uoTtv6UE8yVyG2EpMZI+ULKd5h/DAipfUJEVPryLezmFZ
aM1if9oaWBd82tu/GHrULH+iTmdHwTMFzVYAaUZzueIGZyLSgq7OULN8FZexyWb8
QSYVMJKLssIzxXIXbu5Aq2dMhrfdJM6uGmdqK+9NE7HZTq3tkYaGJD9h/ImEeVVd
SSfPje/8NNiGqL+BvqOiTmKjAooAWqblF7mUgDwumXcLBEm9e25xTnrt58OYTQtT
UTFrnKQ+C/LOASO3wRAV0/5h1oe/1yq5Zh/SOCRE4JUv
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:35:21 2024 by rpki-client on console-fra.rpki-client.org