Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/a3c775-39c5-4bbb-b33e-d929e2b76d68/1/gjzNxYW8zZQ1qvqhct7WPbCoehE.roa
File: gjzNxYW8zZQ1qvqhct7WPbCoehE.roa (raw, json)
Hash identifier: tg1yraz5tqM/LgJWfA7TPs6XY00hYtF42lYr+FpxCbs=
Subject key identifier: 82:3C:CD:C5:85:BC:CD:94:35:AA:FA:A1:72:DE:D6:3D:B0:A8:7A:11
Certificate issuer: /CN=dfc0b1df0e7bd00045ebe10302c320ffbdba0716
Certificate serial: 1827C653
Authority key identifier: DF:C0:B1:DF:0E:7B:D0:00:45:EB:E1:03:02:C3:20:FF:BD:BA:07:16
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/38Cx3w570ABF6-EDAsMg_726BxY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/a3c775-39c5-4bbb-b33e-d929e2b76d68/1/gjzNxYW8zZQ1qvqhct7WPbCoehE.roa
Signing time: Fri 24 Jun 2022 23:22:58 +0000
ROA not before: Fri 24 Jun 2022 23:22:58 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 62290
IP address blocks: 185.24.116.0/23 maxlen: 23
185.24.116.0/22 maxlen: 23
212.102.109.0/24 maxlen: 24
2a00:72a0::/32 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 405259859 (0x1827c653)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dfc0b1df0e7bd00045ebe10302c320ffbdba0716
Validity
Not Before: Jun 24 23:22:58 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=823ccdc585bccd9435aafaa172ded63db0a87a11
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:19:f8:91:58:e8:4e:60:aa:70:a9:ab:b5:62:
9d:8b:06:ca:0a:f4:f5:1d:bc:24:29:39:9c:6a:af:
55:b1:f9:4a:65:48:76:31:47:25:8f:3d:4e:54:2b:
81:ba:aa:0c:f0:2b:5f:c1:62:8c:86:0b:d3:57:93:
8d:c8:54:2a:57:cf:f0:66:61:69:77:de:54:80:a1:
89:84:d8:77:ea:2c:73:6c:7d:dc:22:03:07:73:38:
c7:a8:0e:fa:47:11:60:73:c1:eb:b3:31:c5:de:0c:
0c:43:af:2f:57:7e:14:a3:49:3b:21:d9:13:4c:bc:
f2:9b:77:60:a6:11:58:fe:ff:45:3b:0e:3c:d1:2a:
0e:96:76:f3:89:a5:85:bd:46:9c:a7:36:8e:40:43:
73:08:fb:ce:6e:f0:0c:19:7d:93:b6:3c:c3:77:3e:
e3:ba:d8:4f:7d:9b:1b:39:f8:7a:14:bd:32:87:b0:
fa:3d:dc:82:dd:09:a6:0d:18:97:86:10:fb:fe:66:
98:88:81:74:45:f9:cd:f4:9e:12:42:d9:57:71:fd:
29:13:b6:28:b8:72:63:62:1f:72:17:2b:c0:7d:55:
56:bb:54:d1:b2:22:90:d9:e5:99:12:6e:c8:c5:48:
ff:37:a4:38:17:dd:8f:ae:cd:e2:7a:7b:f8:02:88:
74:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
82:3C:CD:C5:85:BC:CD:94:35:AA:FA:A1:72:DE:D6:3D:B0:A8:7A:11
X509v3 Authority Key Identifier:
keyid:DF:C0:B1:DF:0E:7B:D0:00:45:EB:E1:03:02:C3:20:FF:BD:BA:07:16
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/38Cx3w570ABF6-EDAsMg_726BxY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/a3c775-39c5-4bbb-b33e-d929e2b76d68/1/gjzNxYW8zZQ1qvqhct7WPbCoehE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/a3c775-39c5-4bbb-b33e-d929e2b76d68/1/38Cx3w570ABF6-EDAsMg_726BxY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.24.116.0/22
212.102.109.0/24
IPv6:
2a00:72a0::/32
Signature Algorithm: sha256WithRSAEncryption
98:5c:85:75:03:fa:4a:34:7c:e7:c7:59:5f:fc:b5:ab:aa:cb:
a5:a4:06:2f:66:37:93:35:98:ec:5c:12:c5:9c:7a:7c:3b:9e:
0e:93:6f:c9:e4:5a:b5:74:e5:17:9d:9b:ed:b7:c9:58:f2:5d:
63:76:ea:d2:65:c2:3e:fe:b0:90:53:7e:39:79:1c:0c:13:51:
8f:1e:b2:fa:62:8c:89:d7:16:15:fc:66:a7:72:b6:96:96:dd:
14:12:4f:ff:9f:09:2a:1b:e6:a6:92:25:e4:2b:b7:4e:ba:f6:
14:4a:8d:20:19:03:90:61:df:42:a1:99:b6:df:21:81:38:47:
02:80:a2:f7:16:29:18:3c:ac:64:e7:a1:50:22:ca:ad:90:82:
e6:0f:9f:bd:9f:4f:f1:ec:49:45:21:79:1c:b8:ef:78:36:3b:
69:3e:b6:f8:b5:52:fd:df:2d:79:da:b8:4a:7c:3a:39:f7:3c:
4b:7a:39:4d:64:62:70:65:62:27:d9:4a:77:05:a8:5a:2a:d4:
92:7e:d4:46:5c:56:86:7e:f4:7c:21:e4:d4:0a:98:c9:15:20:
46:77:78:5f:cb:43:97:d1:e0:6d:c9:9a:41:2e:00:b5:1c:c1:
a3:64:eb:7f:f9:2b:60:7f:58:fc:a3:3a:f6:b0:30:c4:e6:d5:
ef:fc:a7:fb
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgIEGCfGUzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
ZmMwYjFkZjBlN2JkMDAwNDVlYmUxMDMwMmMzMjBmZmJkYmEwNzE2MB4XDTIyMDYy
NDIzMjI1OFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoODIzY2NkYzU4NWJj
Y2Q5NDM1YWFmYWExNzJkZWQ2M2RiMGE4N2ExMTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMwZ+JFY6E5gqnCpq7VinYsGygr09R28JCk5nGqvVbH5SmVI
djFHJY89TlQrgbqqDPArX8FijIYL01eTjchUKlfP8GZhaXfeVIChiYTYd+osc2x9
3CIDB3M4x6gO+kcRYHPB67Mxxd4MDEOvL1d+FKNJOyHZE0y88pt3YKYRWP7/RTsO
PNEqDpZ284mlhb1GnKc2jkBDcwj7zm7wDBl9k7Y8w3c+47rYT32bGzn4ehS9Moew
+j3cgt0Jpg0Yl4YQ+/5mmIiBdEX5zfSeEkLZV3H9KRO2KLhyY2IfchcrwH1VVrtU
0bIikNnlmRJuyMVI/zekOBfdj67N4np7+AKIdG8CAwEAAaOCAh4wggIaMB0GA1Ud
DgQWBBSCPM3FhbzNlDWq+qFy3tY9sKh6ETAfBgNVHSMEGDAWgBTfwLHfDnvQAEXr
4QMCwyD/vboHFjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzM4Q3gzdzU3MEFCRjYtRURBc01nXzcyNkJ4WS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvODAvYTNjNzc1LTM5YzUtNGJiYi1iMzNlLWQ5MjllMmI3NmQ2OC8x
L2dqek54WVc4elpRMXF2cWhjdDdXUGJDb2VoRS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvODAv
YTNjNzc1LTM5YzUtNGJiYi1iMzNlLWQ5MjllMmI3NmQ2OC8xLzM4Q3gzdzU3MEFC
RjYtRURBc01nXzcyNkJ4WS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA0
BggrBgEFBQcBBwEB/wQlMCMwEgQCAAEwDAMEArkYdAMEANRmbTANBAIAAjAHAwUA
KgByoDANBgkqhkiG9w0BAQsFAAOCAQEAmFyFdQP6SjR858dZX/y1q6rLpaQGL2Y3
kzWY7FwSxZx6fDueDpNvyeRatXTlF52b7bfJWPJdY3bq0mXCPv6wkFN+OXkcDBNR
jx6y+mKMidcWFfxmp3K2lpbdFBJP/58JKhvmppIl5Cu3Trr2FEqNIBkDkGHfQqGZ
tt8hgThHAoCi9xYpGDysZOehUCLKrZCC5g+fvZ9P8exJRSF5HLjveDY7aT62+LVS
/d8tedq4Snw6Ofc8S3o5TWRicGViJ9lKdwWoWirUkn7URlxWhn70fCHk1AqYyRUg
Rnd4X8tDl9HgbcmaQS4AtRzBo2Trf/krYH9Y/KM69rAwxObV7/yn+w==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:20:31 2024 by rpki-client on console-ams.rpki-client.org