Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/a96024-6555-4e8d-af37-62bb6d63e59d/1/gTjly7_OnKFW9cSD1a856VI4uqo.roa
File: gTjly7_OnKFW9cSD1a856VI4uqo.roa (raw, json)
Hash identifier: ufjpGPdPPAwFkHVan1+f/eziCnPwNK9rDimrwqZUAx4=
Subject key identifier: 81:38:E5:CB:BF:CE:9C:A1:56:F5:C4:83:D5:AF:39:E9:52:38:BA:AA
Certificate issuer: /CN=dff24726df3e77f6f4c8e0436613b35110eeaf38
Certificate serial: 0184D90B048D4087819CE1A149494F975F57
Authority key identifier: DF:F2:47:26:DF:3E:77:F6:F4:C8:E0:43:66:13:B3:51:10:EE:AF:38
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3_JHJt8-d_b0yOBDZhOzURDurzg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/a96024-6555-4e8d-af37-62bb6d63e59d/1/gTjly7_OnKFW9cSD1a856VI4uqo.roa
Signing time: Sat 03 Dec 2022 17:31:28 +0000
ROA not before: Sat 03 Dec 2022 17:31:28 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 398465
IP address blocks: 185.255.4.0/23 maxlen: 24
185.255.7.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:d9:0b:04:8d:40:87:81:9c:e1:a1:49:49:4f:97:5f:57
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dff24726df3e77f6f4c8e0436613b35110eeaf38
Validity
Not Before: Dec 3 17:31:28 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=8138e5cbbfce9ca156f5c483d5af39e95238baaa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:14:cf:1d:54:86:3f:72:c9:df:1d:f2:7d:cf:
4b:a9:0f:28:a8:ab:94:77:ce:c7:21:b5:f3:f7:48:
1f:f1:77:6f:4e:b9:47:ce:32:12:81:c7:12:27:a4:
fd:0e:b6:93:e9:93:d9:00:73:be:e2:64:9d:cc:0e:
c6:9f:3b:5b:fa:2a:63:03:85:2c:2b:d0:e5:45:a5:
96:fa:b9:22:45:be:81:29:5c:57:ed:1f:30:b0:4d:
dc:9b:83:75:35:db:8d:49:bd:9d:20:6f:fe:b1:c9:
24:95:dc:ec:85:d2:a0:28:1d:1b:b4:88:a1:0c:e1:
bc:61:18:cc:e6:e9:27:f7:63:0a:9f:c5:02:77:b5:
b9:5e:30:18:18:e9:21:37:90:b4:44:80:f5:21:10:
10:63:27:70:64:04:db:4e:01:fa:6a:f0:8b:f8:6a:
07:10:fd:80:27:91:03:0b:fa:7b:a1:ae:2c:5a:98:
09:47:b0:5a:8d:2f:66:ba:8d:27:01:36:b4:ac:4c:
c5:96:b2:11:30:c5:2a:a7:24:49:a8:71:55:30:03:
59:c4:e8:b0:2c:69:b8:18:34:c4:4e:61:3e:14:9b:
54:c4:b6:a9:aa:65:f5:d9:c2:e0:60:00:a4:28:6e:
d6:24:a4:cc:09:59:ca:59:86:c2:46:30:f6:a8:bb:
8f:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
81:38:E5:CB:BF:CE:9C:A1:56:F5:C4:83:D5:AF:39:E9:52:38:BA:AA
X509v3 Authority Key Identifier:
keyid:DF:F2:47:26:DF:3E:77:F6:F4:C8:E0:43:66:13:B3:51:10:EE:AF:38
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3_JHJt8-d_b0yOBDZhOzURDurzg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/a96024-6555-4e8d-af37-62bb6d63e59d/1/gTjly7_OnKFW9cSD1a856VI4uqo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/a96024-6555-4e8d-af37-62bb6d63e59d/1/3_JHJt8-d_b0yOBDZhOzURDurzg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.255.4.0/23
185.255.7.0/24
Signature Algorithm: sha256WithRSAEncryption
a0:a4:cb:de:2d:f5:90:8a:89:cc:80:db:21:8e:c4:d9:df:08:
42:24:2b:f1:be:b2:0f:52:a5:d3:80:9e:d2:9f:78:81:c4:69:
8b:58:fa:f6:da:6a:57:f8:5d:2e:be:08:b6:0f:49:98:d5:50:
d6:2e:ae:cc:5f:f9:7e:e1:09:a1:4b:bd:6b:7f:1b:d4:5a:d5:
3c:c2:f5:f1:c1:40:84:44:ae:c2:71:8c:a3:83:6e:7e:b4:a2:
99:bb:3b:4b:d8:7f:bd:bf:c8:d8:2b:d1:90:79:7a:e5:d0:00:
ba:94:d9:67:e6:84:87:fc:84:a5:84:e8:ae:ff:9e:07:b7:56:
cd:80:76:da:00:af:0c:97:a0:fd:8a:cc:79:00:dd:83:d8:67:
a5:c7:24:95:e1:1a:a6:fe:02:c6:60:47:2f:e7:2b:54:7d:b3:
34:d7:ef:3e:94:70:f3:3c:52:95:c9:ad:7d:9c:44:93:1e:3a:
1f:56:92:7f:a2:c6:5d:9d:7b:e7:e7:4f:37:79:b6:b7:18:44:
a7:7c:32:68:0c:ed:62:55:5d:64:ac:55:55:0a:88:bd:54:af:
6c:f3:dc:45:23:50:bd:32:2d:23:86:b3:8a:dc:3e:11:23:2f:
08:2c:c4:61:49:7f:fd:7b:ab:4f:24:0c:aa:cf:e2:2c:dc:c3:
20:34:eb:f9
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYTZCwSNQIeBnOGhSUlPl19XMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRmZjI0NzI2ZGYzZTc3ZjZmNGM4ZTA0MzY2MTNiMzUxMTBl
ZWFmMzgwHhcNMjIxMjAzMTczMTI4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MTM4ZTVjYmJmY2U5Y2ExNTZmNWM0ODNkNWFmMzllOTUyMzhiYWFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvxTPHVSGP3LJ3x3yfc9LqQ8oqKuU
d87HIbXz90gf8XdvTrlHzjISgccSJ6T9DraT6ZPZAHO+4mSdzA7Gnztb+ipjA4Us
K9DlRaWW+rkiRb6BKVxX7R8wsE3cm4N1NduNSb2dIG/+sckkldzshdKgKB0btIih
DOG8YRjM5ukn92MKn8UCd7W5XjAYGOkhN5C0RID1IRAQYydwZATbTgH6avCL+GoH
EP2AJ5EDC/p7oa4sWpgJR7BajS9muo0nATa0rEzFlrIRMMUqpyRJqHFVMANZxOiw
LGm4GDTETmE+FJtUxLapqmX12cLgYACkKG7WJKTMCVnKWYbCRjD2qLuP7wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFIE45cu/zpyhVvXEg9WvOelSOLqqMB8GA1UdIwQY
MBaAFN/yRybfPnf29MjgQ2YTs1EQ7q84MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM19KSEp0OC1kX2IweU9CRFpoT3pVUkR1cnpnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9hOTYwMjQtNjU1NS00ZThkLWFmMzct
NjJiYjZkNjNlNTlkLzEvZ1RqbHk3X09uS0ZXOWNTRDFhODU2Vkk0dXFvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9hOTYwMjQtNjU1NS00ZThkLWFmMzctNjJiYjZkNjNlNTlk
LzEvM19KSEp0OC1kX2IweU9CRFpoT3pVUkR1cnpnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBuf8EAwQA
uf8HMA0GCSqGSIb3DQEBCwUAA4IBAQCgpMveLfWQionMgNshjsTZ3whCJCvxvrIP
UqXTgJ7Sn3iBxGmLWPr22mpX+F0uvgi2D0mY1VDWLq7MX/l+4QmhS71rfxvUWtU8
wvXxwUCERK7CcYyjg25+tKKZuztL2H+9v8jYK9GQeXrl0AC6lNln5oSH/ISlhOiu
/54Ht1bNgHbaAK8Ml6D9isx5AN2D2GelxySV4Rqm/gLGYEcv5ytUfbM01+8+lHDz
PFKVya19nESTHjofVpJ/osZdnXvn5083eba3GESnfDJoDO1iVV1krFVVCoi9VK9s
89xFI1C9Mi0jhrOK3D4RIy8ILMRhSX/9e6tPJAyqz+Is3MMgNOv5
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:53:35 2024 by rpki-client on console-fra.rpki-client.org