Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/1c9809-1f60-43c2-8103-dad0420b85d3/1/GYrTPdRVpU9jofoY4wpZFbXoC6I.roa
File: GYrTPdRVpU9jofoY4wpZFbXoC6I.roa (raw, json)
Hash identifier: cfEhbh2nminaGs21t7ZYnB+bKUUhcjl1GGIRpxZa9h8=
Subject key identifier: 19:8A:D3:3D:D4:55:A5:4F:63:A1:FA:18:E3:0A:59:15:B5:E8:0B:A2
Certificate issuer: /CN=f919e1f3fe69b4ebdff02a9a857e7c6c2b25301a
Certificate serial: 0184D1F848771B85002401D67A7A00485279
Authority key identifier: F9:19:E1:F3:FE:69:B4:EB:DF:F0:2A:9A:85:7E:7C:6C:2B:25:30:1A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-Rnh8_5ptOvf8CqahX58bCslMBo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/1c9809-1f60-43c2-8103-dad0420b85d3/1/GYrTPdRVpU9jofoY4wpZFbXoC6I.roa
Signing time: Fri 02 Dec 2022 08:33:40 +0000
ROA not before: Fri 02 Dec 2022 08:33:40 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 208677
IP address blocks: 46.243.172.0/24 maxlen: 24
37.18.8.0/23 maxlen: 23
37.18.10.0/24 maxlen: 24
37.18.22.0/24 maxlen: 24
178.170.242.0/24 maxlen: 24
46.243.141.0/24 maxlen: 24
46.243.142.0/23 maxlen: 23
37.230.139.0/24 maxlen: 24
87.242.88.0/21 maxlen: 21
37.18.102.0/24 maxlen: 24
37.18.100.0/23 maxlen: 23
37.18.107.0/24 maxlen: 24
37.18.112.0/23 maxlen: 23
37.18.108.0/22 maxlen: 22
37.18.115.0/24 maxlen: 24
37.18.114.0/24 maxlen: 24
37.18.116.0/22 maxlen: 22
37.18.120.0/23 maxlen: 23
87.242.120.0/21 maxlen: 21
37.230.179.0/24 maxlen: 24
37.18.122.0/24 maxlen: 24
188.72.96.0/24 maxlen: 24
37.230.186.0/24 maxlen: 24
37.230.184.0/23 maxlen: 23
37.230.180.0/23 maxlen: 23
46.243.206.0/24 maxlen: 24
46.243.205.0/24 maxlen: 24
46.243.201.0/24 maxlen: 24
46.243.226.0/23 maxlen: 23
46.243.244.0/23 maxlen: 23
37.18.72.0/23 maxlen: 23
89.232.160.0/21 maxlen: 21
188.72.106.0/23 maxlen: 23
188.72.108.0/23 maxlen: 23
37.230.192.0/21 maxlen: 21
37.230.224.0/24 maxlen: 24
37.230.233.0/24 maxlen: 24
94.139.252.0/22 maxlen: 22
178.170.192.0/22 maxlen: 22
178.170.191.0/24 maxlen: 24
45.9.24.0/22 maxlen: 22
178.170.196.0/23 maxlen: 23
141.101.201.0/24 maxlen: 24
141.101.152.0/24 maxlen: 24
141.101.151.0/24 maxlen: 24
45.89.224.0/22 maxlen: 22
2a0c:2b80::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:d1:f8:48:77:1b:85:00:24:01:d6:7a:7a:00:48:52:79
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f919e1f3fe69b4ebdff02a9a857e7c6c2b25301a
Validity
Not Before: Dec 2 08:33:40 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=198ad33dd455a54f63a1fa18e30a5915b5e80ba2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:42:7c:57:6d:1f:af:c6:52:4a:f1:de:18:b0:
21:0d:3d:01:b3:1b:69:a1:2f:53:47:c8:94:97:3a:
50:3f:46:80:1b:db:84:6f:50:7f:9d:75:43:c9:88:
53:68:4c:15:53:12:a8:3f:00:e5:f0:da:15:54:b6:
c5:71:58:6e:29:9f:25:50:44:cb:0a:30:e2:9c:7a:
d3:86:dd:86:26:12:a0:19:9b:55:e5:9b:32:a8:fe:
6c:cd:a3:3d:36:aa:e5:03:53:74:70:5c:07:c2:e5:
80:bf:02:b5:55:4f:33:9f:3c:63:d3:6e:c9:8e:f9:
65:db:3d:03:23:c7:ef:db:00:bb:fe:a5:18:2c:5c:
5e:1f:26:a6:b6:1f:eb:42:43:af:8e:47:ab:25:4f:
d5:5c:2d:34:62:a8:e5:14:7a:6c:49:fd:b7:09:f2:
03:e8:8d:b3:ee:8b:b4:1d:08:be:bd:cc:53:02:6d:
a8:8b:eb:9f:07:7d:21:49:26:0e:0d:64:34:45:2e:
ef:97:f4:b9:c4:91:06:12:4e:8d:9c:06:9e:ed:45:
5c:61:64:58:33:20:fd:97:6d:55:25:59:2e:c7:68:
19:f5:12:56:fc:d9:21:d9:76:1c:d4:01:c0:30:76:
a5:99:2d:28:88:52:3c:c6:76:be:80:f2:3d:2d:f5:
4f:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
19:8A:D3:3D:D4:55:A5:4F:63:A1:FA:18:E3:0A:59:15:B5:E8:0B:A2
X509v3 Authority Key Identifier:
keyid:F9:19:E1:F3:FE:69:B4:EB:DF:F0:2A:9A:85:7E:7C:6C:2B:25:30:1A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-Rnh8_5ptOvf8CqahX58bCslMBo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/1c9809-1f60-43c2-8103-dad0420b85d3/1/GYrTPdRVpU9jofoY4wpZFbXoC6I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/1c9809-1f60-43c2-8103-dad0420b85d3/1/1-Rnh8_5ptOvf8CqahX58bCslMBo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.18.8.0-37.18.10.255
37.18.22.0/24
37.18.72.0/23
37.18.100.0-37.18.102.255
37.18.107.0-37.18.122.255
37.230.139.0/24
37.230.179.0-37.230.181.255
37.230.184.0-37.230.186.255
37.230.192.0/21
37.230.224.0/24
37.230.233.0/24
45.9.24.0/22
45.89.224.0/22
46.243.141.0-46.243.143.255
46.243.172.0/24
46.243.201.0/24
46.243.205.0-46.243.206.255
46.243.226.0/23
46.243.244.0/23
87.242.88.0/21
87.242.120.0/21
89.232.160.0/21
94.139.252.0/22
141.101.151.0-141.101.152.255
141.101.201.0/24
178.170.191.0-178.170.197.255
178.170.242.0/24
188.72.96.0/24
188.72.106.0-188.72.109.255
IPv6:
2a0c:2b80::/29
Signature Algorithm: sha256WithRSAEncryption
82:71:0b:1e:53:b2:7a:4d:e2:fb:f2:7f:c2:1f:80:de:2b:08:
77:13:84:1f:51:73:bd:74:24:79:91:14:8d:23:07:97:f8:44:
b0:98:69:4c:2e:0d:79:49:28:f5:49:17:61:8d:a0:bd:cf:52:
d3:1f:ee:23:39:fe:45:dd:1a:58:cf:5a:6e:e4:bf:20:fb:c0:
23:ef:17:bb:25:83:0a:75:f1:fd:5a:0f:ec:a7:87:52:f4:24:
1d:3a:54:38:8f:64:5e:82:ca:3e:69:b8:4f:a5:63:25:cd:f7:
c0:9e:23:0b:18:7c:cf:2c:a3:b6:57:11:a3:2a:8c:ce:51:d4:
1e:f3:eb:56:80:ed:15:8e:ce:3b:bb:f6:a1:f1:fd:ac:a4:bc:
97:9d:9d:09:37:93:4e:cb:87:98:17:ac:98:57:0f:03:54:e1:
04:ea:ed:36:12:ce:f3:86:91:4b:6e:fd:fd:70:aa:2c:1b:28:
62:06:c5:5d:26:b0:a1:05:1b:4e:81:6a:c3:a8:da:7a:0d:5e:
a0:e9:af:97:d3:c4:bc:87:75:fb:ed:8c:5a:ea:43:ea:9b:97:
5c:db:42:c2:0e:45:be:0e:39:4b:b8:73:06:d3:e3:d0:51:49:
c7:5f:b9:0c:14:5b:0f:21:6f:a0:72:69:e7:9e:94:71:7b:fa:
98:01:e1:e8
-----BEGIN CERTIFICATE-----
MIIGDzCCBPegAwIBAgISAYTR+Eh3G4UAJAHWenoASFJ5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY5MTllMWYzZmU2OWI0ZWJkZmYwMmE5YTg1N2U3YzZjMmIy
NTMwMWEwHhcNMjIxMjAyMDgzMzQwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxOThhZDMzZGQ0NTVhNTRmNjNhMWZhMThlMzBhNTkxNWI1ZTgwYmEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyUJ8V20fr8ZSSvHeGLAhDT0Bsxtp
oS9TR8iUlzpQP0aAG9uEb1B/nXVDyYhTaEwVUxKoPwDl8NoVVLbFcVhuKZ8lUETL
CjDinHrTht2GJhKgGZtV5ZsyqP5szaM9NqrlA1N0cFwHwuWAvwK1VU8znzxj027J
jvll2z0DI8fv2wC7/qUYLFxeHyamth/rQkOvjkerJU/VXC00YqjlFHpsSf23CfID
6I2z7ou0HQi+vcxTAm2oi+ufB30hSSYODWQ0RS7vl/S5xJEGEk6NnAae7UVcYWRY
MyD9l21VJVkux2gZ9RJW/Nkh2XYc1AHAMHalmS0oiFI8xna+gPI9LfVPkQIDAQAB
o4IDGzCCAxcwHQYDVR0OBBYEFBmK0z3UVaVPY6H6GOMKWRW16AuiMB8GA1UdIwQY
MBaAFPkZ4fP+abTr3/AqmoV+fGwrJTAaMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1Sbmg4XzVwdE92ZjhDcWFoWDU4YkNzbE1Cby5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZjYvMWM5ODA5LTFmNjAtNDNjMi04MTAz
LWRhZDA0MjBiODVkMy8xL0dZclRQZFJWcFU5am9mb1k0d3BaRmJYb0M2SS5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvZjYvMWM5ODA5LTFmNjAtNDNjMi04MTAzLWRhZDA0MjBiODVk
My8xLzEtUm5oOF81cHRPdmY4Q3FhaFg1OGJDc2xNQm8uY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwggEtBggrBgEFBQcBBwEB/wSCARwwggEYMIIBBQQCAAEw
gf4wDAMEAyUSCAMEACUSCgMEACUSFgMEASUSSDAMAwQCJRJkAwQAJRJmMAwDBAAl
EmsDBAAlEnoDBAAl5oswDAMEACXmswMEASXmtDAMAwQDJea4AwQAJea6AwQDJebA
AwQAJebgAwQAJebpAwQCLQkYAwQCLVngMAwDBAAu840DBAQu84ADBAAu86wDBAAu
88kwDAMEAC7zzQMEAC7zzgMEAS7z4gMEAS7z9AMEA1fyWAMEA1fyeAMEA1nooAME
Al6L/DAMAwQAjWWXAwQAjWWYAwQAjWXJMAwDBACyqr8DBAGyqsQDBACyqvIDBAC8
SGAwDAMEAbxIagMEAbxIbDANBAIAAjAHAwUDKgwrgDANBgkqhkiG9w0BAQsFAAOC
AQEAgnELHlOyek3i+/J/wh+A3isIdxOEH1FzvXQkeZEUjSMHl/hEsJhpTC4NeUko
9UkXYY2gvc9S0x/uIzn+Rd0aWM9abuS/IPvAI+8XuyWDCnXx/VoP7KeHUvQkHTpU
OI9kXoLKPmm4T6VjJc33wJ4jCxh8zyyjtlcRoyqMzlHUHvPrVoDtFY7OO7v2ofH9
rKS8l52dCTeTTsuHmBesmFcPA1ThBOrtNhLO84aRS279/XCqLBsoYgbFXSawoQUb
ToFqw6jaeg1eoOmvl9PEvId1++2MWupD6puXXNtCwg5Fvg45S7hzBtPj0FFJx1+5
DBRbDyFvoHJp556UcXv6mAHh6A==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:52:55 2024 by rpki-client on console-ams.rpki-client.org