Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/08/13bdba-0715-4e26-b076-af5867476309/1/gd-mABCD4PZZT6-amS1hvBPMdPw.roa
File: gd-mABCD4PZZT6-amS1hvBPMdPw.roa (raw, json)
Hash identifier: U0TQwRVArnPGk2eg7UlHYca7DLnAT/TSJLcFPnL+f2w=
Subject key identifier: 81:DF:A6:00:10:83:E0:F6:59:4F:AF:9A:99:2D:61:BC:13:CC:74:FC
Certificate issuer: /CN=1bc1994ea63d50dbc8b43acecad2842b4dc15759
Certificate serial: 03F84E85
Authority key identifier: 1B:C1:99:4E:A6:3D:50:DB:C8:B4:3A:CE:CA:D2:84:2B:4D:C1:57:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/G8GZTqY9UNvItDrOytKEK03BV1k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/08/13bdba-0715-4e26-b076-af5867476309/1/gd-mABCD4PZZT6-amS1hvBPMdPw.roa
Signing time: Sat 01 Jan 2022 05:56:35 +0000
ROA not before: Sat 01 Jan 2022 05:56:35 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 41897
IP address blocks: 78.109.97.0/24 maxlen: 24
78.109.98.0/24 maxlen: 24
78.109.99.0/24 maxlen: 24
78.109.100.0/23 maxlen: 23
78.109.102.0/23 maxlen: 23
193.42.20.0/24 maxlen: 24
185.90.134.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 66604677 (0x3f84e85)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1bc1994ea63d50dbc8b43acecad2842b4dc15759
Validity
Not Before: Jan 1 05:56:35 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=81dfa6001083e0f6594faf9a992d61bc13cc74fc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:de:f9:30:2a:ba:9f:97:b1:0d:70:58:ab:c1:
83:fe:5e:36:db:43:0e:c9:9e:e2:e5:3d:7b:0d:2b:
d6:90:53:97:3b:91:6a:4a:a0:05:5c:24:dd:41:56:
b6:66:90:d0:18:b1:ee:f7:67:3e:d9:7a:6b:50:70:
f7:2c:88:a3:59:60:f9:3c:a4:67:01:51:cf:9e:c6:
f7:67:92:2d:e1:6e:4a:f4:3b:c0:33:93:96:17:ae:
50:6a:5d:b7:76:15:18:87:8d:bc:35:46:20:1f:07:
59:0a:a8:2f:ee:3f:72:52:d6:14:74:e9:07:d4:02:
1f:c9:41:38:c2:86:fb:ab:04:0e:a8:77:1f:94:e2:
d6:c3:3e:6c:01:08:71:fe:7b:d3:93:55:e2:7e:5c:
81:e6:07:12:47:03:9b:5b:6d:2f:45:5b:60:42:b5:
6e:c3:9b:99:bf:e5:64:f0:7a:fc:47:a0:15:d9:f2:
7c:73:24:82:d3:24:38:cb:74:d0:33:d1:52:93:12:
c0:0e:61:8e:fd:7e:9b:56:74:67:a1:35:2a:ee:6c:
dd:c9:f6:59:0c:b0:2e:f4:f6:95:74:d4:4b:2f:21:
c7:43:61:6b:bb:7a:28:5f:9b:0c:a5:6c:79:e5:ef:
69:85:23:72:e4:9a:8c:29:51:12:dc:99:85:2b:53:
c8:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
81:DF:A6:00:10:83:E0:F6:59:4F:AF:9A:99:2D:61:BC:13:CC:74:FC
X509v3 Authority Key Identifier:
keyid:1B:C1:99:4E:A6:3D:50:DB:C8:B4:3A:CE:CA:D2:84:2B:4D:C1:57:59
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/G8GZTqY9UNvItDrOytKEK03BV1k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/08/13bdba-0715-4e26-b076-af5867476309/1/gd-mABCD4PZZT6-amS1hvBPMdPw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/08/13bdba-0715-4e26-b076-af5867476309/1/G8GZTqY9UNvItDrOytKEK03BV1k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.109.97.0-78.109.103.255
185.90.134.0/23
193.42.20.0/24
Signature Algorithm: sha256WithRSAEncryption
86:17:e4:eb:fc:fd:63:8d:46:93:48:e6:31:c3:08:a0:bb:a4:
99:42:ed:57:cc:5b:da:64:81:c6:b4:2c:47:fc:74:a3:97:db:
0a:91:9c:ae:96:08:8a:4d:47:9c:24:5c:64:99:19:35:ab:18:
ed:a1:70:34:8a:ed:4e:50:c2:23:4f:85:1b:28:6f:9a:f8:eb:
6f:b2:d4:85:8e:6d:f2:01:27:99:f3:17:55:0d:13:39:de:8b:
15:20:98:75:a3:f8:bd:14:12:8f:c3:38:1b:1b:fc:93:f7:0f:
70:f7:c4:8c:f5:fd:fe:10:16:b6:67:60:ae:13:99:a4:b0:bb:
50:db:56:57:6a:26:c5:7c:d3:69:f1:49:0b:de:b5:65:b8:e3:
11:66:44:05:cd:fd:25:26:67:2f:48:79:d7:31:7b:b0:4f:73:
43:1b:fe:43:d3:06:76:c6:74:38:6f:4d:60:f1:05:48:42:47:
72:a8:e4:6b:a5:01:94:09:9a:ae:74:87:02:a6:3b:d7:02:68:
a7:cc:58:39:20:91:70:40:06:7d:14:05:f0:dc:c8:ec:ad:b8:
d9:21:f9:6b:ec:a2:14:44:ab:80:d8:3e:0c:3d:47:51:43:03:
dc:93:98:5a:64:c2:6c:56:30:5d:9c:81:13:02:ee:57:77:ef:
df:d0:ff:f2
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgIEA/hOhTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
YmMxOTk0ZWE2M2Q1MGRiYzhiNDNhY2VjYWQyODQyYjRkYzE1NzU5MB4XDTIyMDEw
MTA1NTYzNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoODFkZmE2MDAxMDgz
ZTBmNjU5NGZhZjlhOTkyZDYxYmMxM2NjNzRmYzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJre+TAqup+XsQ1wWKvBg/5eNttDDsme4uU9ew0r1pBTlzuR
akqgBVwk3UFWtmaQ0Bix7vdnPtl6a1Bw9yyIo1lg+TykZwFRz57G92eSLeFuSvQ7
wDOTlheuUGpdt3YVGIeNvDVGIB8HWQqoL+4/clLWFHTpB9QCH8lBOMKG+6sEDqh3
H5Ti1sM+bAEIcf5705NV4n5cgeYHEkcDm1ttL0VbYEK1bsObmb/lZPB6/EegFdny
fHMkgtMkOMt00DPRUpMSwA5hjv1+m1Z0Z6E1Ku5s3cn2WQywLvT2lXTUSy8hx0Nh
a7t6KF+bDKVseeXvaYUjcuSajClREtyZhStTyJcCAwEAAaOCAh0wggIZMB0GA1Ud
DgQWBBSB36YAEIPg9llPr5qZLWG8E8x0/DAfBgNVHSMEGDAWgBQbwZlOpj1Q28i0
Os7K0oQrTcFXWTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0c4R1pUcVk5VU52SXREck95dEtFSzAzQlYxay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMDgvMTNiZGJhLTA3MTUtNGUyNi1iMDc2LWFmNTg2NzQ3NjMwOS8x
L2dkLW1BQkNENFBaWlQ2LWFtUzFodkJQTWRQdy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMDgv
MTNiZGJhLTA3MTUtNGUyNi1iMDc2LWFmNTg2NzQ3NjMwOS8xL0c4R1pUcVk5VU52
SXREck95dEtFSzAzQlYxay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAz
BggrBgEFBQcBBwEB/wQkMCIwIAQCAAEwGjAMAwQATm1hAwQDTm1gAwQBuVqGAwQA
wSoUMA0GCSqGSIb3DQEBCwUAA4IBAQCGF+Tr/P1jjUaTSOYxwwigu6SZQu1XzFva
ZIHGtCxH/HSjl9sKkZyulgiKTUecJFxkmRk1qxjtoXA0iu1OUMIjT4UbKG+a+Otv
stSFjm3yASeZ8xdVDRM53osVIJh1o/i9FBKPwzgbG/yT9w9w98SM9f3+EBa2Z2Cu
E5mksLtQ21ZXaibFfNNp8UkL3rVluOMRZkQFzf0lJmcvSHnXMXuwT3NDG/5D0wZ2
xnQ4b01g8QVIQkdyqORrpQGUCZqudIcCpjvXAminzFg5IJFwQAZ9FAXw3MjsrbjZ
Iflr7KIURKuA2D4MPUdRQwPck5haZMJsVjBdnIETAu5Xd+/f0P/y
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:47:02 2023 by rpki-client on console-ams.rpki-client.org