Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/dd6e1d-abc9-473b-a91a-d8721375644a/1/gAJX_ztchnBELtTVNmF4L768pxw.roa
File: gAJX_ztchnBELtTVNmF4L768pxw.roa (raw, json)
Hash identifier: qbwigAkBkRcxCc6A2Wq0N7toJSoXw+5Z+2DnPyo+7us=
Subject key identifier: 80:02:57:FF:3B:5C:86:70:44:2E:D4:D5:36:61:78:2F:BE:BC:A7:1C
Certificate issuer: /CN=5e0ff8aaf7453114147028d54ae1c693a8a147bc
Certificate serial: 0187135B5B740C85DACB06EA2A0B563F0F0F
Authority key identifier: 5E:0F:F8:AA:F7:45:31:14:14:70:28:D5:4A:E1:C6:93:A8:A1:47:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Xg_4qvdFMRQUcCjVSuHGk6ihR7w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/09/dd6e1d-abc9-473b-a91a-d8721375644a/1/gAJX_ztchnBELtTVNmF4L768pxw.roa
Signing time: Fri 24 Mar 2023 11:22:46 +0000
ROA not before: Fri 24 Mar 2023 11:22:46 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212165
IP address blocks: 185.224.212.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:13:5b:5b:74:0c:85:da:cb:06:ea:2a:0b:56:3f:0f:0f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5e0ff8aaf7453114147028d54ae1c693a8a147bc
Validity
Not Before: Mar 24 11:22:46 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=800257ff3b5c8670442ed4d53661782fbebca71c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:67:10:b8:8b:d8:e8:0f:ad:f8:e8:2a:00:18:
c1:62:98:8d:a7:5c:2f:6e:d4:2b:ce:13:f2:ba:8e:
31:41:84:73:3b:2e:c4:15:f4:2c:85:b4:7f:04:53:
4d:38:44:51:de:35:62:66:43:97:34:b2:9c:d2:36:
ad:2c:63:61:c0:5d:96:11:33:58:18:91:eb:32:ed:
5f:c6:77:bc:1c:40:c4:9b:17:b8:88:10:1d:45:71:
37:3e:df:d8:af:63:4f:a4:da:df:3f:3a:8c:92:46:
3b:a8:7d:be:32:57:a1:82:c5:97:f7:08:02:33:46:
8c:b2:71:93:cb:cb:87:81:c0:5c:48:fd:ca:53:ba:
53:0a:bc:92:80:44:63:7e:2d:cc:c7:a8:cd:41:46:
23:14:62:d6:34:99:03:06:e7:c7:fe:e1:0b:4d:cf:
90:84:21:b1:6d:54:e7:91:69:1b:21:f0:3c:28:90:
37:4a:d9:a6:e8:c8:2e:0d:7f:34:7d:02:53:b7:0f:
d0:15:41:7e:75:3e:d2:19:51:bd:dd:7a:4c:17:4e:
87:f4:b5:18:ac:e7:32:07:2b:18:52:71:d7:8f:6b:
a4:2d:d4:4e:6e:77:8b:2c:d5:73:5a:de:08:00:e7:
35:4a:ce:51:b0:87:43:c7:9d:dc:e9:cf:90:39:b4:
7d:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
80:02:57:FF:3B:5C:86:70:44:2E:D4:D5:36:61:78:2F:BE:BC:A7:1C
X509v3 Authority Key Identifier:
keyid:5E:0F:F8:AA:F7:45:31:14:14:70:28:D5:4A:E1:C6:93:A8:A1:47:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Xg_4qvdFMRQUcCjVSuHGk6ihR7w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/dd6e1d-abc9-473b-a91a-d8721375644a/1/gAJX_ztchnBELtTVNmF4L768pxw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/09/dd6e1d-abc9-473b-a91a-d8721375644a/1/Xg_4qvdFMRQUcCjVSuHGk6ihR7w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.224.212.0/24
Signature Algorithm: sha256WithRSAEncryption
15:46:21:8a:35:2e:8c:36:a9:e4:20:b0:f6:c4:4f:19:a8:21:
8c:27:47:c5:a9:61:3e:e2:5e:50:d4:9a:70:a0:44:02:19:92:
cf:5b:27:0f:31:c3:8f:15:40:9f:9f:2c:a1:08:66:f0:19:5f:
bb:a8:f1:2e:cd:74:54:07:7c:70:b2:88:0e:de:7e:86:90:3d:
f7:b5:b8:d6:fd:6b:75:81:3d:17:4f:3d:ad:18:23:5d:e9:90:
2e:0c:f2:99:b4:a8:9f:a7:b6:a0:90:84:80:62:6d:b9:99:b4:
60:0d:1c:cc:15:ac:df:7d:f4:4a:ca:51:5b:99:9f:06:4b:71:
54:dc:f7:a2:88:f3:58:24:d0:39:30:71:b2:b3:42:49:4a:04:
37:c4:fa:9d:3f:5f:c1:67:78:3f:1f:1a:e9:bf:b2:08:48:bf:
ff:3b:e9:17:21:83:46:3f:5d:bc:87:3d:ff:10:43:bb:77:28:
fa:ec:19:c1:d2:7c:6d:c9:d8:ab:4a:ff:b3:20:f4:0d:27:75:
ea:c0:b7:a1:8a:6d:d3:ec:a7:bf:3c:44:af:4d:98:5b:5e:96:
08:f0:60:d6:92:b6:95:ac:45:d7:02:60:1d:3e:b5:55:70:92:
ff:fd:ae:f2:96:99:50:b0:8c:d9:d5:fe:39:89:b9:0e:59:03:
ec:63:d7:5e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYcTW1t0DIXaywbqKgtWPw8PMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlMGZmOGFhZjc0NTMxMTQxNDcwMjhkNTRhZTFjNjkzYThh
MTQ3YmMwHhcNMjMwMzI0MTEyMjQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MDAyNTdmZjNiNWM4NjcwNDQyZWQ0ZDUzNjYxNzgyZmJlYmNhNzFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApGcQuIvY6A+t+OgqABjBYpiNp1wv
btQrzhPyuo4xQYRzOy7EFfQshbR/BFNNOERR3jViZkOXNLKc0jatLGNhwF2WETNY
GJHrMu1fxne8HEDEmxe4iBAdRXE3Pt/Yr2NPpNrfPzqMkkY7qH2+MlehgsWX9wgC
M0aMsnGTy8uHgcBcSP3KU7pTCrySgERjfi3Mx6jNQUYjFGLWNJkDBufH/uELTc+Q
hCGxbVTnkWkbIfA8KJA3Stmm6MguDX80fQJTtw/QFUF+dT7SGVG93XpMF06H9LUY
rOcyBysYUnHXj2ukLdRObneLLNVzWt4IAOc1Ss5RsIdDx53c6c+QObR9uQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIACV/87XIZwRC7U1TZheC++vKccMB8GA1UdIwQY
MBaAFF4P+Kr3RTEUFHAo1UrhxpOooUe8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWGdfNHF2ZEZNUlFVY0NqVlN1SEdrNmloUjd3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOS9kZDZlMWQtYWJjOS00NzNiLWE5MWEt
ZDg3MjEzNzU2NDRhLzEvZ0FKWF96dGNobkJFTHRUVk5tRjRMNzY4cHh3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOS9kZDZlMWQtYWJjOS00NzNiLWE5MWEtZDg3MjEzNzU2NDRh
LzEvWGdfNHF2ZEZNUlFVY0NqVlN1SEdrNmloUjd3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAueDUMA0G
CSqGSIb3DQEBCwUAA4IBAQAVRiGKNS6MNqnkILD2xE8ZqCGMJ0fFqWE+4l5Q1Jpw
oEQCGZLPWycPMcOPFUCfnyyhCGbwGV+7qPEuzXRUB3xwsogO3n6GkD33tbjW/Wt1
gT0XTz2tGCNd6ZAuDPKZtKifp7agkISAYm25mbRgDRzMFazfffRKylFbmZ8GS3FU
3PeiiPNYJNA5MHGys0JJSgQ3xPqdP1/BZ3g/Hxrpv7IISL//O+kXIYNGP128hz3/
EEO7dyj67BnB0nxtydirSv+zIPQNJ3XqwLehim3T7Ke/PESvTZhbXpYI8GDWkraV
rEXXAmAdPrVVcJL//a7ylplQsIzZ1f45ibkOWQPsY9de
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:26:37 2025 by rpki-client