Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/79c4ba-38e2-4f5a-959f-47e0937989a8/1/GqDRHqKb2XkaJOzYyK7-zLO9B98.roa
File: GqDRHqKb2XkaJOzYyK7-zLO9B98.roa (raw, json)
Hash identifier: eFn15Cl4Oz8zrYWL4Q26zpmlE3vdCbQWx+pZZWMHYbc=
Subject key identifier: 1A:A0:D1:1E:A2:9B:D9:79:1A:24:EC:D8:C8:AE:FE:CC:B3:BD:07:DF
Certificate issuer: /CN=59dd542781851c0bce5a3ea5cc387650ffc8277e
Certificate serial: 01847C7000D2EF516060261CC48A89D1F6DE
Authority key identifier: 59:DD:54:27:81:85:1C:0B:CE:5A:3E:A5:CC:38:76:50:FF:C8:27:7E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Wd1UJ4GFHAvOWj6lzDh2UP_IJ34.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/79c4ba-38e2-4f5a-959f-47e0937989a8/1/GqDRHqKb2XkaJOzYyK7-zLO9B98.roa
Signing time: Tue 15 Nov 2022 17:57:05 +0000
ROA not before: Tue 15 Nov 2022 17:57:05 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 201387
IP address blocks: 185.89.240.0/22 maxlen: 22
85.91.124.0/22 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:7c:70:00:d2:ef:51:60:60:26:1c:c4:8a:89:d1:f6:de
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=59dd542781851c0bce5a3ea5cc387650ffc8277e
Validity
Not Before: Nov 15 17:57:05 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=1aa0d11ea29bd9791a24ecd8c8aefeccb3bd07df
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:8e:31:ae:e3:79:0b:24:65:d2:6a:94:c8:3d:
04:8b:b2:cf:89:f1:03:c2:9d:0e:b3:c6:c9:c7:68:
ef:e9:29:53:ce:d9:21:c5:6f:39:ef:85:31:89:32:
56:fa:fa:8f:54:8f:4e:3b:10:9c:ef:8e:41:7e:18:
49:70:cc:2b:8e:9f:8f:16:fd:3b:47:2a:c3:bd:15:
95:8d:c6:dc:60:69:9e:98:43:1c:10:2c:2d:3f:52:
95:a6:6b:a8:0c:64:82:b6:d8:d2:ba:a4:3f:f2:1f:
2b:db:43:69:19:6b:90:d9:a4:d3:0a:08:76:df:7f:
7e:a2:3e:35:f7:23:bd:68:40:13:fd:fa:80:c8:c9:
d9:d2:20:2b:38:bd:22:bb:df:2f:dd:92:f7:1d:a5:
fb:6c:e7:b0:3b:ba:e5:4c:d3:ea:9b:7c:ff:44:dc:
0f:b3:15:f7:f4:47:79:e1:65:c7:be:53:18:3f:c0:
0c:45:92:81:e2:8d:ae:ba:16:00:6f:a0:a3:79:e9:
82:d0:e5:0c:b4:5b:78:39:95:c3:f2:fa:ef:b3:ce:
7c:4e:80:ee:3a:dc:af:2c:57:18:d1:93:36:db:de:
00:e0:a5:0d:69:e6:33:02:38:06:3c:64:ef:78:18:
22:42:0b:38:35:65:f0:e2:ee:db:c9:41:54:f3:a5:
3a:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1A:A0:D1:1E:A2:9B:D9:79:1A:24:EC:D8:C8:AE:FE:CC:B3:BD:07:DF
X509v3 Authority Key Identifier:
keyid:59:DD:54:27:81:85:1C:0B:CE:5A:3E:A5:CC:38:76:50:FF:C8:27:7E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Wd1UJ4GFHAvOWj6lzDh2UP_IJ34.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/79c4ba-38e2-4f5a-959f-47e0937989a8/1/GqDRHqKb2XkaJOzYyK7-zLO9B98.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/79c4ba-38e2-4f5a-959f-47e0937989a8/1/Wd1UJ4GFHAvOWj6lzDh2UP_IJ34.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.91.124.0/22
185.89.240.0/22
Signature Algorithm: sha256WithRSAEncryption
38:ce:fa:f3:59:0c:32:b3:d9:f6:e6:20:49:ae:62:6e:5c:ef:
41:a3:a6:35:f4:a9:c0:c7:48:0a:3c:d7:ac:a5:a1:be:3c:d3:
d5:2c:c4:a1:3d:d9:f3:98:74:1e:04:f1:a3:cb:e8:19:6d:51:
73:2b:c3:e3:f7:4b:8d:f6:ee:39:c2:0b:f5:9a:f0:7c:eb:bb:
d3:36:42:81:0a:db:89:60:77:2c:a2:57:fa:c5:a7:86:c2:81:
50:a9:d0:a8:74:e2:3c:77:3f:ff:15:0a:74:59:0d:1b:e9:d7:
29:2a:1f:77:15:30:c8:a3:4d:fa:a0:59:e0:1b:d7:1f:6c:a7:
7f:67:88:4a:63:10:98:54:bd:c3:8e:71:7f:a3:e9:7e:e3:17:
a9:38:67:ad:c4:63:03:27:a9:e5:14:69:bd:28:30:d2:66:3c:
bf:8f:d0:34:8b:bc:40:87:68:ff:e3:30:9f:d8:50:7f:4b:08:
15:7c:df:5a:06:c7:47:ef:4d:6a:8e:fe:58:87:7e:c5:52:c7:
f9:3a:d7:e8:e6:c7:bb:64:dd:e5:44:62:77:9a:b0:42:4f:13:
c9:0d:28:bb:7e:65:1d:0e:e6:bf:2b:f4:b3:a8:e3:8b:29:45:
ff:e5:36:80:43:28:ed:9f:f3:56:f0:40:28:44:30:93:99:0e:
cf:4e:b0:4a
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYR8cADS71FgYCYcxIqJ0fbeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU5ZGQ1NDI3ODE4NTFjMGJjZTVhM2VhNWNjMzg3NjUwZmZj
ODI3N2UwHhcNMjIxMTE1MTc1NzA1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYWEwZDExZWEyOWJkOTc5MWEyNGVjZDhjOGFlZmVjY2IzYmQwN2RmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4Y4xruN5CyRl0mqUyD0Ei7LPifED
wp0Os8bJx2jv6SlTztkhxW8574UxiTJW+vqPVI9OOxCc745BfhhJcMwrjp+PFv07
RyrDvRWVjcbcYGmemEMcECwtP1KVpmuoDGSCttjSuqQ/8h8r20NpGWuQ2aTTCgh2
339+oj419yO9aEAT/fqAyMnZ0iArOL0iu98v3ZL3HaX7bOewO7rlTNPqm3z/RNwP
sxX39Ed54WXHvlMYP8AMRZKB4o2uuhYAb6CjeemC0OUMtFt4OZXD8vrvs858ToDu
OtyvLFcY0ZM2294A4KUNaeYzAjgGPGTveBgiQgs4NWXw4u7byUFU86U6CwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFBqg0R6im9l5GiTs2Miu/syzvQffMB8GA1UdIwQY
MBaAFFndVCeBhRwLzlo+pcw4dlD/yCd+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV2QxVUo0R0ZIQXZPV2o2bHpEaDJVUF9JSjM0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi83OWM0YmEtMzhlMi00ZjVhLTk1OWYt
NDdlMDkzNzk4OWE4LzEvR3FEUkhxS2IyWGthSk96WXlLNy16TE85Qjk4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi83OWM0YmEtMzhlMi00ZjVhLTk1OWYtNDdlMDkzNzk4OWE4
LzEvV2QxVUo0R0ZIQXZPV2o2bHpEaDJVUF9JSjM0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCVVt8AwQC
uVnwMA0GCSqGSIb3DQEBCwUAA4IBAQA4zvrzWQwys9n25iBJrmJuXO9Bo6Y19KnA
x0gKPNespaG+PNPVLMShPdnzmHQeBPGjy+gZbVFzK8Pj90uN9u45wgv1mvB867vT
NkKBCtuJYHcsolf6xaeGwoFQqdCodOI8dz//FQp0WQ0b6dcpKh93FTDIo036oFng
G9cfbKd/Z4hKYxCYVL3DjnF/o+l+4xepOGetxGMDJ6nlFGm9KDDSZjy/j9A0i7xA
h2j/4zCf2FB/SwgVfN9aBsdH701qjv5Yh37FUsf5Otfo5se7ZN3lRGJ3mrBCTxPJ
DSi7fmUdDua/K/SzqOOLKUX/5TaAQyjtn/NW8EAoRDCTmQ7PTrBK
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:55:20 2024 by rpki-client on console-ams.rpki-client.org