Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1a/0cf6d7-d8ef-44a8-aa07-7768d4fbdcd3/1/goZydDJE7jfGoJhzKoC-sKdr1JE.roa
File: goZydDJE7jfGoJhzKoC-sKdr1JE.roa (raw, json)
Hash identifier: myZVrnoxuCPMWzIUCe5iyQF5PBAQUO0NnvxctiEDcFw=
Subject key identifier: 82:86:72:74:32:44:EE:37:C6:A0:98:73:2A:80:BE:B0:A7:6B:D4:91
Certificate issuer: /CN=638d9a5004c592d093cc89b0d90752e279d51854
Certificate serial: 08CD2BE7
Authority key identifier: 63:8D:9A:50:04:C5:92:D0:93:CC:89:B0:D9:07:52:E2:79:D5:18:54
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y42aUATFktCTzImw2QdS4nnVGFQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1a/0cf6d7-d8ef-44a8-aa07-7768d4fbdcd3/1/goZydDJE7jfGoJhzKoC-sKdr1JE.roa
Signing time: Sat 01 Jan 2022 13:00:30 +0000
ROA not before: Sat 01 Jan 2022 13:00:30 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 35388
IP address blocks: 85.209.24.0/22 maxlen: 24
2a09:9240::/29 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 147663847 (0x8cd2be7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=638d9a5004c592d093cc89b0d90752e279d51854
Validity
Not Before: Jan 1 13:00:30 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=828672743244ee37c6a098732a80beb0a76bd491
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:4a:42:c0:60:80:28:32:ae:10:2f:ae:98:c3:
20:7c:32:0a:58:40:15:91:58:27:cd:4b:0e:e3:22:
e5:ad:3e:4c:44:6b:af:11:09:a2:0f:f0:fc:27:62:
a9:78:00:eb:b6:75:65:be:9d:2a:67:e4:1e:3b:39:
48:32:cf:97:7b:f5:5b:8f:16:3f:46:16:08:07:09:
c2:0e:08:6f:48:13:3a:52:52:12:89:ef:85:1f:5a:
de:81:8a:66:e8:f6:99:d9:e2:8a:54:9c:f3:99:bc:
59:b5:fc:74:3c:c8:97:12:35:86:11:8a:8e:93:96:
a4:89:39:58:c1:c6:7f:fd:4a:af:d0:f4:7f:51:f8:
a5:e9:3d:8b:da:85:92:a1:2b:76:0f:1a:de:04:cc:
2a:fc:aa:6d:11:46:0e:38:0f:35:07:94:de:1a:4b:
a2:e4:31:50:cc:3d:a7:2c:1a:11:75:d6:18:d9:14:
7e:65:81:cb:6b:2c:4f:7b:fc:71:55:fb:b3:75:56:
bf:b6:11:7c:46:11:c1:78:05:ad:01:40:03:05:f2:
78:ac:19:0e:89:1d:22:51:22:ea:12:e5:75:c9:4b:
79:f0:30:1e:6d:1e:6f:d4:4f:f5:88:47:71:39:6d:
24:49:93:0d:75:96:55:9f:35:23:bc:59:5a:d3:14:
b4:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
82:86:72:74:32:44:EE:37:C6:A0:98:73:2A:80:BE:B0:A7:6B:D4:91
X509v3 Authority Key Identifier:
keyid:63:8D:9A:50:04:C5:92:D0:93:CC:89:B0:D9:07:52:E2:79:D5:18:54
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y42aUATFktCTzImw2QdS4nnVGFQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/0cf6d7-d8ef-44a8-aa07-7768d4fbdcd3/1/goZydDJE7jfGoJhzKoC-sKdr1JE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/0cf6d7-d8ef-44a8-aa07-7768d4fbdcd3/1/Y42aUATFktCTzImw2QdS4nnVGFQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.209.24.0/22
IPv6:
2a09:9240::/29
Signature Algorithm: sha256WithRSAEncryption
34:c8:2f:a6:ae:80:2c:27:43:c3:e2:34:1d:73:35:c8:e2:2c:
30:0e:11:22:7a:82:a0:f5:a1:b6:9d:4e:20:af:28:e9:35:a5:
b1:2c:0c:63:22:c2:24:cd:40:17:53:f1:c4:92:91:f0:76:cd:
dd:78:03:f6:7d:cf:94:65:87:20:c2:7b:fa:90:84:20:34:d2:
14:60:d4:64:c1:b2:6a:73:44:72:d9:2e:67:68:ae:8d:a2:0c:
a8:10:78:b0:dd:9f:c7:e3:3f:a8:6d:cb:db:99:7d:5c:3e:8d:
e2:de:c6:25:88:11:f7:bd:0c:8c:a7:b6:13:97:c0:0c:5a:51:
36:d9:8c:dc:8e:1f:7e:a0:b2:77:c8:96:04:d0:75:04:19:49:
59:1a:39:a8:84:38:1a:91:75:26:25:bd:66:d3:a5:27:48:42:
f9:94:9a:93:6a:31:45:56:0d:8e:9c:54:3b:b8:7d:80:7a:49:
fd:72:5e:5f:fa:50:63:43:99:e0:14:51:1e:39:47:02:8f:2b:
ce:aa:3a:61:30:d5:98:18:db:6d:af:f9:d2:24:3b:3c:5f:3f:
d4:45:00:b3:40:95:f0:0b:ee:a1:df:cb:73:02:9f:5a:14:4c:
c7:45:1d:f8:46:cf:17:d0:d5:bf:34:c8:49:b5:fc:4f:c1:b0:
73:64:7c:2d
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIECM0r5zANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
MzhkOWE1MDA0YzU5MmQwOTNjYzg5YjBkOTA3NTJlMjc5ZDUxODU0MB4XDTIyMDEw
MTEzMDAzMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoODI4NjcyNzQzMjQ0
ZWUzN2M2YTA5ODczMmE4MGJlYjBhNzZiZDQ5MTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKZKQsBggCgyrhAvrpjDIHwyClhAFZFYJ81LDuMi5a0+TERr
rxEJog/w/CdiqXgA67Z1Zb6dKmfkHjs5SDLPl3v1W48WP0YWCAcJwg4Ib0gTOlJS
EonvhR9a3oGKZuj2mdniilSc85m8WbX8dDzIlxI1hhGKjpOWpIk5WMHGf/1Kr9D0
f1H4pek9i9qFkqErdg8a3gTMKvyqbRFGDjgPNQeU3hpLouQxUMw9pywaEXXWGNkU
fmWBy2ssT3v8cVX7s3VWv7YRfEYRwXgFrQFAAwXyeKwZDokdIlEi6hLldclLefAw
Hm0eb9RP9YhHcTltJEmTDXWWVZ81I7xZWtMUtCMCAwEAAaOCAhgwggIUMB0GA1Ud
DgQWBBSChnJ0MkTuN8agmHMqgL6wp2vUkTAfBgNVHSMEGDAWgBRjjZpQBMWS0JPM
ibDZB1LiedUYVDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1k0MmFVQVRGa3RDVHpJbXcyUWRTNG5uVkdGUS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMWEvMGNmNmQ3LWQ4ZWYtNDRhOC1hYTA3LTc3NjhkNGZiZGNkMy8x
L2dvWnlkREpFN2pmR29KaHpLb0Mtc0tkcjFKRS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMWEv
MGNmNmQ3LWQ4ZWYtNDRhOC1hYTA3LTc3NjhkNGZiZGNkMy8xL1k0MmFVQVRGa3RD
VHpJbXcyUWRTNG5uVkdGUS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAu
BggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEAlXRGDANBAIAAjAHAwUDKgmSQDAN
BgkqhkiG9w0BAQsFAAOCAQEANMgvpq6ALCdDw+I0HXM1yOIsMA4RInqCoPWhtp1O
IK8o6TWlsSwMYyLCJM1AF1PxxJKR8HbN3XgD9n3PlGWHIMJ7+pCEIDTSFGDUZMGy
anNEctkuZ2iujaIMqBB4sN2fx+M/qG3L25l9XD6N4t7GJYgR970MjKe2E5fADFpR
NtmM3I4ffqCyd8iWBNB1BBlJWRo5qIQ4GpF1JiW9ZtOlJ0hC+ZSak2oxRVYNjpxU
O7h9gHpJ/XJeX/pQY0OZ4BRRHjlHAo8rzqo6YTDVmBjbba/50iQ7PF8/1EUAs0CV
8Avuod/LcwKfWhRMx0Ud+EbPF9DVvzTISbX8T8Gwc2R8LQ==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:44:48 2023 by rpki-client on console-fra.rpki-client.org