Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/a67b78-58c8-4311-9e69-6baa3b548d23/1/gVtS4Uhn321MTny3NlkKy1xG3KQ.roa
File: gVtS4Uhn321MTny3NlkKy1xG3KQ.roa (raw, json)
Hash identifier: J6iP4b/HWwmMSzRqzWbGTKy54IsoTz0wkt8B73bOE9g=
Subject key identifier: 81:5B:52:E1:48:67:DF:6D:4C:4E:7C:B7:36:59:0A:CB:5C:46:DC:A4
Certificate issuer: /CN=ddbe6e0adae8bb478393aab175b638644c74ccb7
Certificate serial: 0183417A46A7883B3E54B492FC9500340024
Authority key identifier: DD:BE:6E:0A:DA:E8:BB:47:83:93:AA:B1:75:B6:38:64:4C:74:CC:B7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3b5uCtrou0eDk6qxdbY4ZEx0zLc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/a67b78-58c8-4311-9e69-6baa3b548d23/1/gVtS4Uhn321MTny3NlkKy1xG3KQ.roa
Signing time: Thu 15 Sep 2022 14:07:55 +0000
ROA not before: Thu 15 Sep 2022 14:07:55 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 204229
IP address blocks: 178.212.60.0/22 maxlen: 22
185.191.60.0/23 maxlen: 23
185.191.62.0/23 maxlen: 23
185.241.118.0/23 maxlen: 23
185.241.116.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:41:7a:46:a7:88:3b:3e:54:b4:92:fc:95:00:34:00:24
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ddbe6e0adae8bb478393aab175b638644c74ccb7
Validity
Not Before: Sep 15 14:07:55 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=815b52e14867df6d4c4e7cb736590acb5c46dca4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:57:f9:38:67:3f:c2:d3:c0:c6:00:23:fe:78:
27:88:cd:65:6b:8a:e5:3a:a6:b6:47:16:c5:d4:83:
02:4d:d5:b6:10:01:7d:7b:1c:cf:d8:1c:12:6b:d6:
a2:da:09:cc:1f:8e:34:e4:7f:bd:56:98:c4:cc:0b:
3b:ce:66:e3:54:51:b0:b5:e8:fe:99:9d:0f:20:6d:
74:e7:41:3f:8d:fa:b4:4f:84:cb:a0:7b:74:4f:0e:
08:fd:f5:04:14:7a:d5:3f:75:ce:f3:31:a7:be:77:
a3:33:5d:e9:61:42:7e:87:cf:15:d8:ea:a8:8a:f8:
76:c3:69:a5:b7:b3:38:38:51:80:4a:b5:dd:a4:67:
22:39:41:cf:ef:99:95:7c:9d:02:cd:41:cc:36:d8:
90:5c:eb:00:48:c1:db:d4:ae:ca:a7:05:0a:a2:a9:
48:2f:07:dc:b0:29:9c:56:6d:1b:96:a7:98:42:df:
89:7d:2f:4c:d8:a9:bd:81:a6:9b:e5:4f:01:28:ac:
4e:41:4e:52:3e:44:0c:1d:f4:e3:94:9f:f1:f7:c4:
2e:3e:5e:94:c2:6c:62:37:cb:cc:ea:a5:1a:4c:18:
2d:74:24:cb:2a:ab:c2:94:89:c7:79:01:c1:30:cb:
0f:d2:c3:88:7f:6a:a3:af:41:b4:aa:44:5a:3c:35:
db:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
81:5B:52:E1:48:67:DF:6D:4C:4E:7C:B7:36:59:0A:CB:5C:46:DC:A4
X509v3 Authority Key Identifier:
keyid:DD:BE:6E:0A:DA:E8:BB:47:83:93:AA:B1:75:B6:38:64:4C:74:CC:B7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3b5uCtrou0eDk6qxdbY4ZEx0zLc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/a67b78-58c8-4311-9e69-6baa3b548d23/1/gVtS4Uhn321MTny3NlkKy1xG3KQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/a67b78-58c8-4311-9e69-6baa3b548d23/1/3b5uCtrou0eDk6qxdbY4ZEx0zLc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.212.60.0/22
185.191.60.0/22
185.241.116.0/22
Signature Algorithm: sha256WithRSAEncryption
62:34:69:d7:7d:33:96:94:9a:42:e1:f6:66:7f:c4:2d:81:15:
66:be:45:25:ec:90:27:60:39:18:b8:ab:79:82:71:e8:7e:2f:
6f:83:f0:f4:ea:62:a9:55:1a:9f:99:6d:91:22:63:33:e6:0b:
78:06:ac:8b:11:f2:35:3e:c1:0e:e2:d8:11:a4:89:5d:c0:fb:
4b:2a:14:48:64:ca:6b:29:f7:bb:83:aa:f7:e5:d5:6e:23:61:
00:a8:24:42:df:54:ad:93:b1:c9:16:27:05:b2:ff:28:bc:39:
81:64:c9:78:a2:cf:c4:63:56:b9:f7:4a:e7:09:8b:79:ed:23:
55:51:78:3e:e5:dc:52:ac:45:03:27:d9:a0:34:af:68:cd:6d:
dc:17:a3:ca:0c:d9:4f:d0:f4:1c:b7:25:e8:ee:42:59:15:14:
83:b8:2b:0a:ff:43:9b:e5:f0:1d:dd:e9:26:b3:05:35:cb:d3:
6c:36:33:97:c9:6d:3f:74:a5:d6:1d:5d:91:06:c7:00:f8:56:
ad:fc:f7:15:91:2a:7e:3d:b8:d2:9c:e3:cd:48:b7:ca:06:d6:
4e:72:ed:2c:78:6b:3b:96:9d:dd:13:9e:68:b7:3c:15:65:5f:
77:f8:b7:f9:c3:cc:e4:85:b3:f0:66:ba:9b:b4:33:bf:14:76:
03:3c:9a:52
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYNBekaniDs+VLSS/JUANAAkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkYmU2ZTBhZGFlOGJiNDc4MzkzYWFiMTc1YjYzODY0NGM3
NGNjYjcwHhcNMjIwOTE1MTQwNzU1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MTViNTJlMTQ4NjdkZjZkNGM0ZTdjYjczNjU5MGFjYjVjNDZkY2E0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyVf5OGc/wtPAxgAj/ngniM1la4rl
Oqa2RxbF1IMCTdW2EAF9exzP2BwSa9ai2gnMH4405H+9VpjEzAs7zmbjVFGwtej+
mZ0PIG1050E/jfq0T4TLoHt0Tw4I/fUEFHrVP3XO8zGnvnejM13pYUJ+h88V2Oqo
ivh2w2mlt7M4OFGASrXdpGciOUHP75mVfJ0CzUHMNtiQXOsASMHb1K7KpwUKoqlI
LwfcsCmcVm0blqeYQt+JfS9M2Km9gaab5U8BKKxOQU5SPkQMHfTjlJ/x98QuPl6U
wmxiN8vM6qUaTBgtdCTLKqvClInHeQHBMMsP0sOIf2qjr0G0qkRaPDXbRQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFIFbUuFIZ99tTE58tzZZCstcRtykMB8GA1UdIwQY
MBaAFN2+bgra6LtHg5OqsXW2OGRMdMy3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM2I1dUN0cm91MGVEazZxeGRiWTRaRXgwekxjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9hNjdiNzgtNThjOC00MzExLTllNjkt
NmJhYTNiNTQ4ZDIzLzEvZ1Z0UzRVaG4zMjFNVG55M05sa0t5MXhHM0tRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9hNjdiNzgtNThjOC00MzExLTllNjktNmJhYTNiNTQ4ZDIz
LzEvM2I1dUN0cm91MGVEazZxeGRiWTRaRXgwekxjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCstQ8AwQC
ub88AwQCufF0MA0GCSqGSIb3DQEBCwUAA4IBAQBiNGnXfTOWlJpC4fZmf8QtgRVm
vkUl7JAnYDkYuKt5gnHofi9vg/D06mKpVRqfmW2RImMz5gt4BqyLEfI1PsEO4tgR
pIldwPtLKhRIZMprKfe7g6r35dVuI2EAqCRC31Stk7HJFicFsv8ovDmBZMl4os/E
Y1a590rnCYt57SNVUXg+5dxSrEUDJ9mgNK9ozW3cF6PKDNlP0PQctyXo7kJZFRSD
uCsK/0Ob5fAd3ekmswU1y9NsNjOXyW0/dKXWHV2RBscA+Fat/PcVkSp+PbjSnOPN
SLfKBtZOcu0seGs7lp3dE55otzwVZV93+Lf5w8zkhbPwZrqbtDO/FHYDPJpS
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:03:00 2024 by rpki-client on console-ams.rpki-client.org