Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/37/d2974f-7efa-4611-8827-260c377a314a/1/_GONKSTmYj9p0mhCuCzGVLYQdWc.roa
File: _GONKSTmYj9p0mhCuCzGVLYQdWc.roa (raw, json)
Hash identifier: HaK+nV17T3yWDa2Imj83gstiy0LM3B56f5Ojny+U2sM=
Subject key identifier: FC:63:8D:29:24:E6:62:3F:69:D2:68:42:B8:2C:C6:54:B6:10:75:67
Certificate issuer: /CN=706b7fea8ad35111ca687a9cd00a49f9a4f0459b
Certificate serial: 05D63290
Authority key identifier: 70:6B:7F:EA:8A:D3:51:11:CA:68:7A:9C:D0:0A:49:F9:A4:F0:45:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cGt_6orTURHKaHqc0ApJ-aTwRZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/37/d2974f-7efa-4611-8827-260c377a314a/1/_GONKSTmYj9p0mhCuCzGVLYQdWc.roa
Signing time: Sat 01 Jan 2022 05:03:08 +0000
ROA not before: Sat 01 Jan 2022 05:03:08 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 212001
IP address blocks: 185.87.170.0/24 maxlen: 24
185.87.168.0/24 maxlen: 24
185.87.169.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 97923728 (0x5d63290)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=706b7fea8ad35111ca687a9cd00a49f9a4f0459b
Validity
Not Before: Jan 1 05:03:08 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=fc638d2924e6623f69d26842b82cc654b6107567
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:9a:e4:3c:9b:51:90:2d:d7:8b:8c:15:e6:7b:
d4:0f:c9:c6:e7:20:d0:84:d1:81:ee:52:72:fe:cd:
a8:f8:5d:1d:97:a2:66:65:b4:9f:ed:cb:a7:2b:41:
32:57:27:42:17:4e:f9:29:ea:7f:1d:8b:7b:9f:e5:
56:6f:97:ad:6f:fb:e4:93:77:26:24:0e:23:0c:8f:
75:71:ab:3b:6a:2d:3f:fe:08:cb:75:bf:db:b3:27:
12:83:c4:f8:71:cd:80:de:42:d0:98:48:c0:87:79:
fd:a2:44:ad:29:06:34:ac:e5:2d:63:5a:49:15:8d:
a8:cf:08:88:89:df:cd:1b:9c:58:96:7a:30:af:3a:
74:98:34:c3:b0:c2:09:14:dc:0c:65:2b:6e:ff:2b:
66:ea:73:44:b7:80:cf:e4:cb:83:75:04:65:9c:31:
6e:a1:dd:8c:e1:da:d7:57:0b:75:11:3c:e5:48:11:
15:6a:64:59:5a:61:e1:8d:d9:f5:db:00:3a:d9:ae:
90:22:57:46:69:be:7f:cf:76:7a:6a:0e:88:b9:e0:
29:3a:59:18:18:6f:5d:8c:28:60:95:25:40:f8:53:
61:c5:ab:b1:21:0b:40:dd:7f:24:73:65:72:25:e0:
c4:e7:fd:cd:21:2c:02:68:ba:50:7a:9f:74:16:e9:
30:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FC:63:8D:29:24:E6:62:3F:69:D2:68:42:B8:2C:C6:54:B6:10:75:67
X509v3 Authority Key Identifier:
keyid:70:6B:7F:EA:8A:D3:51:11:CA:68:7A:9C:D0:0A:49:F9:A4:F0:45:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cGt_6orTURHKaHqc0ApJ-aTwRZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/37/d2974f-7efa-4611-8827-260c377a314a/1/_GONKSTmYj9p0mhCuCzGVLYQdWc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/37/d2974f-7efa-4611-8827-260c377a314a/1/cGt_6orTURHKaHqc0ApJ-aTwRZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.87.168.0-185.87.170.255
Signature Algorithm: sha256WithRSAEncryption
ad:b2:0c:7e:b1:06:74:c5:f3:7d:b9:01:19:8f:b5:b5:a4:00:
2f:00:46:c5:1b:d3:c9:20:ac:5b:e8:ba:1d:2b:73:f3:2b:b0:
d4:8f:07:59:d6:46:4b:1b:33:5d:6b:a6:85:b6:65:11:83:0f:
d9:65:07:f4:45:4a:20:21:47:96:2e:ab:61:c5:6d:87:4a:7c:
e9:49:13:0a:e8:ae:38:ad:48:ed:a4:35:75:91:48:81:9f:4c:
d9:43:4f:66:f5:5e:69:6a:41:5d:ae:ad:d2:9f:d9:f6:17:f7:
0a:94:4a:4c:48:6b:98:96:16:8f:42:54:5b:83:b2:79:ad:f7:
ec:41:3f:fc:f2:ba:a1:90:f0:37:a0:01:e5:a6:90:a0:4b:45:
01:ca:e2:71:1a:10:9f:d4:c9:f4:25:ae:3a:a3:d7:91:be:6d:
ae:6a:95:85:28:eb:5f:2d:6d:14:3a:88:0f:9b:b6:2f:15:bf:
a9:4c:b3:a8:e9:f4:e4:3b:00:e0:5b:5b:8f:b7:a0:06:4c:31:
dc:a3:27:be:99:34:1b:fc:03:cb:73:21:57:ef:aa:13:49:25:
39:56:6f:fb:3d:7b:32:6d:84:cf:e3:c1:98:c5:c7:51:20:6b:
e9:6d:bc:5e:24:60:b2:bf:a9:3f:73:b6:8f:6b:5f:8d:3c:8f:
d1:74:70:60
-----BEGIN CERTIFICATE-----
MIIE9zCCA9+gAwIBAgIEBdYykDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
MDZiN2ZlYThhZDM1MTExY2E2ODdhOWNkMDBhNDlmOWE0ZjA0NTliMB4XDTIyMDEw
MTA1MDMwOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZmM2MzhkMjkyNGU2
NjIzZjY5ZDI2ODQyYjgyY2M2NTRiNjEwNzU2NzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMya5DybUZAt14uMFeZ71A/Jxucg0ITRge5Scv7NqPhdHZei
ZmW0n+3LpytBMlcnQhdO+Snqfx2Le5/lVm+XrW/75JN3JiQOIwyPdXGrO2otP/4I
y3W/27MnEoPE+HHNgN5C0JhIwId5/aJErSkGNKzlLWNaSRWNqM8IiInfzRucWJZ6
MK86dJg0w7DCCRTcDGUrbv8rZupzRLeAz+TLg3UEZZwxbqHdjOHa11cLdRE85UgR
FWpkWVph4Y3Z9dsAOtmukCJXRmm+f892emoOiLngKTpZGBhvXYwoYJUlQPhTYcWr
sSELQN1/JHNlciXgxOf9zSEsAmi6UHqfdBbpMLUCAwEAAaOCAhEwggINMB0GA1Ud
DgQWBBT8Y40pJOZiP2nSaEK4LMZUthB1ZzAfBgNVHSMEGDAWgBRwa3/qitNREcpo
epzQCkn5pPBFmzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2NHdF82b3JUVVJIS2FIcWMwQXBKLWFUd1Jacy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzcvZDI5NzRmLTdlZmEtNDYxMS04ODI3LTI2MGMzNzdhMzE0YS8x
L19HT05LU1RtWWo5cDBtaEN1Q3pHVkxZUWRXYy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzcv
ZDI5NzRmLTdlZmEtNDYxMS04ODI3LTI2MGMzNzdhMzE0YS8xL2NHdF82b3JUVVJI
S2FIcWMwQXBKLWFUd1Jacy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAn
BggrBgEFBQcBBwEB/wQYMBYwFAQCAAEwDjAMAwQDuVeoAwQAuVeqMA0GCSqGSIb3
DQEBCwUAA4IBAQCtsgx+sQZ0xfN9uQEZj7W1pAAvAEbFG9PJIKxb6LodK3PzK7DU
jwdZ1kZLGzNda6aFtmURgw/ZZQf0RUogIUeWLqthxW2HSnzpSRMK6K44rUjtpDV1
kUiBn0zZQ09m9V5pakFdrq3Sn9n2F/cKlEpMSGuYlhaPQlRbg7J5rffsQT/88rqh
kPA3oAHlppCgS0UByuJxGhCf1Mn0Ja46o9eRvm2uapWFKOtfLW0UOogPm7YvFb+p
TLOo6fTkOwDgW1uPt6AGTDHcoye+mTQb/APLcyFX76oTSSU5Vm/7PXsybYTP48GY
xcdRIGvpbbxeJGCyv6k/c7aPa1+NPI/RdHBg
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:03:15 2024 by rpki-client on console-ams.rpki-client.org