Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/df1512-3fa4-40fc-8dca-6437acd8a3cf/1/GDvpJdqHQr8eu_bggH1OwY9veQA.roa
File: GDvpJdqHQr8eu_bggH1OwY9veQA.roa (raw, json)
Hash identifier: g7IKXl2vpsCN3aVDAms+1OnA/7KjQeFuo3K74wUFGKg=
Subject key identifier: 18:3B:E9:25:DA:87:42:BF:1E:BB:F6:E0:80:7D:4E:C1:8F:6F:79:00
Certificate issuer: /CN=607c0e942bf80a7d57490cc7bb04285b02aeff7a
Certificate serial: 1A432B5C
Authority key identifier: 60:7C:0E:94:2B:F8:0A:7D:57:49:0C:C7:BB:04:28:5B:02:AE:FF:7A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YHwOlCv4Cn1XSQzHuwQoWwKu_3o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/df1512-3fa4-40fc-8dca-6437acd8a3cf/1/GDvpJdqHQr8eu_bggH1OwY9veQA.roa
Signing time: Sat 01 Jan 2022 00:51:56 +0000
ROA not before: Sat 01 Jan 2022 00:51:56 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 198761
IP address blocks: 185.25.228.0/22 maxlen: 24
91.243.64.0/23 maxlen: 24
91.242.223.0/24 maxlen: 24
213.5.236.0/23 maxlen: 24
2a04:3380::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 440609628 (0x1a432b5c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=607c0e942bf80a7d57490cc7bb04285b02aeff7a
Validity
Not Before: Jan 1 00:51:56 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=183be925da8742bf1ebbf6e0807d4ec18f6f7900
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:23:96:9a:77:4b:8d:88:15:fc:11:18:8b:c7:
be:34:89:dd:a4:c6:45:f1:06:2b:71:a2:08:ec:54:
b2:45:1d:44:4a:88:e9:0a:12:49:aa:08:9c:4c:07:
1c:e9:e2:44:44:13:2e:c0:1c:aa:0a:e4:1d:8f:e3:
8f:0f:84:41:87:ee:39:0b:ed:a0:3b:30:dd:59:0f:
cf:b6:4b:65:db:6a:66:88:9d:11:b3:9c:5a:a7:50:
00:65:e9:35:59:e9:0f:9f:16:a2:e6:0e:fb:41:dc:
6c:58:44:a4:ab:89:c3:8f:58:58:ba:95:71:b1:9d:
4b:a2:8f:98:b6:2c:ac:3e:cb:77:a0:67:d7:8b:28:
b2:62:7f:87:44:5b:dc:4f:4d:ea:e0:81:b3:5c:50:
6f:e7:2c:96:0c:3b:ef:eb:3a:29:2b:dd:06:a0:e5:
07:7e:bc:14:27:48:29:95:f9:c6:ea:11:8e:64:f8:
03:f5:3e:c8:f7:8f:fd:af:11:70:60:16:0e:3e:2a:
d5:b7:8d:69:fe:37:15:7a:55:6f:b7:f7:98:30:5d:
1f:65:c8:8e:22:41:d9:2b:e1:67:b2:ea:64:d0:ec:
64:86:c6:56:8a:a4:bb:99:65:16:03:1c:60:c9:0d:
68:fd:97:54:f2:21:8d:d2:78:49:ed:3b:e0:fc:55:
29:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
18:3B:E9:25:DA:87:42:BF:1E:BB:F6:E0:80:7D:4E:C1:8F:6F:79:00
X509v3 Authority Key Identifier:
keyid:60:7C:0E:94:2B:F8:0A:7D:57:49:0C:C7:BB:04:28:5B:02:AE:FF:7A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YHwOlCv4Cn1XSQzHuwQoWwKu_3o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/df1512-3fa4-40fc-8dca-6437acd8a3cf/1/GDvpJdqHQr8eu_bggH1OwY9veQA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/45/df1512-3fa4-40fc-8dca-6437acd8a3cf/1/YHwOlCv4Cn1XSQzHuwQoWwKu_3o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.242.223.0/24
91.243.64.0/23
185.25.228.0/22
213.5.236.0/23
IPv6:
2a04:3380::/29
Signature Algorithm: sha256WithRSAEncryption
9f:53:24:14:94:eb:79:2a:da:ff:03:34:08:82:0a:ba:25:2a:
3f:61:50:5b:ab:0d:2e:21:5b:5a:ba:10:8e:f1:54:e6:ed:51:
06:5d:8f:a9:5d:70:b2:37:c0:43:3d:a1:8d:aa:96:17:b5:20:
fc:14:4f:80:0f:05:88:e4:b9:ff:af:ee:f3:c6:3d:3b:81:44:
9b:68:b9:09:08:38:de:05:eb:27:16:71:84:55:79:e1:26:63:
ec:e5:cc:da:6b:0f:cd:67:2a:8b:1a:af:1e:69:96:f4:3b:c5:
00:e1:10:5e:9d:c7:16:8e:e4:3b:e4:0a:8a:6e:a2:45:0a:62:
f0:5b:49:57:61:23:42:d1:53:bd:cc:de:0c:84:94:dc:d7:eb:
d4:c6:56:7d:12:c4:41:7e:39:03:13:c3:59:19:8f:7d:e7:34:
80:ee:d8:f4:31:69:e2:3d:4a:2e:3f:91:b8:91:2b:ae:f0:82:
78:0d:6c:24:43:73:52:02:65:cd:5f:d9:22:28:29:84:eb:bf:
ea:f9:32:36:e1:c9:20:1a:11:dc:0c:d4:c7:77:69:fa:63:bf:
7a:0a:f1:dd:95:0a:64:e0:5c:7a:a4:5b:d4:80:ef:9c:ab:24:
4b:3f:b2:7b:ca:3c:bb:60:2b:3b:22:37:55:7b:6d:79:0d:63:
31:58:f4:60
-----BEGIN CERTIFICATE-----
MIIFEDCCA/igAwIBAgIEGkMrXDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
MDdjMGU5NDJiZjgwYTdkNTc0OTBjYzdiYjA0Mjg1YjAyYWVmZjdhMB4XDTIyMDEw
MTAwNTE1NloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMTgzYmU5MjVkYTg3
NDJiZjFlYmJmNmUwODA3ZDRlYzE4ZjZmNzkwMDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALcjlpp3S42IFfwRGIvHvjSJ3aTGRfEGK3GiCOxUskUdREqI
6QoSSaoInEwHHOniREQTLsAcqgrkHY/jjw+EQYfuOQvtoDsw3VkPz7ZLZdtqZoid
EbOcWqdQAGXpNVnpD58WouYO+0HcbFhEpKuJw49YWLqVcbGdS6KPmLYsrD7Ld6Bn
14sosmJ/h0Rb3E9N6uCBs1xQb+cslgw77+s6KSvdBqDlB368FCdIKZX5xuoRjmT4
A/U+yPeP/a8RcGAWDj4q1beNaf43FXpVb7f3mDBdH2XIjiJB2SvhZ7LqZNDsZIbG
Voqku5llFgMcYMkNaP2XVPIhjdJ4Se074PxVKVUCAwEAAaOCAiowggImMB0GA1Ud
DgQWBBQYO+kl2odCvx679uCAfU7Bj295ADAfBgNVHSMEGDAWgBRgfA6UK/gKfVdJ
DMe7BChbAq7/ejAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1lId09sQ3Y0Q24xWFNRekh1d1FvV3dLdV8zby5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNDUvZGYxNTEyLTNmYTQtNDBmYy04ZGNhLTY0MzdhY2Q4YTNjZi8x
L0dEdnBKZHFIUXI4ZXVfYmdnSDFPd1k5dmVRQS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNDUv
ZGYxNTEyLTNmYTQtNDBmYy04ZGNhLTY0MzdhY2Q4YTNjZi8xL1lId09sQ3Y0Q24x
WFNRekh1d1FvV3dLdV8zby5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBA
BggrBgEFBQcBBwEB/wQxMC8wHgQCAAEwGAMEAFvy3wMEAVvzQAMEArkZ5AMEAdUF
7DANBAIAAjAHAwUDKgQzgDANBgkqhkiG9w0BAQsFAAOCAQEAn1MkFJTreSra/wM0
CIIKuiUqP2FQW6sNLiFbWroQjvFU5u1RBl2PqV1wsjfAQz2hjaqWF7Ug/BRPgA8F
iOS5/6/u88Y9O4FEm2i5CQg43gXrJxZxhFV54SZj7OXM2msPzWcqixqvHmmW9DvF
AOEQXp3HFo7kO+QKim6iRQpi8FtJV2EjQtFTvczeDISU3Nfr1MZWfRLEQX45AxPD
WRmPfec0gO7Y9DFp4j1KLj+RuJErrvCCeA1sJENzUgJlzV/ZIigphOu/6vkyNuHJ
IBoR3AzUx3dp+mO/egrx3ZUKZOBceqRb1IDvnKskSz+ye8o8u2ArOyI3VXtteQ1j
MVj0YA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:27:34 2024 by rpki-client on console-fra.rpki-client.org