Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/63dbe5-5aa3-4f19-8da4-a8d361ce64aa/1/Gaw0HGVo9Y63L64an7rEAQ4tiB8.roa
File: Gaw0HGVo9Y63L64an7rEAQ4tiB8.roa (raw, json)
Hash identifier: lrqqQA4czWIMNoKU+6X0rcsy094q3HVl2iuqPg9+SOc=
Subject key identifier: 19:AC:34:1C:65:68:F5:8E:B7:2F:AE:1A:9F:BA:C4:01:0E:2D:88:1F
Certificate issuer: /CN=073b4c1248c4bcf22b0577dfca9b14d9063c28c0
Certificate serial: 01826BE3BC59EEE3962BBC3552BDDB095992
Authority key identifier: 07:3B:4C:12:48:C4:BC:F2:2B:05:77:DF:CA:9B:14:D9:06:3C:28:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BztMEkjEvPIrBXffypsU2QY8KMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/63dbe5-5aa3-4f19-8da4-a8d361ce64aa/1/Gaw0HGVo9Y63L64an7rEAQ4tiB8.roa
Signing time: Fri 05 Aug 2022 02:44:23 +0000
ROA not before: Fri 05 Aug 2022 02:44:23 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 206728
IP address blocks: 87.251.66.0/24 maxlen: 24
87.251.68.0/24 maxlen: 24
80.66.70.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:6b:e3:bc:59:ee:e3:96:2b:bc:35:52:bd:db:09:59:92
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=073b4c1248c4bcf22b0577dfca9b14d9063c28c0
Validity
Not Before: Aug 5 02:44:23 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=19ac341c6568f58eb72fae1a9fbac4010e2d881f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:4b:6e:fc:63:9d:a9:d7:e3:93:f0:eb:ea:df:
80:0d:d5:4c:71:46:4b:4d:63:c0:0f:52:39:b7:5a:
df:29:0b:f2:a4:83:c6:2b:28:a8:82:a1:06:7f:71:
5b:df:e8:99:6b:a4:e3:a3:c7:a4:90:ec:57:a2:fc:
4a:6e:e1:5c:9a:d0:28:ee:6f:89:09:2d:66:06:62:
5b:fb:8e:6f:ac:3a:72:36:e7:c9:96:3f:87:b0:32:
5e:10:4c:8d:63:36:78:a0:0f:33:30:70:bc:51:ce:
08:19:e8:c1:d0:5c:ff:9c:8f:90:61:3a:74:9b:71:
88:b9:96:d7:52:81:95:8c:7c:d8:d4:e7:bd:09:ee:
c3:53:bd:78:a5:40:67:70:28:c3:88:b2:bc:10:bf:
a0:ec:99:4d:85:a5:e9:10:ac:4d:2a:11:9c:71:dc:
a5:7e:b8:cf:e7:cb:f9:46:bc:e7:14:e2:de:25:c9:
35:cb:ca:b5:e7:e6:39:33:d7:18:db:5b:c8:88:6c:
94:eb:8f:53:76:92:b5:48:ee:6e:b2:fa:af:67:d8:
c5:bd:d5:b7:39:a9:7e:19:57:6c:04:9d:2f:89:4d:
56:cb:6e:36:c2:fd:60:2e:53:be:65:25:e8:b4:fd:
41:2e:c4:2a:10:30:9e:11:83:29:ca:e6:7c:4a:3a:
7a:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
19:AC:34:1C:65:68:F5:8E:B7:2F:AE:1A:9F:BA:C4:01:0E:2D:88:1F
X509v3 Authority Key Identifier:
keyid:07:3B:4C:12:48:C4:BC:F2:2B:05:77:DF:CA:9B:14:D9:06:3C:28:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BztMEkjEvPIrBXffypsU2QY8KMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/63dbe5-5aa3-4f19-8da4-a8d361ce64aa/1/Gaw0HGVo9Y63L64an7rEAQ4tiB8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/63dbe5-5aa3-4f19-8da4-a8d361ce64aa/1/BztMEkjEvPIrBXffypsU2QY8KMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.66.70.0/24
87.251.66.0/24
87.251.68.0/24
Signature Algorithm: sha256WithRSAEncryption
7b:19:ba:6b:4e:79:26:95:2b:14:2f:07:c1:2c:97:92:fd:20:
52:af:8b:83:a8:73:e7:1e:23:d4:f0:f9:aa:ca:e7:85:5a:fb:
2a:9a:55:46:4b:5d:a2:97:10:6a:2c:a3:0c:89:18:da:57:86:
33:3b:bc:20:20:90:16:23:72:63:19:bc:d2:f4:af:cf:df:2f:
f0:1e:7a:88:90:ed:35:2b:21:26:6b:e7:b7:96:6f:02:32:c7:
88:7a:24:9c:b3:f7:0c:92:98:e9:8f:de:86:c5:9e:fe:86:a2:
6e:32:71:ce:94:20:0c:d2:ab:8b:6e:f2:0e:e3:df:73:98:6c:
23:4c:4c:8f:78:ce:90:35:60:a2:fd:6f:d0:38:28:eb:da:2e:
05:c9:d0:8c:fd:51:c3:cb:d3:54:4c:0b:61:01:4a:89:21:17:
a9:93:92:fd:12:ba:78:63:10:d8:42:1a:7e:d4:ca:7e:bd:51:
92:ce:9c:be:76:31:99:c7:48:81:7b:5c:c1:2f:6d:61:93:08:
2e:e5:a8:49:79:e4:b9:cb:2d:aa:b8:47:4f:e0:3f:7c:36:36:
ef:0d:06:9c:be:e3:ba:c7:b2:72:0b:0c:65:41:a5:55:ae:9f:
3e:ec:f6:2b:43:a4:08:74:be:cb:b9:3f:48:d6:0f:1b:71:6b:
fd:3b:23:e7
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYJr47xZ7uOWK7w1Ur3bCVmSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA3M2I0YzEyNDhjNGJjZjIyYjA1NzdkZmNhOWIxNGQ5MDYz
YzI4YzAwHhcNMjIwODA1MDI0NDIzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxOWFjMzQxYzY1NjhmNThlYjcyZmFlMWE5ZmJhYzQwMTBlMmQ4ODFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkktu/GOdqdfjk/Dr6t+ADdVMcUZL
TWPAD1I5t1rfKQvypIPGKyiogqEGf3Fb3+iZa6Tjo8ekkOxXovxKbuFcmtAo7m+J
CS1mBmJb+45vrDpyNufJlj+HsDJeEEyNYzZ4oA8zMHC8Uc4IGejB0Fz/nI+QYTp0
m3GIuZbXUoGVjHzY1Oe9Ce7DU714pUBncCjDiLK8EL+g7JlNhaXpEKxNKhGccdyl
frjP58v5RrznFOLeJck1y8q15+Y5M9cY21vIiGyU649TdpK1SO5usvqvZ9jFvdW3
Oal+GVdsBJ0viU1Wy242wv1gLlO+ZSXotP1BLsQqEDCeEYMpyuZ8Sjp6OQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFBmsNBxlaPWOty+uGp+6xAEOLYgfMB8GA1UdIwQY
MBaAFAc7TBJIxLzyKwV338qbFNkGPCjAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQnp0TUVrakV2UElyQlhmZnlwc1UyUVk4S01BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy82M2RiZTUtNWFhMy00ZjE5LThkYTQt
YThkMzYxY2U2NGFhLzEvR2F3MEhHVm85WTYzTDY0YW43ckVBUTR0aUI4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy82M2RiZTUtNWFhMy00ZjE5LThkYTQtYThkMzYxY2U2NGFh
LzEvQnp0TUVrakV2UElyQlhmZnlwc1UyUVk4S01BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAUEJGAwQA
V/tCAwQAV/tEMA0GCSqGSIb3DQEBCwUAA4IBAQB7GbprTnkmlSsULwfBLJeS/SBS
r4uDqHPnHiPU8PmqyueFWvsqmlVGS12ilxBqLKMMiRjaV4YzO7wgIJAWI3JjGbzS
9K/P3y/wHnqIkO01KyEma+e3lm8CMseIeiScs/cMkpjpj96GxZ7+hqJuMnHOlCAM
0quLbvIO499zmGwjTEyPeM6QNWCi/W/QOCjr2i4FydCM/VHDy9NUTAthAUqJIRep
k5L9Erp4YxDYQhp+1Mp+vVGSzpy+djGZx0iBe1zBL21hkwgu5ahJeeS5yy2quEdP
4D98NjbvDQacvuO6x7JyCwxlQaVVrp8+7PYrQ6QIdL7LuT9I1g8bcWv9OyPn
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:07:50 2024 by rpki-client on console-ams.rpki-client.org