Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/55/2321d6-bd6c-4b2a-af83-21a700c7119f/1/Gd3RNTvzPPUUSlLcxXM9Ow_7-8Y.roa
File: Gd3RNTvzPPUUSlLcxXM9Ow_7-8Y.roa (raw, json)
Hash identifier: q05vH/Ui9DvjFcmlTzcA6XLxYKwrVLi1bMDXWDoHmCE=
Subject key identifier: 19:DD:D1:35:3B:F3:3C:F5:14:4A:52:DC:C5:73:3D:3B:0F:FB:FB:C6
Certificate issuer: /CN=dede91a0fb1f4dd17900d06db6e88336f78b5c05
Certificate serial: 0182261D84363A4A3D314B60C7BC1B343B8F
Authority key identifier: DE:DE:91:A0:FB:1F:4D:D1:79:00:D0:6D:B6:E8:83:36:F7:8B:5C:05
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3t6RoPsfTdF5ANBttuiDNveLXAU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/55/2321d6-bd6c-4b2a-af83-21a700c7119f/1/Gd3RNTvzPPUUSlLcxXM9Ow_7-8Y.roa
Signing time: Fri 22 Jul 2022 13:34:04 +0000
ROA not before: Fri 22 Jul 2022 13:34:04 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 210544
IP address blocks: 192.124.252.0/24 maxlen: 24
193.28.64.0/21 maxlen: 24
2a12:6900::/32 maxlen: 64
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:26:1d:84:36:3a:4a:3d:31:4b:60:c7:bc:1b:34:3b:8f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dede91a0fb1f4dd17900d06db6e88336f78b5c05
Validity
Not Before: Jul 22 13:34:04 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=19ddd1353bf33cf5144a52dcc5733d3b0ffbfbc6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:ac:24:f8:ed:7b:8e:18:05:43:bb:ed:0c:88:
11:c1:23:bf:08:ea:f4:bb:a8:20:54:c9:18:6c:96:
22:91:96:83:43:f2:17:f4:84:ad:de:9c:65:91:23:
3d:f5:c4:58:5a:f2:25:0b:be:d5:35:43:bb:47:8c:
e0:7b:b0:25:fb:6f:53:4b:65:7e:b9:3e:2b:94:53:
c0:94:46:44:89:a4:02:d1:c0:2c:4b:08:93:4e:11:
da:e2:83:4f:f2:55:51:15:1f:90:91:06:e8:a7:b0:
ba:d4:22:e0:39:4d:09:b6:c4:8a:65:5b:4b:69:a0:
cf:47:e6:7e:f8:81:ad:9b:04:dd:2c:42:d8:29:9a:
bb:26:19:96:92:8f:99:dc:54:71:07:49:fb:79:cc:
21:25:d8:13:22:2e:cb:03:13:5c:a8:11:ae:95:10:
f8:f6:01:43:b5:c8:3a:a4:d6:12:2a:a2:b2:2e:e1:
a5:ca:4e:c3:a2:90:be:b1:7d:41:b8:ec:fb:c0:8d:
c9:b4:f7:7e:3a:59:98:e1:a1:29:ff:af:42:55:c1:
8a:29:85:76:2f:82:18:c0:8d:2a:03:bc:24:64:7f:
89:32:58:7f:e5:df:c8:84:1a:5a:53:f1:fc:20:1a:
70:35:00:1d:d4:80:65:67:85:a1:a7:5a:94:05:99:
3c:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
19:DD:D1:35:3B:F3:3C:F5:14:4A:52:DC:C5:73:3D:3B:0F:FB:FB:C6
X509v3 Authority Key Identifier:
keyid:DE:DE:91:A0:FB:1F:4D:D1:79:00:D0:6D:B6:E8:83:36:F7:8B:5C:05
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3t6RoPsfTdF5ANBttuiDNveLXAU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/55/2321d6-bd6c-4b2a-af83-21a700c7119f/1/Gd3RNTvzPPUUSlLcxXM9Ow_7-8Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/55/2321d6-bd6c-4b2a-af83-21a700c7119f/1/3t6RoPsfTdF5ANBttuiDNveLXAU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.124.252.0/24
193.28.64.0/21
IPv6:
2a12:6900::/32
Signature Algorithm: sha256WithRSAEncryption
92:0b:2b:5a:25:ed:f3:0f:5f:98:3b:df:c9:e5:09:9a:f3:86:
80:7a:0e:a6:f4:2f:78:9f:f1:87:c6:e6:50:66:26:dd:3a:0f:
4b:95:ff:3b:16:f4:a1:af:f9:2a:1a:c7:e0:6a:88:02:ae:d6:
ba:00:99:44:5c:04:ff:ac:08:e8:1d:7c:dd:d9:cd:10:5b:9a:
2a:ca:53:6b:6d:42:73:16:99:34:57:df:7f:18:ae:e6:84:d7:
f1:c1:c5:51:06:e0:30:81:ac:c5:2f:38:ec:1f:b0:1c:9d:7f:
f9:a4:b9:8d:a4:e7:66:83:45:ed:b9:84:7f:da:8c:01:57:19:
41:e5:fd:42:bd:d5:ef:97:4e:ba:5c:5f:ff:ab:35:31:e4:37:
2f:90:1a:98:cd:ed:e7:95:e0:20:5a:79:23:69:15:db:50:b8:
46:b3:ce:63:74:a6:e8:a5:78:1a:94:d5:64:ea:f4:2e:8f:c0:
38:88:14:ce:24:35:ea:0d:7a:64:da:34:5a:a8:9a:a8:f5:ab:
dd:3a:ad:e0:a1:c9:2e:d8:f2:df:58:0b:66:f7:14:06:d0:26:
f2:6a:03:5b:47:a6:dd:fb:d6:d9:08:9c:05:49:46:02:71:81:
5e:fc:a5:05:47:33:6e:a4:b5:97:ac:2f:c4:29:db:33:09:52:
15:57:e9:b3
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYImHYQ2Oko9MUtgx7wbNDuPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRlZGU5MWEwZmIxZjRkZDE3OTAwZDA2ZGI2ZTg4MzM2Zjc4
YjVjMDUwHhcNMjIwNzIyMTMzNDA0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxOWRkZDEzNTNiZjMzY2Y1MTQ0YTUyZGNjNTczM2QzYjBmZmJmYmM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk6wk+O17jhgFQ7vtDIgRwSO/COr0
u6ggVMkYbJYikZaDQ/IX9ISt3pxlkSM99cRYWvIlC77VNUO7R4zge7Al+29TS2V+
uT4rlFPAlEZEiaQC0cAsSwiTThHa4oNP8lVRFR+QkQbop7C61CLgOU0JtsSKZVtL
aaDPR+Z++IGtmwTdLELYKZq7JhmWko+Z3FRxB0n7ecwhJdgTIi7LAxNcqBGulRD4
9gFDtcg6pNYSKqKyLuGlyk7DopC+sX1BuOz7wI3JtPd+OlmY4aEp/69CVcGKKYV2
L4IYwI0qA7wkZH+JMlh/5d/IhBpaU/H8IBpwNQAd1IBlZ4Whp1qUBZk8jwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFBnd0TU78zz1FEpS3MVzPTsP+/vGMB8GA1UdIwQY
MBaAFN7ekaD7H03ReQDQbbbogzb3i1wFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM3Q2Um9Qc2ZUZEY1QU5CdHR1aUROdmVMWEFVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NS8yMzIxZDYtYmQ2Yy00YjJhLWFmODMt
MjFhNzAwYzcxMTlmLzEvR2QzUk5UdnpQUFVVU2xMY3hYTTlPd183LThZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NS8yMzIxZDYtYmQ2Yy00YjJhLWFmODMtMjFhNzAwYzcxMTlm
LzEvM3Q2Um9Qc2ZUZEY1QU5CdHR1aUROdmVMWEFVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQAwHz8AwQD
wRxAMA0EAgACMAcDBQAqEmkAMA0GCSqGSIb3DQEBCwUAA4IBAQCSCytaJe3zD1+Y
O9/J5Qma84aAeg6m9C94n/GHxuZQZibdOg9Llf87FvShr/kqGsfgaogCrta6AJlE
XAT/rAjoHXzd2c0QW5oqylNrbUJzFpk0V99/GK7mhNfxwcVRBuAwgazFLzjsH7Ac
nX/5pLmNpOdmg0XtuYR/2owBVxlB5f1CvdXvl066XF//qzUx5DcvkBqYze3nleAg
WnkjaRXbULhGs85jdKbopXgalNVk6vQuj8A4iBTOJDXqDXpk2jRaqJqo9avdOq3g
ocku2PLfWAtm9xQG0CbyagNbR6bd+9bZCJwFSUYCcYFe/KUFRzNupLWXrC/EKdsz
CVIVV+mz
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:10:13 2024 by rpki-client on console-ams.rpki-client.org