Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/122641-71af-459c-b9c1-8b156db4ff35/1/gsYTMsZ3wAK8KQL9-PTCPXGHM2U.roa
File: gsYTMsZ3wAK8KQL9-PTCPXGHM2U.roa (raw, json)
Hash identifier: i8frVYsylEFYmnaTcbqmEPiWZaS9Mf0cWjU9HMVAm+A=
Subject key identifier: 82:C6:13:32:C6:77:C0:02:BC:29:02:FD:F8:F4:C2:3D:71:87:33:65
Certificate issuer: /CN=7654b0cc2c3f6b757ff52cba165d9ffa88ced30f
Certificate serial: 091590FE
Authority key identifier: 76:54:B0:CC:2C:3F:6B:75:7F:F5:2C:BA:16:5D:9F:FA:88:CE:D3:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dlSwzCw_a3V_9Sy6Fl2f-ojO0w8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/122641-71af-459c-b9c1-8b156db4ff35/1/gsYTMsZ3wAK8KQL9-PTCPXGHM2U.roa
Signing time: Sat 01 Jan 2022 06:56:44 +0000
ROA not before: Sat 01 Jan 2022 06:56:44 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 12843
IP address blocks: 194.24.242.0/24 maxlen: 24
194.24.243.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 152408318 (0x91590fe)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7654b0cc2c3f6b757ff52cba165d9ffa88ced30f
Validity
Not Before: Jan 1 06:56:44 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=82c61332c677c002bc2902fdf8f4c23d71873365
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:b2:c0:8e:b6:c1:5a:ef:41:b3:e2:80:19:32:
ab:9e:b4:15:b4:eb:fd:a8:8f:1a:dd:53:b6:e1:4e:
3b:c1:c0:d9:51:94:67:0d:fb:d0:7f:0b:40:ba:2f:
e5:9a:94:8f:43:67:a6:fc:60:27:ef:ca:32:4c:6b:
6f:d3:6c:13:49:5a:48:89:3f:78:83:59:60:31:99:
89:bb:44:5b:da:ff:76:ca:c9:c0:81:7e:25:5c:ca:
55:9e:44:b0:cc:35:79:14:7e:e3:f3:5d:32:1a:ed:
26:a0:4f:1e:0a:f1:6d:7e:9d:d8:0e:e9:53:3c:5f:
bf:7b:e3:70:d5:96:da:53:1c:0e:d6:22:84:6b:60:
f5:12:39:8f:e5:fc:70:06:46:c6:18:58:55:5d:fa:
6a:5b:f8:a1:27:e7:f7:73:ae:ab:f1:3d:20:fd:b4:
43:23:6e:10:d8:f4:7e:0d:a5:52:22:cc:f1:8e:72:
a9:dc:ee:98:3b:f4:70:58:12:35:6e:99:f3:16:d8:
b9:3c:f2:6d:bf:a2:35:7a:93:07:57:44:14:cc:46:
86:f7:81:94:cf:27:aa:90:23:85:5d:12:6f:99:49:
bd:48:6e:cd:6c:e9:60:a0:41:c7:74:6c:3c:6d:d3:
45:77:3d:88:0d:ea:77:99:6f:5b:14:13:43:ae:e1:
c4:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
82:C6:13:32:C6:77:C0:02:BC:29:02:FD:F8:F4:C2:3D:71:87:33:65
X509v3 Authority Key Identifier:
keyid:76:54:B0:CC:2C:3F:6B:75:7F:F5:2C:BA:16:5D:9F:FA:88:CE:D3:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dlSwzCw_a3V_9Sy6Fl2f-ojO0w8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/122641-71af-459c-b9c1-8b156db4ff35/1/gsYTMsZ3wAK8KQL9-PTCPXGHM2U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/122641-71af-459c-b9c1-8b156db4ff35/1/dlSwzCw_a3V_9Sy6Fl2f-ojO0w8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.24.242.0/23
Signature Algorithm: sha256WithRSAEncryption
33:46:85:60:51:66:95:15:30:53:d7:43:68:3d:c7:38:4c:c8:
2f:71:02:92:c2:ed:e3:b0:cd:16:42:bd:ed:1e:dc:86:e2:5d:
ed:88:b2:9b:19:54:ed:e5:74:b6:18:f9:8b:32:8a:04:fe:16:
31:b2:e4:4c:4a:6b:21:f6:e8:99:ac:f4:9d:6f:21:0a:90:0a:
b6:37:a1:9d:dd:f4:a6:d7:e8:fe:76:f4:10:7a:49:20:80:95:
40:60:b8:b4:89:4f:86:29:1a:b3:bb:ef:30:ec:98:74:3c:24:
26:f6:df:66:d1:12:9e:6b:64:5b:ef:00:e0:99:54:fe:17:70:
30:e9:c4:3f:24:9a:df:ea:1e:9a:ba:c5:e8:bd:fd:3d:58:64:
5c:1d:4a:ef:3c:b4:ca:04:96:97:65:56:e4:2b:a2:92:28:df:
f3:57:5f:ce:0c:03:cc:85:e8:85:21:f5:94:24:91:ea:64:6e:
d3:1a:e6:98:c4:cb:d2:9e:66:27:2e:e6:a1:74:eb:41:69:f2:
cf:fe:7e:cd:7b:9c:dd:f5:ce:76:58:01:18:ef:fb:fa:7e:e9:
bc:93:eb:7e:b2:88:06:23:8e:eb:bb:83:4a:28:df:34:77:b2:
be:d4:b6:78:8a:d1:37:be:e7:a7:24:9d:41:d5:c4:04:7a:c1:
85:85:2f:7e
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIECRWQ/jANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
NjU0YjBjYzJjM2Y2Yjc1N2ZmNTJjYmExNjVkOWZmYTg4Y2VkMzBmMB4XDTIyMDEw
MTA2NTY0NFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoODJjNjEzMzJjNjc3
YzAwMmJjMjkwMmZkZjhmNGMyM2Q3MTg3MzM2NTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAL2ywI62wVrvQbPigBkyq560FbTr/aiPGt1TtuFOO8HA2VGU
Zw370H8LQLov5ZqUj0NnpvxgJ+/KMkxrb9NsE0laSIk/eINZYDGZibtEW9r/dsrJ
wIF+JVzKVZ5EsMw1eRR+4/NdMhrtJqBPHgrxbX6d2A7pUzxfv3vjcNWW2lMcDtYi
hGtg9RI5j+X8cAZGxhhYVV36alv4oSfn93Ouq/E9IP20QyNuENj0fg2lUiLM8Y5y
qdzumDv0cFgSNW6Z8xbYuTzybb+iNXqTB1dEFMxGhveBlM8nqpAjhV0Sb5lJvUhu
zWzpYKBBx3RsPG3TRXc9iA3qd5lvWxQTQ67hxJcCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSCxhMyxnfAArwpAv349MI9cYczZTAfBgNVHSMEGDAWgBR2VLDMLD9rdX/1
LLoWXZ/6iM7TDzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2RsU3d6Q3dfYTNWXzlTeTZGbDJmLW9qTzB3OC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNTgvMTIyNjQxLTcxYWYtNDU5Yy1iOWMxLThiMTU2ZGI0ZmYzNS8x
L2dzWVRNc1ozd0FLOEtRTDktUFRDUFhHSE0yVS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTgv
MTIyNjQxLTcxYWYtNDU5Yy1iOWMxLThiMTU2ZGI0ZmYzNS8xL2RsU3d6Q3dfYTNW
XzlTeTZGbDJmLW9qTzB3OC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAcIY8jANBgkqhkiG9w0BAQsFAAOC
AQEAM0aFYFFmlRUwU9dDaD3HOEzIL3ECksLt47DNFkK97R7chuJd7YiymxlU7eV0
thj5izKKBP4WMbLkTEprIfbomaz0nW8hCpAKtjehnd30ptfo/nb0EHpJIICVQGC4
tIlPhikas7vvMOyYdDwkJvbfZtESnmtkW+8A4JlU/hdwMOnEPySa3+oemrrF6L39
PVhkXB1K7zy0ygSWl2VW5Cuikijf81dfzgwDzIXohSH1lCSR6mRu0xrmmMTL0p5m
Jy7moXTrQWnyz/5+zXuc3fXOdlgBGO/7+n7pvJPrfrKIBiOO67uDSijfNHeyvtS2
eIrRN77npySdQdXEBHrBhYUvfg==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:52:23 2023 by rpki-client on console-ams.rpki-client.org