Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/f09ecf-e805-4158-b315-f2be9f6c664c/1/GhYQWZfJJZmFbDZQ53V3j7qYdiQ.roa
File: GhYQWZfJJZmFbDZQ53V3j7qYdiQ.roa (raw, json)
Hash identifier: 9JQzyw4QydbCYGHE5ZPMDZhVTcYEAbhuPKrD1efZ1kc=
Subject key identifier: 1A:16:10:59:97:C9:25:99:85:6C:36:50:E7:75:77:8F:BA:98:76:24
Certificate issuer: /CN=8d59c4323f767ce4ffc85daad208b90c04fbd3e9
Certificate serial: 1AADD52A
Authority key identifier: 8D:59:C4:32:3F:76:7C:E4:FF:C8:5D:AA:D2:08:B9:0C:04:FB:D3:E9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jVnEMj92fOT_yF2q0gi5DAT70-k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/f09ecf-e805-4158-b315-f2be9f6c664c/1/GhYQWZfJJZmFbDZQ53V3j7qYdiQ.roa
Signing time: Sat 01 Jan 2022 16:03:02 +0000
ROA not before: Sat 01 Jan 2022 16:03:02 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 33960
IP address blocks: 212.252.202.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 447599914 (0x1aadd52a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8d59c4323f767ce4ffc85daad208b90c04fbd3e9
Validity
Not Before: Jan 1 16:03:02 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=1a16105997c92599856c3650e775778fba987624
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f3:e8:24:33:ef:1a:3a:db:a7:e7:1d:24:a6:fc:
ed:2e:41:c0:d8:27:7f:1b:ac:e6:0b:58:7a:6e:d8:
76:48:30:56:4c:bd:84:e3:1b:c4:6c:0e:eb:43:a8:
64:b5:3a:fc:99:10:79:67:64:96:74:b2:35:e7:ed:
d3:54:af:13:87:69:31:9b:8a:08:1f:51:bd:e0:1e:
16:8f:6b:fe:7d:2c:e0:a5:f6:bd:17:26:93:71:cd:
25:25:bc:5b:0c:8b:fa:39:46:64:8c:67:39:50:6d:
48:1d:1c:90:ba:68:f1:8b:72:9c:26:65:b7:5f:7a:
df:dd:09:63:25:00:60:3f:28:b7:8a:2c:28:40:8b:
92:7d:ed:96:94:c5:57:cd:c5:30:7a:57:44:f4:ab:
e8:0f:aa:c1:fa:49:56:7d:d3:b4:e5:83:21:35:ce:
5d:49:26:aa:7e:b3:33:f7:5b:98:3f:c2:0d:ac:73:
d9:a3:a3:23:0e:3a:10:6e:46:d6:07:8c:88:c6:75:
2d:3c:71:16:19:08:16:d2:76:d5:4f:f9:95:89:d4:
c5:b6:5c:81:f1:e2:9e:53:04:8b:fb:78:64:0b:21:
2b:ed:d8:f3:9e:ba:1b:a7:65:5c:c1:cf:a2:20:5f:
27:55:b1:2c:5f:bb:c5:bc:1a:17:d6:01:1e:bd:ca:
94:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1A:16:10:59:97:C9:25:99:85:6C:36:50:E7:75:77:8F:BA:98:76:24
X509v3 Authority Key Identifier:
keyid:8D:59:C4:32:3F:76:7C:E4:FF:C8:5D:AA:D2:08:B9:0C:04:FB:D3:E9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jVnEMj92fOT_yF2q0gi5DAT70-k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/f09ecf-e805-4158-b315-f2be9f6c664c/1/GhYQWZfJJZmFbDZQ53V3j7qYdiQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/f09ecf-e805-4158-b315-f2be9f6c664c/1/jVnEMj92fOT_yF2q0gi5DAT70-k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.252.202.0/24
Signature Algorithm: sha256WithRSAEncryption
3b:32:ff:47:ea:7c:ee:1c:28:d7:99:bf:5e:97:4b:62:00:81:
b3:ca:34:96:e7:b2:4e:f7:d8:98:44:b7:cb:e7:cd:af:e4:7b:
b0:2b:91:8f:4e:98:24:3a:4e:25:07:c8:ed:3c:be:d1:c9:b9:
19:af:12:42:ca:17:65:fe:0c:06:1c:ab:bb:d7:84:27:02:99:
ba:87:1e:e6:cf:6b:b6:04:1c:8d:0f:aa:c4:81:ee:75:c9:d1:
9b:b7:5c:37:aa:39:bd:68:9c:08:5f:a2:b3:fb:38:7f:4a:09:
55:fd:98:22:89:b4:78:ee:14:93:0a:b6:6b:9e:1f:95:53:d9:
46:b3:be:dc:dc:15:20:7e:d0:de:96:13:06:1f:ef:fd:40:15:
57:7d:86:4f:03:c6:28:98:ed:4d:06:5f:ea:4d:13:6d:14:72:
fc:68:78:a0:58:3a:22:18:0d:f5:f7:a7:e7:f5:5c:a1:89:69:
92:a8:23:66:31:f1:ac:c8:ec:4b:cf:64:98:fc:0f:a0:b3:03:
96:b7:78:a3:7d:ed:99:46:08:22:2c:51:b4:78:0d:6d:8e:e5:
1b:2e:d8:f6:82:f2:e3:eb:55:3f:2e:b2:13:17:9e:14:08:1b:
af:af:4e:b3:79:a9:e4:56:a3:17:c9:9c:08:86:e0:d2:0d:57:
f1:7f:63:71
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEGq3VKjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
ZDU5YzQzMjNmNzY3Y2U0ZmZjODVkYWFkMjA4YjkwYzA0ZmJkM2U5MB4XDTIyMDEw
MTE2MDMwMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMWExNjEwNTk5N2M5
MjU5OTg1NmMzNjUwZTc3NTc3OGZiYTk4NzYyNDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAPPoJDPvGjrbp+cdJKb87S5BwNgnfxus5gtYem7YdkgwVky9
hOMbxGwO60OoZLU6/JkQeWdklnSyNeft01SvE4dpMZuKCB9RveAeFo9r/n0s4KX2
vRcmk3HNJSW8WwyL+jlGZIxnOVBtSB0ckLpo8YtynCZlt196390JYyUAYD8ot4os
KECLkn3tlpTFV83FMHpXRPSr6A+qwfpJVn3TtOWDITXOXUkmqn6zM/dbmD/CDaxz
2aOjIw46EG5G1geMiMZ1LTxxFhkIFtJ21U/5lYnUxbZcgfHinlMEi/t4ZAshK+3Y
8566G6dlXMHPoiBfJ1WxLF+7xbwaF9YBHr3KlCECAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQaFhBZl8klmYVsNlDndXePuph2JDAfBgNVHSMEGDAWgBSNWcQyP3Z85P/I
XarSCLkMBPvT6TAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2pWbkVNajkyZk9UX3lGMnEwZ2k1REFUNzAtay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNjYvZjA5ZWNmLWU4MDUtNDE1OC1iMzE1LWYyYmU5ZjZjNjY0Yy8x
L0doWVFXWmZKSlptRmJEWlE1M1YzajdxWWRpUS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNjYv
ZjA5ZWNmLWU4MDUtNDE1OC1iMzE1LWYyYmU5ZjZjNjY0Yy8xL2pWbkVNajkyZk9U
X3lGMnEwZ2k1REFUNzAtay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEANT8yjANBgkqhkiG9w0BAQsFAAOC
AQEAOzL/R+p87hwo15m/XpdLYgCBs8o0lueyTvfYmES3y+fNr+R7sCuRj06YJDpO
JQfI7Ty+0cm5Ga8SQsoXZf4MBhyru9eEJwKZuoce5s9rtgQcjQ+qxIHudcnRm7dc
N6o5vWicCF+is/s4f0oJVf2YIom0eO4Ukwq2a54flVPZRrO+3NwVIH7Q3pYTBh/v
/UAVV32GTwPGKJjtTQZf6k0TbRRy/Gh4oFg6IhgN9fen5/VcoYlpkqgjZjHxrMjs
S89kmPwPoLMDlrd4o33tmUYIIixRtHgNbY7lGy7Y9oLy4+tVPy6yExeeFAgbr69O
s3mp5FajF8mcCIbg0g1X8X9jcQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:33:16 2024 by rpki-client on console-fra.rpki-client.org