Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/74/2640df-b5d1-4c00-b2f2-5e5b8b28059a/1/GZFOh3n0p8HHajFJRVb5xoECU84.roa
File: GZFOh3n0p8HHajFJRVb5xoECU84.roa (raw, json)
Hash identifier: GHCHfw1hGYOx0zi6kK7J67CIsrscEc75ber6q3B8L9I=
Subject key identifier: 19:91:4E:87:79:F4:A7:C1:C7:6A:31:49:45:56:F9:C6:81:02:53:CE
Certificate issuer: /CN=09d1a634bbb7aefad87d121a5fe545648738c8c5
Certificate serial: 01831794AFD9F2A8C66C488F7D546FF4D258
Authority key identifier: 09:D1:A6:34:BB:B7:AE:FA:D8:7D:12:1A:5F:E5:45:64:87:38:C8:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CdGmNLu3rvrYfRIaX-VFZIc4yMU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/74/2640df-b5d1-4c00-b2f2-5e5b8b28059a/1/GZFOh3n0p8HHajFJRVb5xoECU84.roa
Signing time: Wed 07 Sep 2022 10:52:43 +0000
ROA not before: Wed 07 Sep 2022 10:52:43 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 8769
IP address blocks: 185.121.28.0/22 maxlen: 22
185.40.184.0/22 maxlen: 22
185.254.132.0/22 maxlen: 22
2a06:9c40::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:17:94:af:d9:f2:a8:c6:6c:48:8f:7d:54:6f:f4:d2:58
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=09d1a634bbb7aefad87d121a5fe545648738c8c5
Validity
Not Before: Sep 7 10:52:43 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=19914e8779f4a7c1c76a31494556f9c6810253ce
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:d3:d6:11:c8:11:c0:38:67:68:bb:23:03:3c:
af:5f:2f:d3:b9:c6:6f:7d:cf:04:b5:dc:69:2d:51:
cc:84:bc:ed:15:4b:57:44:18:9c:be:eb:28:08:8e:
4c:fc:58:be:8e:f8:00:ab:bc:29:53:b3:8c:a4:e8:
58:27:15:a1:a9:93:f3:e9:e7:ae:34:4e:d2:c9:bc:
81:e0:9e:e5:15:d7:b7:3a:92:f0:b0:46:fa:24:18:
ee:f4:8f:71:d5:53:1f:44:f6:23:c8:fe:fb:da:c9:
f3:59:17:66:6b:d3:47:a0:de:27:b4:50:cc:19:6c:
5f:68:de:17:bb:d6:3b:05:e7:be:40:28:6c:12:aa:
ee:f0:52:6b:2d:00:9c:31:f2:f4:c2:fd:f3:50:4d:
85:15:6f:24:98:b5:20:75:00:5f:cc:4b:f0:21:ee:
ec:67:ac:19:96:61:8b:39:5e:0a:47:46:85:d1:35:
8b:03:06:d6:49:1e:d5:10:b6:38:37:ca:72:d4:e9:
61:83:76:e3:70:90:21:56:c8:30:da:1b:9f:97:b6:
e6:76:96:5e:ce:ab:70:35:88:a6:30:07:99:07:f2:
72:0a:d7:05:c7:f0:42:7a:95:d1:76:cf:f8:fe:29:
52:40:73:31:e8:6c:98:5f:24:de:77:ec:65:f7:80:
3a:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
19:91:4E:87:79:F4:A7:C1:C7:6A:31:49:45:56:F9:C6:81:02:53:CE
X509v3 Authority Key Identifier:
keyid:09:D1:A6:34:BB:B7:AE:FA:D8:7D:12:1A:5F:E5:45:64:87:38:C8:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CdGmNLu3rvrYfRIaX-VFZIc4yMU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/74/2640df-b5d1-4c00-b2f2-5e5b8b28059a/1/GZFOh3n0p8HHajFJRVb5xoECU84.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/74/2640df-b5d1-4c00-b2f2-5e5b8b28059a/1/CdGmNLu3rvrYfRIaX-VFZIc4yMU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.40.184.0/22
185.121.28.0/22
185.254.132.0/22
IPv6:
2a06:9c40::/29
Signature Algorithm: sha256WithRSAEncryption
0c:5f:3a:da:fb:e0:d7:20:1f:6f:62:3c:25:d8:ec:b2:c6:74:
2a:6a:de:be:4c:5e:b9:cb:e0:fe:ff:20:ae:80:b2:c8:83:4a:
72:48:e3:af:ad:f5:20:c1:51:79:b2:61:cd:6f:dd:ee:48:43:
b5:73:8e:44:af:f8:a2:d0:f2:52:d4:74:75:e5:e0:6e:2c:91:
39:e5:36:ff:b9:15:44:6f:a0:6a:5d:f0:b3:a3:3b:9a:93:39:
d2:0c:b0:e6:95:e4:ce:3a:f2:38:6b:67:71:28:c5:1f:c7:5f:
56:d8:88:5d:ce:42:a8:3c:4c:69:c0:94:07:ad:ca:de:47:80:
76:f8:41:86:30:62:21:bb:a1:c5:ea:ba:4f:2c:55:d4:f6:ae:
15:fb:fd:b4:e2:0f:fd:53:72:f3:c3:f4:23:d5:35:08:a9:e0:
96:75:22:12:e2:ac:e3:d0:e9:b4:15:70:36:97:87:b3:35:38:
49:35:ff:42:16:f3:50:ba:6a:3a:d4:cf:4b:7d:39:d2:38:34:
e3:a1:cb:f4:81:fd:81:76:50:62:50:b1:bf:74:da:bb:18:18:
2d:49:7e:49:65:39:26:55:ae:23:f8:07:70:bf:74:c7:ec:5d:
5a:fb:29:b4:00:cb:1b:f9:f0:e9:de:a4:7c:76:bb:35:9f:7c:
73:b9:77:1c
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYMXlK/Z8qjGbEiPfVRv9NJYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5ZDFhNjM0YmJiN2FlZmFkODdkMTIxYTVmZTU0NTY0ODcz
OGM4YzUwHhcNMjIwOTA3MTA1MjQzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxOTkxNGU4Nzc5ZjRhN2MxYzc2YTMxNDk0NTU2ZjljNjgxMDI1M2NlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq9PWEcgRwDhnaLsjAzyvXy/TucZv
fc8EtdxpLVHMhLztFUtXRBicvusoCI5M/Fi+jvgAq7wpU7OMpOhYJxWhqZPz6eeu
NE7SybyB4J7lFde3OpLwsEb6JBju9I9x1VMfRPYjyP772snzWRdma9NHoN4ntFDM
GWxfaN4Xu9Y7Bee+QChsEqru8FJrLQCcMfL0wv3zUE2FFW8kmLUgdQBfzEvwIe7s
Z6wZlmGLOV4KR0aF0TWLAwbWSR7VELY4N8py1Olhg3bjcJAhVsgw2hufl7bmdpZe
zqtwNYimMAeZB/JyCtcFx/BCepXRds/4/ilSQHMx6GyYXyTed+xl94A6JwIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFBmRTod59KfBx2oxSUVW+caBAlPOMB8GA1UdIwQY
MBaAFAnRpjS7t6762H0SGl/lRWSHOMjFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ2RHbU5MdTNydnJZZlJJYVgtVkZaSWM0eU1VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NC8yNjQwZGYtYjVkMS00YzAwLWIyZjIt
NWU1YjhiMjgwNTlhLzEvR1pGT2gzbjBwOEhIYWpGSlJWYjV4b0VDVTg0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NC8yNjQwZGYtYjVkMS00YzAwLWIyZjItNWU1YjhiMjgwNTlh
LzEvQ2RHbU5MdTNydnJZZlJJYVgtVkZaSWM0eU1VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQCuSi4AwQC
uXkcAwQCuf6EMA0EAgACMAcDBQMqBpxAMA0GCSqGSIb3DQEBCwUAA4IBAQAMXzra
++DXIB9vYjwl2OyyxnQqat6+TF65y+D+/yCugLLIg0pySOOvrfUgwVF5smHNb93u
SEO1c45Er/ii0PJS1HR15eBuLJE55Tb/uRVEb6BqXfCzozuakznSDLDmleTOOvI4
a2dxKMUfx19W2IhdzkKoPExpwJQHrcreR4B2+EGGMGIhu6HF6rpPLFXU9q4V+/20
4g/9U3Lzw/Qj1TUIqeCWdSIS4qzj0Om0FXA2l4ezNThJNf9CFvNQumo61M9LfTnS
ODTjocv0gf2BdlBiULG/dNq7GBgtSX5JZTkmVa4j+Adwv3TH7F1a+ym0AMsb+fDp
3qR8drs1n3xzuXcc
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:18:02 2024 by rpki-client on console-ams.rpki-client.org