Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/75/355efb-26b0-4112-b4b5-93c29640bbfe/1/GBmaDGzY_8LNC1D_r7vPWDd37N8.roa
File: GBmaDGzY_8LNC1D_r7vPWDd37N8.roa (raw, json)
Hash identifier: UmJi96tivkzjN1DQGnWafCQ+SRHtONgLhU+tWQLddOs=
Subject key identifier: 18:19:9A:0C:6C:D8:FF:C2:CD:0B:50:FF:AF:BB:CF:58:37:77:EC:DF
Certificate issuer: /CN=4dc871b5ddf0740b317d1e34e36b26810bb98026
Certificate serial: 01878E901EC8F37B5524474797289BBE4796
Authority key identifier: 4D:C8:71:B5:DD:F0:74:0B:31:7D:1E:34:E3:6B:26:81:0B:B9:80:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tchxtd3wdAsxfR4042smgQu5gCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/75/355efb-26b0-4112-b4b5-93c29640bbfe/1/GBmaDGzY_8LNC1D_r7vPWDd37N8.roa
Signing time: Mon 17 Apr 2023 09:33:42 +0000
ROA not before: Mon 17 Apr 2023 09:33:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 204368
IP address blocks: 185.250.89.0/24 maxlen: 24
185.250.88.0/24 maxlen: 24
185.250.91.0/24 maxlen: 24
185.250.90.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:8e:90:1e:c8:f3:7b:55:24:47:47:97:28:9b:be:47:96
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4dc871b5ddf0740b317d1e34e36b26810bb98026
Validity
Not Before: Apr 17 09:33:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=18199a0c6cd8ffc2cd0b50ffafbbcf583777ecdf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:5a:bb:96:c5:66:22:e3:ff:95:81:72:f0:7f:
b5:31:ac:53:39:28:64:3f:4f:9a:8d:77:1a:96:f3:
69:6f:58:b1:02:c9:96:b9:fc:f2:67:9d:3a:3d:c0:
24:6f:bc:fd:1d:60:11:15:09:84:a6:58:d2:8d:79:
9f:d9:77:c1:45:20:1e:95:ef:1d:90:f5:5f:4f:2c:
88:cb:7c:2d:47:e9:ea:0f:73:4d:f4:b5:58:9d:e5:
b3:23:06:6d:9e:f9:2e:f8:ac:a9:52:2e:08:49:5b:
64:5c:4b:55:16:47:dd:f8:f7:8f:f9:16:bb:18:db:
3c:d0:ca:7a:89:84:f6:0f:eb:d5:19:b5:b6:33:96:
aa:f9:d2:33:90:33:f5:00:d6:85:a2:78:3b:b5:7d:
54:5e:68:a1:f2:b3:70:7c:16:10:15:34:dd:c4:bc:
b5:2d:4a:ae:1c:84:6b:61:07:88:46:6d:fb:7b:80:
aa:57:c6:4b:79:e0:d3:cf:a1:5a:90:68:76:ee:cf:
81:ea:27:82:e6:69:9c:99:87:f0:88:70:d5:8c:bd:
9f:b8:32:33:c9:83:44:d3:66:1a:53:07:9a:d7:db:
c6:59:3d:6b:10:b9:c2:8a:a8:cc:9f:08:b8:65:49:
44:c5:ae:8b:a3:15:4a:6d:e2:ae:af:62:d9:72:5f:
96:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
18:19:9A:0C:6C:D8:FF:C2:CD:0B:50:FF:AF:BB:CF:58:37:77:EC:DF
X509v3 Authority Key Identifier:
keyid:4D:C8:71:B5:DD:F0:74:0B:31:7D:1E:34:E3:6B:26:81:0B:B9:80:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tchxtd3wdAsxfR4042smgQu5gCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/75/355efb-26b0-4112-b4b5-93c29640bbfe/1/GBmaDGzY_8LNC1D_r7vPWDd37N8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/75/355efb-26b0-4112-b4b5-93c29640bbfe/1/Tchxtd3wdAsxfR4042smgQu5gCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.250.88.0/22
Signature Algorithm: sha256WithRSAEncryption
79:c1:51:fa:db:08:6e:8c:05:79:94:4d:d7:15:63:77:52:0f:
a5:14:1d:b1:d6:df:ee:41:3e:fc:58:8c:b0:21:1f:63:6c:b6:
8a:81:2f:40:40:47:af:6c:16:eb:bf:8c:38:72:18:5a:2f:c1:
98:84:64:35:94:50:3b:87:d9:86:8c:46:c1:28:3b:e4:69:81:
b3:a9:b0:c4:70:d9:cb:9b:11:c4:3b:d8:65:7e:0a:94:8e:77:
3c:50:3e:5e:85:24:aa:ae:64:f0:82:7d:d2:70:75:7e:f2:66:
bd:eb:87:f1:e2:a3:93:5e:8d:5e:63:c4:50:ec:7d:16:f2:42:
5a:85:66:ef:94:01:1f:b7:9a:5a:94:85:b0:b2:52:d8:96:4a:
80:78:b5:9a:9f:43:19:91:67:86:fc:23:22:57:1e:d2:2d:23:
84:8d:79:d9:89:5d:1a:36:57:17:8d:e3:f7:d8:08:96:28:92:
d0:1b:ae:31:23:a3:ac:0b:2d:df:a8:5a:27:29:d9:b4:b7:55:
33:a9:ef:3b:a0:c3:61:b0:f6:3f:30:ef:3f:0b:5d:ad:f4:f0:
7e:be:5d:9d:35:73:e2:4f:b2:39:39:3e:37:a3:dc:b7:29:c7:
27:06:08:17:7f:0d:d0:e6:dc:b4:10:2c:af:1f:34:26:09:04:
47:a3:c5:dc
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYeOkB7I83tVJEdHlyibvkeWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRkYzg3MWI1ZGRmMDc0MGIzMTdkMWUzNGUzNmIyNjgxMGJi
OTgwMjYwHhcNMjMwNDE3MDkzMzQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxODE5OWEwYzZjZDhmZmMyY2QwYjUwZmZhZmJiY2Y1ODM3NzdlY2RmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0Vq7lsVmIuP/lYFy8H+1MaxTOShk
P0+ajXcalvNpb1ixAsmWufzyZ506PcAkb7z9HWARFQmEpljSjXmf2XfBRSAele8d
kPVfTyyIy3wtR+nqD3NN9LVYneWzIwZtnvku+KypUi4ISVtkXEtVFkfd+PeP+Ra7
GNs80Mp6iYT2D+vVGbW2M5aq+dIzkDP1ANaFong7tX1UXmih8rNwfBYQFTTdxLy1
LUquHIRrYQeIRm37e4CqV8ZLeeDTz6FakGh27s+B6ieC5mmcmYfwiHDVjL2fuDIz
yYNE02YaUwea19vGWT1rELnCiqjMnwi4ZUlExa6LoxVKbeKur2LZcl+WcwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBgZmgxs2P/CzQtQ/6+7z1g3d+zfMB8GA1UdIwQY
MBaAFE3IcbXd8HQLMX0eNONrJoELuYAmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVGNoeHRkM3dkQXN4ZlI0MDQyc21nUXU1Z0NZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NS8zNTVlZmItMjZiMC00MTEyLWI0YjUt
OTNjMjk2NDBiYmZlLzEvR0JtYURHellfOExOQzFEX3I3dlBXRGQzN044LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NS8zNTVlZmItMjZiMC00MTEyLWI0YjUtOTNjMjk2NDBiYmZl
LzEvVGNoeHRkM3dkQXN4ZlI0MDQyc21nUXU1Z0NZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCufpYMA0G
CSqGSIb3DQEBCwUAA4IBAQB5wVH62whujAV5lE3XFWN3Ug+lFB2x1t/uQT78WIyw
IR9jbLaKgS9AQEevbBbrv4w4chhaL8GYhGQ1lFA7h9mGjEbBKDvkaYGzqbDEcNnL
mxHEO9hlfgqUjnc8UD5ehSSqrmTwgn3ScHV+8ma964fx4qOTXo1eY8RQ7H0W8kJa
hWbvlAEft5palIWwslLYlkqAeLWan0MZkWeG/CMiVx7SLSOEjXnZiV0aNlcXjeP3
2AiWKJLQG64xI6OsCy3fqFonKdm0t1Uzqe87oMNhsPY/MO8/C12t9PB+vl2dNXPi
T7I5OT43o9y3KccnBggXfw3Q5ty0ECyvHzQmCQRHo8Xc
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:34:59 2025 by rpki-client