Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/76/96dec8-7720-4efc-bd39-84faaf105a97/1/gqpVEspilWRg2eb3WH7-E9LRo2k.roa
File: gqpVEspilWRg2eb3WH7-E9LRo2k.roa (raw, json)
Hash identifier: rYmQ9d0kxMG4B2AbpjQ5DKMFBlhNLoLXjO/UQAFmLzg=
Subject key identifier: 82:AA:55:12:CA:62:95:64:60:D9:E6:F7:58:7E:FE:13:D2:D1:A3:69
Certificate issuer: /CN=897da6001b12383068fe71a30f8cf285c66830fe
Certificate serial: 0CEDA42F
Authority key identifier: 89:7D:A6:00:1B:12:38:30:68:FE:71:A3:0F:8C:F2:85:C6:68:30:FE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iX2mABsSODBo_nGjD4zyhcZoMP4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/76/96dec8-7720-4efc-bd39-84faaf105a97/1/gqpVEspilWRg2eb3WH7-E9LRo2k.roa
Signing time: Sat 01 Jan 2022 10:02:00 +0000
ROA not before: Sat 01 Jan 2022 10:02:00 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 39430
IP address blocks: 185.236.220.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 216900655 (0xceda42f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=897da6001b12383068fe71a30f8cf285c66830fe
Validity
Not Before: Jan 1 10:02:00 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=82aa5512ca62956460d9e6f7587efe13d2d1a369
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:05:11:02:d9:6d:96:b1:33:6f:ec:cb:63:81:
81:82:8d:47:a3:cf:04:23:a0:2f:69:4f:2c:5c:6f:
60:67:da:1b:0d:26:49:bf:34:e0:f3:3a:30:59:f8:
89:2d:5c:3c:58:41:d6:9f:73:24:45:7d:60:35:44:
1d:9f:1b:86:34:98:90:10:fb:c5:00:78:93:dc:99:
21:d1:e7:bd:9d:52:5b:be:ef:d8:b3:9b:f0:04:21:
ec:60:9a:30:78:49:6b:fc:7b:82:04:af:b1:0d:a9:
7f:f7:e8:55:05:8f:19:60:0a:4b:64:61:dc:70:0a:
4a:fb:2b:a2:5c:46:1d:e4:d3:f1:c5:81:61:6b:e2:
88:40:97:cf:c6:fa:60:4c:85:e2:6c:a7:9f:a6:aa:
30:fb:fd:a8:0e:29:40:2e:7a:8e:32:b3:00:73:f2:
4e:fc:8d:33:b5:d9:91:1c:a2:6f:d1:74:29:4f:6e:
78:ed:64:d9:2a:58:7e:16:46:61:e5:fb:72:89:64:
e1:1f:70:67:ba:b2:47:37:86:57:39:e7:29:3b:e8:
1b:3d:78:3a:fd:24:9c:99:fd:44:39:07:68:d8:a3:
0b:c4:ae:20:90:72:d8:c6:ec:4d:de:e2:13:f2:28:
b8:50:cf:d2:b4:8f:08:f4:15:8d:34:c0:3e:5f:2c:
eb:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
82:AA:55:12:CA:62:95:64:60:D9:E6:F7:58:7E:FE:13:D2:D1:A3:69
X509v3 Authority Key Identifier:
keyid:89:7D:A6:00:1B:12:38:30:68:FE:71:A3:0F:8C:F2:85:C6:68:30:FE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iX2mABsSODBo_nGjD4zyhcZoMP4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/76/96dec8-7720-4efc-bd39-84faaf105a97/1/gqpVEspilWRg2eb3WH7-E9LRo2k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/76/96dec8-7720-4efc-bd39-84faaf105a97/1/iX2mABsSODBo_nGjD4zyhcZoMP4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.236.220.0/22
Signature Algorithm: sha256WithRSAEncryption
bd:5b:23:39:72:6e:97:e0:ad:8b:62:d1:dd:3d:89:8e:17:84:
98:ab:b4:d7:55:d1:a4:c4:ce:c1:32:da:73:ca:32:61:c8:65:
72:29:4b:48:f1:4f:e7:d3:4f:ff:ae:d0:f1:42:aa:2f:88:f2:
60:9e:03:ce:75:4b:78:e1:ae:e0:e7:0b:b9:32:12:11:c3:0f:
66:f0:65:93:04:d9:c7:a0:63:6f:70:11:ba:3a:31:de:ed:59:
8a:19:bb:ec:32:4b:9b:d1:0a:fd:5f:fc:f2:bb:73:eb:90:7c:
44:2e:fb:ed:14:ef:c8:bd:4d:71:55:83:83:95:a4:fd:8c:a3:
9f:99:a0:44:af:26:24:c2:d1:29:95:11:e2:c7:38:f6:56:c3:
ed:6f:d7:3b:cc:ee:b5:50:74:c4:84:a0:96:5e:8f:a1:a7:3a:
8f:9d:20:62:04:12:30:fc:60:0c:d7:dd:6c:c3:1e:86:03:b4:
59:d0:63:45:f9:6b:87:c7:87:21:8a:07:b4:a8:b3:2d:88:69:
b2:e1:8d:bf:a0:4e:2f:73:64:2f:80:af:3c:67:c3:0c:3d:5a:
3d:27:41:73:f1:6c:7c:22:c4:7a:21:c8:e7:d0:0b:ee:3a:ec:
1b:53:0a:6d:8c:82:d7:61:42:2a:d5:66:5c:a0:7f:eb:05:4a:
f4:e3:16:88
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEDO2kLzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
OTdkYTYwMDFiMTIzODMwNjhmZTcxYTMwZjhjZjI4NWM2NjgzMGZlMB4XDTIyMDEw
MTEwMDIwMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoODJhYTU1MTJjYTYy
OTU2NDYwZDllNmY3NTg3ZWZlMTNkMmQxYTM2OTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJ0FEQLZbZaxM2/sy2OBgYKNR6PPBCOgL2lPLFxvYGfaGw0m
Sb804PM6MFn4iS1cPFhB1p9zJEV9YDVEHZ8bhjSYkBD7xQB4k9yZIdHnvZ1SW77v
2LOb8AQh7GCaMHhJa/x7ggSvsQ2pf/foVQWPGWAKS2Rh3HAKSvsrolxGHeTT8cWB
YWviiECXz8b6YEyF4mynn6aqMPv9qA4pQC56jjKzAHPyTvyNM7XZkRyib9F0KU9u
eO1k2SpYfhZGYeX7colk4R9wZ7qyRzeGVznnKTvoGz14Ov0knJn9RDkHaNijC8Su
IJBy2MbsTd7iE/IouFDP0rSPCPQVjTTAPl8s6zcCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSCqlUSymKVZGDZ5vdYfv4T0tGjaTAfBgNVHSMEGDAWgBSJfaYAGxI4MGj+
caMPjPKFxmgw/jAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2lYMm1BQnNTT0RCb19uR2pENHp5aGNab01QNC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNzYvOTZkZWM4LTc3MjAtNGVmYy1iZDM5LTg0ZmFhZjEwNWE5Ny8x
L2dxcFZFc3BpbFdSZzJlYjNXSDctRTlMUm8yay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzYv
OTZkZWM4LTc3MjAtNGVmYy1iZDM5LTg0ZmFhZjEwNWE5Ny8xL2lYMm1BQnNTT0RC
b19uR2pENHp5aGNab01QNC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEArns3DANBgkqhkiG9w0BAQsFAAOC
AQEAvVsjOXJul+Cti2LR3T2JjheEmKu011XRpMTOwTLac8oyYchlcilLSPFP59NP
/67Q8UKqL4jyYJ4DznVLeOGu4OcLuTISEcMPZvBlkwTZx6Bjb3ARujox3u1Zihm7
7DJLm9EK/V/88rtz65B8RC777RTvyL1NcVWDg5Wk/Yyjn5mgRK8mJMLRKZUR4sc4
9lbD7W/XO8zutVB0xISgll6Poac6j50gYgQSMPxgDNfdbMMehgO0WdBjRflrh8eH
IYoHtKizLYhpsuGNv6BOL3NkL4CvPGfDDD1aPSdBc/FsfCLEeiHI59AL7jrsG1MK
bYyC12FCKtVmXKB/6wVK9OMWiA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:35:22 2024 by rpki-client on console-fra.rpki-client.org