Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7a/bad4a0-3e9b-4764-8a24-f3a26f055f4e/1/gqcF_rdSZiuzce8EpzFtTUzmcJI.roa
File: gqcF_rdSZiuzce8EpzFtTUzmcJI.roa (raw, json)
Hash identifier: vJcJ0dh0KSDLrpceWCiq0nVSDVVFyjtmd6QpVOYHq48=
Subject key identifier: 82:A7:05:FE:B7:52:66:2B:B3:71:EF:04:A7:31:6D:4D:4C:E6:70:92
Certificate issuer: /CN=9803c40f77bc88faf209f31d361ebbab5caeac4a
Certificate serial: 01856B4A333E1AE7AFEB3EB72CDCEC75D750
Authority key identifier: 98:03:C4:0F:77:BC:88:FA:F2:09:F3:1D:36:1E:BB:AB:5C:AE:AC:4A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mAPED3e8iPryCfMdNh67q1yurEo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7a/bad4a0-3e9b-4764-8a24-f3a26f055f4e/1/gqcF_rdSZiuzce8EpzFtTUzmcJI.roa
Signing time: Sun 01 Jan 2023 03:05:02 +0000
ROA not before: Sun 01 Jan 2023 03:05:02 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 51172
IP address blocks: 185.150.40.0/24 maxlen: 24
195.8.218.0/23 maxlen: 23
2a07:ab40::/48 maxlen: 48
2001:67c:218::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:4a:33:3e:1a:e7:af:eb:3e:b7:2c:dc:ec:75:d7:50
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9803c40f77bc88faf209f31d361ebbab5caeac4a
Validity
Not Before: Jan 1 03:05:02 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=82a705feb752662bb371ef04a7316d4d4ce67092
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:fc:65:70:98:70:af:e5:ac:cc:5e:16:9d:5d:
fb:92:e1:70:91:35:2e:cc:f4:83:8b:a2:4a:63:5f:
e3:d6:74:70:8d:0f:a8:88:e6:31:38:8f:69:7a:82:
c7:6c:52:10:82:69:cf:47:37:70:52:cd:ab:33:03:
ee:ca:bc:83:db:dd:8a:37:b0:8f:a8:46:12:0e:c6:
f4:3b:ae:cc:86:30:c6:b1:35:45:71:be:20:a8:95:
c9:08:b0:01:61:34:13:f3:cf:73:15:1b:f1:20:61:
84:10:44:04:0c:1b:48:50:6c:3a:d6:5b:d2:4b:e7:
2a:96:8d:0a:5e:22:23:ac:4c:9a:91:1e:a6:88:99:
ad:48:95:c5:5c:7d:bc:12:90:a9:8c:96:b3:ee:45:
6c:2c:34:63:39:a2:6c:ba:35:b0:d6:91:d8:00:2c:
db:30:0a:e5:fd:7d:81:c2:a5:e2:a7:af:e9:f7:30:
f1:b1:0d:1f:f4:6b:61:09:41:4d:39:a4:18:ca:06:
97:6f:8d:68:32:97:78:36:d8:a6:ee:9b:74:a1:41:
6a:1d:1a:f7:23:32:f5:1e:9d:71:a0:b6:e7:5f:a8:
52:b3:df:19:42:c1:38:5f:27:b0:e4:13:00:ae:bb:
5b:e6:87:46:54:c1:ae:d4:e2:00:72:d4:0f:18:d0:
22:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
82:A7:05:FE:B7:52:66:2B:B3:71:EF:04:A7:31:6D:4D:4C:E6:70:92
X509v3 Authority Key Identifier:
keyid:98:03:C4:0F:77:BC:88:FA:F2:09:F3:1D:36:1E:BB:AB:5C:AE:AC:4A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mAPED3e8iPryCfMdNh67q1yurEo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/bad4a0-3e9b-4764-8a24-f3a26f055f4e/1/gqcF_rdSZiuzce8EpzFtTUzmcJI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/bad4a0-3e9b-4764-8a24-f3a26f055f4e/1/mAPED3e8iPryCfMdNh67q1yurEo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.150.40.0/24
195.8.218.0/23
IPv6:
2001:67c:218::/48
2a07:ab40::/48
Signature Algorithm: sha256WithRSAEncryption
66:a6:8c:d0:a2:c2:db:84:e4:16:04:7c:2d:53:96:f6:39:4d:
77:d5:bb:35:e0:79:f3:8d:39:27:7f:02:6d:f3:dd:a8:a3:a1:
8f:cd:5f:f4:88:fa:05:5b:19:ec:0e:b8:9f:36:f0:38:0e:70:
78:d7:e0:92:fc:8e:86:a8:22:d0:56:67:71:e3:05:d2:bf:63:
12:3d:71:d4:b4:6e:f3:38:83:ff:f4:0d:93:a1:5b:ce:39:96:
a9:41:90:f1:48:b6:06:90:59:e7:23:d1:fa:ea:c9:79:d6:ef:
9c:28:1b:dd:e0:00:fd:d5:9e:a4:71:e4:a3:63:03:fc:a5:d2:
95:a5:a5:53:8c:8e:a5:13:cb:80:b4:fe:8d:64:c2:e3:58:47:
6b:7d:df:70:d7:fa:7a:1e:e1:3e:dc:d3:1b:80:e1:96:f5:7a:
cd:d0:57:d7:4d:1a:25:80:5a:1c:46:ae:55:0b:2c:2d:5f:32:
23:9f:71:52:9d:4f:39:84:b2:49:fe:19:a8:c8:b3:78:54:39:
f0:59:7a:6b:73:63:f1:48:ae:c4:1c:79:eb:66:cb:d0:f1:42:
42:cd:79:97:0f:42:db:e3:18:3e:51:b3:1e:a4:4c:0a:89:2c:
1f:e0:16:db:3b:3f:ca:58:12:e0:fb:49:c0:11:b3:71:a8:7a:
f6:0d:0d:28
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAYVrSjM+Guev6z63LNzsdddQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk4MDNjNDBmNzdiYzg4ZmFmMjA5ZjMxZDM2MWViYmFiNWNh
ZWFjNGEwHhcNMjMwMTAxMDMwNTAyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MmE3MDVmZWI3NTI2NjJiYjM3MWVmMDRhNzMxNmQ0ZDRjZTY3MDkyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwvxlcJhwr+WszF4WnV37kuFwkTUu
zPSDi6JKY1/j1nRwjQ+oiOYxOI9peoLHbFIQgmnPRzdwUs2rMwPuyryD292KN7CP
qEYSDsb0O67MhjDGsTVFcb4gqJXJCLABYTQT889zFRvxIGGEEEQEDBtIUGw61lvS
S+cqlo0KXiIjrEyakR6miJmtSJXFXH28EpCpjJaz7kVsLDRjOaJsujWw1pHYACzb
MArl/X2BwqXip6/p9zDxsQ0f9GthCUFNOaQYygaXb41oMpd4Ntim7pt0oUFqHRr3
IzL1Hp1xoLbnX6hSs98ZQsE4Xyew5BMArrtb5odGVMGu1OIActQPGNAiGQIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFIKnBf63UmYrs3HvBKcxbU1M5nCSMB8GA1UdIwQY
MBaAFJgDxA93vIj68gnzHTYeu6tcrqxKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbUFQRUQzZThpUHJ5Q2ZNZE5oNjdxMXl1ckVvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83YS9iYWQ0YTAtM2U5Yi00NzY0LThhMjQt
ZjNhMjZmMDU1ZjRlLzEvZ3FjRl9yZFNaaXV6Y2U4RXB6RnRUVXptY0pJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83YS9iYWQ0YTAtM2U5Yi00NzY0LThhMjQtZjNhMjZmMDU1ZjRl
LzEvbUFQRUQzZThpUHJ5Q2ZNZE5oNjdxMXl1ckVvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjASBAIAATAMAwQAuZYoAwQB
wwjaMBgEAgACMBIDBwAgAQZ8AhgDBwAqB6tAAAAwDQYJKoZIhvcNAQELBQADggEB
AGamjNCiwtuE5BYEfC1TlvY5TXfVuzXgefONOSd/Am3z3aijoY/NX/SI+gVbGewO
uJ828DgOcHjX4JL8joaoItBWZ3HjBdK/YxI9cdS0bvM4g//0DZOhW845lqlBkPFI
tgaQWecj0frqyXnW75woG93gAP3VnqRx5KNjA/yl0pWlpVOMjqUTy4C0/o1kwuNY
R2t933DX+noe4T7c0xuA4Zb1es3QV9dNGiWAWhxGrlULLC1fMiOfcVKdTzmEskn+
GajIs3hUOfBZemtzY/FIrsQceetmy9DxQkLNeZcPQtvjGD5Rsx6kTAqJLB/gFts7
P8pYEuD7ScARs3GoevYNDSg=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:21:36 2025 by rpki-client