Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7b/05881c-2aa5-42e4-84b8-7ac3ca1f357d/1/g9Y0AK0D_Rz57DipH4gFLxpIGo4.roa
File: g9Y0AK0D_Rz57DipH4gFLxpIGo4.roa (raw, json)
Hash identifier: qQdX5o+ODssfzoff2AstSmyo/+kLTL3KlTlD7Zq1Rfo=
Subject key identifier: 83:D6:34:00:AD:03:FD:1C:F9:EC:38:A9:1F:88:05:2F:1A:48:1A:8E
Certificate issuer: /CN=6e409def4a8a89ca88f57182c52ed6d70fb91976
Certificate serial: 0184ED33BAB4F41D675A571A1206E2FC4A70
Authority key identifier: 6E:40:9D:EF:4A:8A:89:CA:88:F5:71:82:C5:2E:D6:D7:0F:B9:19:76
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bkCd70qKicqI9XGCxS7W1w-5GXY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7b/05881c-2aa5-42e4-84b8-7ac3ca1f357d/1/g9Y0AK0D_Rz57DipH4gFLxpIGo4.roa
Signing time: Wed 07 Dec 2022 15:28:21 +0000
ROA not before: Wed 07 Dec 2022 15:28:21 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 210247
IP address blocks: 192.166.38.0/24 maxlen: 24
192.166.36.0/22 maxlen: 22
192.166.36.0/24 maxlen: 24
192.166.39.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:ed:33:ba:b4:f4:1d:67:5a:57:1a:12:06:e2:fc:4a:70
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6e409def4a8a89ca88f57182c52ed6d70fb91976
Validity
Not Before: Dec 7 15:28:21 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=83d63400ad03fd1cf9ec38a91f88052f1a481a8e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:ee:88:02:bd:f4:3e:76:6f:f9:27:fa:23:3d:
dd:9d:05:3f:49:ba:db:2b:88:64:42:92:56:a8:97:
98:c4:74:12:c5:86:41:2b:66:75:b9:85:e4:ed:20:
ea:df:ad:0a:94:d2:5a:f7:c9:6c:0d:df:38:3e:d1:
d9:93:54:8b:75:5e:9c:bc:25:5d:ba:a6:61:6e:96:
0a:0b:de:99:c4:c3:fa:74:b6:09:71:e6:39:50:b4:
7f:f6:c1:83:c8:61:89:ea:d5:79:d9:30:c9:d6:92:
5a:36:57:1c:cc:13:e5:d5:29:91:b4:f6:6b:1b:a4:
71:06:1a:07:a8:3d:be:51:bf:36:45:71:b0:58:e3:
a5:9b:ea:3e:b8:3b:4e:fe:c0:35:7a:ec:4c:d3:ce:
47:ae:11:15:29:a8:14:12:b3:77:31:17:31:49:ee:
5e:7d:80:ed:b1:50:a5:e2:e4:40:78:76:9a:94:2e:
0d:af:98:01:df:63:4a:08:90:29:42:10:ed:01:34:
db:af:91:f1:9e:ac:27:95:6a:c0:e8:0d:a7:c9:da:
22:76:b4:b6:78:18:95:f8:06:a9:ae:61:85:19:5b:
37:7b:2e:18:b0:06:10:07:1e:8d:f4:a0:e2:0b:76:
d4:57:52:27:67:46:85:53:2b:4d:fc:0b:28:62:c4:
15:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
83:D6:34:00:AD:03:FD:1C:F9:EC:38:A9:1F:88:05:2F:1A:48:1A:8E
X509v3 Authority Key Identifier:
keyid:6E:40:9D:EF:4A:8A:89:CA:88:F5:71:82:C5:2E:D6:D7:0F:B9:19:76
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bkCd70qKicqI9XGCxS7W1w-5GXY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/05881c-2aa5-42e4-84b8-7ac3ca1f357d/1/g9Y0AK0D_Rz57DipH4gFLxpIGo4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/05881c-2aa5-42e4-84b8-7ac3ca1f357d/1/bkCd70qKicqI9XGCxS7W1w-5GXY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.166.36.0/22
Signature Algorithm: sha256WithRSAEncryption
2a:66:6c:cc:60:b0:12:c1:f2:ad:5e:cd:4a:d9:ba:b6:f2:e2:
e3:1b:7c:1d:51:71:00:50:d4:82:12:71:d1:5a:30:0f:bd:4b:
4b:83:59:5b:23:3b:6a:da:d3:af:00:dd:74:30:23:3a:6f:62:
95:c3:a3:63:96:8c:21:16:91:95:ea:b0:55:3d:86:63:0d:47:
97:fa:2e:85:0f:a9:25:2f:81:a7:8f:0f:d0:f8:2c:0d:c9:5f:
12:69:e5:32:db:43:0e:80:c3:67:36:e7:25:3b:04:8a:45:3a:
d2:47:c7:6c:08:36:f6:bf:20:9d:ee:79:c8:be:ae:26:6b:8c:
58:ba:16:a2:21:0d:64:27:31:02:73:a9:5e:3c:c0:46:dd:63:
e0:55:45:25:8e:07:68:05:16:fb:ab:47:83:5c:c6:fc:80:c4:
ad:47:c5:69:8b:79:7e:b6:b8:78:d7:3d:bc:19:c4:ab:fe:f4:
2b:f0:28:30:fb:c0:f6:37:3b:18:d5:3c:65:0e:69:aa:12:a1:
a7:e4:12:d3:84:ee:08:5c:22:72:28:00:a7:9d:42:4e:8a:99:
bb:b8:a2:fe:d6:37:72:84:f9:3f:8f:4f:f7:b2:17:23:6b:55:
7a:dc:bf:7b:d0:85:2f:81:7c:e6:94:11:1f:b9:ad:98:8e:2d:
f7:8d:8a:29
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYTtM7q09B1nWlcaEgbi/EpwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZlNDA5ZGVmNGE4YTg5Y2E4OGY1NzE4MmM1MmVkNmQ3MGZi
OTE5NzYwHhcNMjIxMjA3MTUyODIxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4M2Q2MzQwMGFkMDNmZDFjZjllYzM4YTkxZjg4MDUyZjFhNDgxYThlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0O6IAr30PnZv+Sf6Iz3dnQU/Sbrb
K4hkQpJWqJeYxHQSxYZBK2Z1uYXk7SDq360KlNJa98lsDd84PtHZk1SLdV6cvCVd
uqZhbpYKC96ZxMP6dLYJceY5ULR/9sGDyGGJ6tV52TDJ1pJaNlcczBPl1SmRtPZr
G6RxBhoHqD2+Ub82RXGwWOOlm+o+uDtO/sA1euxM085HrhEVKagUErN3MRcxSe5e
fYDtsVCl4uRAeHaalC4Nr5gB32NKCJApQhDtATTbr5HxnqwnlWrA6A2nydoidrS2
eBiV+AaprmGFGVs3ey4YsAYQBx6N9KDiC3bUV1InZ0aFUytN/AsoYsQVWQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIPWNACtA/0c+ew4qR+IBS8aSBqOMB8GA1UdIwQY
MBaAFG5Ane9KionKiPVxgsUu1tcPuRl2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYmtDZDcwcUtpY3FJOVhHQ3hTN1cxdy01R1hZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yi8wNTg4MWMtMmFhNS00MmU0LTg0Yjgt
N2FjM2NhMWYzNTdkLzEvZzlZMEFLMERfUno1N0RpcEg0Z0ZMeHBJR280LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yi8wNTg4MWMtMmFhNS00MmU0LTg0YjgtN2FjM2NhMWYzNTdk
LzEvYmtDZDcwcUtpY3FJOVhHQ3hTN1cxdy01R1hZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCwKYkMA0G
CSqGSIb3DQEBCwUAA4IBAQAqZmzMYLASwfKtXs1K2bq28uLjG3wdUXEAUNSCEnHR
WjAPvUtLg1lbIztq2tOvAN10MCM6b2KVw6NjlowhFpGV6rBVPYZjDUeX+i6FD6kl
L4Gnjw/Q+CwNyV8SaeUy20MOgMNnNuclOwSKRTrSR8dsCDb2vyCd7nnIvq4ma4xY
uhaiIQ1kJzECc6lePMBG3WPgVUUljgdoBRb7q0eDXMb8gMStR8Vpi3l+trh41z28
GcSr/vQr8Cgw+8D2NzsY1TxlDmmqEqGn5BLThO4IXCJyKACnnUJOipm7uKL+1jdy
hPk/j0/3shcja1V63L970IUvgXzmlBEfua2Yji33jYop
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:36:04 2024 by rpki-client on console-fra.rpki-client.org