Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7d/061716-09c6-4838-b1cb-3e86d2c29969/1/gAJu0xfYelR6L7J-SZqW11w1cdg.roa
File: gAJu0xfYelR6L7J-SZqW11w1cdg.roa (raw, json)
Hash identifier: LJ7CNL1/92Vr1pB6DRutIHjCb2u7nJBqnTJPgmy8ajw=
Subject key identifier: 80:02:6E:D3:17:D8:7A:54:7A:2F:B2:7E:49:9A:96:D7:5C:35:71:D8
Certificate issuer: /CN=02df81268829301f3d69eb96f8ac617fa25256a1
Certificate serial: 111246ED
Authority key identifier: 02:DF:81:26:88:29:30:1F:3D:69:EB:96:F8:AC:61:7F:A2:52:56:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/At-BJogpMB89aeuW-Kxhf6JSVqE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7d/061716-09c6-4838-b1cb-3e86d2c29969/1/gAJu0xfYelR6L7J-SZqW11w1cdg.roa
Signing time: Sat 01 Jan 2022 15:04:15 +0000
ROA not before: Sat 01 Jan 2022 15:04:15 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 47638
IP address blocks: 91.229.174.0/23 maxlen: 24
91.237.197.0/24 maxlen: 24
185.59.204.0/22 maxlen: 24
2a02:6da0::/32 maxlen: 32
2001:67c:248c::/48 maxlen: 48
2a02:6da0::/29 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 286410477 (0x111246ed)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=02df81268829301f3d69eb96f8ac617fa25256a1
Validity
Not Before: Jan 1 15:04:15 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=80026ed317d87a547a2fb27e499a96d75c3571d8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:37:fc:fd:60:be:db:1a:72:67:10:f1:ce:79:
71:bb:d6:ea:3e:98:6a:6a:87:ac:f8:37:31:78:b9:
7e:f1:bc:85:08:b8:01:6c:1c:46:02:e4:ed:a5:7a:
ec:d5:49:30:f1:31:6d:0e:0d:e1:d4:46:a8:c7:f5:
7d:01:39:64:3d:2b:79:18:f0:5e:6d:dd:fe:89:cf:
af:d2:5d:9e:39:03:10:b7:5b:ae:8f:21:a3:72:80:
3e:49:4c:ed:41:2f:8b:e2:69:00:34:94:05:85:5a:
51:d5:82:e2:b5:0b:0b:0d:f6:a8:e6:45:7d:0d:e9:
d7:28:1e:f7:c1:d2:cd:8e:18:c7:47:bf:2d:46:df:
ec:9f:b3:15:11:7f:b9:c2:d3:fd:7e:b9:6f:54:42:
fd:ac:99:d2:14:4b:e1:5e:8b:9c:b0:95:22:c1:a8:
63:cb:76:1b:d1:6e:25:82:b4:27:72:a0:b7:de:f5:
4b:ca:d6:ca:da:2e:d0:49:e7:fe:0d:a0:78:b2:42:
5b:c5:c6:75:a7:e1:91:33:aa:e5:28:e6:d8:ef:74:
01:2b:41:e5:b1:da:6c:ea:90:89:04:5b:61:c6:8e:
77:62:b0:a0:92:ff:e6:0b:9b:39:7c:70:e3:ba:66:
7e:c9:11:06:1e:0a:e9:8d:9e:42:ff:19:a3:d2:ee:
fa:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
80:02:6E:D3:17:D8:7A:54:7A:2F:B2:7E:49:9A:96:D7:5C:35:71:D8
X509v3 Authority Key Identifier:
keyid:02:DF:81:26:88:29:30:1F:3D:69:EB:96:F8:AC:61:7F:A2:52:56:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/At-BJogpMB89aeuW-Kxhf6JSVqE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/061716-09c6-4838-b1cb-3e86d2c29969/1/gAJu0xfYelR6L7J-SZqW11w1cdg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/061716-09c6-4838-b1cb-3e86d2c29969/1/At-BJogpMB89aeuW-Kxhf6JSVqE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.229.174.0/23
91.237.197.0/24
185.59.204.0/22
IPv6:
2001:67c:248c::/48
2a02:6da0::/29
Signature Algorithm: sha256WithRSAEncryption
7c:97:b8:f6:13:5e:20:ac:50:1e:19:07:28:c5:2f:ee:e0:71:
e3:bf:bc:b2:55:fc:49:fd:2b:23:a9:38:1e:ed:d4:04:fa:19:
a9:3e:fc:d6:34:20:3e:a4:27:a3:e3:05:0b:bf:86:71:11:38:
8d:20:10:22:aa:f9:74:d5:70:f5:bf:a9:2d:eb:82:33:86:56:
b4:39:23:cb:b0:c8:ff:79:84:6b:88:63:c9:49:36:a2:81:03:
fb:ab:bd:aa:1d:30:a5:6e:86:7a:c5:1b:02:0c:04:0b:d8:fc:
25:2a:03:b7:71:86:e9:25:fa:e5:22:b7:f9:48:f7:de:ca:43:
9e:52:9b:24:d8:17:87:21:a4:63:4e:25:fb:b6:a7:13:bd:d5:
46:49:1c:b4:fa:64:5c:d8:8c:3d:c2:ef:50:68:54:4b:04:59:
9d:b6:8f:0d:8e:9f:03:95:c4:15:56:49:43:62:63:02:77:ac:
89:7a:e7:70:42:9e:d4:9a:98:59:d6:a7:37:49:ba:98:91:71:
54:ee:66:58:be:69:f2:5d:31:25:33:d9:e6:2c:48:50:e8:f8:
67:91:5b:98:80:c0:1e:4a:ff:1e:c4:45:86:68:cf:36:fb:eb:
9c:3f:a9:6a:89:fe:ba:db:1f:d5:c3:0c:9b:ce:94:5a:99:7e:
a8:00:67:4e
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgIEERJG7TANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
MmRmODEyNjg4MjkzMDFmM2Q2OWViOTZmOGFjNjE3ZmEyNTI1NmExMB4XDTIyMDEw
MTE1MDQxNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoODAwMjZlZDMxN2Q4
N2E1NDdhMmZiMjdlNDk5YTk2ZDc1YzM1NzFkODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOQ3/P1gvtsacmcQ8c55cbvW6j6YamqHrPg3MXi5fvG8hQi4
AWwcRgLk7aV67NVJMPExbQ4N4dRGqMf1fQE5ZD0reRjwXm3d/onPr9JdnjkDELdb
ro8ho3KAPklM7UEvi+JpADSUBYVaUdWC4rULCw32qOZFfQ3p1yge98HSzY4Yx0e/
LUbf7J+zFRF/ucLT/X65b1RC/ayZ0hRL4V6LnLCVIsGoY8t2G9FuJYK0J3Kgt971
S8rWytou0Enn/g2geLJCW8XGdafhkTOq5Sjm2O90AStB5bHabOqQiQRbYcaOd2Kw
oJL/5gubOXxw47pmfskRBh4K6Y2eQv8Zo9Lu+j0CAwEAAaOCAi0wggIpMB0GA1Ud
DgQWBBSAAm7TF9h6VHovsn5JmpbXXDVx2DAfBgNVHSMEGDAWgBQC34EmiCkwHz1p
65b4rGF/olJWoTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0F0LUJKb2dwTUI4OWFldVctS3hoZjZKU1ZxRS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvN2QvMDYxNzE2LTA5YzYtNDgzOC1iMWNiLTNlODZkMmMyOTk2OS8x
L2dBSnUweGZZZWxSNkw3Si1TWnFXMTF3MWNkZy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvN2Qv
MDYxNzE2LTA5YzYtNDgzOC1iMWNiLTNlODZkMmMyOTk2OS8xL0F0LUJKb2dwTUI4
OWFldVctS3hoZjZKU1ZxRS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBD
BggrBgEFBQcBBwEB/wQ0MDIwGAQCAAEwEgMEAVvlrgMEAFvtxQMEArk7zDAWBAIA
AjAQAwcAIAEGfCSMAwUDKgJtoDANBgkqhkiG9w0BAQsFAAOCAQEAfJe49hNeIKxQ
HhkHKMUv7uBx47+8slX8Sf0rI6k4Hu3UBPoZqT781jQgPqQno+MFC7+GcRE4jSAQ
Iqr5dNVw9b+pLeuCM4ZWtDkjy7DI/3mEa4hjyUk2ooED+6u9qh0wpW6GesUbAgwE
C9j8JSoDt3GG6SX65SK3+Uj33spDnlKbJNgXhyGkY04l+7anE73VRkkctPpkXNiM
PcLvUGhUSwRZnbaPDY6fA5XEFVZJQ2JjAnesiXrncEKe1JqYWdanN0m6mJFxVO5m
WL5p8l0xJTPZ5ixIUOj4Z5FbmIDAHkr/HsRFhmjPNvvrnD+paon+utsf1cMMm86U
Wpl+qABnTg==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:02:01 2023 by rpki-client on console-ams.rpki-client.org