Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/90/9d9192-273c-4ca9-b2ba-fa9cb51cd0f1/1/goVS8t-pUuiTPYzbo9dxhy1lbVk.roa
File: goVS8t-pUuiTPYzbo9dxhy1lbVk.roa (raw, json)
Hash identifier: q8JeAVs6MC7wjqGIjqibHepBVve1Ugnh9Zobl1583U8=
Subject key identifier: 82:85:52:F2:DF:A9:52:E8:93:3D:8C:DB:A3:D7:71:87:2D:65:6D:59
Certificate issuer: /CN=6b233d75508b4e85cccf44349a7cb703198d1d26
Certificate serial: 01837AD9332B7186183FAF6A87255452A1C4
Authority key identifier: 6B:23:3D:75:50:8B:4E:85:CC:CF:44:34:9A:7C:B7:03:19:8D:1D:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ayM9dVCLToXMz0Q0mny3AxmNHSY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/90/9d9192-273c-4ca9-b2ba-fa9cb51cd0f1/1/goVS8t-pUuiTPYzbo9dxhy1lbVk.roa
Signing time: Mon 26 Sep 2022 17:29:58 +0000
ROA not before: Mon 26 Sep 2022 17:29:58 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 211143
IP address blocks: 91.225.12.0/23 maxlen: 23
37.35.54.0/24 maxlen: 24
146.66.210.0/24 maxlen: 24
62.216.76.0/22 maxlen: 22
178.157.109.0/24 maxlen: 24
188.74.130.0/23 maxlen: 23
188.74.246.0/23 maxlen: 23
188.74.245.0/24 maxlen: 24
188.119.160.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:7a:d9:33:2b:71:86:18:3f:af:6a:87:25:54:52:a1:c4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6b233d75508b4e85cccf44349a7cb703198d1d26
Validity
Not Before: Sep 26 17:29:58 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=828552f2dfa952e8933d8cdba3d771872d656d59
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:77:10:b9:0c:da:b4:6a:1a:5a:f6:14:7e:40:
3b:ab:7d:0f:ae:dd:67:a5:de:21:a4:78:ed:cc:f0:
6d:23:13:d5:ca:2d:d5:39:04:53:b7:08:37:7a:87:
ca:ea:38:5f:c8:1a:88:8c:29:5c:db:0b:ac:b6:b9:
d3:5e:f2:05:c7:fe:8c:c6:03:a0:2e:71:4b:ec:08:
fa:0e:49:22:dc:e7:4c:fc:a0:d5:c4:5d:83:1b:3d:
db:21:c7:78:d0:26:a0:c7:15:eb:dd:af:7c:86:70:
7f:c5:d1:48:f0:74:67:fa:36:f3:3a:2f:7f:b8:94:
4b:2b:70:7d:61:eb:12:1e:ca:e5:d9:d3:da:91:03:
30:7c:f8:43:67:78:47:40:3d:9b:f8:15:18:eb:e5:
c9:4e:24:79:bd:48:e3:a7:54:db:6a:0f:e8:d6:8b:
20:91:e8:45:77:7e:ca:48:b5:93:5c:38:78:20:92:
67:0b:a5:7e:6d:4c:6b:84:cf:8f:b1:9d:ff:26:3f:
29:21:03:32:90:53:14:70:f9:6e:ef:ef:59:3e:0d:
cc:70:da:c5:7e:ae:a8:57:a3:ed:9e:88:66:8c:cb:
83:70:b0:2b:7a:e1:8f:18:33:53:02:67:82:b4:eb:
97:d1:71:59:de:f2:03:1f:20:b5:fc:12:37:ce:2b:
cc:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
82:85:52:F2:DF:A9:52:E8:93:3D:8C:DB:A3:D7:71:87:2D:65:6D:59
X509v3 Authority Key Identifier:
keyid:6B:23:3D:75:50:8B:4E:85:CC:CF:44:34:9A:7C:B7:03:19:8D:1D:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ayM9dVCLToXMz0Q0mny3AxmNHSY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/90/9d9192-273c-4ca9-b2ba-fa9cb51cd0f1/1/goVS8t-pUuiTPYzbo9dxhy1lbVk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/90/9d9192-273c-4ca9-b2ba-fa9cb51cd0f1/1/ayM9dVCLToXMz0Q0mny3AxmNHSY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.35.54.0/24
62.216.76.0/22
91.225.12.0/23
146.66.210.0/24
178.157.109.0/24
188.74.130.0/23
188.74.245.0-188.74.247.255
188.119.160.0/23
Signature Algorithm: sha256WithRSAEncryption
2c:e7:45:9e:de:ac:66:6d:8e:f4:8f:ba:06:c4:53:f8:88:65:
56:83:8f:68:87:12:7a:aa:ec:62:46:ab:61:c6:06:ec:0c:76:
4a:22:42:16:9a:26:9d:27:e6:97:69:9f:55:65:9c:15:7e:ea:
b7:09:f3:d0:cf:12:23:38:a6:5f:7e:89:31:81:89:86:83:30:
23:16:a4:86:cf:1c:2d:c4:be:e8:a4:58:30:e8:87:51:02:07:
df:68:8d:ab:6e:1a:ab:e3:e9:29:e9:93:6a:74:ee:0e:62:c8:
fb:bb:0f:95:43:ed:8b:7c:f7:2c:5d:00:8b:ba:81:79:38:0d:
4f:a0:1b:6b:63:de:7e:89:11:7f:5b:85:de:c4:d4:19:23:19:
04:7a:70:2f:76:92:25:63:fd:b5:44:fb:78:16:19:72:eb:83:
4e:7a:7f:40:ec:e9:f3:ac:d3:50:f4:ac:82:a2:c0:ec:08:d9:
77:3c:e9:ab:4f:a6:d3:a0:2e:f1:4d:76:07:0f:37:02:6e:3e:
18:fa:dc:a9:a4:c2:0b:73:16:1f:e8:90:05:3e:4e:80:bd:24:
4a:8d:01:51:3c:46:f3:b7:0e:de:d0:78:aa:a7:fe:c1:93:4f:
9b:de:e8:c6:ea:c5:1f:ca:65:fa:19:77:f1:76:a3:6c:1e:25:
aa:05:65:59
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgISAYN62TMrcYYYP69qhyVUUqHEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZiMjMzZDc1NTA4YjRlODVjY2NmNDQzNDlhN2NiNzAzMTk4
ZDFkMjYwHhcNMjIwOTI2MTcyOTU4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4Mjg1NTJmMmRmYTk1MmU4OTMzZDhjZGJhM2Q3NzE4NzJkNjU2ZDU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuncQuQzatGoaWvYUfkA7q30Prt1n
pd4hpHjtzPBtIxPVyi3VOQRTtwg3eofK6jhfyBqIjClc2wustrnTXvIFx/6MxgOg
LnFL7Aj6Dkki3OdM/KDVxF2DGz3bIcd40CagxxXr3a98hnB/xdFI8HRn+jbzOi9/
uJRLK3B9YesSHsrl2dPakQMwfPhDZ3hHQD2b+BUY6+XJTiR5vUjjp1Tbag/o1osg
kehFd37KSLWTXDh4IJJnC6V+bUxrhM+PsZ3/Jj8pIQMykFMUcPlu7+9ZPg3McNrF
fq6oV6PtnohmjMuDcLAreuGPGDNTAmeCtOuX0XFZ3vIDHyC1/BI3zivMewIDAQAB
o4ICOzCCAjcwHQYDVR0OBBYEFIKFUvLfqVLokz2M26PXcYctZW1ZMB8GA1UdIwQY
MBaAFGsjPXVQi06FzM9ENJp8twMZjR0mMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYXlNOWRWQ0xUb1hNejBRMG1ueTNBeG1OSFNZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MC85ZDkxOTItMjczYy00Y2E5LWIyYmEt
ZmE5Y2I1MWNkMGYxLzEvZ29WUzh0LXBVdWlUUFl6Ym85ZHhoeTFsYlZrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MC85ZDkxOTItMjczYy00Y2E5LWIyYmEtZmE5Y2I1MWNkMGYx
LzEvYXlNOWRWQ0xUb1hNejBRMG1ueTNBeG1OSFNZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFEGCCsGAQUFBwEHAQH/BEIwQDA+BAIAATA4AwQAJSM2AwQC
PthMAwQBW+EMAwQAkkLSAwQAsp1tAwQBvEqCMAwDBAC8SvUDBAO8SvADBAG8d6Aw
DQYJKoZIhvcNAQELBQADggEBACznRZ7erGZtjvSPugbEU/iIZVaDj2iHEnqq7GJG
q2HGBuwMdkoiQhaaJp0n5pdpn1VlnBV+6rcJ89DPEiM4pl9+iTGBiYaDMCMWpIbP
HC3EvuikWDDoh1ECB99ojatuGqvj6Snpk2p07g5iyPu7D5VD7Yt89yxdAIu6gXk4
DU+gG2tj3n6JEX9bhd7E1BkjGQR6cC92kiVj/bVE+3gWGXLrg056f0Ds6fOs01D0
rIKiwOwI2Xc86atPptOgLvFNdgcPNwJuPhj63KmkwgtzFh/okAU+ToC9JEqNAVE8
RvO3Dt7QeKqn/sGTT5ve6MbqxR/KZfoZd/F2o2weJaoFZVk=
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:03:14 2023 by rpki-client on console-ams.rpki-client.org