Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9e/9e16c1-310f-410c-b341-41d82329f26d/1/gykwwbNHFd29u2MTQ9In3XQBpio.roa
File: gykwwbNHFd29u2MTQ9In3XQBpio.roa (raw, json)
Hash identifier: eOpb7KeyN6JW9VWg0C5ctMzxzeUC1tOLweuxBeZx9RM=
Subject key identifier: 83:29:30:C1:B3:47:15:DD:BD:BB:63:13:43:D2:27:DD:74:01:A6:2A
Certificate issuer: /CN=c24d5bd3ceeaab0786ce151a3178dadc107bf280
Certificate serial: 0184F6E73DC3776AC71EF40519FDD1595343
Authority key identifier: C2:4D:5B:D3:CE:EA:AB:07:86:CE:15:1A:31:78:DA:DC:10:7B:F2:80
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wk1b087qqweGzhUaMXja3BB78oA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9e/9e16c1-310f-410c-b341-41d82329f26d/1/gykwwbNHFd29u2MTQ9In3XQBpio.roa
Signing time: Fri 09 Dec 2022 12:41:00 +0000
ROA not before: Fri 09 Dec 2022 12:41:00 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 34594
IP address blocks: 151.252.224.0/19 maxlen: 19
89.201.128.0/17 maxlen: 17
185.10.40.0/22 maxlen: 22
89.17.0.0/19 maxlen: 19
80.80.48.0/20 maxlen: 20
151.252.208.0/21 maxlen: 21
176.222.32.0/20 maxlen: 20
5.43.160.0/19 maxlen: 19
37.60.128.0/21 maxlen: 21
37.205.96.0/20 maxlen: 20
5.39.128.0/19 maxlen: 19
95.178.128.0/17 maxlen: 17
89.201.175.0/24 maxlen: 24
85.114.32.0/20 maxlen: 20
85.114.32.0/19 maxlen: 19
185.18.60.0/22 maxlen: 22
2a02:ac8::/32 maxlen: 32
2a03:6100::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:f6:e7:3d:c3:77:6a:c7:1e:f4:05:19:fd:d1:59:53:43
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c24d5bd3ceeaab0786ce151a3178dadc107bf280
Validity
Not Before: Dec 9 12:41:00 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=832930c1b34715ddbdbb631343d227dd7401a62a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:8b:6c:13:cf:1d:97:7f:ca:88:b1:a8:d6:7c:
74:2c:27:64:47:61:30:28:d4:76:fc:76:9d:63:7a:
f3:a8:d4:5f:2b:89:9f:ac:0a:cb:ae:ba:40:02:0e:
cf:d9:44:1e:9c:1d:dd:e4:e3:cf:27:df:d7:dc:a0:
dd:f4:a9:11:fc:a8:28:0f:ae:5f:90:09:8d:70:af:
ac:15:8a:40:55:c6:51:b0:b5:2a:67:0d:d1:f8:7c:
84:96:3c:4b:16:a5:46:5e:2f:aa:e5:28:db:88:03:
ca:ce:cc:73:26:01:f7:f4:31:a8:21:6f:e9:8f:05:
62:5c:1b:f5:2a:d1:e8:99:b7:b9:69:e7:67:0f:fd:
11:4d:0c:46:0c:30:c4:ae:89:2f:fc:f6:15:b0:59:
37:b3:11:8b:22:67:cd:da:f3:0d:3e:41:04:be:08:
6f:3e:ea:09:21:e6:37:ac:3b:3a:87:65:79:a4:76:
b9:d1:c3:84:f0:24:79:1c:83:59:7b:74:eb:61:cd:
62:82:53:a2:1c:11:ad:b7:f7:29:45:70:9c:4e:d0:
bf:33:3b:cc:30:65:29:9b:dc:ab:c3:1b:ed:07:2e:
75:c8:ca:59:f9:95:2d:34:50:32:e0:1f:c1:ed:79:
78:d8:6f:c9:58:57:de:6f:3f:cd:15:8a:a2:e2:59:
d4:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
83:29:30:C1:B3:47:15:DD:BD:BB:63:13:43:D2:27:DD:74:01:A6:2A
X509v3 Authority Key Identifier:
keyid:C2:4D:5B:D3:CE:EA:AB:07:86:CE:15:1A:31:78:DA:DC:10:7B:F2:80
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wk1b087qqweGzhUaMXja3BB78oA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/9e16c1-310f-410c-b341-41d82329f26d/1/gykwwbNHFd29u2MTQ9In3XQBpio.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/9e16c1-310f-410c-b341-41d82329f26d/1/wk1b087qqweGzhUaMXja3BB78oA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.39.128.0/19
5.43.160.0/19
37.60.128.0/21
37.205.96.0/20
80.80.48.0/20
85.114.32.0/19
89.17.0.0/19
89.201.128.0/17
95.178.128.0/17
151.252.208.0/21
151.252.224.0/19
176.222.32.0/20
185.10.40.0/22
185.18.60.0/22
IPv6:
2a02:ac8::/32
2a03:6100::/32
Signature Algorithm: sha256WithRSAEncryption
6d:f5:24:d9:66:ec:f8:dd:22:ab:fa:1c:5a:71:06:9d:0d:f9:
59:07:ab:cc:00:cc:93:fc:22:b0:9c:3f:d5:8f:d1:1b:8d:13:
12:86:cb:50:1c:0a:88:3a:06:59:12:ad:e5:5c:92:e8:dd:ca:
9c:ae:95:8d:4b:a1:6b:0c:0b:47:fc:0b:fe:21:44:41:e0:85:
70:d1:1f:29:01:2f:7d:f6:f1:8d:87:64:de:70:55:47:87:37:
9a:c8:03:da:af:fe:57:c8:c1:45:69:cd:62:ad:39:30:89:81:
0c:c5:d6:26:68:e0:3a:c6:ce:3c:46:b8:c2:ff:63:47:91:50:
d8:1c:32:73:b7:49:28:3e:1b:a3:70:0b:b0:f1:2f:56:b3:3c:
39:38:1d:a6:8d:50:0b:3b:93:ef:cb:62:90:7d:0d:3c:c1:01:
b2:de:4f:c6:f4:4a:b0:c4:47:75:32:73:b7:c0:71:36:5f:69:
84:49:d5:42:d3:83:b7:70:d6:f6:ec:13:17:65:6b:97:fc:51:
16:c5:b2:fc:4a:71:7c:96:b5:db:e4:0b:10:bb:2c:da:7c:d0:
fc:e4:05:6c:d8:7f:37:44:59:8a:24:7d:36:b3:a8:8b:d1:94:
d0:db:60:f3:92:c9:4f:cc:af:03:43:53:55:c4:24:27:04:02:
a8:ef:a6:f8
-----BEGIN CERTIFICATE-----
MIIFYjCCBEqgAwIBAgISAYT25z3Dd2rHHvQFGf3RWVNDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMyNGQ1YmQzY2VlYWFiMDc4NmNlMTUxYTMxNzhkYWRjMTA3
YmYyODAwHhcNMjIxMjA5MTI0MTAwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MzI5MzBjMWIzNDcxNWRkYmRiYjYzMTM0M2QyMjdkZDc0MDFhNjJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiYtsE88dl3/KiLGo1nx0LCdkR2Ew
KNR2/HadY3rzqNRfK4mfrArLrrpAAg7P2UQenB3d5OPPJ9/X3KDd9KkR/KgoD65f
kAmNcK+sFYpAVcZRsLUqZw3R+HyEljxLFqVGXi+q5SjbiAPKzsxzJgH39DGoIW/p
jwViXBv1KtHombe5aednD/0RTQxGDDDErokv/PYVsFk3sxGLImfN2vMNPkEEvghv
PuoJIeY3rDs6h2V5pHa50cOE8CR5HINZe3TrYc1iglOiHBGtt/cpRXCcTtC/MzvM
MGUpm9yrwxvtBy51yMpZ+ZUtNFAy4B/B7Xl42G/JWFfebz/NFYqi4lnUWQIDAQAB
o4ICbjCCAmowHQYDVR0OBBYEFIMpMMGzRxXdvbtjE0PSJ910AaYqMB8GA1UdIwQY
MBaAFMJNW9PO6qsHhs4VGjF42twQe/KAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd2sxYjA4N3Fxd2VHemhVYU1YamEzQkI3OG9BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZS85ZTE2YzEtMzEwZi00MTBjLWIzNDEt
NDFkODIzMjlmMjZkLzEvZ3lrd3diTkhGZDI5dTJNVFE5SW4zWFFCcGlvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85ZS85ZTE2YzEtMzEwZi00MTBjLWIzNDEtNDFkODIzMjlmMjZk
LzEvd2sxYjA4N3Fxd2VHemhVYU1YamEzQkI3OG9BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGDBggrBgEFBQcBBwEB/wR0MHIwWgQCAAEwVAMEBQUngAME
BQUroAMEAyU8gAMEBCXNYAMEBFBQMAMEBVVyIAMEBVkRAAMEB1nJgAMEB1+ygAME
A5f80AMEBZf84AMEBLDeIAMEArkKKAMEArkSPDAUBAIAAjAOAwUAKgIKyAMFACoD
YQAwDQYJKoZIhvcNAQELBQADggEBAG31JNlm7PjdIqv6HFpxBp0N+VkHq8wAzJP8
IrCcP9WP0RuNExKGy1AcCog6BlkSreVckujdypyulY1LoWsMC0f8C/4hREHghXDR
HykBL3328Y2HZN5wVUeHN5rIA9qv/lfIwUVpzWKtOTCJgQzF1iZo4DrGzjxGuML/
Y0eRUNgcMnO3SSg+G6NwC7DxL1azPDk4HaaNUAs7k+/LYpB9DTzBAbLeT8b0SrDE
R3Uyc7fAcTZfaYRJ1ULTg7dw1vbsExdla5f8URbFsvxKcXyWtdvkCxC7LNp80Pzk
BWzYfzdEWYokfTazqIvRlNDbYPOSyU/MrwNDU1XEJCcEAqjvpvg=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:41:03 2024 by rpki-client on console-fra.rpki-client.org