Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/c4f80c-7b69-4fec-aa54-e5f98ddafc98/1/gt-mjbQemBZdX1_wtG1Etzu_dB0.roa
File: gt-mjbQemBZdX1_wtG1Etzu_dB0.roa (raw, json)
Hash identifier: 7gj5mJELt7TZ1mquLeBukXPlM2LUxBnjiUJMYW19xeA=
Subject key identifier: 82:DF:A6:8D:B4:1E:98:16:5D:5F:5F:F0:B4:6D:44:B7:3B:BF:74:1D
Certificate issuer: /CN=1517d4f58af84f50ce42f13293ede4aff12d173f
Certificate serial: 1B41C03F
Authority key identifier: 15:17:D4:F5:8A:F8:4F:50:CE:42:F1:32:93:ED:E4:AF:F1:2D:17:3F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FRfU9Yr4T1DOQvEyk-3kr_EtFz8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a0/c4f80c-7b69-4fec-aa54-e5f98ddafc98/1/gt-mjbQemBZdX1_wtG1Etzu_dB0.roa
Signing time: Sat 01 Jan 2022 06:06:04 +0000
ROA not before: Sat 01 Jan 2022 06:06:04 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 51207
IP address blocks: 37.1.232.0/21 maxlen: 21
37.8.160.0/19 maxlen: 19
37.160.0.0/12 maxlen: 17
2a0d:e480::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 457293887 (0x1b41c03f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1517d4f58af84f50ce42f13293ede4aff12d173f
Validity
Not Before: Jan 1 06:06:04 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=82dfa68db41e98165d5f5ff0b46d44b73bbf741d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:7e:cd:16:a4:6f:10:ad:d0:7d:64:ba:9b:1c:
86:7a:e8:f8:53:91:c2:56:ac:b4:58:aa:74:aa:4f:
cd:89:f7:68:e4:2d:7d:78:b8:30:0f:c7:6d:35:1d:
06:a2:d7:5f:cb:83:1f:88:bb:44:61:e2:c5:c9:11:
47:fc:86:cf:b3:b9:38:88:58:7b:83:af:1f:1b:6f:
f0:80:ea:f6:78:28:a3:14:66:fc:ca:c9:fa:39:62:
d1:d5:0b:dd:48:75:e2:a0:53:7b:e5:71:dd:82:07:
a8:cb:46:df:6b:56:67:e0:5d:db:b4:df:5e:99:b0:
b8:14:7e:67:d8:e8:8b:8a:2e:84:bc:fb:e3:79:5a:
c7:be:f2:fb:4f:4e:61:ef:db:40:5f:84:28:b6:84:
bb:80:cc:61:9e:b9:a8:9c:91:76:c1:e7:7d:e2:72:
5e:3a:0e:16:d0:75:90:6b:f0:91:2b:20:1a:9a:d9:
8a:c3:21:31:11:eb:4f:c5:b2:f0:ce:b3:72:69:b2:
a4:5f:04:51:e4:18:22:2f:1e:75:83:a4:e2:f8:7a:
41:48:7d:de:c3:93:97:78:f2:3e:c8:40:5d:02:7f:
df:cf:55:e3:f5:c5:0d:0d:c8:33:58:54:f5:79:b2:
83:b3:2c:53:96:c5:4a:49:87:fc:44:33:ac:e4:cb:
b3:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
82:DF:A6:8D:B4:1E:98:16:5D:5F:5F:F0:B4:6D:44:B7:3B:BF:74:1D
X509v3 Authority Key Identifier:
keyid:15:17:D4:F5:8A:F8:4F:50:CE:42:F1:32:93:ED:E4:AF:F1:2D:17:3F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FRfU9Yr4T1DOQvEyk-3kr_EtFz8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/c4f80c-7b69-4fec-aa54-e5f98ddafc98/1/gt-mjbQemBZdX1_wtG1Etzu_dB0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/c4f80c-7b69-4fec-aa54-e5f98ddafc98/1/FRfU9Yr4T1DOQvEyk-3kr_EtFz8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.1.232.0/21
37.8.160.0/19
37.160.0.0/12
IPv6:
2a0d:e480::/29
Signature Algorithm: sha256WithRSAEncryption
bf:64:67:e4:86:dc:0b:9f:6d:6f:b9:81:5c:e2:91:ac:d4:23:
d5:30:d8:77:68:92:2c:23:f3:a0:0f:2c:24:fc:c6:71:7b:36:
79:98:96:56:fa:f1:da:cd:71:5e:fd:d4:d0:9e:0a:54:6c:49:
d4:f5:66:c6:02:89:85:5b:33:3a:95:ed:ff:c7:6e:72:bf:cb:
db:ba:64:f6:32:a5:57:0c:56:4e:91:1b:65:67:14:53:7a:fc:
42:79:b5:92:f2:62:83:e8:b4:f2:ea:32:13:33:be:bf:9d:c9:
05:1b:de:8b:5a:c0:5d:45:9e:89:00:0d:c0:ca:55:2f:f6:d8:
35:56:ef:88:7f:b6:bb:91:b9:ac:ca:00:b1:9a:fe:02:3f:5f:
e8:de:53:bd:07:c5:f0:8a:12:f2:ec:e0:81:f2:20:3d:57:62:
c4:e3:ca:25:aa:ed:32:e0:76:25:de:be:fd:e0:87:4b:5d:94:
ec:cf:53:77:b2:61:e4:4c:ac:c5:38:f3:81:7b:57:f4:92:c6:
80:16:7a:66:51:ed:cc:c8:be:64:5f:8c:2f:06:a0:ab:e0:08:
b0:14:67:9f:41:b8:5a:75:29:00:24:4a:ae:1a:b7:91:6d:c8:
f3:23:0d:67:fb:4f:76:64:6c:26:1a:bd:09:e1:9b:44:8a:9a:
90:c3:be:1d
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgIEG0HAPzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
NTE3ZDRmNThhZjg0ZjUwY2U0MmYxMzI5M2VkZTRhZmYxMmQxNzNmMB4XDTIyMDEw
MTA2MDYwNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoODJkZmE2OGRiNDFl
OTgxNjVkNWY1ZmYwYjQ2ZDQ0YjczYmJmNzQxZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMV+zRakbxCt0H1kupschnro+FORwlastFiqdKpPzYn3aOQt
fXi4MA/HbTUdBqLXX8uDH4i7RGHixckRR/yGz7O5OIhYe4OvHxtv8IDq9ngooxRm
/MrJ+jli0dUL3Uh14qBTe+Vx3YIHqMtG32tWZ+Bd27TfXpmwuBR+Z9joi4ouhLz7
43lax77y+09OYe/bQF+EKLaEu4DMYZ65qJyRdsHnfeJyXjoOFtB1kGvwkSsgGprZ
isMhMRHrT8Wy8M6zcmmypF8EUeQYIi8edYOk4vh6QUh93sOTl3jyPshAXQJ/389V
4/XFDQ3IM1hU9Xmyg7MsU5bFSkmH/EQzrOTLs9kCAwEAAaOCAiMwggIfMB0GA1Ud
DgQWBBSC36aNtB6YFl1fX/C0bUS3O790HTAfBgNVHSMEGDAWgBQVF9T1ivhPUM5C
8TKT7eSv8S0XPzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0ZSZlU5WXI0VDFET1F2RXlrLTNrcl9FdEZ6OC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYTAvYzRmODBjLTdiNjktNGZlYy1hYTU0LWU1Zjk4ZGRhZmM5OC8x
L2d0LW1qYlFlbUJaZFgxX3d0RzFFdHp1X2RCMC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYTAv
YzRmODBjLTdiNjktNGZlYy1hYTU0LWU1Zjk4ZGRhZmM5OC8xL0ZSZlU5WXI0VDFE
T1F2RXlrLTNrcl9FdEZ6OC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA5
BggrBgEFBQcBBwEB/wQqMCgwFwQCAAEwEQMEAyUB6AMEBSUIoAMDBCWgMA0EAgAC
MAcDBQMqDeSAMA0GCSqGSIb3DQEBCwUAA4IBAQC/ZGfkhtwLn21vuYFc4pGs1CPV
MNh3aJIsI/OgDywk/MZxezZ5mJZW+vHazXFe/dTQngpUbEnU9WbGAomFWzM6le3/
x25yv8vbumT2MqVXDFZOkRtlZxRTevxCebWS8mKD6LTy6jITM76/nckFG96LWsBd
RZ6JAA3AylUv9tg1Vu+If7a7kbmsygCxmv4CP1/o3lO9B8XwihLy7OCB8iA9V2LE
48olqu0y4HYl3r794IdLXZTsz1N3smHkTKzFOPOBe1f0ksaAFnpmUe3MyL5kX4wv
BqCr4AiwFGefQbhadSkAJEquGreRbcjzIw1n+092ZGwmGr0J4ZtEipqQw74d
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:35:50 2024 by rpki-client on console-ams.rpki-client.org