Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a1/97474c-1dc2-462c-aadd-9e9a1e03738e/1/gaFEt-l2aMXk2bvDBV0u7zjNEz0.roa
File: gaFEt-l2aMXk2bvDBV0u7zjNEz0.roa (raw, json)
Hash identifier: YoJqVwZqb6L0JELDDCwKQmrjVAQTVu30FGqEijmEayg=
Subject key identifier: 81:A1:44:B7:E9:76:68:C5:E4:D9:BB:C3:05:5D:2E:EF:38:CD:13:3D
Certificate issuer: /CN=253a3b5f51808168c212c094a2baaff38e16464a
Certificate serial: 01850FA646BB8B48665F17C49DD322D4B7EC
Authority key identifier: 25:3A:3B:5F:51:80:81:68:C2:12:C0:94:A2:BA:AF:F3:8E:16:46:4A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JTo7X1GAgWjCEsCUorqv844WRko.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a1/97474c-1dc2-462c-aadd-9e9a1e03738e/1/gaFEt-l2aMXk2bvDBV0u7zjNEz0.roa
Signing time: Wed 14 Dec 2022 08:00:33 +0000
ROA not before: Wed 14 Dec 2022 08:00:33 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 49199
IP address blocks: 195.19.74.0/23 maxlen: 24
194.85.113.0/24 maxlen: 24
194.226.137.0/24 maxlen: 24
195.208.220.0/23 maxlen: 24
194.226.34.0/23 maxlen: 24
195.19.10.0/23 maxlen: 24
62.76.74.0/23 maxlen: 24
194.190.6.0/24 maxlen: 24
62.76.96.0/23 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:0f:a6:46:bb:8b:48:66:5f:17:c4:9d:d3:22:d4:b7:ec
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=253a3b5f51808168c212c094a2baaff38e16464a
Validity
Not Before: Dec 14 08:00:33 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=81a144b7e97668c5e4d9bbc3055d2eef38cd133d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:f7:63:f5:d4:d3:29:6a:e6:2e:a8:dd:79:5a:
e4:4e:36:72:10:54:9e:c4:5a:66:25:bb:ce:8a:c4:
87:55:b8:c8:7e:c5:12:c4:85:54:88:c2:47:d9:6f:
a4:0a:75:e3:be:60:26:9d:40:f8:9c:68:d9:85:e1:
0c:81:e0:79:1f:80:5a:4e:21:25:89:2a:0b:3c:97:
d6:d6:f8:30:44:50:cb:02:11:b2:a7:56:56:76:72:
e4:f9:6f:fb:ec:2c:54:6b:00:28:e0:fb:91:4e:2f:
df:b0:70:c5:e2:58:91:51:db:f7:f3:3e:8d:a8:cd:
f1:4e:ac:f0:56:c1:0a:0f:f1:b3:70:e9:90:11:55:
68:b6:7b:59:f4:54:ce:a8:b8:f6:da:56:f0:0a:f2:
7d:95:f4:97:4e:2a:9e:5a:26:2f:8d:3c:d4:fa:3e:
c1:88:04:46:f8:9d:de:c1:68:6a:71:f4:6c:64:22:
67:a5:83:73:74:be:01:9a:cc:0b:0a:ec:79:11:39:
d5:57:b0:35:31:e8:4a:e0:fb:f9:4a:08:bc:18:30:
8e:dd:62:ec:48:8f:01:59:eb:69:5e:e7:fb:f2:b7:
bf:6f:fe:d5:b1:16:10:02:d3:b5:46:58:25:36:6d:
9e:90:ae:fd:5c:8b:d9:58:0d:69:45:d5:fa:5c:35:
ff:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
81:A1:44:B7:E9:76:68:C5:E4:D9:BB:C3:05:5D:2E:EF:38:CD:13:3D
X509v3 Authority Key Identifier:
keyid:25:3A:3B:5F:51:80:81:68:C2:12:C0:94:A2:BA:AF:F3:8E:16:46:4A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JTo7X1GAgWjCEsCUorqv844WRko.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/97474c-1dc2-462c-aadd-9e9a1e03738e/1/gaFEt-l2aMXk2bvDBV0u7zjNEz0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/97474c-1dc2-462c-aadd-9e9a1e03738e/1/JTo7X1GAgWjCEsCUorqv844WRko.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.76.74.0/23
62.76.96.0/23
194.85.113.0/24
194.190.6.0/24
194.226.34.0/23
194.226.137.0/24
195.19.10.0/23
195.19.74.0/23
195.208.220.0/23
Signature Algorithm: sha256WithRSAEncryption
43:7b:cb:5a:fa:6b:4c:12:0d:62:9b:81:db:e2:17:53:b0:5d:
e4:d0:2b:d2:b9:05:28:99:96:d5:3e:5e:4c:67:0a:6a:0b:7c:
71:d9:82:1f:24:6a:dc:87:17:65:b0:97:aa:fe:b3:17:12:74:
cc:ad:71:fd:e5:56:c1:2d:2a:58:d7:d1:89:d6:fa:6a:30:0f:
f0:ef:44:87:97:31:73:fa:bc:d1:a8:ce:ca:8f:ea:0b:3d:8a:
78:7c:73:77:07:13:17:fc:ca:c5:36:2b:86:75:02:85:f1:41:
e9:6d:cb:ac:f0:28:3f:3f:16:3c:b2:2f:fa:e4:51:93:98:4f:
6b:26:80:e6:c0:c1:f6:09:99:04:80:87:ed:0a:96:27:dc:20:
17:75:46:13:d5:8b:50:72:12:0f:6e:0c:3e:6d:55:81:a2:db:
f9:29:04:a7:6d:1b:ec:55:2a:d1:15:80:50:ed:1e:6d:67:1a:
0c:0c:bb:07:f8:79:20:c3:18:a3:f9:53:6a:1b:88:ca:3a:21:
a4:99:98:21:c1:58:00:3a:0f:99:01:3c:3e:4b:a8:64:90:57:
47:8d:1b:4e:1c:71:71:0a:a7:da:96:e3:2d:cd:4a:bf:eb:eb:
19:4a:68:86:cd:e9:26:e7:75:2e:89:6b:64:e6:46:62:6f:1a:
9b:c6:3a:b0
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAYUPpka7i0hmXxfEndMi1LfsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI1M2EzYjVmNTE4MDgxNjhjMjEyYzA5NGEyYmFhZmYzOGUx
NjQ2NGEwHhcNMjIxMjE0MDgwMDMzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MWExNDRiN2U5NzY2OGM1ZTRkOWJiYzMwNTVkMmVlZjM4Y2QxMzNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlvdj9dTTKWrmLqjdeVrkTjZyEFSe
xFpmJbvOisSHVbjIfsUSxIVUiMJH2W+kCnXjvmAmnUD4nGjZheEMgeB5H4BaTiEl
iSoLPJfW1vgwRFDLAhGyp1ZWdnLk+W/77CxUawAo4PuRTi/fsHDF4liRUdv38z6N
qM3xTqzwVsEKD/GzcOmQEVVotntZ9FTOqLj22lbwCvJ9lfSXTiqeWiYvjTzU+j7B
iARG+J3ewWhqcfRsZCJnpYNzdL4BmswLCux5ETnVV7A1MehK4Pv5Sgi8GDCO3WLs
SI8BWetpXuf78re/b/7VsRYQAtO1RlglNm2ekK79XIvZWA1pRdX6XDX/xQIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFIGhRLfpdmjF5Nm7wwVdLu84zRM9MB8GA1UdIwQY
MBaAFCU6O19RgIFowhLAlKK6r/OOFkZKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSlRvN1gxR0FnV2pDRXNDVW9ycXY4NDRXUmtvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMS85NzQ3NGMtMWRjMi00NjJjLWFhZGQt
OWU5YTFlMDM3MzhlLzEvZ2FGRXQtbDJhTVhrMmJ2REJWMHU3empORXowLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMS85NzQ3NGMtMWRjMi00NjJjLWFhZGQtOWU5YTFlMDM3Mzhl
LzEvSlRvN1gxR0FnV2pDRXNDVW9ycXY4NDRXUmtvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAATA2AwQBPkxKAwQB
PkxgAwQAwlVxAwQAwr4GAwQBwuIiAwQAwuKJAwQBwxMKAwQBwxNKAwQBw9DcMA0G
CSqGSIb3DQEBCwUAA4IBAQBDe8ta+mtMEg1im4Hb4hdTsF3k0CvSuQUomZbVPl5M
ZwpqC3xx2YIfJGrchxdlsJeq/rMXEnTMrXH95VbBLSpY19GJ1vpqMA/w70SHlzFz
+rzRqM7Kj+oLPYp4fHN3BxMX/MrFNiuGdQKF8UHpbcus8Cg/PxY8si/65FGTmE9r
JoDmwMH2CZkEgIftCpYn3CAXdUYT1YtQchIPbgw+bVWBotv5KQSnbRvsVSrRFYBQ
7R5tZxoMDLsH+Hkgwxij+VNqG4jKOiGkmZghwVgAOg+ZATw+S6hkkFdHjRtOHHFx
CqfaluMtzUq/6+sZSmiGzekm53UuiWtk5kZibxqbxjqw
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:35:58 2024 by rpki-client on console-ams.rpki-client.org