Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ac/52a10d-d851-40ae-a8b0-a1028eda6383/1/gnL_Zz58fWjK3x5sH8xypL4E6Lw.roa
File: gnL_Zz58fWjK3x5sH8xypL4E6Lw.roa (raw, json)
Hash identifier: zhxtsfyfhVmoDiTQKnAoxzHPowXuxSc2a2Qxma3ZTjw=
Subject key identifier: 82:72:FF:67:3E:7C:7D:68:CA:DF:1E:6C:1F:CC:72:A4:BE:04:E8:BC
Certificate issuer: /CN=8d89223c1f335c0cc569359fa2dda349a2236ccb
Certificate serial: 01874EA80F623894102D47B09DEDD224ABF9
Authority key identifier: 8D:89:22:3C:1F:33:5C:0C:C5:69:35:9F:A2:DD:A3:49:A2:23:6C:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jYkiPB8zXAzFaTWfot2jSaIjbMs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ac/52a10d-d851-40ae-a8b0-a1028eda6383/1/gnL_Zz58fWjK3x5sH8xypL4E6Lw.roa
Signing time: Tue 04 Apr 2023 23:44:09 +0000
ROA not before: Tue 04 Apr 2023 23:44:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 206119
IP address blocks: 185.213.169.0/24 maxlen: 24
185.213.171.0/24 maxlen: 24
185.213.170.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:4e:a8:0f:62:38:94:10:2d:47:b0:9d:ed:d2:24:ab:f9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8d89223c1f335c0cc569359fa2dda349a2236ccb
Validity
Not Before: Apr 4 23:44:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8272ff673e7c7d68cadf1e6c1fcc72a4be04e8bc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:13:42:0d:35:d8:1c:d4:ad:39:8e:15:63:6a:
4b:10:45:ac:ab:a3:bf:62:e6:92:45:da:09:a7:30:
ec:76:ea:9a:ba:47:67:20:9f:7b:a8:e3:87:b7:21:
d3:52:f1:50:ba:18:72:2f:86:16:49:ec:13:d7:ee:
19:ca:a5:01:d5:62:db:e9:b4:ee:6b:eb:f1:f3:40:
71:f0:c9:bd:78:3d:8f:02:70:69:2d:54:4f:c6:42:
9f:ae:a1:ab:ad:b1:25:34:4a:c6:48:51:da:53:50:
5f:2c:c6:15:9f:4f:0b:6e:c2:92:18:f9:14:6d:48:
1e:e8:82:e6:3c:98:76:5d:0c:7c:bc:f3:df:79:23:
77:a6:29:1e:1c:91:b9:71:85:62:9d:57:0b:ac:34:
9c:cc:a0:c1:56:e3:6a:e1:45:f8:2e:1c:c0:87:5a:
53:9a:07:76:f1:68:0b:b7:7b:3a:df:7a:a0:4b:c7:
c7:88:da:44:7e:93:83:6f:8c:da:7e:8b:94:ba:3e:
ac:f0:cd:72:86:11:22:b8:f4:bd:81:b4:1d:7a:b4:
a1:2e:0a:33:11:51:1f:a2:22:7e:f0:65:f7:15:f5:
66:fa:bd:0a:52:9f:9b:5f:87:87:a3:a2:01:ee:6c:
4a:40:65:71:b5:23:3e:b6:bf:d1:5b:d0:b3:3e:eb:
6f:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
82:72:FF:67:3E:7C:7D:68:CA:DF:1E:6C:1F:CC:72:A4:BE:04:E8:BC
X509v3 Authority Key Identifier:
keyid:8D:89:22:3C:1F:33:5C:0C:C5:69:35:9F:A2:DD:A3:49:A2:23:6C:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jYkiPB8zXAzFaTWfot2jSaIjbMs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/52a10d-d851-40ae-a8b0-a1028eda6383/1/gnL_Zz58fWjK3x5sH8xypL4E6Lw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/52a10d-d851-40ae-a8b0-a1028eda6383/1/jYkiPB8zXAzFaTWfot2jSaIjbMs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.213.169.0-185.213.171.255
Signature Algorithm: sha256WithRSAEncryption
1b:ae:76:de:91:b3:0b:fe:04:a9:1a:84:ed:3b:38:a8:15:9d:
82:e5:fc:64:7d:9e:ea:eb:92:84:ef:f7:a4:e2:5b:57:a6:28:
ba:85:46:f5:0f:48:e2:f0:5b:fc:cf:cd:af:08:65:d8:f8:07:
61:45:9f:a7:f6:ec:32:76:e9:4c:f4:3c:2d:e3:f9:44:30:86:
97:db:3f:4b:c5:58:77:05:13:37:7f:3f:72:b5:f5:dc:8a:20:
b7:b9:e0:b4:16:d4:e4:80:ac:c4:3e:bb:c6:7f:68:93:df:6f:
68:5b:f5:8c:fd:e7:26:93:92:49:ab:ee:50:24:79:14:05:d2:
42:b3:13:2d:42:b1:0c:aa:38:72:c9:80:4e:cf:72:69:6d:95:
54:2d:cd:86:22:2b:33:e1:2c:b9:10:a7:d7:6d:91:f0:e4:a4:
c9:11:99:97:c8:3b:92:5a:be:20:7e:49:3e:c7:7b:5b:ec:31:
ab:4b:8f:e6:da:c3:de:fb:c2:72:74:3d:35:41:e1:8f:ce:8c:
ec:d9:51:19:c3:f7:22:a8:a1:0f:c6:8e:ae:b5:6f:e2:1e:4b:
12:41:dc:d1:48:30:36:f2:25:06:c7:93:57:b6:9d:cf:ad:51:
93:5f:fb:7a:b6:a8:8e:e6:85:da:52:82:aa:17:64:65:03:64:
ba:ae:50:72
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYdOqA9iOJQQLUewne3SJKv5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhkODkyMjNjMWYzMzVjMGNjNTY5MzU5ZmEyZGRhMzQ5YTIy
MzZjY2IwHhcNMjMwNDA0MjM0NDA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MjcyZmY2NzNlN2M3ZDY4Y2FkZjFlNmMxZmNjNzJhNGJlMDRlOGJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1RNCDTXYHNStOY4VY2pLEEWsq6O/
YuaSRdoJpzDsduqaukdnIJ97qOOHtyHTUvFQuhhyL4YWSewT1+4ZyqUB1WLb6bTu
a+vx80Bx8Mm9eD2PAnBpLVRPxkKfrqGrrbElNErGSFHaU1BfLMYVn08LbsKSGPkU
bUge6ILmPJh2XQx8vPPfeSN3pikeHJG5cYVinVcLrDSczKDBVuNq4UX4LhzAh1pT
mgd28WgLt3s633qgS8fHiNpEfpODb4zafouUuj6s8M1yhhEiuPS9gbQderShLgoz
EVEfoiJ+8GX3FfVm+r0KUp+bX4eHo6IB7mxKQGVxtSM+tr/RW9CzPutv/QIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFIJy/2c+fH1oyt8ebB/McqS+BOi8MB8GA1UdIwQY
MBaAFI2JIjwfM1wMxWk1n6Ldo0miI2zLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvallraVBCOHpYQXpGYVRXZm90MmpTYUlqYk1zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYy81MmExMGQtZDg1MS00MGFlLWE4YjAt
YTEwMjhlZGE2MzgzLzEvZ25MX1p6NThmV2pLM3g1c0g4eHlwTDRFNkx3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYy81MmExMGQtZDg1MS00MGFlLWE4YjAtYTEwMjhlZGE2Mzgz
LzEvallraVBCOHpYQXpGYVRXZm90MmpTYUlqYk1zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAC51akD
BAK51agwDQYJKoZIhvcNAQELBQADggEBABuudt6Rswv+BKkahO07OKgVnYLl/GR9
nurrkoTv96TiW1emKLqFRvUPSOLwW/zPza8IZdj4B2FFn6f27DJ26Uz0PC3j+UQw
hpfbP0vFWHcFEzd/P3K19dyKILe54LQW1OSArMQ+u8Z/aJPfb2hb9Yz95yaTkkmr
7lAkeRQF0kKzEy1CsQyqOHLJgE7PcmltlVQtzYYiKzPhLLkQp9dtkfDkpMkRmZfI
O5JaviB+ST7He1vsMatLj+baw977wnJ0PTVB4Y/OjOzZURnD9yKooQ/Gjq61b+Ie
SxJB3NFIMDbyJQbHk1e2nc+tUZNf+3q2qI7mhdpSgqoXZGUDZLquUHI=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:35:35 2025 by rpki-client