Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ae/838ef1-7393-4fbd-b67b-664b8f03d180/1/ghZ09XMjq_mEWXmXs4O-h53vWNo.roa
File: ghZ09XMjq_mEWXmXs4O-h53vWNo.roa (raw, json)
Hash identifier: Qjl557GS0WroyzOt8a/eJg9xOs4jFev6GVa7iINr5hE=
Subject key identifier: 82:16:74:F5:73:23:AB:F9:84:59:79:97:B3:83:BE:87:9D:EF:58:DA
Certificate issuer: /CN=598fa4201344d4107f792eee2566c62d65714e2d
Certificate serial: 0A4F0042
Authority key identifier: 59:8F:A4:20:13:44:D4:10:7F:79:2E:EE:25:66:C6:2D:65:71:4E:2D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WY-kIBNE1BB_eS7uJWbGLWVxTi0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ae/838ef1-7393-4fbd-b67b-664b8f03d180/1/ghZ09XMjq_mEWXmXs4O-h53vWNo.roa
Signing time: Sat 01 Jan 2022 02:51:30 +0000
ROA not before: Sat 01 Jan 2022 02:51:30 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 50926
IP address blocks: 185.50.199.0/24 maxlen: 24
185.50.198.0/24 maxlen: 24
185.50.197.0/24 maxlen: 24
185.50.196.0/22 maxlen: 22
185.50.196.0/24 maxlen: 24
5.145.175.0/24 maxlen: 24
5.145.174.0/24 maxlen: 24
217.61.130.0/24 maxlen: 24
217.61.129.0/24 maxlen: 24
217.61.128.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 172949570 (0xa4f0042)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=598fa4201344d4107f792eee2566c62d65714e2d
Validity
Not Before: Jan 1 02:51:30 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=821674f57323abf984597997b383be879def58da
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:d5:08:38:47:80:d9:5a:cd:c2:80:48:82:89:
6b:6c:45:8a:05:4f:e2:4d:70:08:f2:68:3b:9f:ad:
5d:52:17:e6:a4:fb:51:19:6e:dc:db:2e:43:6b:a1:
dc:36:11:27:18:0b:ae:b0:16:5d:ad:b2:15:b6:48:
88:f9:a5:3f:29:4e:fa:50:77:90:81:64:27:0c:30:
f0:b3:a9:0b:84:ee:d8:d6:84:75:2a:cb:d9:9f:52:
d1:68:cf:a1:d6:4f:4b:5d:41:22:df:fd:c5:30:56:
54:a1:a4:a3:90:31:37:f3:7d:a0:8a:4d:09:c3:9c:
8a:10:76:37:2e:fe:99:71:71:f4:b8:65:67:04:4b:
7a:ba:ca:35:3b:4e:00:5a:51:22:64:a5:ea:62:2e:
2f:a7:c4:5c:54:d8:f3:92:58:84:ee:b4:0c:a7:35:
36:eb:e3:18:76:00:47:3a:35:e4:b5:56:c2:89:b7:
17:db:2d:a4:28:2a:04:dc:f3:a4:53:90:c0:8c:08:
0b:f3:82:85:93:a3:19:d5:64:1b:8f:f2:11:f9:f8:
66:a9:d2:01:a7:1c:83:3e:88:b8:46:dc:fb:4f:11:
f8:a4:83:1e:76:b2:c0:7c:37:1d:82:e3:09:b7:db:
e5:a0:c3:22:bc:ac:8f:19:98:5e:26:a7:17:ea:ef:
2f:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
82:16:74:F5:73:23:AB:F9:84:59:79:97:B3:83:BE:87:9D:EF:58:DA
X509v3 Authority Key Identifier:
keyid:59:8F:A4:20:13:44:D4:10:7F:79:2E:EE:25:66:C6:2D:65:71:4E:2D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WY-kIBNE1BB_eS7uJWbGLWVxTi0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/838ef1-7393-4fbd-b67b-664b8f03d180/1/ghZ09XMjq_mEWXmXs4O-h53vWNo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/838ef1-7393-4fbd-b67b-664b8f03d180/1/WY-kIBNE1BB_eS7uJWbGLWVxTi0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.145.174.0/23
185.50.196.0/22
217.61.128.0-217.61.130.255
Signature Algorithm: sha256WithRSAEncryption
8d:60:ef:c9:33:f6:62:b4:03:c9:a0:69:63:f2:35:d5:d3:f2:
cf:7a:72:90:19:c9:2c:d8:c5:2a:e7:01:ff:ee:8a:50:26:df:
32:93:ef:c6:6b:cb:5c:a1:db:ee:58:05:15:cf:ae:92:15:18:
cb:34:cc:81:a5:2a:c8:87:ba:12:05:41:1b:60:35:b8:5e:e3:
55:34:7b:05:62:b6:63:96:cc:20:38:0f:0c:50:da:d3:3f:df:
56:5c:ac:ae:60:21:d4:f9:05:46:c4:3a:63:f9:11:b6:d7:76:
ea:18:b8:b6:a0:20:1e:21:70:51:a0:70:c4:84:8a:fd:f0:65:
fc:79:ed:5c:2f:15:81:db:f1:61:05:3c:b0:72:f8:0f:aa:1f:
cc:ab:69:3d:ef:a7:64:1f:67:2e:4f:e1:23:8c:24:13:a8:9f:
dc:12:5d:e7:2d:ea:1e:bf:6b:45:6f:a2:46:df:7f:20:ae:15:
4c:9c:9a:2f:12:99:ab:95:de:07:78:30:17:a6:c0:c8:e5:c7:
e2:6c:da:03:d0:2e:24:50:07:1e:b9:72:8c:09:d8:6a:cf:48:
2b:7b:8b:63:0e:f8:32:c1:94:91:2a:0d:b0:e7:88:bc:f3:1c:
0e:b9:57:93:71:c4:51:43:07:e9:c6:a2:de:a4:b8:a6:e8:fe:
f6:89:64:0d
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgIECk8AQjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg1
OThmYTQyMDEzNDRkNDEwN2Y3OTJlZWUyNTY2YzYyZDY1NzE0ZTJkMB4XDTIyMDEw
MTAyNTEzMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoODIxNjc0ZjU3MzIz
YWJmOTg0NTk3OTk3YjM4M2JlODc5ZGVmNThkYTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMfVCDhHgNlazcKASIKJa2xFigVP4k1wCPJoO5+tXVIX5qT7
URlu3NsuQ2uh3DYRJxgLrrAWXa2yFbZIiPmlPylO+lB3kIFkJwww8LOpC4Tu2NaE
dSrL2Z9S0WjPodZPS11BIt/9xTBWVKGko5AxN/N9oIpNCcOcihB2Ny7+mXFx9Lhl
ZwRLerrKNTtOAFpRImSl6mIuL6fEXFTY85JYhO60DKc1NuvjGHYARzo15LVWwom3
F9stpCgqBNzzpFOQwIwIC/OChZOjGdVkG4/yEfn4ZqnSAaccgz6IuEbc+08R+KSD
HnaywHw3HYLjCbfb5aDDIrysjxmYXianF+rvL8kCAwEAAaOCAh0wggIZMB0GA1Ud
DgQWBBSCFnT1cyOr+YRZeZezg76Hne9Y2jAfBgNVHSMEGDAWgBRZj6QgE0TUEH95
Lu4lZsYtZXFOLTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1dZLWtJQk5FMUJCX2VTN3VKV2JHTFdWeFRpMC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYWUvODM4ZWYxLTczOTMtNGZiZC1iNjdiLTY2NGI4ZjAzZDE4MC8x
L2doWjA5WE1qcV9tRVdYbVhzNE8taDUzdldOby5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYWUv
ODM4ZWYxLTczOTMtNGZiZC1iNjdiLTY2NGI4ZjAzZDE4MC8xL1dZLWtJQk5FMUJC
X2VTN3VKV2JHTFdWeFRpMC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAz
BggrBgEFBQcBBwEB/wQkMCIwIAQCAAEwGgMEAQWRrgMEArkyxDAMAwQH2T2AAwQA
2T2CMA0GCSqGSIb3DQEBCwUAA4IBAQCNYO/JM/ZitAPJoGlj8jXV0/LPenKQGcks
2MUq5wH/7opQJt8yk+/Ga8tcodvuWAUVz66SFRjLNMyBpSrIh7oSBUEbYDW4XuNV
NHsFYrZjlswgOA8MUNrTP99WXKyuYCHU+QVGxDpj+RG213bqGLi2oCAeIXBRoHDE
hIr98GX8ee1cLxWB2/FhBTywcvgPqh/Mq2k976dkH2cuT+EjjCQTqJ/cEl3nLeoe
v2tFb6JG338grhVMnJovEpmrld4HeDAXpsDI5cfibNoD0C4kUAceuXKMCdhqz0gr
e4tjDvgywZSRKg2w54i88xwOuVeTccRRQwfpxqLepLim6P72iWQN
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:02:11 2023 by rpki-client on console-fra.rpki-client.org