Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ba/ef64c5-9487-40fd-b669-e844e2c2e9da/1/ganCDardwatQvvM0WM99hxhstHs.roa
File: ganCDardwatQvvM0WM99hxhstHs.roa (raw, json)
Hash identifier: 4OlxjYKQ8L+vBzIBdGbuydoPfzR/SC1iSspN85IGrdA=
Subject key identifier: 81:A9:C2:0D:AA:DD:C1:AB:50:BE:F3:34:58:CF:7D:87:18:6C:B4:7B
Certificate issuer: /CN=3d563e205ad217433709b200a0dcd30c70961c96
Certificate serial: 018413CA3F05A261F3253B1B2F07EBF812EC
Authority key identifier: 3D:56:3E:20:5A:D2:17:43:37:09:B2:00:A0:DC:D3:0C:70:96:1C:96
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PVY-IFrSF0M3CbIAoNzTDHCWHJY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ba/ef64c5-9487-40fd-b669-e844e2c2e9da/1/ganCDardwatQvvM0WM99hxhstHs.roa
Signing time: Wed 26 Oct 2022 10:15:32 +0000
ROA not before: Wed 26 Oct 2022 10:15:32 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 34612
IP address blocks: 185.50.208.0/22 maxlen: 22
141.138.216.0/21 maxlen: 21
178.20.56.0/21 maxlen: 21
91.215.148.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:13:ca:3f:05:a2:61:f3:25:3b:1b:2f:07:eb:f8:12:ec
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3d563e205ad217433709b200a0dcd30c70961c96
Validity
Not Before: Oct 26 10:15:32 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=81a9c20daaddc1ab50bef33458cf7d87186cb47b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:2a:fb:02:97:57:46:34:1d:b7:85:98:da:6d:
4a:1a:ae:74:ef:bb:e8:e2:12:97:c5:fe:02:aa:ae:
9a:32:a4:2e:ec:a0:8b:0d:9c:b4:87:95:9f:03:83:
73:73:56:d9:a6:8e:3d:2d:60:87:8e:66:cd:41:29:
0e:cf:9f:64:ea:bf:68:12:42:3d:80:bd:58:94:24:
c9:1d:eb:a5:f9:76:b0:98:de:fd:da:db:87:77:e8:
27:02:bd:55:3f:76:8f:e6:26:57:d5:36:c7:27:fb:
c8:43:45:81:79:4e:04:4c:8e:e8:28:31:b5:0b:3c:
4f:2c:1a:66:63:11:7e:b8:54:f5:dd:e0:18:0e:7b:
a2:98:d8:13:6b:ed:a9:31:79:a5:33:3a:f1:f4:80:
3b:c1:ee:e4:6b:5f:7f:be:c9:4b:06:f7:04:1c:1f:
04:22:6c:12:56:14:f5:f8:c9:ae:90:0a:e3:8a:7b:
22:46:ec:39:70:48:5f:35:7b:da:be:1c:15:e8:6f:
60:29:c1:a6:52:0d:3d:0c:17:7e:21:0a:8c:fd:9c:
aa:0d:2a:40:da:65:98:60:21:ab:b7:c4:9c:49:b1:
18:de:0e:14:b5:9f:05:50:d0:7e:44:fe:12:30:80:
ea:d5:6c:90:93:b0:b0:ca:1b:6d:b0:64:0c:20:62:
4f:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
81:A9:C2:0D:AA:DD:C1:AB:50:BE:F3:34:58:CF:7D:87:18:6C:B4:7B
X509v3 Authority Key Identifier:
keyid:3D:56:3E:20:5A:D2:17:43:37:09:B2:00:A0:DC:D3:0C:70:96:1C:96
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PVY-IFrSF0M3CbIAoNzTDHCWHJY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/ef64c5-9487-40fd-b669-e844e2c2e9da/1/ganCDardwatQvvM0WM99hxhstHs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/ef64c5-9487-40fd-b669-e844e2c2e9da/1/PVY-IFrSF0M3CbIAoNzTDHCWHJY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.215.148.0/22
141.138.216.0/21
178.20.56.0/21
185.50.208.0/22
Signature Algorithm: sha256WithRSAEncryption
2d:58:6c:41:3e:52:dd:10:8e:5f:d1:89:d7:d4:00:51:d8:6c:
2c:1c:de:fa:3b:13:19:55:79:8a:47:b2:22:06:c5:7c:ca:23:
34:82:3d:0f:57:90:44:59:54:55:8e:e1:af:c7:c5:4d:4a:28:
98:0a:75:9b:55:d2:e8:db:25:bf:42:cf:32:1b:8d:9b:60:3e:
77:59:5f:78:4c:e0:bd:3c:b6:e6:fb:9f:59:a8:e7:3a:53:f2:
fd:8c:03:51:7c:cd:37:a4:d5:b7:d0:0c:0e:f0:88:b6:42:74:
13:a3:09:28:a6:f4:08:ae:20:a8:02:dd:36:72:8f:33:66:9b:
d6:c8:15:46:a5:0b:69:24:da:b2:10:b2:39:3a:6b:79:c4:3d:
3a:59:f4:c8:5f:39:5c:99:61:86:df:09:6e:c7:41:14:68:28:
23:ba:b4:c4:4c:16:67:c9:3d:84:73:cf:13:ca:f8:df:30:c8:
42:fb:be:69:8b:98:1b:a7:7a:d6:df:e7:42:6d:60:d3:5f:6a:
11:41:62:7a:f3:bb:cb:a9:d3:3e:bd:a2:53:fd:90:24:2b:5e:
63:4a:5f:9e:93:63:e2:56:34:d8:65:da:90:5c:5c:c5:61:c4:
d6:ae:e7:66:ba:8e:b9:7b:a4:87:1f:78:b5:2e:02:c5:57:fe:
d5:5b:2b:97
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYQTyj8FomHzJTsbLwfr+BLsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNkNTYzZTIwNWFkMjE3NDMzNzA5YjIwMGEwZGNkMzBjNzA5
NjFjOTYwHhcNMjIxMDI2MTAxNTMyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MWE5YzIwZGFhZGRjMWFiNTBiZWYzMzQ1OGNmN2Q4NzE4NmNiNDdiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArir7ApdXRjQdt4WY2m1KGq5077vo
4hKXxf4Cqq6aMqQu7KCLDZy0h5WfA4Nzc1bZpo49LWCHjmbNQSkOz59k6r9oEkI9
gL1YlCTJHeul+XawmN792tuHd+gnAr1VP3aP5iZX1TbHJ/vIQ0WBeU4ETI7oKDG1
CzxPLBpmYxF+uFT13eAYDnuimNgTa+2pMXmlMzrx9IA7we7ka19/vslLBvcEHB8E
ImwSVhT1+MmukArjinsiRuw5cEhfNXvavhwV6G9gKcGmUg09DBd+IQqM/ZyqDSpA
2mWYYCGrt8ScSbEY3g4UtZ8FUNB+RP4SMIDq1WyQk7CwyhttsGQMIGJPJQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFIGpwg2q3cGrUL7zNFjPfYcYbLR7MB8GA1UdIwQY
MBaAFD1WPiBa0hdDNwmyAKDc0wxwlhyWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUFZZLUlGclNGME0zQ2JJQW9OelRESENXSEpZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYS9lZjY0YzUtOTQ4Ny00MGZkLWI2Njkt
ZTg0NGUyYzJlOWRhLzEvZ2FuQ0RhcmR3YXRRdnZNMFdNOTloeGhzdEhzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYS9lZjY0YzUtOTQ4Ny00MGZkLWI2NjktZTg0NGUyYzJlOWRh
LzEvUFZZLUlGclNGME0zQ2JJQW9OelRESENXSEpZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQCW9eUAwQD
jYrYAwQDshQ4AwQCuTLQMA0GCSqGSIb3DQEBCwUAA4IBAQAtWGxBPlLdEI5f0YnX
1ABR2GwsHN76OxMZVXmKR7IiBsV8yiM0gj0PV5BEWVRVjuGvx8VNSiiYCnWbVdLo
2yW/Qs8yG42bYD53WV94TOC9PLbm+59ZqOc6U/L9jANRfM03pNW30AwO8Ii2QnQT
owkopvQIriCoAt02co8zZpvWyBVGpQtpJNqyELI5Omt5xD06WfTIXzlcmWGG3wlu
x0EUaCgjurTETBZnyT2Ec88TyvjfMMhC+75pi5gbp3rW3+dCbWDTX2oRQWJ687vL
qdM+vaJT/ZAkK15jSl+ek2PiVjTYZdqQXFzFYcTWrudmuo65e6SHH3i1LgLFV/7V
WyuX
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:40:50 2024 by rpki-client on console-ams.rpki-client.org