Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/1f6458-dc75-4add-ae72-91e3184bb0ab/1/g9Nh6rGB_WAfHF22AvusSwONBJg.roa
File: g9Nh6rGB_WAfHF22AvusSwONBJg.roa (raw, json)
Hash identifier: oG2FRCUP7bu+nu20uHGpajC+jgIS6pi2tn9db9W60aA=
Subject key identifier: 83:D3:61:EA:B1:81:FD:60:1F:1C:5D:B6:02:FB:AC:4B:03:8D:04:98
Certificate issuer: /CN=1aca63df248b7adf3ddd07e8c2d3eedd02cef933
Certificate serial: 3A11C4D7
Authority key identifier: 1A:CA:63:DF:24:8B:7A:DF:3D:DD:07:E8:C2:D3:EE:DD:02:CE:F9:33
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Gspj3ySLet893QfowtPu3QLO-TM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/1f6458-dc75-4add-ae72-91e3184bb0ab/1/g9Nh6rGB_WAfHF22AvusSwONBJg.roa
Signing time: Sat 01 Jan 2022 14:00:46 +0000
ROA not before: Sat 01 Jan 2022 14:00:46 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 206957
IP address blocks: 78.133.237.0/24 maxlen: 24
89.174.109.0/24 maxlen: 24
89.174.117.0/24 maxlen: 24
89.174.116.0/24 maxlen: 24
89.174.228.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 974243031 (0x3a11c4d7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1aca63df248b7adf3ddd07e8c2d3eedd02cef933
Validity
Not Before: Jan 1 14:00:46 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=83d361eab181fd601f1c5db602fbac4b038d0498
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:e8:7d:b6:5c:9e:8c:61:2e:31:64:16:d6:59:
20:13:ae:6f:fa:4c:f5:28:56:f7:cc:ea:04:5d:5f:
9f:f3:9c:b6:be:68:fc:cf:97:c9:37:ba:5b:15:c6:
a1:b2:39:5e:c2:1b:b9:43:78:30:96:61:67:cf:97:
0b:ad:12:69:79:ca:aa:9a:11:85:a4:1d:4f:f9:49:
4b:b5:a4:3a:96:63:f2:cd:42:f2:9f:49:4c:1e:60:
9a:94:9b:c9:a3:ac:c2:c0:a1:1e:46:2c:c8:d8:37:
49:cd:a7:97:89:71:b8:8c:83:b4:ec:e6:0c:85:34:
be:0b:03:65:d0:e9:6a:29:01:a6:e1:68:a1:b8:99:
31:fd:55:b0:e8:bf:78:61:65:6e:9c:f8:c1:d9:00:
82:27:34:10:e2:73:50:6b:36:50:53:41:b7:45:e4:
87:82:51:be:f5:0b:ff:88:d2:5f:29:72:d6:d6:af:
4c:93:70:62:e6:9c:8e:fc:b8:83:e6:f9:bf:d8:6b:
c3:5c:61:2b:f2:8e:f7:42:45:f6:95:0b:93:d8:ab:
39:48:9f:ef:1b:e6:f7:1f:8a:28:73:29:69:dc:6a:
3a:32:53:32:c4:33:5d:5a:49:cd:cf:8a:99:94:35:
42:47:69:d1:3d:49:99:34:2d:a1:35:af:eb:d1:7b:
d3:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
83:D3:61:EA:B1:81:FD:60:1F:1C:5D:B6:02:FB:AC:4B:03:8D:04:98
X509v3 Authority Key Identifier:
keyid:1A:CA:63:DF:24:8B:7A:DF:3D:DD:07:E8:C2:D3:EE:DD:02:CE:F9:33
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Gspj3ySLet893QfowtPu3QLO-TM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/1f6458-dc75-4add-ae72-91e3184bb0ab/1/g9Nh6rGB_WAfHF22AvusSwONBJg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/be/1f6458-dc75-4add-ae72-91e3184bb0ab/1/Gspj3ySLet893QfowtPu3QLO-TM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.133.237.0/24
89.174.109.0/24
89.174.116.0/23
89.174.228.0/24
Signature Algorithm: sha256WithRSAEncryption
94:32:6a:cd:d3:d0:2c:a0:c5:09:d5:0f:fd:bb:4b:b4:51:8c:
f6:4b:60:3e:4c:93:1e:f6:61:fa:1f:37:b8:50:97:46:d7:20:
02:e3:3e:cf:6f:df:0b:42:ad:ef:eb:d4:96:10:c1:c3:0e:09:
34:9e:ef:0d:3d:12:ae:6e:17:a7:52:67:31:6d:08:a2:c8:c8:
89:14:fd:04:f7:d0:99:01:20:44:3c:20:e0:30:ac:fb:36:72:
b7:3d:28:9b:8f:c7:33:c8:dd:b5:d4:c4:de:de:30:5e:33:3f:
fc:6e:51:6f:3d:f8:e7:74:07:29:18:70:06:fb:60:63:b6:90:
c4:1f:55:ce:75:54:e9:c4:6b:39:b0:ca:74:41:a2:da:d6:52:
b9:58:2e:f2:40:dc:f1:2d:48:6d:85:83:02:d4:6a:bd:53:4c:
5a:3a:70:d3:9a:ed:de:40:d2:37:6a:0e:48:a1:bd:51:f8:30:
93:bf:8c:d2:ce:1e:c4:04:48:35:17:18:00:95:2c:4d:5d:e5:
95:8d:42:91:7f:5b:3a:8a:00:99:0f:28:66:b7:8a:fc:bb:5c:
15:2a:37:f9:30:87:41:31:26:15:ed:a0:0f:30:4c:05:85:b9:
38:b6:2f:5e:e3:13:69:0b:05:ee:74:57:f9:84:3f:fe:b3:95:
81:ec:d2:d4
-----BEGIN CERTIFICATE-----
MIIFATCCA+mgAwIBAgIEOhHE1zANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
YWNhNjNkZjI0OGI3YWRmM2RkZDA3ZThjMmQzZWVkZDAyY2VmOTMzMB4XDTIyMDEw
MTE0MDA0NloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoODNkMzYxZWFiMTgx
ZmQ2MDFmMWM1ZGI2MDJmYmFjNGIwMzhkMDQ5ODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAIjofbZcnoxhLjFkFtZZIBOub/pM9ShW98zqBF1fn/Octr5o
/M+XyTe6WxXGobI5XsIbuUN4MJZhZ8+XC60SaXnKqpoRhaQdT/lJS7WkOpZj8s1C
8p9JTB5gmpSbyaOswsChHkYsyNg3Sc2nl4lxuIyDtOzmDIU0vgsDZdDpaikBpuFo
obiZMf1VsOi/eGFlbpz4wdkAgic0EOJzUGs2UFNBt0Xkh4JRvvUL/4jSXyly1tav
TJNwYuacjvy4g+b5v9hrw1xhK/KO90JF9pULk9irOUif7xvm9x+KKHMpadxqOjJT
MsQzXVpJzc+KmZQ1Qkdp0T1JmTQtoTWv69F70zUCAwEAAaOCAhswggIXMB0GA1Ud
DgQWBBSD02HqsYH9YB8cXbYC+6xLA40EmDAfBgNVHSMEGDAWgBQaymPfJIt63z3d
B+jC0+7dAs75MzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0dzcGozeVNMZXQ4OTNRZm93dFB1M1FMTy1UTS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYmUvMWY2NDU4LWRjNzUtNGFkZC1hZTcyLTkxZTMxODRiYjBhYi8x
L2c5Tmg2ckdCX1dBZkhGMjJBdnVzU3dPTkJKZy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYmUv
MWY2NDU4LWRjNzUtNGFkZC1hZTcyLTkxZTMxODRiYjBhYi8xL0dzcGozeVNMZXQ4
OTNRZm93dFB1M1FMTy1UTS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAx
BggrBgEFBQcBBwEB/wQiMCAwHgQCAAEwGAMEAE6F7QMEAFmubQMEAVmudAMEAFmu
5DANBgkqhkiG9w0BAQsFAAOCAQEAlDJqzdPQLKDFCdUP/btLtFGM9ktgPkyTHvZh
+h83uFCXRtcgAuM+z2/fC0Kt7+vUlhDBww4JNJ7vDT0Srm4Xp1JnMW0IosjIiRT9
BPfQmQEgRDwg4DCs+zZytz0om4/HM8jdtdTE3t4wXjM//G5Rbz3453QHKRhwBvtg
Y7aQxB9VznVU6cRrObDKdEGi2tZSuVgu8kDc8S1IbYWDAtRqvVNMWjpw05rt3kDS
N2oOSKG9Ufgwk7+M0s4exARINRcYAJUsTV3llY1CkX9bOooAmQ8oZreK/LtcFSo3
+TCHQTEmFe2gDzBMBYW5OLYvXuMTaQsF7nRX+YQ//rOVgezS1A==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:52:01 2024 by rpki-client on console-fra.rpki-client.org