Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cb/0797d4-8b2c-40ac-9cab-667db1dc1b86/1/gaOVz-lhYtfimKBK-5ZPqdETsyM.roa
File: gaOVz-lhYtfimKBK-5ZPqdETsyM.roa (raw, json)
Hash identifier: FwGakuXGuZYJZyXE35vjhBBLDB7Mf8FgwvWpwa3r2BI=
Subject key identifier: 81:A3:95:CF:E9:61:62:D7:E2:98:A0:4A:FB:96:4F:A9:D1:13:B3:23
Certificate issuer: /CN=cb36180ab4542d6eee66d9f99030df71236ce264
Certificate serial: 04B7658E
Authority key identifier: CB:36:18:0A:B4:54:2D:6E:EE:66:D9:F9:90:30:DF:71:23:6C:E2:64
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yzYYCrRULW7uZtn5kDDfcSNs4mQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cb/0797d4-8b2c-40ac-9cab-667db1dc1b86/1/gaOVz-lhYtfimKBK-5ZPqdETsyM.roa
Signing time: Sat 01 Jan 2022 02:57:17 +0000
ROA not before: Sat 01 Jan 2022 02:57:17 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 199995
IP address blocks: 185.76.68.0/22 maxlen: 22
185.151.84.0/24 maxlen: 24
185.109.54.0/23 maxlen: 23
185.151.85.0/24 maxlen: 24
185.109.52.0/24 maxlen: 24
185.109.53.0/24 maxlen: 24
185.151.86.0/24 maxlen: 24
185.151.87.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 79127950 (0x4b7658e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cb36180ab4542d6eee66d9f99030df71236ce264
Validity
Not Before: Jan 1 02:57:17 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=81a395cfe96162d7e298a04afb964fa9d113b323
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:9b:cd:3b:61:89:ad:be:88:df:2b:d9:69:2f:
63:55:54:47:27:a2:f4:d2:b3:3f:71:1a:09:64:87:
24:d8:18:8a:d4:29:d3:a6:33:27:7c:a1:d5:79:b6:
28:98:02:67:bd:f5:e5:26:9c:3a:39:eb:81:20:ef:
d3:2f:21:ad:d1:e8:bd:d4:b2:c2:ba:5d:6a:9d:03:
f7:bc:96:18:fe:04:9c:71:69:9e:97:9b:fb:ea:67:
83:0d:ed:0a:8c:b8:34:9c:fe:6d:d0:e4:b6:9b:a6:
72:4e:fc:bb:3b:df:96:3e:68:19:8f:0a:52:6b:1b:
89:a7:84:8d:12:d5:cc:26:5a:00:71:97:6b:bc:cb:
fd:8b:d6:f8:ed:41:c4:f9:a5:bd:cd:32:03:46:25:
e0:31:64:03:d7:06:7d:5e:e1:b2:cc:b5:60:dc:97:
78:7b:33:4f:fb:69:d7:ec:e2:ad:b7:35:4c:b9:3c:
d2:f6:75:3b:80:52:51:a1:a5:a4:00:fe:67:8e:95:
38:c5:33:b6:db:e1:be:ea:68:b2:ec:0f:d1:e8:e4:
fb:bf:8a:e9:3f:10:2b:c6:1d:08:e0:3f:3a:af:8c:
77:eb:e5:51:95:4e:ec:cd:a1:ee:09:c9:27:a9:14:
7a:cb:81:d8:5b:d2:df:77:cb:1b:29:93:c8:da:0e:
cb:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
81:A3:95:CF:E9:61:62:D7:E2:98:A0:4A:FB:96:4F:A9:D1:13:B3:23
X509v3 Authority Key Identifier:
keyid:CB:36:18:0A:B4:54:2D:6E:EE:66:D9:F9:90:30:DF:71:23:6C:E2:64
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yzYYCrRULW7uZtn5kDDfcSNs4mQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/0797d4-8b2c-40ac-9cab-667db1dc1b86/1/gaOVz-lhYtfimKBK-5ZPqdETsyM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/0797d4-8b2c-40ac-9cab-667db1dc1b86/1/yzYYCrRULW7uZtn5kDDfcSNs4mQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.76.68.0/22
185.109.52.0/22
185.151.84.0/22
Signature Algorithm: sha256WithRSAEncryption
52:f0:22:79:8d:65:d0:ca:8e:22:00:59:f9:a7:a4:1b:de:fe:
07:c6:4f:a9:91:07:4b:b0:cb:c8:c6:40:5f:a7:e3:62:f1:18:
2d:e8:df:14:1f:79:21:c9:01:8c:04:49:15:f6:f2:ff:0d:fc:
48:a6:26:ce:05:dc:b1:40:9a:69:16:77:5e:65:35:78:4e:60:
d6:a0:58:70:8c:80:6b:6a:f1:59:38:c2:48:92:9b:bb:ba:69:
9d:12:0a:1c:72:36:cd:cc:34:46:16:db:ae:ea:07:5b:37:2b:
3a:c1:ae:b8:04:36:f5:d1:4b:ba:92:3b:1f:f6:48:f4:c0:21:
76:ee:20:52:0b:2f:f1:f1:7f:be:57:59:6b:ab:5d:07:a3:4c:
e2:b0:ce:45:ce:9b:f9:2d:d6:3a:ad:34:4f:43:60:b1:fc:29:
4f:91:9d:37:e5:bf:ca:a0:83:61:70:98:59:19:ba:5c:79:36:
4e:98:12:83:ec:b5:93:5e:99:43:3f:c5:4b:fc:41:65:94:92:
e4:d6:1a:80:eb:87:78:a3:48:e1:d7:73:91:eb:40:ef:79:64:
bf:9f:3f:95:0d:21:bc:26:39:b3:0f:3a:b8:1b:36:32:f7:3f:
09:5b:2b:43:e6:19:a9:df:dc:c7:5c:4a:aa:90:64:09:51:22:
dd:2b:f3:b2
-----BEGIN CERTIFICATE-----
MIIE+zCCA+OgAwIBAgIEBLdljjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhj
YjM2MTgwYWI0NTQyZDZlZWU2NmQ5Zjk5MDMwZGY3MTIzNmNlMjY0MB4XDTIyMDEw
MTAyNTcxN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoODFhMzk1Y2ZlOTYx
NjJkN2UyOThhMDRhZmI5NjRmYTlkMTEzYjMyMzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALKbzTthia2+iN8r2WkvY1VURyei9NKzP3EaCWSHJNgYitQp
06YzJ3yh1Xm2KJgCZ7315SacOjnrgSDv0y8hrdHovdSywrpdap0D97yWGP4EnHFp
npeb++pngw3tCoy4NJz+bdDktpumck78uzvflj5oGY8KUmsbiaeEjRLVzCZaAHGX
a7zL/YvW+O1BxPmlvc0yA0Yl4DFkA9cGfV7hssy1YNyXeHszT/tp1+zirbc1TLk8
0vZ1O4BSUaGlpAD+Z46VOMUzttvhvuposuwP0ejk+7+K6T8QK8YdCOA/Oq+Md+vl
UZVO7M2h7gnJJ6kUesuB2FvS33fLGymTyNoOy3sCAwEAAaOCAhUwggIRMB0GA1Ud
DgQWBBSBo5XP6WFi1+KYoEr7lk+p0ROzIzAfBgNVHSMEGDAWgBTLNhgKtFQtbu5m
2fmQMN9xI2ziZDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3l6WVlDclJVTFc3dVp0bjVrRERmY1NOczRtUS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvY2IvMDc5N2Q0LThiMmMtNDBhYy05Y2FiLTY2N2RiMWRjMWI4Ni8x
L2dhT1Z6LWxoWXRmaW1LQkstNVpQcWRFVHN5TS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvY2Iv
MDc5N2Q0LThiMmMtNDBhYy05Y2FiLTY2N2RiMWRjMWI4Ni8xL3l6WVlDclJVTFc3
dVp0bjVrRERmY1NOczRtUS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAr
BggrBgEFBQcBBwEB/wQcMBowGAQCAAEwEgMEArlMRAMEArltNAMEArmXVDANBgkq
hkiG9w0BAQsFAAOCAQEAUvAieY1l0MqOIgBZ+aekG97+B8ZPqZEHS7DLyMZAX6fj
YvEYLejfFB95IckBjARJFfby/w38SKYmzgXcsUCaaRZ3XmU1eE5g1qBYcIyAa2rx
WTjCSJKbu7ppnRIKHHI2zcw0RhbbruoHWzcrOsGuuAQ29dFLupI7H/ZI9MAhdu4g
Ugsv8fF/vldZa6tdB6NM4rDORc6b+S3WOq00T0NgsfwpT5GdN+W/yqCDYXCYWRm6
XHk2TpgSg+y1k16ZQz/FS/xBZZSS5NYagOuHeKNI4ddzketA73lkv58/lQ0hvCY5
sw86uBs2Mvc/CVsrQ+YZqd/cx1xKqpBkCVEi3Svzsg==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:04:00 2023 by rpki-client on console-fra.rpki-client.org