Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ce/487c15-6f6f-407f-949f-a8e4e71bee51/1/gAojx_Z6NBCv73RElsCe1UlnD6c.roa
File: gAojx_Z6NBCv73RElsCe1UlnD6c.roa (raw, json)
Hash identifier: rSHKc793414308t99Wpkgh9aEwXknFInRX3ymhiZK6o=
Subject key identifier: 80:0A:23:C7:F6:7A:34:10:AF:EF:74:44:96:C0:9E:D5:49:67:0F:A7
Certificate issuer: /CN=42c4c90ed16aa20e49178420bfc84a883c12ac68
Certificate serial: 04244617
Authority key identifier: 42:C4:C9:0E:D1:6A:A2:0E:49:17:84:20:BF:C8:4A:88:3C:12:AC:68
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QsTJDtFqog5JF4Qgv8hKiDwSrGg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ce/487c15-6f6f-407f-949f-a8e4e71bee51/1/gAojx_Z6NBCv73RElsCe1UlnD6c.roa
Signing time: Sat 01 Jan 2022 08:03:53 +0000
ROA not before: Sat 01 Jan 2022 08:03:53 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 202254
IP address blocks: 212.108.132.0/24 maxlen: 24
212.108.128.0/19 maxlen: 24
212.108.134.0/24 maxlen: 24
194.146.158.0/24 maxlen: 24
194.146.157.0/24 maxlen: 24
194.146.159.0/24 maxlen: 24
194.146.156.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 69486103 (0x4244617)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=42c4c90ed16aa20e49178420bfc84a883c12ac68
Validity
Not Before: Jan 1 08:03:53 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=800a23c7f67a3410afef744496c09ed549670fa7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:d3:a0:c2:fd:d2:3a:3f:4b:e3:3d:7f:d0:4f:
59:1c:7e:fa:2d:1d:c0:c0:46:c5:82:cc:8f:1b:09:
ca:e6:28:94:fe:0d:73:b9:be:17:4e:a9:d9:e1:2e:
d7:85:a2:50:5a:e1:cb:34:d2:5f:59:a6:11:49:27:
f1:2f:5a:9d:d1:06:09:52:66:55:da:be:b0:92:fa:
bc:58:3a:ff:fd:3e:f0:ab:97:91:cb:2d:c7:38:37:
a9:cc:69:92:10:fb:62:78:ab:a2:1b:41:8d:c7:aa:
c6:a5:4d:16:77:e8:bb:bf:9c:ad:e8:ef:85:6d:c5:
df:55:19:9d:8f:16:9f:6d:a3:b7:18:91:de:fa:3f:
ef:29:95:4a:b5:71:09:23:5f:ea:86:9e:a0:b1:c4:
d3:d6:4c:ec:6d:95:5d:9c:2a:ad:e7:27:aa:21:ce:
c0:26:ca:90:a2:8f:d9:5a:8e:a7:44:f7:87:e8:f1:
fd:37:70:7b:de:56:88:52:6b:03:49:4e:1a:e2:4e:
32:e4:62:52:10:66:ed:78:95:0c:da:9d:3f:36:d4:
42:a4:0b:a3:6f:2a:d5:df:ae:b9:c5:54:24:bf:ad:
28:00:86:a3:bf:c3:25:40:27:14:49:3b:ff:7d:c3:
ad:53:d7:a1:39:5d:18:4e:d5:62:d6:eb:81:72:dd:
de:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
80:0A:23:C7:F6:7A:34:10:AF:EF:74:44:96:C0:9E:D5:49:67:0F:A7
X509v3 Authority Key Identifier:
keyid:42:C4:C9:0E:D1:6A:A2:0E:49:17:84:20:BF:C8:4A:88:3C:12:AC:68
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QsTJDtFqog5JF4Qgv8hKiDwSrGg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ce/487c15-6f6f-407f-949f-a8e4e71bee51/1/gAojx_Z6NBCv73RElsCe1UlnD6c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ce/487c15-6f6f-407f-949f-a8e4e71bee51/1/QsTJDtFqog5JF4Qgv8hKiDwSrGg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.146.156.0/22
212.108.128.0/19
Signature Algorithm: sha256WithRSAEncryption
6f:62:35:59:79:b4:95:6b:be:91:a7:14:fe:5d:77:92:52:e2:
6b:d6:75:be:eb:cb:26:ba:43:9c:9b:e1:3f:d3:77:c0:0c:56:
fe:aa:9d:a6:f2:69:90:63:e7:4d:80:11:05:b4:5e:f5:60:ed:
13:9b:93:87:7c:e7:26:2b:49:96:07:38:ff:5d:ba:14:d9:36:
68:28:bf:d8:21:cc:9e:b6:80:e5:e6:7a:96:9a:67:19:db:57:
7f:74:f5:39:28:62:ac:2c:a1:05:ad:5b:92:ac:ab:a3:71:2d:
30:9b:03:32:97:fe:71:41:4e:3d:3f:83:29:8f:b2:ae:c8:3b:
25:56:3a:d0:f1:ea:6c:c3:4f:7c:e8:a0:36:c3:78:e4:f1:e2:
77:e4:56:36:82:45:b2:15:64:b7:8e:f9:b1:a8:19:b2:4d:a7:
8d:72:28:f7:5d:7f:92:36:52:09:15:fa:fd:d0:ae:39:2f:5f:
50:5a:24:ca:5a:e1:82:77:29:05:53:89:bb:da:f3:cb:c2:8b:
e6:2e:b1:52:b8:34:48:8f:fc:d8:67:25:ab:76:e2:f4:7e:41:
a3:09:cb:50:b8:41:87:3a:d2:76:63:5d:22:7d:40:de:eb:e3:
72:3f:1d:f7:b9:f8:17:23:10:26:35:29:08:45:34:c9:5d:a7:
22:fd:7f:bd
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIEBCRGFzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0
MmM0YzkwZWQxNmFhMjBlNDkxNzg0MjBiZmM4NGE4ODNjMTJhYzY4MB4XDTIyMDEw
MTA4MDM1M1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoODAwYTIzYzdmNjdh
MzQxMGFmZWY3NDQ0OTZjMDllZDU0OTY3MGZhNzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMvToML90jo/S+M9f9BPWRx++i0dwMBGxYLMjxsJyuYolP4N
c7m+F06p2eEu14WiUFrhyzTSX1mmEUkn8S9andEGCVJmVdq+sJL6vFg6//0+8KuX
kcstxzg3qcxpkhD7YnirohtBjceqxqVNFnfou7+crejvhW3F31UZnY8Wn22jtxiR
3vo/7ymVSrVxCSNf6oaeoLHE09ZM7G2VXZwqrecnqiHOwCbKkKKP2VqOp0T3h+jx
/Tdwe95WiFJrA0lOGuJOMuRiUhBm7XiVDNqdPzbUQqQLo28q1d+uucVUJL+tKACG
o7/DJUAnFEk7/33DrVPXoTldGE7VYtbrgXLd3uECAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBSACiPH9no0EK/vdESWwJ7VSWcPpzAfBgNVHSMEGDAWgBRCxMkO0WqiDkkX
hCC/yEqIPBKsaDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1FzVEpEdEZxb2c1SkY0UWd2OGhLaUR3U3JHZy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvY2UvNDg3YzE1LTZmNmYtNDA3Zi05NDlmLWE4ZTRlNzFiZWU1MS8x
L2dBb2p4X1o2TkJDdjczUkVsc0NlMVVsbkQ2Yy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvY2Uv
NDg3YzE1LTZmNmYtNDA3Zi05NDlmLWE4ZTRlNzFiZWU1MS8xL1FzVEpEdEZxb2c1
SkY0UWd2OGhLaUR3U3JHZy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEAsKSnAMEBdRsgDANBgkqhkiG9w0B
AQsFAAOCAQEAb2I1WXm0lWu+kacU/l13klLia9Z1vuvLJrpDnJvhP9N3wAxW/qqd
pvJpkGPnTYARBbRe9WDtE5uTh3znJitJlgc4/126FNk2aCi/2CHMnraA5eZ6lppn
GdtXf3T1OShirCyhBa1bkqyro3EtMJsDMpf+cUFOPT+DKY+yrsg7JVY60PHqbMNP
fOigNsN45PHid+RWNoJFshVkt475sagZsk2njXIo911/kjZSCRX6/dCuOS9fUFok
ylrhgncpBVOJu9rzy8KL5i6xUrg0SI/82Gclq3bi9H5BownLULhBhzrSdmNdIn1A
3uvjcj8d97n4FyMQJjUpCEU0yV2nIv1/vQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:44:58 2024 by rpki-client on console-ams.rpki-client.org