Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/GiC8Dp2wOYl-d5LON8xCbSsCb8k.roa
File: GiC8Dp2wOYl-d5LON8xCbSsCb8k.roa (raw, json)
Hash identifier: hoFtJfBYQxPgij8yLQsgfG/68+0RCo0JKw5z9FeQLgY=
Subject key identifier: 1A:20:BC:0E:9D:B0:39:89:7E:77:92:CE:37:CC:42:6D:2B:02:6F:C9
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 08143575
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/GiC8Dp2wOYl-d5LON8xCbSsCb8k.roa
Signing time: Wed 25 May 2022 08:01:14 +0000
ROA not before: Wed 25 May 2022 08:01:14 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 61317
IP address blocks: 185.230.52.0/23 maxlen: 24
185.255.124.0/24 maxlen: 24
185.121.12.0/22 maxlen: 24
185.206.251.0/24 maxlen: 24
185.206.248.0/24 maxlen: 24
185.234.20.0/22 maxlen: 24
185.234.23.0/24 maxlen: 24
185.194.28.0/22 maxlen: 24
185.194.29.0/24 maxlen: 24
185.240.120.0/23 maxlen: 24
45.8.20.0/22 maxlen: 24
185.246.112.0/22 maxlen: 24
185.238.228.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 135542133 (0x8143575)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: May 25 08:01:14 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=1a20bc0e9db039897e7792ce37cc426d2b026fc9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:72:4f:87:14:46:17:7b:53:3e:d6:31:fc:38:
2f:ee:3c:83:c6:cb:1e:42:29:20:84:ea:98:c5:c9:
17:6a:87:ea:eb:2c:db:6d:cf:da:33:a3:ac:e4:fd:
16:3a:6b:d7:31:a5:03:c4:db:ac:6c:41:20:96:2b:
b1:2d:ba:cf:0a:f0:c8:aa:67:f7:fd:dc:44:4c:20:
4d:69:60:d2:cc:87:0c:bb:0d:83:ee:ca:70:9c:99:
a4:e8:95:f7:98:3b:21:b4:e3:16:41:63:e7:88:18:
2b:64:af:9b:e0:6e:5f:d2:2e:42:2b:22:4a:42:8c:
e0:b5:25:be:dd:f0:e7:f8:6c:29:b6:48:f4:29:10:
d8:af:27:4d:ff:3f:3e:9d:57:f7:ba:d1:ba:eb:fa:
8f:ff:5a:14:86:45:1f:c5:e6:66:7e:72:5b:38:02:
4f:a8:2d:98:e9:7a:59:be:44:26:ff:41:48:ad:94:
d4:dd:e1:0f:65:09:ba:4f:ab:97:88:e1:98:72:df:
83:a2:ad:14:ca:f9:1c:9e:6a:a3:0d:98:bf:22:f8:
67:8f:0c:59:68:bf:39:5c:ac:e8:37:0a:bb:a7:14:
81:e9:ef:fa:7f:03:78:e6:ea:24:28:1b:e9:03:29:
8e:25:67:93:32:56:c5:5c:78:bf:85:03:4a:cd:14:
2c:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1A:20:BC:0E:9D:B0:39:89:7E:77:92:CE:37:CC:42:6D:2B:02:6F:C9
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/GiC8Dp2wOYl-d5LON8xCbSsCb8k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.8.20.0/22
185.121.12.0/22
185.194.28.0/22
185.206.248.0/24
185.206.251.0/24
185.230.52.0/23
185.234.20.0/22
185.238.228.0/22
185.240.120.0/23
185.246.112.0/22
185.255.124.0/24
Signature Algorithm: sha256WithRSAEncryption
45:e9:7a:df:fd:1d:37:f4:fe:d1:a0:c8:99:11:ec:b6:ce:76:
13:2c:c5:47:b3:73:3f:9b:ba:8f:27:20:23:96:ef:3b:20:b4:
bc:d2:17:79:28:53:b8:46:f3:55:e7:9f:db:50:93:89:d5:5e:
db:14:dd:b6:09:3d:b8:fd:ad:e3:58:79:06:4e:99:f7:bb:83:
4d:72:d6:62:d7:99:91:7c:d5:dd:03:6d:66:8c:98:73:30:cc:
04:de:97:c6:ec:10:ad:3f:00:3a:b0:68:bf:2a:db:9f:b6:33:
c2:19:c0:71:4e:3f:30:d0:29:27:1f:fa:42:70:8f:af:46:41:
52:2a:0f:7d:2a:82:8b:57:15:21:88:7f:ed:95:ea:14:7f:f2:
58:8c:50:7d:86:42:4b:39:bb:e8:c9:ae:91:e7:82:52:43:a1:
14:4f:2e:7c:30:e3:00:1f:d5:67:b4:b9:cf:0f:ca:53:7f:f1:
f9:ee:40:32:01:66:ca:56:aa:55:20:cd:10:1b:57:dd:bc:93:
84:44:79:a7:7d:76:d1:97:18:95:68:b0:ed:df:d7:57:e6:08:
b2:44:34:e1:1b:2a:b0:2d:d7:b6:01:f4:b3:3e:b7:15:56:70:
76:c0:92:ee:88:67:3b:d8:e1:f5:8b:ee:40:59:39:8d:8b:2a:
bd:22:73:87
-----BEGIN CERTIFICATE-----
MIIFKzCCBBOgAwIBAgIECBQ1dTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
MDY3ODRjMTA1MDg1YjlkNmFkNWY3M2EwM2IyMGQ5YTVjMTE0Y2FmMB4XDTIyMDUy
NTA4MDExNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMWEyMGJjMGU5ZGIw
Mzk4OTdlNzc5MmNlMzdjYzQyNmQyYjAyNmZjOTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALtyT4cURhd7Uz7WMfw4L+48g8bLHkIpIITqmMXJF2qH6uss
223P2jOjrOT9Fjpr1zGlA8TbrGxBIJYrsS26zwrwyKpn9/3cREwgTWlg0syHDLsN
g+7KcJyZpOiV95g7IbTjFkFj54gYK2Svm+BuX9IuQisiSkKM4LUlvt3w5/hsKbZI
9CkQ2K8nTf8/Pp1X97rRuuv6j/9aFIZFH8XmZn5yWzgCT6gtmOl6Wb5EJv9BSK2U
1N3hD2UJuk+rl4jhmHLfg6KtFMr5HJ5qow2YvyL4Z48MWWi/OVys6DcKu6cUgenv
+n8DeObqJCgb6QMpjiVnkzJWxVx4v4UDSs0ULP8CAwEAAaOCAkUwggJBMB0GA1Ud
DgQWBBQaILwOnbA5iX53ks43zEJtKwJvyTAfBgNVHSMEGDAWgBRgZ4TBBQhbnWrV
9zoDsg2aXBFMrzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1lHZUV3UVVJVzUxcTFmYzZBN0lObWx3UlRLOC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZDAvMmI4MzRlLWJhZDItNDlmZi1iYTM4LWI0MzQyYmE5MWFiYy8x
L0dpQzhEcDJ3T1lsLWQ1TE9OOHhDYlNzQ2I4ay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDAv
MmI4MzRlLWJhZDItNDlmZi1iYTM4LWI0MzQyYmE5MWFiYy8xL1lHZUV3UVVJVzUx
cTFmYzZBN0lObWx3UlRLOC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBb
BggrBgEFBQcBBwEB/wRMMEowSAQCAAEwQgMEAi0IFAMEArl5DAMEArnCHAMEALnO
+AMEALnO+wMEAbnmNAMEArnqFAMEArnu5AMEAbnweAMEArn2cAMEALn/fDANBgkq
hkiG9w0BAQsFAAOCAQEARel63/0dN/T+0aDImRHsts52EyzFR7NzP5u6jycgI5bv
OyC0vNIXeShTuEbzVeef21CTidVe2xTdtgk9uP2t41h5Bk6Z97uDTXLWYteZkXzV
3QNtZoyYczDMBN6XxuwQrT8AOrBovyrbn7YzwhnAcU4/MNApJx/6QnCPr0ZBUioP
fSqCi1cVIYh/7ZXqFH/yWIxQfYZCSzm76MmukeeCUkOhFE8ufDDjAB/VZ7S5zw/K
U3/x+e5AMgFmylaqVSDNEBtX3byThER5p3120ZcYlWiw7d/XV+YIskQ04RsqsC3X
tgH0sz63FVZwdsCS7ohnO9jh9YvuQFk5jYsqvSJzhw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:45:21 2024 by rpki-client on console-ams.rpki-client.org