Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d1/03316d-04e0-4660-a63e-671839200604/1/Gn9z9VK0OT-YQ0GW9BFTZjsGrT4.roa
File: Gn9z9VK0OT-YQ0GW9BFTZjsGrT4.roa (raw, json)
Hash identifier: gaYG60V0tajeVbfDOcR9IXdLQShXno2IJ7qEYn8b4JU=
Subject key identifier: 1A:7F:73:F5:52:B4:39:3F:98:43:41:96:F4:11:53:66:3B:06:AD:3E
Certificate issuer: /CN=a0bfd06ce855b62d9b688cd8c535d5f494cd3932
Certificate serial: 0C51B923
Authority key identifier: A0:BF:D0:6C:E8:55:B6:2D:9B:68:8C:D8:C5:35:D5:F4:94:CD:39:32
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oL_QbOhVti2baIzYxTXV9JTNOTI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d1/03316d-04e0-4660-a63e-671839200604/1/Gn9z9VK0OT-YQ0GW9BFTZjsGrT4.roa
Signing time: Mon 21 Mar 2022 15:50:20 +0000
ROA not before: Mon 21 Mar 2022 15:50:20 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 51265
IP address blocks: 176.126.39.0/24 maxlen: 24
193.9.252.0/23 maxlen: 24
178.157.4.0/22 maxlen: 22
185.44.52.0/22 maxlen: 22
185.69.244.0/22 maxlen: 22
62.240.128.0/19 maxlen: 24
83.216.32.0/19 maxlen: 20
2a07:1740::/29 maxlen: 29
2a04:9540::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 206682403 (0xc51b923)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a0bfd06ce855b62d9b688cd8c535d5f494cd3932
Validity
Not Before: Mar 21 15:50:20 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=1a7f73f552b4393f98434196f41153663b06ad3e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f3:4b:b9:a6:b3:f1:6d:3d:9a:b8:78:25:b3:2c:
5f:72:c3:4b:44:8e:8c:0f:b2:2f:cb:e7:d7:f6:11:
28:a4:86:7a:89:8c:c7:96:9b:ab:1a:92:90:01:e3:
8b:c3:9c:2c:c2:3e:9d:e0:d2:32:d2:cc:c9:f5:c5:
da:62:c3:72:36:a2:37:95:f2:0b:51:76:71:a6:41:
68:26:08:e2:e6:b0:bc:49:e2:a4:f3:c7:0a:98:81:
c0:09:e5:34:bd:24:d9:ef:3d:39:f1:b0:8f:6a:11:
91:1b:a2:a3:bb:82:59:77:0c:ca:99:af:9e:f5:48:
d6:a7:74:44:bc:f8:f3:9f:22:10:7a:bc:3d:63:63:
42:a1:f1:4e:4e:da:ea:f6:f4:f9:0f:fb:ed:66:f5:
94:4c:23:48:d6:c5:85:05:f4:7a:31:d9:cc:70:fb:
06:07:34:0c:d6:69:1a:17:67:56:10:69:01:80:5a:
1e:0e:b4:85:cf:83:e9:1d:b3:ff:90:7a:14:f1:0e:
41:14:99:5a:18:db:28:24:63:c5:b1:7a:1f:c8:a2:
4c:73:04:01:ce:ae:d1:87:56:82:bb:b9:e6:31:9c:
84:57:52:97:b0:d1:64:43:07:16:20:ce:97:58:b9:
cf:7f:60:62:2b:bc:a0:10:5b:5f:73:02:ff:bc:3e:
43:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1A:7F:73:F5:52:B4:39:3F:98:43:41:96:F4:11:53:66:3B:06:AD:3E
X509v3 Authority Key Identifier:
keyid:A0:BF:D0:6C:E8:55:B6:2D:9B:68:8C:D8:C5:35:D5:F4:94:CD:39:32
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oL_QbOhVti2baIzYxTXV9JTNOTI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/03316d-04e0-4660-a63e-671839200604/1/Gn9z9VK0OT-YQ0GW9BFTZjsGrT4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/03316d-04e0-4660-a63e-671839200604/1/oL_QbOhVti2baIzYxTXV9JTNOTI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.240.128.0/19
83.216.32.0/19
176.126.39.0/24
178.157.4.0/22
185.44.52.0/22
185.69.244.0/22
193.9.252.0/23
IPv6:
2a04:9540::/29
2a07:1740::/29
Signature Algorithm: sha256WithRSAEncryption
67:c4:5e:90:ac:eb:2a:ff:40:ef:56:3f:ab:73:f0:8c:e2:e0:
08:61:c5:92:61:d1:3b:a6:dc:d6:13:52:d5:dd:2f:1f:ce:4f:
87:24:57:dc:24:a0:32:54:a4:ed:25:05:ce:be:2f:0a:44:c7:
d1:85:cf:32:ca:62:43:11:ee:77:57:75:1c:2f:3e:70:1b:b6:
be:d4:15:aa:f8:dd:c6:35:9f:21:84:06:ef:8f:ae:29:5d:2e:
98:56:62:fa:48:ba:54:89:77:91:53:79:78:fb:e1:60:7a:00:
01:bc:e7:2b:9a:19:62:c6:8d:71:2b:82:90:51:cc:14:1e:2d:
5e:f1:6a:60:25:c6:9f:cc:bf:0e:10:f7:d2:05:10:c1:e1:57:
bf:ed:0c:b0:63:8e:42:5d:2f:7d:d1:66:95:23:c1:0c:9d:ae:
dc:b1:d2:fa:93:09:a1:d2:99:aa:ee:cb:3a:47:56:f9:09:24:
02:73:df:46:fe:54:88:bb:75:fe:32:dc:37:01:76:ab:10:f5:
b5:85:35:d1:d1:6f:16:d7:f7:5c:ef:c6:ff:dd:71:d3:47:34:
9f:8a:0d:2e:60:20:9b:52:98:e9:b9:4c:ff:10:3c:2f:51:63:
f5:9c:f6:6a:4f:49:f5:d6:e4:f6:c8:98:39:74:cb:1e:17:d3:
0c:91:fc:cf
-----BEGIN CERTIFICATE-----
MIIFKTCCBBGgAwIBAgIEDFG5IzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
MGJmZDA2Y2U4NTViNjJkOWI2ODhjZDhjNTM1ZDVmNDk0Y2QzOTMyMB4XDTIyMDMy
MTE1NTAyMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMWE3ZjczZjU1MmI0
MzkzZjk4NDM0MTk2ZjQxMTUzNjYzYjA2YWQzZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAPNLuaaz8W09mrh4JbMsX3LDS0SOjA+yL8vn1/YRKKSGeomM
x5abqxqSkAHji8OcLMI+neDSMtLMyfXF2mLDcjaiN5XyC1F2caZBaCYI4uawvEni
pPPHCpiBwAnlNL0k2e89OfGwj2oRkRuio7uCWXcMypmvnvVI1qd0RLz4858iEHq8
PWNjQqHxTk7a6vb0+Q/77Wb1lEwjSNbFhQX0ejHZzHD7Bgc0DNZpGhdnVhBpAYBa
Hg60hc+D6R2z/5B6FPEOQRSZWhjbKCRjxbF6H8iiTHMEAc6u0YdWgru55jGchFdS
l7DRZEMHFiDOl1i5z39gYiu8oBBbX3MC/7w+Q7kCAwEAAaOCAkMwggI/MB0GA1Ud
DgQWBBQaf3P1UrQ5P5hDQZb0EVNmOwatPjAfBgNVHSMEGDAWgBSgv9Bs6FW2LZto
jNjFNdX0lM05MjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L29MX1FiT2hWdGkyYmFJell4VFhWOUpUTk9USS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZDEvMDMzMTZkLTA0ZTAtNDY2MC1hNjNlLTY3MTgzOTIwMDYwNC8x
L0duOXo5VkswT1QtWVEwR1c5QkZUWmpzR3JUNC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDEv
MDMzMTZkLTA0ZTAtNDY2MC1hNjNlLTY3MTgzOTIwMDYwNC8xL29MX1FiT2hWdGky
YmFJell4VFhWOUpUTk9USS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZ
BggrBgEFBQcBBwEB/wRKMEgwMAQCAAEwKgMEBT7wgAMEBVPYIAMEALB+JwMEArKd
BAMEArksNAMEArlF9AMEAcEJ/DAUBAIAAjAOAwUDKgSVQAMFAyoHF0AwDQYJKoZI
hvcNAQELBQADggEBAGfEXpCs6yr/QO9WP6tz8Izi4AhhxZJh0Tum3NYTUtXdLx/O
T4ckV9wkoDJUpO0lBc6+LwpEx9GFzzLKYkMR7ndXdRwvPnAbtr7UFar43cY1nyGE
Bu+PrildLphWYvpIulSJd5FTeXj74WB6AAG85yuaGWLGjXErgpBRzBQeLV7xamAl
xp/Mvw4Q99IFEMHhV7/tDLBjjkJdL33RZpUjwQydrtyx0vqTCaHSmaruyzpHVvkJ
JAJz30b+VIi7df4y3DcBdqsQ9bWFNdHRbxbX91zvxv/dcdNHNJ+KDS5gIJtSmOm5
TP8QPC9RY/Wc9mpPSfXW5PbImDl0yx4X0wyR/M8=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:51 2024 by rpki-client on console-fra.rpki-client.org