Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/e5d580-eee8-463e-84a8-eaccb8b42dc9/1/GQkB_siBjIgiJQ93erZaDY3mCkE.roa
File: GQkB_siBjIgiJQ93erZaDY3mCkE.roa (raw, json)
Hash identifier: 3MfNCNeD/Z7udvzf/JoomhBHFdGgocorSW2YuNbzl4M=
Subject key identifier: 19:09:01:FE:C8:81:8C:88:22:25:0F:77:7A:B6:5A:0D:8D:E6:0A:41
Certificate issuer: /CN=b7e34f57d007166def4dd881d8f7d5b6ed95e656
Certificate serial: 0184CE6C181E8857FC7DC9CEC6ACE4C0C49F
Authority key identifier: B7:E3:4F:57:D0:07:16:6D:EF:4D:D8:81:D8:F7:D5:B6:ED:95:E6:56
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/t-NPV9AHFm3vTdiB2PfVtu2V5lY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/db/e5d580-eee8-463e-84a8-eaccb8b42dc9/1/GQkB_siBjIgiJQ93erZaDY3mCkE.roa
Signing time: Thu 01 Dec 2022 16:01:41 +0000
ROA not before: Thu 01 Dec 2022 16:01:41 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 61157
IP address blocks: 185.171.217.0/24 maxlen: 24
185.171.216.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:ce:6c:18:1e:88:57:fc:7d:c9:ce:c6:ac:e4:c0:c4:9f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b7e34f57d007166def4dd881d8f7d5b6ed95e656
Validity
Not Before: Dec 1 16:01:41 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=190901fec8818c8822250f777ab65a0d8de60a41
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:08:da:24:e5:50:f5:0b:13:aa:18:d6:9e:f2:
19:3e:1a:53:c0:ab:29:ec:4f:48:79:16:48:42:ac:
d7:1f:fa:19:b0:9f:ae:f6:3f:f4:96:50:94:1e:1a:
b1:d1:aa:8c:4e:23:a5:e4:7c:be:ab:f8:7c:fd:e5:
b8:73:c7:63:0d:59:1d:17:11:d4:c6:8b:a4:6b:8f:
51:01:0d:e9:b1:32:e7:df:c5:1c:2f:ab:06:31:e2:
e3:9a:bc:e1:aa:13:fa:c5:b8:f2:b5:6b:5a:c4:c3:
3e:35:5e:32:05:ea:d0:91:b0:7b:d2:b0:21:79:ca:
32:3c:7d:89:b0:cc:47:59:8e:fe:f8:6a:df:20:a2:
bd:a2:ae:38:b9:0e:7f:0a:67:f4:87:57:42:26:5d:
00:e3:88:ae:37:7d:3c:c3:90:4d:d8:3d:62:a6:9f:
cf:f7:c4:61:2e:6e:a1:71:68:b4:cc:b2:0f:36:f5:
6c:26:ba:4d:d4:79:15:e4:39:d4:fb:b9:c2:c2:0c:
d7:5a:6b:9c:73:c5:f6:ab:d3:34:98:82:32:1b:fe:
24:50:70:09:9a:85:35:73:82:f0:6e:62:f0:42:e1:
74:32:0f:e2:a2:07:88:53:8f:ee:57:e9:97:6e:6c:
6b:82:d5:62:5d:c2:09:e7:88:1a:74:a8:da:f1:14:
6b:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
19:09:01:FE:C8:81:8C:88:22:25:0F:77:7A:B6:5A:0D:8D:E6:0A:41
X509v3 Authority Key Identifier:
keyid:B7:E3:4F:57:D0:07:16:6D:EF:4D:D8:81:D8:F7:D5:B6:ED:95:E6:56
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/t-NPV9AHFm3vTdiB2PfVtu2V5lY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/e5d580-eee8-463e-84a8-eaccb8b42dc9/1/GQkB_siBjIgiJQ93erZaDY3mCkE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/db/e5d580-eee8-463e-84a8-eaccb8b42dc9/1/t-NPV9AHFm3vTdiB2PfVtu2V5lY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.171.216.0/23
Signature Algorithm: sha256WithRSAEncryption
03:83:e9:1a:0f:8a:aa:3a:e5:ec:42:25:e0:80:7e:5e:68:e8:
5f:49:f9:05:8b:6c:5c:5a:8a:d6:9e:d8:18:d3:34:06:50:83:
9b:8e:e0:97:c7:a0:e8:a7:f1:2a:d0:b4:0d:ee:f9:a5:ad:d9:
80:50:1d:83:1d:46:da:fd:41:8f:b9:45:ba:0a:d3:d4:38:f5:
d6:90:7d:8b:57:27:12:84:5d:2a:17:af:7b:7a:1d:4d:e2:47:
3e:0e:59:21:89:58:c2:f3:1d:07:62:70:da:ec:0b:dd:c5:51:
d6:d5:8c:a7:82:c5:0c:93:c5:00:9d:3e:24:f6:74:13:46:10:
0a:ef:a9:79:7d:27:dc:25:f4:b0:3f:1e:a7:7c:79:2e:9a:36:
aa:e2:72:74:f9:9a:6e:c8:ab:da:17:8c:c9:30:cb:8f:c1:81:
3b:57:5b:15:40:7e:58:04:5e:32:e2:7f:b8:6b:35:37:7f:20:
15:f9:b4:27:cb:be:4b:4b:88:b7:51:8e:39:d2:b8:16:2a:8c:
65:27:f7:6f:e2:43:36:cf:de:46:13:df:47:b1:12:16:ac:78:
f8:08:87:12:dd:73:8b:b9:c9:70:5e:d7:bd:4c:c0:53:70:b1:
c8:a6:b4:d4:db:7e:87:75:df:bf:89:6f:a6:01:e3:f7:28:a0:
e9:9b:0e:53
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYTObBgeiFf8fcnOxqzkwMSfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI3ZTM0ZjU3ZDAwNzE2NmRlZjRkZDg4MWQ4ZjdkNWI2ZWQ5
NWU2NTYwHhcNMjIxMjAxMTYwMTQxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxOTA5MDFmZWM4ODE4Yzg4MjIyNTBmNzc3YWI2NWEwZDhkZTYwYTQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlQjaJOVQ9QsTqhjWnvIZPhpTwKsp
7E9IeRZIQqzXH/oZsJ+u9j/0llCUHhqx0aqMTiOl5Hy+q/h8/eW4c8djDVkdFxHU
xouka49RAQ3psTLn38UcL6sGMeLjmrzhqhP6xbjytWtaxMM+NV4yBerQkbB70rAh
ecoyPH2JsMxHWY7++GrfIKK9oq44uQ5/Cmf0h1dCJl0A44iuN308w5BN2D1ipp/P
98RhLm6hcWi0zLIPNvVsJrpN1HkV5DnU+7nCwgzXWmucc8X2q9M0mIIyG/4kUHAJ
moU1c4LwbmLwQuF0Mg/iogeIU4/uV+mXbmxrgtViXcIJ54gadKja8RRrhQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBkJAf7IgYyIIiUPd3q2Wg2N5gpBMB8GA1UdIwQY
MBaAFLfjT1fQBxZt703Ygdj31bbtleZWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdC1OUFY5QUhGbTN2VGRpQjJQZlZ0dTJWNWxZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi9lNWQ1ODAtZWVlOC00NjNlLTg0YTgt
ZWFjY2I4YjQyZGM5LzEvR1FrQl9zaUJqSWdpSlE5M2VyWmFEWTNtQ2tFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYi9lNWQ1ODAtZWVlOC00NjNlLTg0YTgtZWFjY2I4YjQyZGM5
LzEvdC1OUFY5QUhGbTN2VGRpQjJQZlZ0dTJWNWxZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBuavYMA0G
CSqGSIb3DQEBCwUAA4IBAQADg+kaD4qqOuXsQiXggH5eaOhfSfkFi2xcWorWntgY
0zQGUIObjuCXx6Dop/Eq0LQN7vmlrdmAUB2DHUba/UGPuUW6CtPUOPXWkH2LVycS
hF0qF697eh1N4kc+DlkhiVjC8x0HYnDa7AvdxVHW1YyngsUMk8UAnT4k9nQTRhAK
76l5fSfcJfSwPx6nfHkumjaq4nJ0+ZpuyKvaF4zJMMuPwYE7V1sVQH5YBF4y4n+4
azU3fyAV+bQny75LS4i3UY450rgWKoxlJ/dv4kM2z95GE99HsRIWrHj4CIcS3XOL
uclwXte9TMBTcLHIprTU236Hdd+/iW+mAeP3KKDpmw5T
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:56:14 2024 by rpki-client on console-fra.rpki-client.org