Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/_Gpx6HgxlfWeYnG02RKuAPsIK2w.roa
File: _Gpx6HgxlfWeYnG02RKuAPsIK2w.roa (raw, json)
Hash identifier: D3+gU5ySwxFr2lJrgiPCmk/gGOUEkONjOSJIgc2rKSQ=
Subject key identifier: FC:6A:71:E8:78:31:95:F5:9E:62:71:B4:D9:12:AE:00:FB:08:2B:6C
Certificate issuer: /CN=cdaaa0e082360360acda347664eb8314eb11da10
Certificate serial: 0182F284C75F1C982F45A243658E8FFF8154
Authority key identifier: CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/_Gpx6HgxlfWeYnG02RKuAPsIK2w.roa
Signing time: Wed 31 Aug 2022 06:09:24 +0000
ROA not before: Wed 31 Aug 2022 06:09:24 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 137409
IP address blocks: 88.209.202.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:f2:84:c7:5f:1c:98:2f:45:a2:43:65:8e:8f:ff:81:54
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cdaaa0e082360360acda347664eb8314eb11da10
Validity
Not Before: Aug 31 06:09:24 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=fc6a71e8783195f59e6271b4d912ae00fb082b6c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:0d:f8:26:54:2b:33:1f:26:46:2b:c6:b4:79:
bf:a3:a2:8c:bb:54:18:6f:6d:70:64:a8:7f:7e:21:
d6:3e:0f:31:73:fd:50:a4:79:83:3d:ba:c0:b0:a7:
57:87:21:e9:42:08:1b:0d:11:76:b3:29:5d:20:64:
92:64:30:01:c0:9f:e9:4b:eb:0c:6a:01:70:40:25:
28:63:51:fe:ff:03:5e:0b:f7:71:46:14:cc:0c:fb:
e1:c0:29:ee:11:cb:ad:e5:1c:ab:ba:01:5d:a5:5c:
e2:1f:50:12:44:ac:bc:8d:99:02:22:3f:81:c3:f8:
d0:b2:04:55:9b:4c:c0:e4:72:d9:a7:2d:8d:db:84:
38:67:26:23:1b:6b:18:71:a6:aa:26:7a:34:a2:d4:
3a:9d:a0:76:28:bd:ea:da:bf:7f:43:af:f8:57:ec:
65:eb:3d:7f:61:60:e3:74:31:d6:93:47:50:48:4b:
4c:65:c0:8a:63:b2:af:92:5e:96:dd:fc:05:da:98:
20:54:e9:f4:fe:31:24:96:63:f8:f1:55:ab:86:13:
8d:08:d2:9b:b3:25:1c:f7:1a:6d:10:4f:2d:e3:31:
cb:94:47:45:05:a4:5d:b7:87:09:3f:18:c1:9e:98:
bb:73:fe:fb:14:f1:1a:bc:0e:4b:88:d0:28:71:ca:
a8:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FC:6A:71:E8:78:31:95:F5:9E:62:71:B4:D9:12:AE:00:FB:08:2B:6C
X509v3 Authority Key Identifier:
keyid:CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/_Gpx6HgxlfWeYnG02RKuAPsIK2w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
88.209.202.0/24
Signature Algorithm: sha256WithRSAEncryption
b2:28:1d:4a:9f:c3:26:8a:24:40:c9:3b:4a:fa:1f:20:13:a4:
b2:53:f1:54:92:31:1a:c9:cc:b5:d2:9d:91:2a:13:fb:3b:d0:
8c:b7:b1:d5:55:da:b4:94:84:3c:d2:c2:fa:bf:da:5e:c9:ca:
f7:bd:21:d6:bc:83:f8:63:7e:91:31:c6:bb:31:69:6e:01:55:
8f:65:0d:5c:0e:ed:e3:5a:5f:54:63:43:55:da:2f:8e:a5:9d:
73:74:1b:cd:ae:e2:b5:ae:be:12:79:09:5c:51:53:cb:59:ad:
34:46:ed:41:23:25:4c:d1:02:cc:6e:bd:82:7a:01:87:a4:ff:
28:ea:c8:85:9d:b9:da:2f:2a:12:f6:bd:28:38:83:d4:3d:84:
19:ab:31:13:9e:a6:4b:02:66:27:fc:24:17:68:62:18:3e:49:
90:15:e5:10:f0:e5:9e:43:80:79:4a:69:e3:ab:72:e0:89:d2:
ee:63:ee:86:c9:c9:c2:9b:4b:a6:f4:b4:4b:6a:8e:67:ef:06:
26:fd:a4:1c:87:44:7e:34:39:4f:11:d4:f7:62:f2:b5:16:23:
5e:d7:70:f4:28:cb:da:2a:87:29:01:5c:f3:44:77:67:00:27:
4c:b9:1a:1c:5f:ff:ae:61:39:13:8b:52:5a:db:66:cd:33:c8:
9f:8b:41:af
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYLyhMdfHJgvRaJDZY6P/4FUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkYWFhMGUwODIzNjAzNjBhY2RhMzQ3NjY0ZWI4MzE0ZWIx
MWRhMTAwHhcNMjIwODMxMDYwOTI0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYzZhNzFlODc4MzE5NWY1OWU2MjcxYjRkOTEyYWUwMGZiMDgyYjZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiA34JlQrMx8mRivGtHm/o6KMu1QY
b21wZKh/fiHWPg8xc/1QpHmDPbrAsKdXhyHpQggbDRF2syldIGSSZDABwJ/pS+sM
agFwQCUoY1H+/wNeC/dxRhTMDPvhwCnuEcut5RyrugFdpVziH1ASRKy8jZkCIj+B
w/jQsgRVm0zA5HLZpy2N24Q4ZyYjG2sYcaaqJno0otQ6naB2KL3q2r9/Q6/4V+xl
6z1/YWDjdDHWk0dQSEtMZcCKY7Kvkl6W3fwF2pggVOn0/jEklmP48VWrhhONCNKb
syUc9xptEE8t4zHLlEdFBaRdt4cJPxjBnpi7c/77FPEavA5LiNAoccqo8wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPxqceh4MZX1nmJxtNkSrgD7CCtsMB8GA1UdIwQY
MBaAFM2qoOCCNgNgrNo0dmTrgxTrEdoQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2Mt
N2U0ZDZmNmY2ZTY2LzEvX0dweDZIZ3hsZldlWW5HMDJSS3VBUHNJSzJ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2MtN2U0ZDZmNmY2ZTY2
LzEvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWNHKMA0G
CSqGSIb3DQEBCwUAA4IBAQCyKB1Kn8MmiiRAyTtK+h8gE6SyU/FUkjEaycy10p2R
KhP7O9CMt7HVVdq0lIQ80sL6v9peycr3vSHWvIP4Y36RMca7MWluAVWPZQ1cDu3j
Wl9UY0NV2i+OpZ1zdBvNruK1rr4SeQlcUVPLWa00Ru1BIyVM0QLMbr2CegGHpP8o
6siFnbnaLyoS9r0oOIPUPYQZqzETnqZLAmYn/CQXaGIYPkmQFeUQ8OWeQ4B5Smnj
q3LgidLuY+6GycnCm0um9LRLao5n7wYm/aQch0R+NDlPEdT3YvK1FiNe13D0KMva
KocpAVzzRHdnACdMuRocX/+uYTkTi1Ja22bNM8ifi0Gv
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:47:56 2024 by rpki-client on console-ams.rpki-client.org