Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/b9a4ac-b671-411b-ac47-19005cb98989/1/gY8NlTyO4eU7C-ieL-_JzlNrbiE.roa
File: gY8NlTyO4eU7C-ieL-_JzlNrbiE.roa (raw, json)
Hash identifier: 3oT8QdBKG2PnMo1zXBcqNxLNUDFjQu1pqbyENJjkaiY=
Subject key identifier: 81:8F:0D:95:3C:8E:E1:E5:3B:0B:E8:9E:2F:EF:C9:CE:53:6B:6E:21
Certificate issuer: /CN=2f407dea499d73d7ebd4e68825188687559cb1f9
Certificate serial: 05CAE44E
Authority key identifier: 2F:40:7D:EA:49:9D:73:D7:EB:D4:E6:88:25:18:86:87:55:9C:B1:F9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/L0B96kmdc9fr1OaIJRiGh1Wcsfk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/df/b9a4ac-b671-411b-ac47-19005cb98989/1/gY8NlTyO4eU7C-ieL-_JzlNrbiE.roa
Signing time: Sat 01 Jan 2022 11:02:37 +0000
ROA not before: Sat 01 Jan 2022 11:02:37 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 207143
IP address blocks: 194.56.191.0/24 maxlen: 24
194.56.190.0/24 maxlen: 24
194.56.189.0/24 maxlen: 24
194.56.188.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 97182798 (0x5cae44e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2f407dea499d73d7ebd4e68825188687559cb1f9
Validity
Not Before: Jan 1 11:02:37 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=818f0d953c8ee1e53b0be89e2fefc9ce536b6e21
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:8c:e9:8e:79:10:3d:8b:55:03:7c:69:f0:d0:
e0:d3:76:e4:40:af:d6:d0:6b:ab:54:8d:41:44:0f:
69:90:5d:22:f9:3d:21:9a:0b:06:83:66:37:65:cd:
31:57:64:18:80:1e:d9:c6:85:db:71:41:ae:c1:df:
e9:c8:34:f3:1f:fe:96:a0:dd:c3:c3:1e:88:3a:fe:
9a:f2:b0:3a:09:03:66:5d:43:5c:ba:50:b2:cf:33:
95:89:fa:ee:0a:77:97:45:5c:bd:c7:8f:be:ba:89:
a0:ec:b6:0b:24:01:81:9d:58:f7:6c:20:b9:67:48:
e6:38:88:b3:77:c2:1c:7e:5e:4e:03:1c:f1:c1:16:
ce:58:de:0d:34:25:f5:05:6b:0d:96:d7:2e:95:88:
8c:89:3d:8d:fb:22:22:42:e3:c5:00:bd:f2:69:81:
8a:49:e5:98:ab:2f:b5:a6:b3:90:51:fc:2e:8f:59:
bb:04:11:de:da:ff:67:be:c6:5a:b2:da:ab:cf:9c:
80:70:45:4d:45:0f:52:03:d8:f4:4b:c6:04:7d:30:
84:31:88:cc:be:20:c7:8f:0c:cf:46:7a:e7:e3:48:
d6:0c:7b:0a:56:e6:83:23:13:e9:d5:fb:a3:1b:61:
4b:63:cf:2b:a9:b9:f5:b9:97:6f:b2:7c:81:7e:d7:
de:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
81:8F:0D:95:3C:8E:E1:E5:3B:0B:E8:9E:2F:EF:C9:CE:53:6B:6E:21
X509v3 Authority Key Identifier:
keyid:2F:40:7D:EA:49:9D:73:D7:EB:D4:E6:88:25:18:86:87:55:9C:B1:F9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/L0B96kmdc9fr1OaIJRiGh1Wcsfk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/b9a4ac-b671-411b-ac47-19005cb98989/1/gY8NlTyO4eU7C-ieL-_JzlNrbiE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/df/b9a4ac-b671-411b-ac47-19005cb98989/1/L0B96kmdc9fr1OaIJRiGh1Wcsfk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.56.188.0/22
Signature Algorithm: sha256WithRSAEncryption
2f:c5:54:29:77:52:d7:54:14:cb:49:e6:80:8b:96:24:0e:19:
ea:60:06:ff:d7:eb:23:4f:37:bb:04:5f:b6:40:ad:b5:83:53:
01:fe:a7:02:ba:fb:d9:2c:bf:37:1e:04:a7:32:9f:32:47:84:
98:6a:77:5a:77:0b:78:de:65:79:af:d0:d2:84:28:87:a7:36:
4b:3f:61:b1:9f:5f:b7:73:42:ca:6f:11:b0:b1:15:2a:da:bc:
de:43:76:48:29:27:b6:75:95:49:5a:28:7e:c8:e7:c8:fd:c3:
97:e4:8c:58:72:2f:c5:04:50:28:65:92:44:b2:88:75:b4:aa:
14:64:93:df:62:12:14:21:c2:0d:09:d5:5d:c5:e5:87:ed:0e:
30:e7:63:0a:c9:59:9e:ac:e9:df:27:71:bd:ee:c3:96:12:4c:
72:a9:43:bc:82:e1:9a:d2:33:6e:0f:12:b2:79:0f:c1:7e:41:
37:ff:84:ee:be:c3:0c:bd:7e:36:ae:56:40:28:d9:b6:6c:21:
8e:0f:1b:4e:36:18:c1:5c:7e:53:0b:74:82:06:d6:39:d7:19:
bf:1a:6f:ba:b8:17:b4:a7:d9:74:3e:c7:26:20:2a:d1:82:8c:
29:0e:56:b1:9a:be:c3:05:bd:82:cc:c8:67:82:bc:a4:08:2a:
da:75:72:7e
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEBcrkTjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
ZjQwN2RlYTQ5OWQ3M2Q3ZWJkNGU2ODgyNTE4ODY4NzU1OWNiMWY5MB4XDTIyMDEw
MTExMDIzN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoODE4ZjBkOTUzYzhl
ZTFlNTNiMGJlODllMmZlZmM5Y2U1MzZiNmUyMTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAK2M6Y55ED2LVQN8afDQ4NN25ECv1tBrq1SNQUQPaZBdIvk9
IZoLBoNmN2XNMVdkGIAe2caF23FBrsHf6cg08x/+lqDdw8MeiDr+mvKwOgkDZl1D
XLpQss8zlYn67gp3l0VcvcePvrqJoOy2CyQBgZ1Y92wguWdI5jiIs3fCHH5eTgMc
8cEWzljeDTQl9QVrDZbXLpWIjIk9jfsiIkLjxQC98mmBiknlmKsvtaazkFH8Lo9Z
uwQR3tr/Z77GWrLaq8+cgHBFTUUPUgPY9EvGBH0whDGIzL4gx48Mz0Z65+NI1gx7
ClbmgyMT6dX7oxthS2PPK6m59bmXb7J8gX7X3u8CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSBjw2VPI7h5TsL6J4v78nOU2tuITAfBgNVHSMEGDAWgBQvQH3qSZ1z1+vU
5oglGIaHVZyx+TAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0wwQjk2a21kYzlmcjFPYUlKUmlHaDFXY3Nmay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZGYvYjlhNGFjLWI2NzEtNDExYi1hYzQ3LTE5MDA1Y2I5ODk4OS8x
L2dZOE5sVHlPNGVVN0MtaWVMLV9KemxOcmJpRS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZGYv
YjlhNGFjLWI2NzEtNDExYi1hYzQ3LTE5MDA1Y2I5ODk4OS8xL0wwQjk2a21kYzlm
cjFPYUlKUmlHaDFXY3Nmay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAsI4vDANBgkqhkiG9w0BAQsFAAOC
AQEAL8VUKXdS11QUy0nmgIuWJA4Z6mAG/9frI083uwRftkCttYNTAf6nArr72Sy/
Nx4EpzKfMkeEmGp3WncLeN5lea/Q0oQoh6c2Sz9hsZ9ft3NCym8RsLEVKtq83kN2
SCkntnWVSVoofsjnyP3Dl+SMWHIvxQRQKGWSRLKIdbSqFGST32ISFCHCDQnVXcXl
h+0OMOdjCslZnqzp3ydxve7DlhJMcqlDvILhmtIzbg8SsnkPwX5BN/+E7r7DDL1+
Nq5WQCjZtmwhjg8bTjYYwVx+Uwt0ggbWOdcZvxpvurgXtKfZdD7HJiAq0YKMKQ5W
sZq+wwW9gszIZ4K8pAgq2nVyfg==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:08:58 2023 by rpki-client on console-ams.rpki-client.org