Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f1/9e16d2-d3b9-4efa-9c3d-e4961852c8b6/1/gRDEFpstAhGXEFjl3YW0nnFzidc.roa
File: gRDEFpstAhGXEFjl3YW0nnFzidc.roa (raw, json)
Hash identifier: WGcowKezJdztR1nW/XKIddh1yh95Eo1xqdf4KREoWUY=
Subject key identifier: 81:10:C4:16:9B:2D:02:11:97:10:58:E5:DD:85:B4:9E:71:73:89:D7
Certificate issuer: /CN=66f04275253f967384c4973758a54b7fd085fe45
Certificate serial: 04A5F19E
Authority key identifier: 66:F0:42:75:25:3F:96:73:84:C4:97:37:58:A5:4B:7F:D0:85:FE:45
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZvBCdSU_lnOExJc3WKVLf9CF_kU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f1/9e16d2-d3b9-4efa-9c3d-e4961852c8b6/1/gRDEFpstAhGXEFjl3YW0nnFzidc.roa
Signing time: Sat 01 Jan 2022 12:05:56 +0000
ROA not before: Sat 01 Jan 2022 12:05:56 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 204645
IP address blocks: 185.109.172.0/22 maxlen: 24
2a02:4e80::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 77984158 (0x4a5f19e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=66f04275253f967384c4973758a54b7fd085fe45
Validity
Not Before: Jan 1 12:05:56 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=8110c4169b2d0211971058e5dd85b49e717389d7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:71:ee:81:10:51:d7:07:22:56:45:56:04:0e:
36:b6:b2:1d:09:74:3a:24:0b:60:45:45:05:a1:84:
c2:85:b6:af:d4:92:01:6b:d5:7f:47:8d:a5:f6:70:
2c:54:c9:99:9f:d5:6c:66:24:39:a2:a3:34:b5:ac:
0d:bb:e7:99:e5:02:0f:94:6e:b9:c7:34:68:e0:7c:
53:56:b7:16:b5:b4:0b:7b:66:37:e4:c5:07:1e:fe:
1d:fa:9a:c9:38:67:cf:d9:27:62:8b:43:a6:ea:54:
74:a1:8e:d5:82:6f:e5:be:5a:dd:4f:21:39:35:c1:
a1:2b:2f:09:73:26:10:26:d4:c9:c6:fa:7f:82:6b:
f1:33:dc:30:59:85:0b:56:82:d4:1c:57:0b:80:85:
a4:5e:c2:f4:58:09:71:63:d2:8e:7b:ee:2d:a4:a8:
1b:e0:37:1f:b1:7e:ba:ab:a2:8e:30:ba:1f:d2:44:
2b:a3:1e:1a:68:15:69:25:33:3f:72:af:03:64:51:
1c:b3:86:54:73:61:07:4a:14:ac:81:f8:0a:e8:41:
44:c2:a3:67:92:8d:c6:24:b7:8f:42:be:4c:e7:b9:
f3:b6:3a:0d:fe:4e:ff:11:1f:77:9e:14:1a:c0:ec:
f8:cc:30:47:ae:e6:81:cd:46:63:00:91:05:37:35:
64:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
81:10:C4:16:9B:2D:02:11:97:10:58:E5:DD:85:B4:9E:71:73:89:D7
X509v3 Authority Key Identifier:
keyid:66:F0:42:75:25:3F:96:73:84:C4:97:37:58:A5:4B:7F:D0:85:FE:45
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZvBCdSU_lnOExJc3WKVLf9CF_kU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/9e16d2-d3b9-4efa-9c3d-e4961852c8b6/1/gRDEFpstAhGXEFjl3YW0nnFzidc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/9e16d2-d3b9-4efa-9c3d-e4961852c8b6/1/ZvBCdSU_lnOExJc3WKVLf9CF_kU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.109.172.0/22
IPv6:
2a02:4e80::/32
Signature Algorithm: sha256WithRSAEncryption
23:89:00:a6:2f:7c:2a:10:7c:5f:44:1b:b0:ba:f1:9a:11:fb:
1b:ac:fa:bf:26:93:38:41:8f:a7:45:ea:4f:6f:d7:23:70:a9:
c9:65:3c:ee:6a:98:e0:48:84:cf:0e:62:d8:c3:de:ef:a4:15:
9d:29:17:03:7c:bc:6e:47:f5:3e:e6:ab:88:ad:54:9b:06:b9:
6f:13:76:24:16:89:8f:df:c2:28:e6:bc:52:97:9e:0a:ab:6a:
db:ba:88:80:d5:8e:ec:df:1d:7a:a6:8a:25:4a:f9:be:df:76:
23:39:56:53:d1:83:e4:2f:9f:ac:f0:07:51:e9:fd:e6:20:ee:
44:f6:9c:83:df:1a:bc:85:3c:71:d2:e6:17:51:95:05:9e:9e:
b0:ea:43:f8:0c:69:41:e8:74:cb:71:11:27:b6:3b:ab:3c:70:
bc:83:7c:4f:2f:9f:d6:58:95:2b:ed:5c:e1:75:30:2c:cf:97:
63:35:75:58:a2:75:57:49:53:8c:94:97:0d:b6:03:67:f2:b3:
d7:96:40:e7:78:8a:79:04:d5:df:38:37:77:6d:dc:c7:97:55:
ed:e7:aa:c3:4d:f1:71:ea:97:87:07:3f:a9:dd:94:2d:c2:17:
4f:15:43:c3:72:d1:7c:4c:5e:32:48:44:85:12:61:6d:af:66:
d0:f4:40:05
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIEBKXxnjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
NmYwNDI3NTI1M2Y5NjczODRjNDk3Mzc1OGE1NGI3ZmQwODVmZTQ1MB4XDTIyMDEw
MTEyMDU1NloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoODExMGM0MTY5YjJk
MDIxMTk3MTA1OGU1ZGQ4NWI0OWU3MTczODlkNzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAM1x7oEQUdcHIlZFVgQONrayHQl0OiQLYEVFBaGEwoW2r9SS
AWvVf0eNpfZwLFTJmZ/VbGYkOaKjNLWsDbvnmeUCD5Ruucc0aOB8U1a3FrW0C3tm
N+TFBx7+HfqayThnz9knYotDpupUdKGO1YJv5b5a3U8hOTXBoSsvCXMmECbUycb6
f4Jr8TPcMFmFC1aC1BxXC4CFpF7C9FgJcWPSjnvuLaSoG+A3H7F+uquijjC6H9JE
K6MeGmgVaSUzP3KvA2RRHLOGVHNhB0oUrIH4CuhBRMKjZ5KNxiS3j0K+TOe587Y6
Df5O/xEfd54UGsDs+MwwR67mgc1GYwCRBTc1ZIECAwEAAaOCAhgwggIUMB0GA1Ud
DgQWBBSBEMQWmy0CEZcQWOXdhbSecXOJ1zAfBgNVHSMEGDAWgBRm8EJ1JT+Wc4TE
lzdYpUt/0IX+RTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1p2QkNkU1VfbG5PRXhKYzNXS1ZMZjlDRl9rVS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZjEvOWUxNmQyLWQzYjktNGVmYS05YzNkLWU0OTYxODUyYzhiNi8x
L2dSREVGcHN0QWhHWEVGamwzWVcwbm5GemlkYy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZjEv
OWUxNmQyLWQzYjktNGVmYS05YzNkLWU0OTYxODUyYzhiNi8xL1p2QkNkU1VfbG5P
RXhKYzNXS1ZMZjlDRl9rVS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAu
BggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEArltrDANBAIAAjAHAwUAKgJOgDAN
BgkqhkiG9w0BAQsFAAOCAQEAI4kApi98KhB8X0QbsLrxmhH7G6z6vyaTOEGPp0Xq
T2/XI3CpyWU87mqY4EiEzw5i2MPe76QVnSkXA3y8bkf1PuariK1Umwa5bxN2JBaJ
j9/CKOa8UpeeCqtq27qIgNWO7N8deqaKJUr5vt92IzlWU9GD5C+frPAHUen95iDu
RPacg98avIU8cdLmF1GVBZ6esOpD+AxpQeh0y3ERJ7Y7qzxwvIN8Ty+f1liVK+1c
4XUwLM+XYzV1WKJ1V0lTjJSXDbYDZ/Kz15ZA53iKeQTV3zg3d23cx5dV7eeqw03x
ceqXhwc/qd2ULcIXTxVDw3LRfExeMkhEhRJhba9m0PRABQ==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:10:12 2023 by rpki-client on console-ams.rpki-client.org