Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f3/f21ee7-4925-4dd6-b202-64278c0d8ebf/1/gaTKEilmLFmSEWfu5EynFIVVxFE.roa
File: gaTKEilmLFmSEWfu5EynFIVVxFE.roa (raw, json)
Hash identifier: C+BBEDXoNac6QVKDAzTw+4IDe8zvZ/GwlY3XsBs+lD8=
Subject key identifier: 81:A4:CA:12:29:66:2C:59:92:11:67:EE:E4:4C:A7:14:85:55:C4:51
Certificate issuer: /CN=54d6ff134bd656f0ce14d410b02bec551eb69a2c
Certificate serial: 02FA1328
Authority key identifier: 54:D6:FF:13:4B:D6:56:F0:CE:14:D4:10:B0:2B:EC:55:1E:B6:9A:2C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VNb_E0vWVvDOFNQQsCvsVR62miw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f3/f21ee7-4925-4dd6-b202-64278c0d8ebf/1/gaTKEilmLFmSEWfu5EynFIVVxFE.roa
Signing time: Sat 01 Jan 2022 04:52:38 +0000
ROA not before: Sat 01 Jan 2022 04:52:38 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 206189
IP address blocks: 213.217.24.0/22 maxlen: 22
185.220.44.0/22 maxlen: 22
185.196.56.0/22 maxlen: 22
193.161.220.0/22 maxlen: 22
2a09:5000::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 49943336 (0x2fa1328)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=54d6ff134bd656f0ce14d410b02bec551eb69a2c
Validity
Not Before: Jan 1 04:52:38 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=81a4ca1229662c59921167eee44ca7148555c451
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:71:4e:54:72:9d:21:1d:10:5c:12:85:6f:65:
f8:01:be:a1:5d:b4:9a:f1:f0:5f:b2:54:20:5f:82:
76:e4:64:1f:d3:09:ed:17:1d:78:03:23:88:42:34:
f0:64:b8:88:65:e6:69:24:29:76:4e:28:e0:0a:bf:
44:93:5b:2f:f5:b1:06:30:8c:d4:64:aa:9f:95:ea:
6e:d6:e8:90:41:1c:4d:10:80:28:6d:67:24:57:9c:
6a:ad:07:3f:09:b4:db:55:1c:9e:61:f0:02:85:17:
3e:c7:65:3e:50:7a:60:77:b6:7b:c7:d4:c8:24:26:
74:eb:d7:29:13:44:5d:83:80:1d:ea:f1:7f:da:39:
8c:ea:20:0e:7d:ed:ed:e0:c8:ef:98:53:16:de:41:
70:73:cb:d7:e2:dd:89:8b:80:fc:67:10:07:e9:f1:
b2:66:95:e4:9d:8f:cf:d6:2f:9e:e0:92:40:f1:6a:
f3:37:dc:4a:c6:2f:96:e8:bc:ea:86:32:a7:0c:5a:
fc:94:b9:8c:f8:27:8e:7f:ce:31:6e:45:2b:f7:c1:
a5:ba:67:ae:7b:e8:ba:af:bb:b9:b6:83:2e:48:91:
e6:10:d8:71:d0:69:14:68:6d:11:d6:39:c0:21:c5:
5a:0b:65:b4:4a:3e:63:ed:66:a3:06:f3:56:29:7b:
95:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
81:A4:CA:12:29:66:2C:59:92:11:67:EE:E4:4C:A7:14:85:55:C4:51
X509v3 Authority Key Identifier:
keyid:54:D6:FF:13:4B:D6:56:F0:CE:14:D4:10:B0:2B:EC:55:1E:B6:9A:2C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VNb_E0vWVvDOFNQQsCvsVR62miw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/f21ee7-4925-4dd6-b202-64278c0d8ebf/1/gaTKEilmLFmSEWfu5EynFIVVxFE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/f21ee7-4925-4dd6-b202-64278c0d8ebf/1/VNb_E0vWVvDOFNQQsCvsVR62miw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.196.56.0/22
185.220.44.0/22
193.161.220.0/22
213.217.24.0/22
IPv6:
2a09:5000::/29
Signature Algorithm: sha256WithRSAEncryption
85:a3:83:9e:c4:07:e3:d9:f3:01:d2:39:6c:04:d1:93:8f:80:
52:91:f1:92:9d:db:1f:32:05:02:9c:46:c1:90:67:b4:6a:62:
df:ab:f1:73:0c:db:74:42:67:f3:92:1e:78:86:aa:48:57:43:
34:d0:4d:32:d7:c6:8c:00:38:ff:f9:fd:ef:5d:f9:e0:5d:f5:
6f:d0:09:05:fe:05:35:c4:e3:23:ea:14:96:3d:43:3f:a3:59:
95:7d:10:79:06:e7:32:b1:46:e2:6a:b6:73:f2:9b:d3:b8:f3:
24:46:07:a7:5b:37:8f:4e:7b:86:ae:e4:71:69:48:fa:0f:ee:
aa:f5:af:f7:ee:c2:a4:6a:ab:fe:68:fb:9b:16:7d:b1:51:6e:
8c:01:73:a7:94:68:71:d6:95:57:d7:69:79:f9:d9:8e:e1:16:
99:b6:52:c6:61:05:59:f6:b3:ab:8c:9e:79:1c:e8:06:bc:ab:
91:dd:ee:89:09:cf:e2:14:07:f1:e4:8c:1c:c6:81:55:c4:e0:
7e:c7:1a:03:f3:ab:99:58:50:ea:13:47:98:31:74:f2:f7:b0:
af:36:b1:8c:04:37:58:2c:dd:74:b9:6a:3d:de:8f:d0:22:7d:
10:5f:30:cf:55:a5:5c:3b:ec:b7:c8:5d:3a:7f:79:8b:10:91:
50:65:a3:cd
-----BEGIN CERTIFICATE-----
MIIFEDCCA/igAwIBAgIEAvoTKDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg1
NGQ2ZmYxMzRiZDY1NmYwY2UxNGQ0MTBiMDJiZWM1NTFlYjY5YTJjMB4XDTIyMDEw
MTA0NTIzOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoODFhNGNhMTIyOTY2
MmM1OTkyMTE2N2VlZTQ0Y2E3MTQ4NTU1YzQ1MTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOFxTlRynSEdEFwShW9l+AG+oV20mvHwX7JUIF+CduRkH9MJ
7RcdeAMjiEI08GS4iGXmaSQpdk4o4Aq/RJNbL/WxBjCM1GSqn5XqbtbokEEcTRCA
KG1nJFecaq0HPwm021UcnmHwAoUXPsdlPlB6YHe2e8fUyCQmdOvXKRNEXYOAHerx
f9o5jOogDn3t7eDI75hTFt5BcHPL1+LdiYuA/GcQB+nxsmaV5J2Pz9YvnuCSQPFq
8zfcSsYvlui86oYypwxa/JS5jPgnjn/OMW5FK/fBpbpnrnvouq+7ubaDLkiR5hDY
cdBpFGhtEdY5wCHFWgtltEo+Y+1mowbzVil7lfECAwEAAaOCAiowggImMB0GA1Ud
DgQWBBSBpMoSKWYsWZIRZ+7kTKcUhVXEUTAfBgNVHSMEGDAWgBRU1v8TS9ZW8M4U
1BCwK+xVHraaLDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1ZOYl9FMHZXVnZET0ZOUVFzQ3ZzVlI2Mm1pdy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZjMvZjIxZWU3LTQ5MjUtNGRkNi1iMjAyLTY0Mjc4YzBkOGViZi8x
L2dhVEtFaWxtTEZtU0VXZnU1RXluRklWVnhGRS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZjMv
ZjIxZWU3LTQ5MjUtNGRkNi1iMjAyLTY0Mjc4YzBkOGViZi8xL1ZOYl9FMHZXVnZE
T0ZOUVFzQ3ZzVlI2Mm1pdy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBA
BggrBgEFBQcBBwEB/wQxMC8wHgQCAAEwGAMEArnEOAMEArncLAMEAsGh3AMEAtXZ
GDANBAIAAjAHAwUDKglQADANBgkqhkiG9w0BAQsFAAOCAQEAhaODnsQH49nzAdI5
bATRk4+AUpHxkp3bHzIFApxGwZBntGpi36vxcwzbdEJn85IeeIaqSFdDNNBNMtfG
jAA4//n971354F31b9AJBf4FNcTjI+oUlj1DP6NZlX0QeQbnMrFG4mq2c/Kb07jz
JEYHp1s3j057hq7kcWlI+g/uqvWv9+7CpGqr/mj7mxZ9sVFujAFzp5RocdaVV9dp
efnZjuEWmbZSxmEFWfazq4yeeRzoBryrkd3uiQnP4hQH8eSMHMaBVcTgfscaA/Or
mVhQ6hNHmDF08vewrzaxjAQ3WCzddLlqPd6P0CJ9EF8wz1WlXDvst8hdOn95ixCR
UGWjzQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:52:32 2024 by rpki-client on console-ams.rpki-client.org