Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fb/5c3b99-b8ef-4ed1-857c-b65cd136262e/1/GeckIWSV4Gy14XV-kGhVstOmeEU.roa
File: GeckIWSV4Gy14XV-kGhVstOmeEU.roa (raw, json)
Hash identifier: 4xfZPqLGSCN15YdCa8ve9s0CWXPxNg65P91o21LoajM=
Subject key identifier: 19:E7:24:21:64:95:E0:6C:B5:E1:75:7E:90:68:55:B2:D3:A6:78:45
Certificate issuer: /CN=f1f186e97097c8417d9437d70cfdfc527331b5a8
Certificate serial: 0184AA0911303C74F456FB76082690D9620B
Authority key identifier: F1:F1:86:E9:70:97:C8:41:7D:94:37:D7:0C:FD:FC:52:73:31:B5:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8fGG6XCXyEF9lDfXDP38UnMxtag.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fb/5c3b99-b8ef-4ed1-857c-b65cd136262e/1/GeckIWSV4Gy14XV-kGhVstOmeEU.roa
Signing time: Thu 24 Nov 2022 14:27:11 +0000
ROA not before: Thu 24 Nov 2022 14:27:11 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 39183
IP address blocks: 185.252.20.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:aa:09:11:30:3c:74:f4:56:fb:76:08:26:90:d9:62:0b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f1f186e97097c8417d9437d70cfdfc527331b5a8
Validity
Not Before: Nov 24 14:27:11 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=19e724216495e06cb5e1757e906855b2d3a67845
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:9f:f8:0e:d2:18:af:26:df:f6:27:dd:44:b4:
aa:79:8d:f5:47:b3:01:c7:f1:56:e0:03:c3:28:f1:
bf:2b:af:22:2f:a5:4c:d7:94:07:ec:95:0e:94:dd:
04:61:9b:0d:aa:af:9f:2a:7d:9a:da:9e:f3:86:b5:
25:10:bb:b9:af:01:62:10:2d:c9:ac:1e:fd:85:bb:
8a:86:5b:11:3e:75:de:90:c8:0f:5b:1c:07:3f:33:
3f:e7:ea:d6:05:a5:30:f1:77:63:59:59:1e:11:62:
b8:69:18:48:75:e5:85:45:d1:19:31:40:c2:06:ca:
3f:d2:c1:bb:6c:d3:81:68:7f:d4:1e:f6:b7:98:f1:
52:bb:72:f7:94:14:2f:7e:60:2e:1f:3d:c6:26:bb:
99:38:0f:1e:39:72:40:04:e1:86:75:40:82:c0:56:
ad:fe:f6:23:00:92:ce:0f:ec:15:c2:8b:3d:83:2f:
c4:12:72:45:5d:f3:e1:5b:68:3a:4e:02:f0:a4:95:
8d:80:33:b4:1d:58:a5:03:e9:ea:b9:bd:1e:1b:22:
f7:3d:dd:31:e8:ee:1b:ab:10:f8:4f:9d:5b:16:1b:
a0:ac:c1:29:47:7a:47:c5:1a:22:53:85:9e:16:76:
53:f8:47:90:b9:bf:6d:22:11:0f:b9:10:bb:ba:b2:
e5:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
19:E7:24:21:64:95:E0:6C:B5:E1:75:7E:90:68:55:B2:D3:A6:78:45
X509v3 Authority Key Identifier:
keyid:F1:F1:86:E9:70:97:C8:41:7D:94:37:D7:0C:FD:FC:52:73:31:B5:A8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8fGG6XCXyEF9lDfXDP38UnMxtag.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/5c3b99-b8ef-4ed1-857c-b65cd136262e/1/GeckIWSV4Gy14XV-kGhVstOmeEU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/5c3b99-b8ef-4ed1-857c-b65cd136262e/1/8fGG6XCXyEF9lDfXDP38UnMxtag.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.252.20.0/24
Signature Algorithm: sha256WithRSAEncryption
68:45:90:1b:0f:70:66:e4:9a:ed:bb:9d:74:19:bf:18:8e:c1:
7d:0f:b3:bb:de:6d:84:21:5b:75:11:19:83:ee:de:b1:d1:10:
57:bb:a6:5b:55:3f:aa:d1:18:42:96:fb:ce:56:0b:f1:31:cd:
45:0f:35:5a:07:ba:4b:1e:ca:03:64:58:ba:ef:bd:12:61:ac:
d8:14:7d:ab:b9:10:f2:a6:10:16:a4:20:ea:7f:c3:91:ce:c9:
d0:96:be:ea:af:26:79:4b:6c:6a:2d:ad:69:05:fe:de:6e:c5:
34:95:f8:64:a6:3b:a1:56:00:34:d1:e3:ae:ef:94:dd:c8:94:
bc:01:37:de:5b:fd:8c:16:ad:74:8f:a6:a9:52:82:6b:9b:22:
cc:17:1c:27:47:07:f0:01:1f:1b:78:11:6c:ac:6a:cf:65:bc:
e9:db:ce:ba:aa:d3:3c:33:17:6c:e2:33:2c:d6:be:44:97:d4:
4b:cc:c6:b6:2a:89:ac:c1:a4:77:98:f8:34:2c:1a:92:c1:fd:
ec:4a:a2:f2:18:74:2b:70:cb:0b:9b:b7:0b:2b:12:66:54:66:
a4:9d:ae:ee:18:23:31:8f:33:04:08:1d:76:10:ca:cc:b2:e3:
84:4c:ba:f3:43:ae:5e:0b:31:3f:c3:13:f8:10:98:71:2b:81:
4c:5d:72:c6
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYSqCREwPHT0Vvt2CCaQ2WILMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxZjE4NmU5NzA5N2M4NDE3ZDk0MzdkNzBjZmRmYzUyNzMz
MWI1YTgwHhcNMjIxMTI0MTQyNzExWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxOWU3MjQyMTY0OTVlMDZjYjVlMTc1N2U5MDY4NTViMmQzYTY3ODQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqp/4DtIYrybf9ifdRLSqeY31R7MB
x/FW4APDKPG/K68iL6VM15QH7JUOlN0EYZsNqq+fKn2a2p7zhrUlELu5rwFiEC3J
rB79hbuKhlsRPnXekMgPWxwHPzM/5+rWBaUw8XdjWVkeEWK4aRhIdeWFRdEZMUDC
Bso/0sG7bNOBaH/UHva3mPFSu3L3lBQvfmAuHz3GJruZOA8eOXJABOGGdUCCwFat
/vYjAJLOD+wVwos9gy/EEnJFXfPhW2g6TgLwpJWNgDO0HVilA+nqub0eGyL3Pd0x
6O4bqxD4T51bFhugrMEpR3pHxRoiU4WeFnZT+EeQub9tIhEPuRC7urLluwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBnnJCFkleBsteF1fpBoVbLTpnhFMB8GA1UdIwQY
MBaAFPHxhulwl8hBfZQ31wz9/FJzMbWoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOGZHRzZYQ1h5RUY5bERmWERQMzhVbk14dGFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYi81YzNiOTktYjhlZi00ZWQxLTg1N2Mt
YjY1Y2QxMzYyNjJlLzEvR2Vja0lXU1Y0R3kxNFhWLWtHaFZzdE9tZUVVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYi81YzNiOTktYjhlZi00ZWQxLTg1N2MtYjY1Y2QxMzYyNjJl
LzEvOGZHRzZYQ1h5RUY5bERmWERQMzhVbk14dGFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAufwUMA0G
CSqGSIb3DQEBCwUAA4IBAQBoRZAbD3Bm5Jrtu510Gb8YjsF9D7O73m2EIVt1ERmD
7t6x0RBXu6ZbVT+q0RhClvvOVgvxMc1FDzVaB7pLHsoDZFi6770SYazYFH2ruRDy
phAWpCDqf8ORzsnQlr7qryZ5S2xqLa1pBf7ebsU0lfhkpjuhVgA00eOu75TdyJS8
ATfeW/2MFq10j6apUoJrmyLMFxwnRwfwAR8beBFsrGrPZbzp2866qtM8Mxds4jMs
1r5El9RLzMa2KomswaR3mPg0LBqSwf3sSqLyGHQrcMsLm7cLKxJmVGakna7uGCMx
jzMECB12EMrMsuOETLrzQ65eCzE/wxP4EJhxK4FMXXLG
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:06:48 2023 by rpki-client on console-fra.rpki-client.org