Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/GaKDv_7mBT_paX8sL40wFTqzKVI.roa
File: GaKDv_7mBT_paX8sL40wFTqzKVI.roa (raw, json)
Hash identifier: GbqwO8bZmEG5YKuYZZAFd1aGCRqdlZw4StPkXKUc7tY=
Subject key identifier: 19:A2:83:BF:FE:E6:05:3F:E9:69:7F:2C:2F:8D:30:15:3A:B3:29:52
Certificate issuer: /CN=3af09ba33b5ae581b0d29323249314f76aa10511
Certificate serial: 4482FCBF
Authority key identifier: 3A:F0:9B:A3:3B:5A:E5:81:B0:D2:93:23:24:93:14:F7:6A:A1:05:11
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OvCbozta5YGw0pMjJJMU92qhBRE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/GaKDv_7mBT_paX8sL40wFTqzKVI.roa
Signing time: Sat 01 Jan 2022 03:58:32 +0000
ROA not before: Sat 01 Jan 2022 03:58:32 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 34000
IP address blocks: 217.108.70.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1149435071 (0x4482fcbf)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3af09ba33b5ae581b0d29323249314f76aa10511
Validity
Not Before: Jan 1 03:58:32 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=19a283bffee6053fe9697f2c2f8d30153ab32952
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:a8:7a:3c:a5:6a:cd:c0:35:97:38:15:e5:aa:
2c:da:6d:2e:94:aa:c5:9f:d7:1a:a8:c2:8c:cc:c1:
45:89:ba:b3:81:d0:66:03:d9:63:a1:b8:ef:80:da:
a9:d8:11:68:a5:8c:86:22:7b:d8:71:c8:d1:30:50:
e9:cd:89:ba:16:0b:23:07:5b:63:fb:6e:71:ea:a7:
a1:94:18:20:27:f7:72:f9:ac:d8:f0:1c:e7:c5:3a:
42:a3:07:6e:53:6a:4a:55:ad:36:61:41:30:c5:f2:
db:38:46:f7:93:94:05:7e:e4:73:01:d1:11:fd:aa:
9f:4f:de:0a:23:da:66:be:d9:17:48:05:85:93:ab:
f8:48:19:1e:3d:ec:c3:fe:30:e7:e7:fa:d6:99:b5:
fc:f6:a3:4e:96:f8:d6:f8:1e:c5:8f:3d:f2:3b:80:
63:c4:61:8b:04:7e:82:5a:64:48:1f:24:f5:e0:00:
09:20:b0:d7:84:26:4c:b5:2e:c5:f6:44:af:88:31:
e3:00:ca:42:88:52:53:88:98:d3:0d:46:1a:c8:b8:
6f:2f:66:bf:6c:0d:6c:ba:9f:93:a9:32:a0:70:2d:
16:e9:12:f0:a7:86:ef:af:7f:6a:73:50:c5:41:c6:
fd:e6:fe:fd:84:d1:11:9f:20:12:29:e2:e2:c6:7b:
4c:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
19:A2:83:BF:FE:E6:05:3F:E9:69:7F:2C:2F:8D:30:15:3A:B3:29:52
X509v3 Authority Key Identifier:
keyid:3A:F0:9B:A3:3B:5A:E5:81:B0:D2:93:23:24:93:14:F7:6A:A1:05:11
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OvCbozta5YGw0pMjJJMU92qhBRE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/GaKDv_7mBT_paX8sL40wFTqzKVI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/OvCbozta5YGw0pMjJJMU92qhBRE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.108.70.0/24
Signature Algorithm: sha256WithRSAEncryption
6f:a4:bf:9c:f4:3a:30:e9:a0:70:dc:7b:7e:f1:b9:46:ad:52:
80:1e:a0:eb:a3:06:be:49:22:94:10:ca:9a:c3:64:97:36:cb:
bd:52:3d:d6:65:22:e1:20:47:bd:e1:76:86:d3:f8:39:83:cc:
d3:27:44:65:28:62:a0:39:8c:33:f6:88:4c:30:07:d1:cd:ae:
d1:b2:e1:0e:d4:c0:03:9f:76:02:f8:7c:38:f0:15:01:c5:84:
69:8b:3d:34:7a:07:7e:b8:80:84:3f:70:cd:a8:0c:fe:db:1f:
11:7a:e0:1a:33:63:0b:ef:10:97:08:be:0e:98:93:1d:3b:3d:
cb:ec:6c:56:d0:32:bf:b6:88:a5:b1:b3:9a:db:6e:f7:30:8b:
f4:f1:69:0a:32:90:42:e9:d1:d9:c0:d8:44:14:df:48:e2:83:
49:45:d8:bd:dc:0f:f7:a6:fa:65:b6:25:18:9c:d8:51:35:af:
47:c4:e9:04:b9:f9:19:29:3d:70:cc:db:bc:de:63:fc:c9:c2:
e4:1b:1d:cf:f3:cb:a3:57:bc:4c:e0:c2:9b:a2:99:85:38:23:
1a:07:a2:c3:2a:df:f4:bd:92:0f:fb:69:9d:18:98:55:c9:86:
aa:3c:12:b6:c3:78:e0:5b:54:cf:c9:2e:65:c7:5a:5b:58:05:
26:5c:9b:05
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIERIL8vzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
YWYwOWJhMzNiNWFlNTgxYjBkMjkzMjMyNDkzMTRmNzZhYTEwNTExMB4XDTIyMDEw
MTAzNTgzMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMTlhMjgzYmZmZWU2
MDUzZmU5Njk3ZjJjMmY4ZDMwMTUzYWIzMjk1MjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOWoejylas3ANZc4FeWqLNptLpSqxZ/XGqjCjMzBRYm6s4HQ
ZgPZY6G474DaqdgRaKWMhiJ72HHI0TBQ6c2JuhYLIwdbY/tuceqnoZQYICf3cvms
2PAc58U6QqMHblNqSlWtNmFBMMXy2zhG95OUBX7kcwHREf2qn0/eCiPaZr7ZF0gF
hZOr+EgZHj3sw/4w5+f61pm1/PajTpb41vgexY898juAY8RhiwR+glpkSB8k9eAA
CSCw14QmTLUuxfZEr4gx4wDKQohSU4iY0w1GGsi4by9mv2wNbLqfk6kyoHAtFukS
8KeG769/anNQxUHG/eb+/YTREZ8gEini4sZ7TC0CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQZooO//uYFP+lpfywvjTAVOrMpUjAfBgNVHSMEGDAWgBQ68JujO1rlgbDS
kyMkkxT3aqEFETAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L092Q2JvenRhNVlHdzBwTWpKSk1VOTJxaEJSRS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNmIvMzNkNWQxLWM0NTAtNDEzYi1hZmU0LTQ1OTM1ZjUwNmExMi8x
L0dhS0R2XzdtQlRfcGFYOHNMNDB3RlRxektWSS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNmIv
MzNkNWQxLWM0NTAtNDEzYi1hZmU0LTQ1OTM1ZjUwNmExMi8xL092Q2JvenRhNVlH
dzBwTWpKSk1VOTJxaEJSRS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEANlsRjANBgkqhkiG9w0BAQsFAAOC
AQEAb6S/nPQ6MOmgcNx7fvG5Rq1SgB6g66MGvkkilBDKmsNklzbLvVI91mUi4SBH
veF2htP4OYPM0ydEZShioDmMM/aITDAH0c2u0bLhDtTAA592Avh8OPAVAcWEaYs9
NHoHfriAhD9wzagM/tsfEXrgGjNjC+8Qlwi+DpiTHTs9y+xsVtAyv7aIpbGzmttu
9zCL9PFpCjKQQunR2cDYRBTfSOKDSUXYvdwP96b6ZbYlGJzYUTWvR8TpBLn5GSk9
cMzbvN5j/MnC5Bsdz/PLo1e8TODCm6KZhTgjGgeiwyrf9L2SD/tpnRiYVcmGqjwS
tsN44FtUz8kuZcdaW1gFJlybBQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:33:51 2024 by rpki-client on console-fra.rpki-client.org