Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/01/53bb23-dfa8-4792-b317-50d0a5323641/1/03GNCSzCFZ4r7EIvPtG37zf06ok.roa
File: 03GNCSzCFZ4r7EIvPtG37zf06ok.roa (raw, json)
Hash identifier: +rLSU5GdtRJaT/WTkzWtHh99Qcq2RicbQgYPE7KpcmM=
Subject key identifier: D3:71:8D:09:2C:C2:15:9E:2B:EC:42:2F:3E:D1:B7:EF:37:F4:EA:89
Certificate issuer: /CN=27029a36fc0cca2e0a8d045f022dfc831a517308
Certificate serial: 05970C76
Authority key identifier: 27:02:9A:36:FC:0C:CA:2E:0A:8D:04:5F:02:2D:FC:83:1A:51:73:08
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JwKaNvwMyi4KjQRfAi38gxpRcwg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/01/53bb23-dfa8-4792-b317-50d0a5323641/1/03GNCSzCFZ4r7EIvPtG37zf06ok.roa
Signing time: Sat 01 Jan 2022 03:52:51 +0000
ROA not before: Sat 01 Jan 2022 03:52:51 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 8544
IP address blocks: 66.205.95.0/24 maxlen: 24
185.42.32.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 93785206 (0x5970c76)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=27029a36fc0cca2e0a8d045f022dfc831a517308
Validity
Not Before: Jan 1 03:52:51 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d3718d092cc2159e2bec422f3ed1b7ef37f4ea89
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:11:17:a4:e1:e4:3e:78:ae:ac:08:76:a5:61:
34:fa:a4:94:6b:00:2b:56:1a:92:ab:8c:f3:ef:0e:
8b:49:bd:86:fd:d3:b7:d9:64:22:f6:db:e7:ae:fa:
e8:bf:bc:32:7a:24:bd:50:fb:d9:58:4c:ba:25:d5:
40:c3:80:bf:ac:90:6a:18:2e:d2:cc:9d:05:ed:b2:
7f:37:0a:ef:d0:0f:63:a2:91:ef:d1:34:e4:72:fb:
46:a1:40:ed:f4:27:59:92:79:be:25:31:78:eb:f1:
ed:99:49:3b:39:b9:86:d2:f9:58:ce:ef:e6:a3:7f:
95:59:1d:13:3d:8c:08:98:6c:ba:94:a3:e4:c1:62:
c6:dd:92:42:b9:65:9e:6b:d8:bf:74:ba:41:07:dc:
ca:58:e0:02:f5:34:d1:f6:c5:87:48:1a:7c:d0:0f:
51:bf:4e:db:4a:fc:78:86:73:19:1f:65:66:a5:d1:
98:e9:12:30:59:e4:b7:e1:40:91:32:00:2a:92:cd:
ac:85:eb:93:19:cf:d9:3e:d4:c4:5a:76:2b:c0:ca:
e7:02:79:bb:bd:9d:3d:a3:05:ce:b3:0b:57:aa:5e:
5e:76:9b:ad:a4:2c:0f:e8:3a:0f:22:dc:6a:a7:6c:
c2:47:08:af:96:f0:33:77:a1:e3:1c:d1:08:39:2a:
85:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D3:71:8D:09:2C:C2:15:9E:2B:EC:42:2F:3E:D1:B7:EF:37:F4:EA:89
X509v3 Authority Key Identifier:
keyid:27:02:9A:36:FC:0C:CA:2E:0A:8D:04:5F:02:2D:FC:83:1A:51:73:08
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JwKaNvwMyi4KjQRfAi38gxpRcwg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/01/53bb23-dfa8-4792-b317-50d0a5323641/1/03GNCSzCFZ4r7EIvPtG37zf06ok.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/01/53bb23-dfa8-4792-b317-50d0a5323641/1/JwKaNvwMyi4KjQRfAi38gxpRcwg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
66.205.95.0/24
185.42.32.0/24
Signature Algorithm: sha256WithRSAEncryption
2d:f7:dd:9b:d8:bc:77:37:fe:59:30:ea:61:a3:1a:28:2e:c3:
a2:cb:80:5b:3c:3c:48:c7:c2:90:ea:c1:9b:af:95:0b:f5:f8:
0f:89:a2:09:43:6f:b4:4c:85:44:06:a9:d2:9c:4c:5d:09:f1:
0d:d8:e6:78:47:cc:ee:ef:fb:a6:a2:01:a9:ef:cf:7c:fc:f4:
c0:32:99:21:83:14:9d:4d:1f:53:82:59:da:ad:b9:81:69:65:
e2:42:6d:61:ce:ec:70:9e:d8:54:5d:8c:49:a5:6e:c3:2b:19:
40:06:79:3b:b9:09:cf:86:27:da:44:9b:e0:5e:99:14:94:44:
24:af:9d:cd:17:68:70:56:c4:b0:9b:27:c7:fa:c1:71:ad:7a:
a8:9a:fd:98:84:cc:1c:7a:50:df:91:24:4e:b7:6f:61:90:82:
19:47:9e:98:4d:d6:2d:a2:37:e0:59:e4:ca:c0:5e:01:a8:62:
22:ce:03:ea:21:a0:29:ec:74:d1:f9:9a:f2:5c:81:09:91:59:
38:a5:e8:07:dc:d1:17:5a:b9:18:2a:c2:62:47:eb:d6:f2:95:
6c:21:9b:d0:ee:28:d7:77:33:16:7a:d7:c4:6c:93:1d:20:48:
69:f4:13:ae:53:75:33:59:cf:67:ff:f4:6f:4e:96:65:20:8b:
43:24:41:85
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIEBZcMdjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
NzAyOWEzNmZjMGNjYTJlMGE4ZDA0NWYwMjJkZmM4MzFhNTE3MzA4MB4XDTIyMDEw
MTAzNTI1MVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZDM3MThkMDkyY2My
MTU5ZTJiZWM0MjJmM2VkMWI3ZWYzN2Y0ZWE4OTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANoRF6Th5D54rqwIdqVhNPqklGsAK1YakquM8+8Oi0m9hv3T
t9lkIvbb56766L+8MnokvVD72VhMuiXVQMOAv6yQahgu0sydBe2yfzcK79APY6KR
79E05HL7RqFA7fQnWZJ5viUxeOvx7ZlJOzm5htL5WM7v5qN/lVkdEz2MCJhsupSj
5MFixt2SQrllnmvYv3S6QQfcyljgAvU00fbFh0gafNAPUb9O20r8eIZzGR9lZqXR
mOkSMFnkt+FAkTIAKpLNrIXrkxnP2T7UxFp2K8DK5wJ5u72dPaMFzrMLV6peXnab
raQsD+g6DyLcaqdswkcIr5bwM3eh4xzRCDkqhYsCAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBTTcY0JLMIVnivsQi8+0bfvN/TqiTAfBgNVHSMEGDAWgBQnApo2/AzKLgqN
BF8CLfyDGlFzCDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0p3S2FOdndNeWk0S2pRUmZBaTM4Z3hwUmN3Zy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMDEvNTNiYjIzLWRmYTgtNDc5Mi1iMzE3LTUwZDBhNTMyMzY0MS8x
LzAzR05DU3pDRlo0cjdFSXZQdEczN3pmMDZvay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMDEv
NTNiYjIzLWRmYTgtNDc5Mi1iMzE3LTUwZDBhNTMyMzY0MS8xL0p3S2FOdndNeWk0
S2pRUmZBaTM4Z3hwUmN3Zy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEAELNXwMEALkqIDANBgkqhkiG9w0B
AQsFAAOCAQEALffdm9i8dzf+WTDqYaMaKC7DosuAWzw8SMfCkOrBm6+VC/X4D4mi
CUNvtEyFRAap0pxMXQnxDdjmeEfM7u/7pqIBqe/PfPz0wDKZIYMUnU0fU4JZ2q25
gWll4kJtYc7scJ7YVF2MSaVuwysZQAZ5O7kJz4Yn2kSb4F6ZFJREJK+dzRdocFbE
sJsnx/rBca16qJr9mITMHHpQ35EkTrdvYZCCGUeemE3WLaI34FnkysBeAahiIs4D
6iGgKex00fma8lyBCZFZOKXoB9zRF1q5GCrCYkfr1vKVbCGb0O4o13czFnrXxGyT
HSBIafQTrlN1M1nPZ//0b06WZSCLQyRBhQ==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:13:36 2025 by rpki-client