Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0b/8809dd-667a-4047-8104-de58698b6470/1/groPHrnGlhNqAG3xCXhHx7T6wCI.roa
File: groPHrnGlhNqAG3xCXhHx7T6wCI.roa (raw, json)
Hash identifier: Wze+2NA94I66k43QXiOB/K2jsXlQoz49+C7HIZQIv8g=
Subject key identifier: 82:BA:0F:1E:B9:C6:96:13:6A:00:6D:F1:09:78:47:C7:B4:FA:C0:22
Certificate issuer: /CN=56a4987bf8c6b4cdd657bbc2d0a5e13e9b626cb9
Certificate serial: 03BB7357
Authority key identifier: 56:A4:98:7B:F8:C6:B4:CD:D6:57:BB:C2:D0:A5:E1:3E:9B:62:6C:B9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VqSYe_jGtM3WV7vC0KXhPptibLk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0b/8809dd-667a-4047-8104-de58698b6470/1/groPHrnGlhNqAG3xCXhHx7T6wCI.roa
Signing time: Sat 01 Jan 2022 05:57:42 +0000
ROA not before: Sat 01 Jan 2022 05:57:42 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 25133
IP address blocks: 193.106.80.0/22 maxlen: 22
103.35.160.0/22 maxlen: 22
91.217.144.0/24 maxlen: 24
89.200.232.0/21 maxlen: 21
103.237.44.0/22 maxlen: 22
45.153.208.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 62616407 (0x3bb7357)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=56a4987bf8c6b4cdd657bbc2d0a5e13e9b626cb9
Validity
Not Before: Jan 1 05:57:42 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=82ba0f1eb9c696136a006df1097847c7b4fac022
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:76:18:98:15:c2:d6:10:a5:e7:40:d9:02:c8:
d6:a5:e8:c9:52:ab:97:e3:70:35:ad:11:aa:0b:26:
6b:41:11:d1:a4:a7:55:ae:9f:fc:f7:88:2a:f9:f7:
5f:f4:14:c9:ff:99:00:65:05:98:fa:d1:36:18:f7:
c3:ed:3f:08:0a:db:a5:73:60:4b:8c:07:fc:0c:67:
20:51:75:7d:46:1b:90:39:10:ae:e5:02:98:b2:1f:
86:c4:1f:df:17:fe:31:69:91:38:a6:90:cd:18:36:
bf:4d:8f:db:a9:ff:eb:b6:7c:07:18:8e:3d:cb:ce:
28:b9:d0:be:be:66:c6:5d:b4:8c:5e:eb:38:8c:37:
87:d2:c7:de:3b:ba:e9:50:6b:df:e2:79:eb:68:a9:
c0:d2:93:d6:f2:b6:83:bc:d3:1a:e8:c7:73:b8:ad:
cd:c4:a2:69:39:67:0c:c0:b7:b9:23:d8:63:eb:fd:
82:ea:9f:1e:1a:3a:ac:b2:1d:60:41:27:0b:fe:37:
06:31:43:c2:06:9b:1e:14:0e:83:72:98:6b:b4:37:
d2:26:da:cb:86:a0:75:33:98:08:7b:46:31:f2:f9:
91:a5:b7:8c:90:00:a7:4d:30:65:c4:16:e9:ae:0b:
48:31:d3:a0:bf:84:27:9f:4d:58:f8:4a:e2:62:0d:
90:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
82:BA:0F:1E:B9:C6:96:13:6A:00:6D:F1:09:78:47:C7:B4:FA:C0:22
X509v3 Authority Key Identifier:
keyid:56:A4:98:7B:F8:C6:B4:CD:D6:57:BB:C2:D0:A5:E1:3E:9B:62:6C:B9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VqSYe_jGtM3WV7vC0KXhPptibLk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/8809dd-667a-4047-8104-de58698b6470/1/groPHrnGlhNqAG3xCXhHx7T6wCI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/8809dd-667a-4047-8104-de58698b6470/1/VqSYe_jGtM3WV7vC0KXhPptibLk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.153.208.0/22
89.200.232.0/21
91.217.144.0/24
103.35.160.0/22
103.237.44.0/22
193.106.80.0/22
Signature Algorithm: sha256WithRSAEncryption
75:2a:a2:9d:c8:9d:df:66:2c:b4:e8:b5:09:fc:66:5d:f0:0f:
d0:75:54:7b:8e:d6:72:aa:c4:db:75:37:ff:ba:75:cc:bd:c4:
75:51:30:85:00:b1:ae:22:71:ba:36:f8:42:5c:53:e0:c2:c3:
28:84:ef:b4:48:64:31:f2:e0:42:35:9f:bf:16:53:cd:ce:8a:
4c:af:e2:fe:65:c3:e5:9e:29:1e:ca:8c:cb:9b:15:27:8e:92:
44:ee:88:0f:57:ff:85:2c:fe:63:a4:0d:91:2a:3e:c4:4c:17:
f4:5c:46:73:b4:ce:bc:1f:01:1a:bf:30:c9:b6:2a:ac:bd:36:
de:a0:55:12:11:8f:11:d3:78:6e:a5:65:bc:7d:64:0a:4d:fc:
b2:58:51:01:34:2b:c3:1c:bf:87:59:a2:1c:a5:6a:aa:ba:67:
74:58:fb:26:16:00:5a:bd:03:56:c7:ff:62:d5:5d:c9:09:a5:
12:fb:a5:9f:ad:44:a6:63:51:a6:db:d3:f9:09:cf:e1:8e:6f:
4d:51:65:1c:7b:1d:49:33:a5:be:9d:26:62:e5:6f:9d:ac:70:
ea:60:12:ff:60:70:a1:91:3e:81:95:74:f2:45:6e:21:f3:41:
32:63:a1:0f:6e:a9:aa:ad:bd:96:09:4c:4c:b6:4c:dc:5f:78:
42:3f:4d:cc
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgIEA7tzVzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg1
NmE0OTg3YmY4YzZiNGNkZDY1N2JiYzJkMGE1ZTEzZTliNjI2Y2I5MB4XDTIyMDEw
MTA1NTc0MloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoODJiYTBmMWViOWM2
OTYxMzZhMDA2ZGYxMDk3ODQ3YzdiNGZhYzAyMjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMV2GJgVwtYQpedA2QLI1qXoyVKrl+NwNa0Rqgsma0ER0aSn
Va6f/PeIKvn3X/QUyf+ZAGUFmPrRNhj3w+0/CArbpXNgS4wH/AxnIFF1fUYbkDkQ
ruUCmLIfhsQf3xf+MWmROKaQzRg2v02P26n/67Z8BxiOPcvOKLnQvr5mxl20jF7r
OIw3h9LH3ju66VBr3+J562ipwNKT1vK2g7zTGujHc7itzcSiaTlnDMC3uSPYY+v9
guqfHho6rLIdYEEnC/43BjFDwgabHhQOg3KYa7Q30ibay4agdTOYCHtGMfL5kaW3
jJAAp00wZcQW6a4LSDHToL+EJ59NWPhK4mINkIECAwEAAaOCAicwggIjMB0GA1Ud
DgQWBBSCug8eucaWE2oAbfEJeEfHtPrAIjAfBgNVHSMEGDAWgBRWpJh7+Ma0zdZX
u8LQpeE+m2JsuTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1ZxU1llX2pHdE0zV1Y3dkMwS1hoUHB0aWJMay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMGIvODgwOWRkLTY2N2EtNDA0Ny04MTA0LWRlNTg2OThiNjQ3MC8x
L2dyb1BIcm5HbGhOcUFHM3hDWGhIeDdUNndDSS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMGIv
ODgwOWRkLTY2N2EtNDA0Ny04MTA0LWRlNTg2OThiNjQ3MC8xL1ZxU1llX2pHdE0z
V1Y3dkMwS1hoUHB0aWJMay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA9
BggrBgEFBQcBBwEB/wQuMCwwKgQCAAEwJAMEAi2Z0AMEA1nI6AMEAFvZkAMEAmcj
oAMEAmftLAMEAsFqUDANBgkqhkiG9w0BAQsFAAOCAQEAdSqincid32YstOi1Cfxm
XfAP0HVUe47WcqrE23U3/7p1zL3EdVEwhQCxriJxujb4QlxT4MLDKITvtEhkMfLg
QjWfvxZTzc6KTK/i/mXD5Z4pHsqMy5sVJ46SRO6ID1f/hSz+Y6QNkSo+xEwX9FxG
c7TOvB8BGr8wybYqrL023qBVEhGPEdN4bqVlvH1kCk38slhRATQrwxy/h1miHKVq
qrpndFj7JhYAWr0DVsf/YtVdyQmlEvuln61EpmNRptvT+QnP4Y5vTVFlHHsdSTOl
vp0mYuVvnaxw6mAS/2BwoZE+gZV08kVuIfNBMmOhD26pqq29lglMTLZM3F94Qj9N
zA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:18:32 2024 by rpki-client on console-fra.rpki-client.org