Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/fb1289-4d14-40f0-9679-11afb4992eef/1/Gv86is0xzvQKDe-Rm8tzCtSqp4I.roa
File: Gv86is0xzvQKDe-Rm8tzCtSqp4I.roa (raw, json)
Hash identifier: l/PvLIZbjZiDU5bF+H/L7VkIxEh8qcYNiSo4FqSZaTo=
Subject key identifier: 1A:FF:3A:8A:CD:31:CE:F4:0A:0D:EF:91:9B:CB:73:0A:D4:AA:A7:82
Certificate issuer: /CN=aaebc9bfef2b4d23f19513bfd4d60bb798f5a59d
Certificate serial: 11E072C8
Authority key identifier: AA:EB:C9:BF:EF:2B:4D:23:F1:95:13:BF:D4:D6:0B:B7:98:F5:A5:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/quvJv-8rTSPxlRO_1NYLt5j1pZ0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/fb1289-4d14-40f0-9679-11afb4992eef/1/Gv86is0xzvQKDe-Rm8tzCtSqp4I.roa
Signing time: Tue 08 Mar 2022 16:08:50 +0000
ROA not before: Tue 08 Mar 2022 16:08:50 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 34081
IP address blocks: 84.33.16.0/23 maxlen: 24
217.70.144.0/20 maxlen: 24
193.188.28.0/22 maxlen: 24
31.14.163.0/24 maxlen: 25
172.83.81.0/24 maxlen: 25
84.33.192.0/18 maxlen: 24
84.33.0.0/18 maxlen: 24
2001:1a38::/32 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 299922120 (0x11e072c8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aaebc9bfef2b4d23f19513bfd4d60bb798f5a59d
Validity
Not Before: Mar 8 16:08:50 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=1aff3a8acd31cef40a0def919bcb730ad4aaa782
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:20:61:44:b7:8f:46:b2:bf:dc:7e:c0:70:20:
83:ea:a7:58:66:30:f0:1f:2f:ae:bc:bd:32:84:62:
cd:ca:e6:79:f8:0a:69:0b:b6:8e:ad:31:f8:e9:73:
86:fc:92:02:54:1c:86:06:17:a2:9a:67:15:05:32:
dd:df:be:75:c1:93:90:f1:c1:c4:ce:f0:05:d6:e8:
5d:99:84:ca:ab:5f:70:ba:76:f0:88:67:f2:a0:02:
b2:53:69:5c:8b:1f:00:44:83:82:e8:ed:39:3b:7d:
aa:03:ba:a1:a7:6d:52:92:42:19:d2:44:4b:32:36:
28:5f:9a:f0:2d:0d:57:ec:f3:43:2f:97:8b:21:94:
d5:f2:cd:fa:90:71:ca:6d:2e:56:56:90:e3:6c:90:
f1:16:eb:5a:83:e6:3e:ed:f8:02:96:d6:4f:01:90:
a1:28:31:bb:9b:0a:9c:fc:b2:cd:d4:4b:ff:18:d8:
a8:72:ee:86:2f:29:66:3d:1c:39:b4:e9:a8:25:16:
c9:ff:06:1e:a9:f1:fa:57:4e:3b:25:9b:e0:a9:40:
2e:73:52:26:53:04:81:b4:9f:54:41:f5:ef:b4:b0:
45:12:28:44:61:74:3e:03:05:1e:54:76:1c:9d:35:
c9:0d:af:31:41:f2:6a:1e:11:f5:31:bb:60:e2:50:
77:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1A:FF:3A:8A:CD:31:CE:F4:0A:0D:EF:91:9B:CB:73:0A:D4:AA:A7:82
X509v3 Authority Key Identifier:
keyid:AA:EB:C9:BF:EF:2B:4D:23:F1:95:13:BF:D4:D6:0B:B7:98:F5:A5:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/quvJv-8rTSPxlRO_1NYLt5j1pZ0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/fb1289-4d14-40f0-9679-11afb4992eef/1/Gv86is0xzvQKDe-Rm8tzCtSqp4I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/fb1289-4d14-40f0-9679-11afb4992eef/1/quvJv-8rTSPxlRO_1NYLt5j1pZ0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.14.163.0/24
84.33.0.0/18
84.33.192.0/18
172.83.81.0/24
193.188.28.0/22
217.70.144.0/20
IPv6:
2001:1a38::/32
Signature Algorithm: sha256WithRSAEncryption
8c:0b:78:77:c4:b5:b6:64:9a:48:77:76:2c:7e:8a:49:4d:bb:
52:eb:95:a3:fd:c7:14:b2:7d:8e:51:5a:1c:8e:26:cd:a7:63:
58:8a:0e:97:dd:5e:89:cb:24:8a:66:a3:89:0b:f1:31:17:cd:
7d:03:d5:77:06:bd:c0:dc:15:66:c9:41:3d:39:3e:5c:81:87:
f2:47:d4:74:7f:e2:f9:8b:1e:16:0d:1c:e4:6a:e1:f6:1a:12:
42:75:95:65:8f:0c:24:34:06:10:ac:6a:9f:7a:bc:95:5c:4a:
d6:15:f0:90:62:d8:78:e5:26:c8:cc:30:e9:9a:9d:93:64:58:
5c:ce:86:b0:c1:b5:a5:a7:af:25:01:f5:4f:98:ba:ee:b3:95:
57:ac:a5:4e:57:7f:fc:10:31:e7:2a:db:b2:f2:d0:de:dd:17:
97:5c:84:fe:71:b7:1b:33:1f:e2:05:f2:32:4a:40:dd:a5:83:
c8:ea:ce:1f:31:67:89:46:78:d6:35:33:7c:e5:9e:6a:46:8c:
c3:79:03:69:32:c5:7c:e9:a1:2e:bc:0f:37:03:ce:d2:f6:f3:
84:1b:56:24:89:06:33:54:ce:06:25:a0:1f:db:75:ea:dd:2a:
91:7b:bc:83:d1:80:e7:b2:fc:f5:0d:36:bd:40:7f:a3:cf:ff:
a7:05:8c:0e
-----BEGIN CERTIFICATE-----
MIIFHDCCBASgAwIBAgIEEeByyDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
YWViYzliZmVmMmI0ZDIzZjE5NTEzYmZkNGQ2MGJiNzk4ZjVhNTlkMB4XDTIyMDMw
ODE2MDg1MFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMWFmZjNhOGFjZDMx
Y2VmNDBhMGRlZjkxOWJjYjczMGFkNGFhYTc4MjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALQgYUS3j0ayv9x+wHAgg+qnWGYw8B8vrry9MoRizcrmefgK
aQu2jq0x+OlzhvySAlQchgYXoppnFQUy3d++dcGTkPHBxM7wBdboXZmEyqtfcLp2
8Ihn8qACslNpXIsfAESDgujtOTt9qgO6oadtUpJCGdJESzI2KF+a8C0NV+zzQy+X
iyGU1fLN+pBxym0uVlaQ42yQ8RbrWoPmPu34ApbWTwGQoSgxu5sKnPyyzdRL/xjY
qHLuhi8pZj0cObTpqCUWyf8GHqnx+ldOOyWb4KlALnNSJlMEgbSfVEH177SwRRIo
RGF0PgMFHlR2HJ01yQ2vMUHyah4R9TG7YOJQd+UCAwEAAaOCAjYwggIyMB0GA1Ud
DgQWBBQa/zqKzTHO9AoN75Gby3MK1KqngjAfBgNVHSMEGDAWgBSq68m/7ytNI/GV
E7/U1gu3mPWlnTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3F1dkp2LThyVFNQeGxST18xTllMdDVqMXBaMC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMWMvZmIxMjg5LTRkMTQtNDBmMC05Njc5LTExYWZiNDk5MmVlZi8x
L0d2ODZpczB4enZRS0RlLVJtOHR6Q3RTcXA0SS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMWMv
ZmIxMjg5LTRkMTQtNDBmMC05Njc5LTExYWZiNDk5MmVlZi8xL3F1dkp2LThyVFNQ
eGxST18xTllMdDVqMXBaMC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBM
BggrBgEFBQcBBwEB/wQ9MDswKgQCAAEwJAMEAB8OowMEBlQhAAMEBlQhwAMEAKxT
UQMEAsG8HAMEBNlGkDANBAIAAjAHAwUAIAEaODANBgkqhkiG9w0BAQsFAAOCAQEA
jAt4d8S1tmSaSHd2LH6KSU27UuuVo/3HFLJ9jlFaHI4mzadjWIoOl91eicskimaj
iQvxMRfNfQPVdwa9wNwVZslBPTk+XIGH8kfUdH/i+YseFg0c5Grh9hoSQnWVZY8M
JDQGEKxqn3q8lVxK1hXwkGLYeOUmyMww6Zqdk2RYXM6GsMG1paevJQH1T5i67rOV
V6ylTld//BAx5yrbsvLQ3t0Xl1yE/nG3GzMf4gXyMkpA3aWDyOrOHzFniUZ41jUz
fOWeakaMw3kDaTLFfOmhLrwPNwPO0vbzhBtWJIkGM1TOBiWgH9t16t0qkXu8g9GA
57L89Q02vUB/o8//pwWMDg==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:47 2023 by rpki-client on console-ams.rpki-client.org