Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/22/7d8505-3899-4a9e-8cf1-fa5af38deb5e/1/GCAMkI1KI4DC_Pq_zEY4qdg3-Qw.roa
File: GCAMkI1KI4DC_Pq_zEY4qdg3-Qw.roa (raw, json)
Hash identifier: CVPFVf5diiTtbIVA79kDFqSsRhbwNXv8vE2WgIdh84U=
Subject key identifier: 18:20:0C:90:8D:4A:23:80:C2:FC:FA:BF:CC:46:38:A9:D8:37:F9:0C
Certificate issuer: /CN=40e3953c5cb452f159f8e1505fc702e883657e72
Certificate serial: 0182DC9D40BD5631A08B89F8F5209C2A13AF
Authority key identifier: 40:E3:95:3C:5C:B4:52:F1:59:F8:E1:50:5F:C7:02:E8:83:65:7E:72
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QOOVPFy0UvFZ-OFQX8cC6INlfnI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/22/7d8505-3899-4a9e-8cf1-fa5af38deb5e/1/GCAMkI1KI4DC_Pq_zEY4qdg3-Qw.roa
Signing time: Sat 27 Aug 2022 00:04:29 +0000
ROA not before: Sat 27 Aug 2022 00:04:29 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 22822
IP address blocks: 95.140.224.0/22 maxlen: 22
95.140.224.0/20 maxlen: 24
87.248.192.0/19 maxlen: 24
46.228.144.0/20 maxlen: 24
87.248.210.0/23 maxlen: 23
87.248.212.0/23 maxlen: 23
216.247.120.0/21 maxlen: 24
185.178.52.0/22 maxlen: 22
46.183.88.0/21 maxlen: 24
178.249.105.0/24 maxlen: 24
178.249.104.0/21 maxlen: 24
185.116.100.0/22 maxlen: 22
178.79.203.0/24 maxlen: 24
178.79.214.0/23 maxlen: 23
178.79.228.0/23 maxlen: 23
178.79.230.0/23 maxlen: 23
178.79.232.0/22 maxlen: 22
178.79.236.0/22 maxlen: 22
178.79.240.0/21 maxlen: 21
178.79.248.0/21 maxlen: 21
178.79.196.0/23 maxlen: 23
178.79.192.0/18 maxlen: 24
2a02:3d0:621::/48 maxlen: 48
2a02:3d0:601::/48 maxlen: 48
2a02:3d0::/32 maxlen: 48
2a02:3d0:600::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:dc:9d:40:bd:56:31:a0:8b:89:f8:f5:20:9c:2a:13:af
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=40e3953c5cb452f159f8e1505fc702e883657e72
Validity
Not Before: Aug 27 00:04:29 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=18200c908d4a2380c2fcfabfcc4638a9d837f90c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:42:bc:3a:47:78:bb:3a:ef:89:53:43:ef:39:
28:e7:47:53:23:5d:f0:7b:9f:08:6d:51:de:32:33:
cb:e7:5b:23:75:3f:09:b4:08:a1:bc:47:d4:73:9b:
05:96:bf:39:7a:aa:33:5b:1c:29:0b:9b:c2:5e:21:
31:58:a1:99:20:71:12:e0:02:9b:42:d7:47:ac:1d:
f3:94:eb:6f:16:36:3a:e8:e4:cb:02:9b:d1:a6:44:
90:ce:a3:a2:94:e6:35:4e:35:1d:89:93:d2:71:db:
45:3c:ab:e8:c7:76:b8:bf:6d:69:45:9d:82:04:9e:
51:92:38:52:db:a9:ff:56:b6:ab:6d:87:60:8d:51:
d9:b0:99:02:1c:66:3d:10:65:15:ca:d3:98:83:8b:
ba:26:ac:ba:e0:8e:63:94:ec:4e:22:46:e8:30:e1:
2b:c0:d7:f5:72:f4:f3:25:80:01:96:91:88:82:52:
4e:f5:5a:41:d7:5e:f1:d8:4d:39:f0:07:63:b4:c3:
bd:b4:d3:76:d2:83:a1:ce:54:0e:6d:fd:64:14:15:
16:59:c8:40:d6:7d:56:71:6f:3b:bf:3d:21:b2:57:
d5:c2:ee:b2:22:ce:c0:1e:81:8c:ae:6a:f5:64:61:
88:5f:fa:d2:1a:a4:15:5a:11:86:3b:d7:cb:3e:bf:
9a:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
18:20:0C:90:8D:4A:23:80:C2:FC:FA:BF:CC:46:38:A9:D8:37:F9:0C
X509v3 Authority Key Identifier:
keyid:40:E3:95:3C:5C:B4:52:F1:59:F8:E1:50:5F:C7:02:E8:83:65:7E:72
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QOOVPFy0UvFZ-OFQX8cC6INlfnI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/22/7d8505-3899-4a9e-8cf1-fa5af38deb5e/1/GCAMkI1KI4DC_Pq_zEY4qdg3-Qw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/22/7d8505-3899-4a9e-8cf1-fa5af38deb5e/1/QOOVPFy0UvFZ-OFQX8cC6INlfnI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.183.88.0/21
46.228.144.0/20
87.248.192.0/19
95.140.224.0/20
178.79.192.0/18
178.249.104.0/21
185.116.100.0/22
185.178.52.0/22
216.247.120.0/21
IPv6:
2a02:3d0::/32
Signature Algorithm: sha256WithRSAEncryption
43:cd:8a:70:73:d0:31:6f:fb:11:56:9f:50:80:ee:82:17:24:
ad:fe:2e:57:a3:3c:a5:aa:5c:56:83:9f:17:ff:c8:14:45:44:
97:4c:8e:2f:ac:3a:76:01:ca:59:91:8b:b7:09:58:dd:4f:01:
d3:90:f3:c9:d6:a6:e8:fa:3f:0f:f6:45:99:e8:69:27:91:cd:
df:68:ac:91:ac:9c:a9:0c:a3:e9:1c:fb:b1:15:bc:e1:d1:2f:
37:f2:08:93:90:bd:31:36:4c:5d:0c:13:06:6c:d3:bc:b2:c6:
31:16:66:b0:c1:f9:c4:44:08:7b:c1:1f:9a:40:22:3f:bf:0d:
80:b3:33:4b:a9:19:6f:f5:fe:69:97:aa:fe:b7:81:4e:f6:23:
9b:96:7a:90:9e:bb:5e:4c:70:9d:12:4c:0b:16:fa:82:c0:d6:
ab:37:d2:bb:26:5b:58:62:7a:f8:8c:e6:d7:82:21:b3:41:27:
f5:8b:d5:da:bf:58:fe:4d:85:ac:58:79:3b:c6:b9:dd:ba:7c:
86:c4:40:11:fc:8b:0e:78:c8:ec:51:e2:f6:85:bf:cd:ca:a5:
56:9e:9a:6f:d8:14:05:3a:5d:10:c9:0f:3d:a0:0a:02:ca:e5:
8e:17:e8:bf:95:ae:1b:41:c1:8b:ea:c3:4f:d3:1a:2a:cf:ab:
a1:aa:c7:13
-----BEGIN CERTIFICATE-----
MIIFPDCCBCSgAwIBAgISAYLcnUC9VjGgi4n49SCcKhOvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQwZTM5NTNjNWNiNDUyZjE1OWY4ZTE1MDVmYzcwMmU4ODM2
NTdlNzIwHhcNMjIwODI3MDAwNDI5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxODIwMGM5MDhkNGEyMzgwYzJmY2ZhYmZjYzQ2MzhhOWQ4MzdmOTBjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw0K8Okd4uzrviVND7zko50dTI13w
e58IbVHeMjPL51sjdT8JtAihvEfUc5sFlr85eqozWxwpC5vCXiExWKGZIHES4AKb
QtdHrB3zlOtvFjY66OTLApvRpkSQzqOilOY1TjUdiZPScdtFPKvox3a4v21pRZ2C
BJ5RkjhS26n/VrarbYdgjVHZsJkCHGY9EGUVytOYg4u6Jqy64I5jlOxOIkboMOEr
wNf1cvTzJYABlpGIglJO9VpB117x2E058AdjtMO9tNN20oOhzlQObf1kFBUWWchA
1n1WcW87vz0hslfVwu6yIs7AHoGMrmr1ZGGIX/rSGqQVWhGGO9fLPr+a2wIDAQAB
o4ICSDCCAkQwHQYDVR0OBBYEFBggDJCNSiOAwvz6v8xGOKnYN/kMMB8GA1UdIwQY
MBaAFEDjlTxctFLxWfjhUF/HAuiDZX5yMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUU9PVlBGeTBVdkZaLU9GUVg4Y0M2SU5sZm5JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMi83ZDg1MDUtMzg5OS00YTllLThjZjEt
ZmE1YWYzOGRlYjVlLzEvR0NBTWtJMUtJNERDX1BxX3pFWTRxZGczLVF3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMi83ZDg1MDUtMzg5OS00YTllLThjZjEtZmE1YWYzOGRlYjVl
LzEvUU9PVlBGeTBVdkZaLU9GUVg4Y0M2SU5sZm5JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF4GCCsGAQUFBwEHAQH/BE8wTTA8BAIAATA2AwQDLrdYAwQE
LuSQAwQFV/jAAwQEX4zgAwQGsk/AAwQDsvloAwQCuXRkAwQCubI0AwQD2Pd4MA0E
AgACMAcDBQAqAgPQMA0GCSqGSIb3DQEBCwUAA4IBAQBDzYpwc9Axb/sRVp9QgO6C
FySt/i5XozylqlxWg58X/8gURUSXTI4vrDp2AcpZkYu3CVjdTwHTkPPJ1qbo+j8P
9kWZ6Gknkc3faKyRrJypDKPpHPuxFbzh0S838giTkL0xNkxdDBMGbNO8ssYxFmaw
wfnERAh7wR+aQCI/vw2AszNLqRlv9f5pl6r+t4FO9iOblnqQnrteTHCdEkwLFvqC
wNarN9K7JltYYnr4jObXgiGzQSf1i9Xav1j+TYWsWHk7xrndunyGxEAR/IsOeMjs
UeL2hb/NyqVWnppv2BQFOl0QyQ89oAoCyuWOF+i/la4bQcGL6sNP0xoqz6uhqscT
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:58:01 2024 by rpki-client on console-ams.rpki-client.org