Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/33/3ed00a-15ee-4664-a7f1-a1b96b9b70f8/1/GFhVv9aY64y0Xnc5WP7IzrrMEGM.roa
File: GFhVv9aY64y0Xnc5WP7IzrrMEGM.roa (raw, json)
Hash identifier: m6cIHGpf73sJXKT/oOmxauun6VUKZfb9rb6Uw/8hmYI=
Subject key identifier: 18:58:55:BF:D6:98:EB:8C:B4:5E:77:39:58:FE:C8:CE:BA:CC:10:63
Certificate issuer: /CN=88add9b671f7a36eb2367e34fee4bcb13b8f66cc
Certificate serial: 14C6D552
Authority key identifier: 88:AD:D9:B6:71:F7:A3:6E:B2:36:7E:34:FE:E4:BC:B1:3B:8F:66:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iK3ZtnH3o26yNn40_uS8sTuPZsw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/33/3ed00a-15ee-4664-a7f1-a1b96b9b70f8/1/GFhVv9aY64y0Xnc5WP7IzrrMEGM.roa
Signing time: Sat 01 Jan 2022 05:51:54 +0000
ROA not before: Sat 01 Jan 2022 05:51:54 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 43075
IP address blocks: 109.229.192.0/19 maxlen: 19
88.135.128.0/19 maxlen: 19
213.110.64.0/19 maxlen: 19
176.106.48.0/20 maxlen: 20
176.106.160.0/20 maxlen: 20
171.25.218.0/23 maxlen: 23
176.106.176.0/21 maxlen: 21
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 348575058 (0x14c6d552)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=88add9b671f7a36eb2367e34fee4bcb13b8f66cc
Validity
Not Before: Jan 1 05:51:54 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=185855bfd698eb8cb45e773958fec8cebacc1063
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:2b:db:31:53:62:c5:16:9b:bc:d8:e2:6a:a0:
f9:44:8d:25:78:03:14:89:00:7e:9c:e9:e4:e9:63:
ce:3d:bd:72:00:71:25:fe:0a:03:bc:43:85:ea:34:
b1:6e:d4:d7:1c:40:81:63:87:96:c5:25:45:d2:16:
77:c0:f7:b0:d6:cf:6c:72:9b:a2:20:16:35:d2:0f:
a7:23:24:14:b3:9d:5f:e2:8c:bd:1a:eb:e6:4f:74:
07:ff:4c:65:2d:88:36:94:4f:aa:01:27:81:0d:ac:
9a:32:52:e9:a6:d2:cd:e2:b5:36:01:6d:8a:61:de:
ec:b9:f3:28:a2:c6:41:df:6f:9c:3c:9e:ae:b5:ee:
53:5c:ea:ef:8a:45:a6:67:f5:78:b2:24:11:e0:62:
30:ea:6a:97:db:f2:c9:9d:e4:a4:43:eb:f6:a6:2a:
9f:96:99:7c:e7:54:28:a0:b0:f8:7d:61:9a:2c:94:
4e:64:d7:55:8f:e6:b3:e6:6f:b2:44:49:0d:da:69:
55:02:16:6c:81:47:55:f6:b8:2a:b8:d9:56:6a:09:
6a:23:30:4f:93:9a:3a:dc:78:dc:87:7f:9b:18:ec:
1b:7b:17:b9:3c:5c:3e:12:4c:e3:e1:c8:76:17:fc:
fb:81:16:f3:27:39:2f:4d:13:b4:8a:47:2b:55:4b:
32:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
18:58:55:BF:D6:98:EB:8C:B4:5E:77:39:58:FE:C8:CE:BA:CC:10:63
X509v3 Authority Key Identifier:
keyid:88:AD:D9:B6:71:F7:A3:6E:B2:36:7E:34:FE:E4:BC:B1:3B:8F:66:CC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iK3ZtnH3o26yNn40_uS8sTuPZsw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/33/3ed00a-15ee-4664-a7f1-a1b96b9b70f8/1/GFhVv9aY64y0Xnc5WP7IzrrMEGM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/33/3ed00a-15ee-4664-a7f1-a1b96b9b70f8/1/iK3ZtnH3o26yNn40_uS8sTuPZsw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
88.135.128.0/19
109.229.192.0/19
171.25.218.0/23
176.106.48.0/20
176.106.160.0-176.106.183.255
213.110.64.0/19
Signature Algorithm: sha256WithRSAEncryption
19:11:22:b8:f5:25:95:aa:40:ac:d1:40:dd:7f:af:30:0b:6f:
c9:be:d7:71:b1:e6:ba:7a:c0:81:87:7c:bd:2d:22:c1:b0:b9:
69:8e:8d:13:50:5a:39:a7:7c:30:a8:e7:bb:b9:30:0f:09:0f:
66:b6:8d:56:b5:05:54:1e:0a:d7:63:c8:9e:23:92:98:e4:c6:
1a:ea:02:fd:f3:60:6a:bd:1f:9d:ea:34:f0:6e:90:41:18:06:
d1:82:98:bd:ee:1d:8f:51:43:22:a7:ad:ea:97:9a:3a:9c:a8:
57:ff:64:78:e6:b1:33:10:74:82:81:cd:2f:19:9b:b9:5a:54:
1b:96:78:bb:42:c2:01:36:9d:e6:a2:22:c1:e8:a5:3a:b9:ef:
91:87:b9:86:70:94:d1:47:85:db:70:74:a0:73:90:ab:15:3d:
aa:6d:69:54:6a:6c:18:66:09:69:e0:3d:ea:90:82:f7:e2:e8:
bc:f4:e0:9a:9f:3e:c8:3f:7a:00:81:d3:b8:08:51:3d:b0:72:
e2:73:b4:d4:3d:4c:ca:a1:78:58:a2:9b:b2:35:5c:4a:c0:db:
7d:4e:b6:0b:15:01:8d:ad:41:02:90:d8:f5:77:86:5f:95:f7:
2c:e9:5e:80:bd:60:5b:43:d9:95:07:b1:4b:d1:43:ef:98:0f:
5a:54:4e:47
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgIEFMbVUjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
OGFkZDliNjcxZjdhMzZlYjIzNjdlMzRmZWU0YmNiMTNiOGY2NmNjMB4XDTIyMDEw
MTA1NTE1NFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMTg1ODU1YmZkNjk4
ZWI4Y2I0NWU3NzM5NThmZWM4Y2ViYWNjMTA2MzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJ8r2zFTYsUWm7zY4mqg+USNJXgDFIkAfpzp5Oljzj29cgBx
Jf4KA7xDheo0sW7U1xxAgWOHlsUlRdIWd8D3sNbPbHKboiAWNdIPpyMkFLOdX+KM
vRrr5k90B/9MZS2INpRPqgEngQ2smjJS6abSzeK1NgFtimHe7LnzKKLGQd9vnDye
rrXuU1zq74pFpmf1eLIkEeBiMOpql9vyyZ3kpEPr9qYqn5aZfOdUKKCw+H1hmiyU
TmTXVY/ms+ZvskRJDdppVQIWbIFHVfa4KrjZVmoJaiMwT5OaOtx43Id/mxjsG3sX
uTxcPhJM4+HIdhf8+4EW8yc5L00TtIpHK1VLMk8CAwEAAaOCAi8wggIrMB0GA1Ud
DgQWBBQYWFW/1pjrjLRedzlY/sjOuswQYzAfBgNVHSMEGDAWgBSIrdm2cfejbrI2
fjT+5LyxO49mzDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2lLM1p0bkgzbzI2eU5uNDBfdVM4c1R1UFpzdy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzMvM2VkMDBhLTE1ZWUtNDY2NC1hN2YxLWExYjk2YjliNzBmOC8x
L0dGaFZ2OWFZNjR5MFhuYzVXUDdJenJyTUVHTS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzMv
M2VkMDBhLTE1ZWUtNDY2NC1hN2YxLWExYjk2YjliNzBmOC8xL2lLM1p0bkgzbzI2
eU5uNDBfdVM4c1R1UFpzdy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBF
BggrBgEFBQcBBwEB/wQ2MDQwMgQCAAEwLAMEBViHgAMEBW3lwAMEAasZ2gMEBLBq
MDAMAwQFsGqgAwQDsGqwAwQF1W5AMA0GCSqGSIb3DQEBCwUAA4IBAQAZESK49SWV
qkCs0UDdf68wC2/Jvtdxsea6esCBh3y9LSLBsLlpjo0TUFo5p3wwqOe7uTAPCQ9m
to1WtQVUHgrXY8ieI5KY5MYa6gL982BqvR+d6jTwbpBBGAbRgpi97h2PUUMip63q
l5o6nKhX/2R45rEzEHSCgc0vGZu5WlQblni7QsIBNp3moiLB6KU6ue+Rh7mGcJTR
R4XbcHSgc5CrFT2qbWlUamwYZglp4D3qkIL34ui89OCanz7IP3oAgdO4CFE9sHLi
c7TUPUzKoXhYopuyNVxKwNt9TrYLFQGNrUECkNj1d4Zflfcs6V6AvWBbQ9mVB7FL
0UPvmA9aVE5H
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:46:16 2023 by rpki-client on console-fra.rpki-client.org