Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3d/b487ab-5e31-4117-ada8-a5d3cb918206/1/GPfon_KpU3dIVy7GINvo6oxtOBs.roa
File: GPfon_KpU3dIVy7GINvo6oxtOBs.roa (raw, json)
Hash identifier: uGcJS8FdwCQQNHnXCK2OGt4puzA4aXDVcCrT0ZFsctU=
Subject key identifier: 18:F7:E8:9F:F2:A9:53:77:48:57:2E:C6:20:DB:E8:EA:8C:6D:38:1B
Certificate issuer: /CN=a2893a4b284acb5d8a4164289045492109511688
Certificate serial: 0182EE2175C98928BCADD10C8208EEAB78D4
Authority key identifier: A2:89:3A:4B:28:4A:CB:5D:8A:41:64:28:90:45:49:21:09:51:16:88
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ook6SyhKy12KQWQokEVJIQlRFog.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3d/b487ab-5e31-4117-ada8-a5d3cb918206/1/GPfon_KpU3dIVy7GINvo6oxtOBs.roa
Signing time: Tue 30 Aug 2022 09:42:26 +0000
ROA not before: Tue 30 Aug 2022 09:42:26 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 9009
IP address blocks: 95.214.136.0/22 maxlen: 24
185.25.158.0/24 maxlen: 24
185.25.159.0/24 maxlen: 24
185.25.156.0/22 maxlen: 24
185.25.157.0/24 maxlen: 24
45.67.100.0/22 maxlen: 24
185.175.160.0/22 maxlen: 24
45.87.168.0/22 maxlen: 24
185.182.240.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:ee:21:75:c9:89:28:bc:ad:d1:0c:82:08:ee:ab:78:d4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a2893a4b284acb5d8a4164289045492109511688
Validity
Not Before: Aug 30 09:42:26 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=18f7e89ff2a9537748572ec620dbe8ea8c6d381b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:b8:74:b6:1e:4b:6a:2e:75:c1:74:06:a8:78:
33:33:36:83:ca:ab:03:13:59:89:ca:d3:57:09:56:
f5:44:e4:89:f4:08:f0:cc:5e:f6:c2:b3:af:39:6f:
af:65:97:b4:a8:3d:29:83:de:28:33:36:38:b4:3b:
9f:07:42:84:54:a7:b9:b9:22:91:a2:d3:ef:d1:8b:
53:9c:3b:3d:7a:bd:be:4f:8b:99:c6:f9:7f:ea:84:
eb:df:1a:0d:16:e5:62:1e:bc:f1:7b:7e:f7:5b:54:
4a:9f:86:20:4f:7d:b4:0e:2c:39:b3:51:c1:f5:ae:
33:30:d7:5d:c3:70:ae:d0:94:0b:5b:1c:6a:39:b3:
f2:c5:06:02:b2:e2:49:e7:1c:d7:c2:1a:2c:c8:ca:
22:d9:9f:85:44:ea:53:60:ef:43:9e:92:74:50:cf:
ee:75:8e:67:28:d1:d9:20:45:c2:bd:a9:8b:48:05:
d8:ff:68:2c:93:e6:97:9d:ae:37:db:98:cd:ce:9f:
bd:75:a1:6f:e2:3f:f6:01:d7:c4:24:20:5e:11:20:
db:e5:99:91:3e:e3:fc:eb:d7:4e:06:1f:11:a7:d5:
19:c2:b4:08:a2:1e:26:b5:6a:de:9d:6f:e4:7b:84:
d6:aa:b4:8b:7f:db:a2:70:66:1b:04:4a:4c:f8:80:
b3:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
18:F7:E8:9F:F2:A9:53:77:48:57:2E:C6:20:DB:E8:EA:8C:6D:38:1B
X509v3 Authority Key Identifier:
keyid:A2:89:3A:4B:28:4A:CB:5D:8A:41:64:28:90:45:49:21:09:51:16:88
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ook6SyhKy12KQWQokEVJIQlRFog.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/b487ab-5e31-4117-ada8-a5d3cb918206/1/GPfon_KpU3dIVy7GINvo6oxtOBs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/b487ab-5e31-4117-ada8-a5d3cb918206/1/ook6SyhKy12KQWQokEVJIQlRFog.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.67.100.0/22
45.87.168.0/22
95.214.136.0/22
185.25.156.0/22
185.175.160.0/22
185.182.240.0/22
Signature Algorithm: sha256WithRSAEncryption
b4:14:53:ec:ea:76:f1:9f:16:79:2d:b5:eb:0f:2e:75:1e:0b:
70:0d:ee:af:74:28:a9:88:36:18:e1:9a:9f:f7:9d:ce:03:dc:
61:04:57:30:e7:07:54:35:9e:d8:8c:7b:a0:16:00:df:38:13:
a7:3b:38:cd:be:6c:40:93:d2:6e:e3:7e:e0:fa:de:bf:95:78:
02:0c:97:18:62:c9:e4:d1:08:e2:a0:1b:12:da:6f:1e:92:78:
dc:ec:54:67:96:33:c7:b8:48:a1:2b:0f:4b:53:dc:b2:23:58:
74:0b:8a:0f:d3:87:cd:49:bb:84:15:bc:8b:29:5a:60:a6:32:
e8:09:c6:d7:b0:51:f5:e6:8d:18:59:da:6e:4d:fe:f1:3e:48:
d1:e0:ed:77:a6:37:cb:24:ea:db:c5:6b:a5:be:b4:04:cd:0f:
f7:8b:9f:1d:07:b8:b9:76:28:af:5b:f9:3b:cb:7a:6c:20:47:
e6:ee:78:87:06:55:d6:9b:bf:90:84:f8:14:12:9c:85:87:be:
5b:d0:ec:ec:00:8c:6a:e4:7d:73:28:72:d3:aa:d1:40:36:df:
06:32:32:60:96:f3:77:38:b7:7f:a8:36:0c:20:86:3c:73:26:
e4:5e:b6:5c:62:7b:d9:70:c2:c2:a3:ad:93:36:5a:0d:b5:96:
ca:59:c5:a2
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYLuIXXJiSi8rdEMggjuq3jUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEyODkzYTRiMjg0YWNiNWQ4YTQxNjQyODkwNDU0OTIxMDk1
MTE2ODgwHhcNMjIwODMwMDk0MjI2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxOGY3ZTg5ZmYyYTk1Mzc3NDg1NzJlYzYyMGRiZThlYThjNmQzODFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx7h0th5Lai51wXQGqHgzMzaDyqsD
E1mJytNXCVb1ROSJ9AjwzF72wrOvOW+vZZe0qD0pg94oMzY4tDufB0KEVKe5uSKR
otPv0YtTnDs9er2+T4uZxvl/6oTr3xoNFuViHrzxe373W1RKn4YgT320Diw5s1HB
9a4zMNddw3Cu0JQLWxxqObPyxQYCsuJJ5xzXwhosyMoi2Z+FROpTYO9DnpJ0UM/u
dY5nKNHZIEXCvamLSAXY/2gsk+aXna4325jNzp+9daFv4j/2AdfEJCBeESDb5ZmR
PuP869dOBh8Rp9UZwrQIoh4mtWrenW/ke4TWqrSLf9uicGYbBEpM+ICzPQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFBj36J/yqVN3SFcuxiDb6OqMbTgbMB8GA1UdIwQY
MBaAFKKJOksoSstdikFkKJBFSSEJURaIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb29rNlN5aEt5MTJLUVdRb2tFVkpJUWxSRm9nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZC9iNDg3YWItNWUzMS00MTE3LWFkYTgt
YTVkM2NiOTE4MjA2LzEvR1Bmb25fS3BVM2RJVnk3R0lOdm82b3h0T0JzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZC9iNDg3YWItNWUzMS00MTE3LWFkYTgtYTVkM2NiOTE4MjA2
LzEvb29rNlN5aEt5MTJLUVdRb2tFVkpJUWxSRm9nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQCLUNkAwQC
LVeoAwQCX9aIAwQCuRmcAwQCua+gAwQCubbwMA0GCSqGSIb3DQEBCwUAA4IBAQC0
FFPs6nbxnxZ5LbXrDy51HgtwDe6vdCipiDYY4Zqf953OA9xhBFcw5wdUNZ7YjHug
FgDfOBOnOzjNvmxAk9Ju437g+t6/lXgCDJcYYsnk0QjioBsS2m8eknjc7FRnljPH
uEihKw9LU9yyI1h0C4oP04fNSbuEFbyLKVpgpjLoCcbXsFH15o0YWdpuTf7xPkjR
4O13pjfLJOrbxWulvrQEzQ/3i58dB7i5diivW/k7y3psIEfm7niHBlXWm7+QhPgU
EpyFh75b0OzsAIxq5H1zKHLTqtFANt8GMjJglvN3OLd/qDYMIIY8cybkXrZcYnvZ
cMLCo62TNloNtZbKWcWi
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:07:38 2025 by rpki-client