Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/57a34f-e33b-4e17-bc32-66457724c2d3/1/Gg7JNci0nP6b4OC_H5nDa8UlRfs.roa
File: Gg7JNci0nP6b4OC_H5nDa8UlRfs.roa (raw, json)
Hash identifier: am0JV1/NvaIcv8dIaYYGvRo3HAOrs+8igrsJtWF7Iw4=
Subject key identifier: 1A:0E:C9:35:C8:B4:9C:FE:9B:E0:E0:BF:1F:99:C3:6B:C5:25:45:FB
Certificate issuer: /CN=6f75e4e94b5cb74517b7b01568015da9e6eecdb6
Certificate serial: 018C5E6D176DEEC8796497CC9EAB81E7D800
Authority key identifier: 6F:75:E4:E9:4B:5C:B7:45:17:B7:B0:15:68:01:5D:A9:E6:EE:CD:B6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/b3Xk6Utct0UXt7AVaAFdqebuzbY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/42/57a34f-e33b-4e17-bc32-66457724c2d3/1/Gg7JNci0nP6b4OC_H5nDa8UlRfs.roa
Signing time: Tue 12 Dec 2023 14:27:36 +0000
ROA not before: Tue 12 Dec 2023 14:27:36 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 22781
IP address blocks: 109.111.56.0/22 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:5e:6d:17:6d:ee:c8:79:64:97:cc:9e:ab:81:e7:d8:00
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6f75e4e94b5cb74517b7b01568015da9e6eecdb6
Validity
Not Before: Dec 12 14:27:36 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1a0ec935c8b49cfe9be0e0bf1f99c36bc52545fb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:37:33:2f:49:6b:49:ba:05:e2:c7:96:ef:24:
a6:a7:38:01:02:f6:38:9a:72:8e:16:21:6e:b8:b9:
02:79:df:8f:29:15:0c:95:fc:83:5e:20:71:d0:db:
ad:2e:3e:2c:65:b4:43:37:f0:d2:d7:35:83:a9:02:
1a:83:18:68:b0:aa:9c:68:4b:66:66:19:cf:bc:8a:
8a:f5:e6:28:86:ad:39:16:a9:c4:35:17:fd:b6:9c:
b0:6b:39:57:23:c5:b6:b9:8b:28:f7:2e:9e:ca:67:
39:e3:a0:05:1d:87:22:a3:ef:c1:02:5a:f8:25:05:
7e:cd:90:4f:b2:8a:fe:5a:23:c8:2e:5d:d0:96:e9:
73:7a:38:77:e4:6e:09:ae:4f:bc:45:b9:3b:df:34:
29:48:95:4e:93:aa:58:c8:d7:36:bc:e3:2d:37:7e:
eb:be:81:22:51:0b:11:41:98:9c:04:dd:87:aa:7f:
b1:44:4d:ec:30:c9:ca:f2:bd:d4:2c:f4:a1:5a:10:
13:9a:cb:f5:c1:5e:e5:22:c9:b4:6a:ad:d8:bc:10:
49:c0:88:d5:14:53:bd:e3:0b:50:74:53:58:b4:53:
67:74:3a:b9:65:d1:35:bd:46:f4:45:ee:69:37:76:
1a:9a:45:b9:40:22:4f:b6:8d:2d:fd:1c:d1:9b:bb:
82:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1A:0E:C9:35:C8:B4:9C:FE:9B:E0:E0:BF:1F:99:C3:6B:C5:25:45:FB
X509v3 Authority Key Identifier:
keyid:6F:75:E4:E9:4B:5C:B7:45:17:B7:B0:15:68:01:5D:A9:E6:EE:CD:B6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3Xk6Utct0UXt7AVaAFdqebuzbY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/57a34f-e33b-4e17-bc32-66457724c2d3/1/Gg7JNci0nP6b4OC_H5nDa8UlRfs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/42/57a34f-e33b-4e17-bc32-66457724c2d3/1/b3Xk6Utct0UXt7AVaAFdqebuzbY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.111.56.0/22
Signature Algorithm: sha256WithRSAEncryption
2b:a6:7a:d9:48:6e:23:5f:32:f8:a9:0d:fc:ab:ed:a2:fc:b8:
3f:ad:64:2c:63:63:af:85:f8:c1:72:79:27:b7:1b:e9:e2:4f:
be:2e:3c:b5:3a:d1:be:39:66:02:d1:06:96:1a:31:10:ba:90:
47:3b:7c:64:2a:ff:24:c0:3b:a3:c4:e6:fd:2b:5f:fe:eb:27:
ff:72:a3:0c:af:71:6d:46:df:c9:81:0b:f8:fc:d1:08:10:56:
4e:54:7f:bc:60:14:d4:e6:88:cb:46:51:40:b4:55:99:56:d0:
a6:08:4e:24:2c:32:4a:7f:3d:42:ba:ac:03:59:66:67:05:7e:
aa:38:22:b8:17:a6:3b:67:b0:8c:eb:88:05:4c:55:04:2d:f4:
67:02:2c:d8:85:54:44:20:cd:9e:68:55:c4:74:05:bc:28:e0:
7d:e9:1a:c9:4d:e4:1b:2e:6e:ca:4c:98:b2:2e:4e:0a:d2:43:
0f:20:35:55:72:18:ac:4d:fb:10:44:61:c7:3d:c1:32:60:c5:
35:13:e3:31:cc:20:75:7d:c7:90:8a:8d:6d:a4:04:bb:22:63:
17:cf:42:b6:fc:5d:04:f6:36:b1:ef:e1:83:fe:f5:e4:f9:14:
c4:72:05:28:0a:84:23:23:76:8c:66:37:22:dc:9e:bd:0e:a8:
83:c4:ec:ed
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYxebRdt7sh5ZJfMnquB59gAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmNzVlNGU5NGI1Y2I3NDUxN2I3YjAxNTY4MDE1ZGE5ZTZl
ZWNkYjYwHhcNMjMxMjEyMTQyNzM2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYTBlYzkzNWM4YjQ5Y2ZlOWJlMGUwYmYxZjk5YzM2YmM1MjU0NWZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsTczL0lrSboF4seW7ySmpzgBAvY4
mnKOFiFuuLkCed+PKRUMlfyDXiBx0NutLj4sZbRDN/DS1zWDqQIagxhosKqcaEtm
ZhnPvIqK9eYohq05FqnENRf9tpywazlXI8W2uYso9y6eymc546AFHYcio+/BAlr4
JQV+zZBPsor+WiPILl3Qlulzejh35G4Jrk+8Rbk73zQpSJVOk6pYyNc2vOMtN37r
voEiUQsRQZicBN2Hqn+xRE3sMMnK8r3ULPShWhATmsv1wV7lIsm0aq3YvBBJwIjV
FFO94wtQdFNYtFNndDq5ZdE1vUb0Re5pN3YamkW5QCJPto0t/RzRm7uCHQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBoOyTXItJz+m+Dgvx+Zw2vFJUX7MB8GA1UdIwQY
MBaAFG915OlLXLdFF7ewFWgBXanm7s22MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYjNYazZVdGN0MFVYdDdBVmFBRmRxZWJ1emJZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi81N2EzNGYtZTMzYi00ZTE3LWJjMzIt
NjY0NTc3MjRjMmQzLzEvR2c3Sk5jaTBuUDZiNE9DX0g1bkRhOFVsUmZzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Mi81N2EzNGYtZTMzYi00ZTE3LWJjMzItNjY0NTc3MjRjMmQz
LzEvYjNYazZVdGN0MFVYdDdBVmFBRmRxZWJ1emJZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCbW84MA0G
CSqGSIb3DQEBCwUAA4IBAQArpnrZSG4jXzL4qQ38q+2i/Lg/rWQsY2OvhfjBcnkn
txvp4k++Ljy1OtG+OWYC0QaWGjEQupBHO3xkKv8kwDujxOb9K1/+6yf/cqMMr3Ft
Rt/JgQv4/NEIEFZOVH+8YBTU5ojLRlFAtFWZVtCmCE4kLDJKfz1CuqwDWWZnBX6q
OCK4F6Y7Z7CM64gFTFUELfRnAizYhVREIM2eaFXEdAW8KOB96RrJTeQbLm7KTJiy
Lk4K0kMPIDVVchisTfsQRGHHPcEyYMU1E+MxzCB1fceQio1tpAS7ImMXz0K2/F0E
9jax7+GD/vXk+RTEcgUoCoQjI3aMZjci3J69DqiDxOzt
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:15:10 2025 by rpki-client