Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/43/8d80f9-494e-4abb-9956-fc121c800b30/1/GJn3Cz_IoEt2S7k67SSDcjazLuk.roa
File: GJn3Cz_IoEt2S7k67SSDcjazLuk.roa (raw, json)
Hash identifier: bTZDQ3Av8hapMEYpx0dHysa1LFRGPllEgHgop1XUw60=
Subject key identifier: 18:99:F7:0B:3F:C8:A0:4B:76:4B:B9:3A:ED:24:83:72:36:B3:2E:E9
Certificate issuer: /CN=201fe30fc6b4b0d0f6db4e1bfbbd50195dca575c
Certificate serial: 35F22B70
Authority key identifier: 20:1F:E3:0F:C6:B4:B0:D0:F6:DB:4E:1B:FB:BD:50:19:5D:CA:57:5C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IB_jD8a0sND2204b-71QGV3KV1w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/43/8d80f9-494e-4abb-9956-fc121c800b30/1/GJn3Cz_IoEt2S7k67SSDcjazLuk.roa
Signing time: Sat 01 Jan 2022 03:02:15 +0000
ROA not before: Sat 01 Jan 2022 03:02:15 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 35470
IP address blocks: 217.170.21.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 905063280 (0x35f22b70)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=201fe30fc6b4b0d0f6db4e1bfbbd50195dca575c
Validity
Not Before: Jan 1 03:02:15 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=1899f70b3fc8a04b764bb93aed24837236b32ee9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:fb:f2:0e:f2:b7:3f:f9:43:b3:58:7b:95:b2:
da:0d:80:69:9c:55:ea:00:1f:d5:6a:71:70:40:3d:
03:52:6a:b8:18:01:7a:6e:ff:0c:eb:3a:29:7f:b2:
b0:27:39:ff:ad:0e:19:77:c3:82:50:b9:20:33:8f:
ac:8b:02:27:2a:f3:c8:51:4b:c3:db:36:bf:3c:96:
26:a0:6c:b4:af:f3:bf:e9:c0:fd:c2:42:dc:0d:04:
fa:e1:88:ba:2d:34:93:8e:15:90:ff:74:86:ed:6b:
39:e3:9d:89:01:ef:2c:54:7d:9b:57:69:6d:3e:45:
ce:3e:78:90:d6:99:04:dd:d9:d6:44:72:de:18:15:
2b:32:e9:93:e8:58:73:26:85:a5:2b:9a:60:24:5a:
7d:69:fd:83:0c:3b:53:5b:0c:8e:e7:0f:5c:a3:da:
2a:5d:ac:34:71:61:43:b2:a8:24:f4:5a:61:62:f3:
64:be:d3:60:77:98:53:e9:41:a7:f8:2c:a4:23:8f:
83:14:a4:a5:37:c1:c5:ed:0d:32:84:0a:97:08:6d:
0d:1f:de:e9:c3:b0:79:d7:11:e6:80:a6:18:cc:cf:
e2:f7:8d:b1:1a:d1:c2:f5:50:a1:71:a0:9d:95:0f:
b8:18:ab:37:9c:4d:81:d6:3c:61:e9:71:33:a7:55:
cd:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
18:99:F7:0B:3F:C8:A0:4B:76:4B:B9:3A:ED:24:83:72:36:B3:2E:E9
X509v3 Authority Key Identifier:
keyid:20:1F:E3:0F:C6:B4:B0:D0:F6:DB:4E:1B:FB:BD:50:19:5D:CA:57:5C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IB_jD8a0sND2204b-71QGV3KV1w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/43/8d80f9-494e-4abb-9956-fc121c800b30/1/GJn3Cz_IoEt2S7k67SSDcjazLuk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/43/8d80f9-494e-4abb-9956-fc121c800b30/1/IB_jD8a0sND2204b-71QGV3KV1w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.170.21.0/24
Signature Algorithm: sha256WithRSAEncryption
8b:89:2b:6f:76:43:3c:0b:3e:dd:9a:eb:4f:9c:3a:95:d4:ec:
ef:71:d2:e8:a2:af:70:db:22:3d:a8:43:b5:cc:c9:32:e2:55:
3a:3e:f9:1a:af:e6:7b:1f:ad:5d:69:22:99:58:33:82:b8:af:
4b:06:c4:66:d8:9a:2c:35:8e:99:4a:da:8b:f5:61:c7:72:6b:
56:b4:ce:2d:d0:9d:eb:89:11:46:e6:bb:32:60:51:81:e0:14:
3c:25:ca:8d:2f:7e:26:84:35:0f:34:4f:4b:60:a9:54:17:33:
6d:1d:c5:27:7b:0a:ff:d3:e4:47:f2:f5:bf:d3:92:45:57:e9:
a4:ff:72:12:a3:12:f3:79:c9:51:d0:35:79:b4:d0:e1:56:a8:
33:c0:0b:58:f4:93:63:46:36:eb:a6:01:ce:c5:6b:ac:8f:fc:
b3:5c:73:b4:12:b1:04:eb:e5:48:3c:6c:d7:54:1f:f8:37:83:
ad:93:77:e0:8d:50:bd:18:cc:b8:d8:4a:f7:85:fe:68:15:60:
51:c9:ce:3e:4e:ed:c0:63:47:10:d8:5c:40:ba:5f:83:45:23:
93:d9:0a:fa:7b:2e:d9:1a:a9:96:4c:02:2e:23:31:c6:14:2a:
2e:2e:8c:88:e4:af:7e:e3:eb:8a:83:e8:70:3c:0b:ce:75:12:
ab:65:bc:a0
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIENfIrcDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
MDFmZTMwZmM2YjRiMGQwZjZkYjRlMWJmYmJkNTAxOTVkY2E1NzVjMB4XDTIyMDEw
MTAzMDIxNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMTg5OWY3MGIzZmM4
YTA0Yjc2NGJiOTNhZWQyNDgzNzIzNmIzMmVlOTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJr78g7ytz/5Q7NYe5Wy2g2AaZxV6gAf1WpxcEA9A1JquBgB
em7/DOs6KX+ysCc5/60OGXfDglC5IDOPrIsCJyrzyFFLw9s2vzyWJqBstK/zv+nA
/cJC3A0E+uGIui00k44VkP90hu1rOeOdiQHvLFR9m1dpbT5Fzj54kNaZBN3Z1kRy
3hgVKzLpk+hYcyaFpSuaYCRafWn9gww7U1sMjucPXKPaKl2sNHFhQ7KoJPRaYWLz
ZL7TYHeYU+lBp/gspCOPgxSkpTfBxe0NMoQKlwhtDR/e6cOwedcR5oCmGMzP4veN
sRrRwvVQoXGgnZUPuBirN5xNgdY8YelxM6dVzQECAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQYmfcLP8igS3ZLuTrtJINyNrMu6TAfBgNVHSMEGDAWgBQgH+MPxrSw0Pbb
Thv7vVAZXcpXXDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0lCX2pEOGEwc05EMjIwNGItNzFRR1YzS1Yxdy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNDMvOGQ4MGY5LTQ5NGUtNGFiYi05OTU2LWZjMTIxYzgwMGIzMC8x
L0dKbjNDel9Jb0V0MlM3azY3U1NEY2phekx1ay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNDMv
OGQ4MGY5LTQ5NGUtNGFiYi05OTU2LWZjMTIxYzgwMGIzMC8xL0lCX2pEOGEwc05E
MjIwNGItNzFRR1YzS1Yxdy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEANmqFTANBgkqhkiG9w0BAQsFAAOC
AQEAi4krb3ZDPAs+3ZrrT5w6ldTs73HS6KKvcNsiPahDtczJMuJVOj75Gq/mex+t
XWkimVgzgrivSwbEZtiaLDWOmUrai/Vhx3JrVrTOLdCd64kRRua7MmBRgeAUPCXK
jS9+JoQ1DzRPS2CpVBczbR3FJ3sK/9PkR/L1v9OSRVfppP9yEqMS83nJUdA1ebTQ
4VaoM8ALWPSTY0Y266YBzsVrrI/8s1xztBKxBOvlSDxs11Qf+DeDrZN34I1QvRjM
uNhK94X+aBVgUcnOPk7twGNHENhcQLpfg0Ujk9kK+nsu2RqplkwCLiMxxhQqLi6M
iOSvfuPrioPocDwLznUSq2W8oA==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:47:12 2023 by rpki-client on console-fra.rpki-client.org