Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7f/bdc45b-096a-493a-92d2-1a1ead2cd2b1/1/GvIbA-iThO31GEFJlYr4y4pCZqE.roa
File: GvIbA-iThO31GEFJlYr4y4pCZqE.roa (raw, json)
Hash identifier: QIhLhZLTjBk4AzGge9Ft0YgD0ixkKfUN4Eh3oeOuAN8=
Subject key identifier: 1A:F2:1B:03:E8:93:84:ED:F5:18:41:49:95:8A:F8:CB:8A:42:66:A1
Certificate issuer: /CN=e9c3d42f3b2921ba7418f382032d6b35c7159b88
Certificate serial: 0C95A1
Authority key identifier: E9:C3:D4:2F:3B:29:21:BA:74:18:F3:82:03:2D:6B:35:C7:15:9B:88
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6cPULzspIbp0GPOCAy1rNccVm4g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7f/bdc45b-096a-493a-92d2-1a1ead2cd2b1/1/GvIbA-iThO31GEFJlYr4y4pCZqE.roa
Signing time: Wed 08 Jun 2022 13:29:25 +0000
ROA not before: Wed 08 Jun 2022 13:29:25 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 206882
IP address blocks: 193.135.112.0/22 maxlen: 24
91.205.4.0/22 maxlen: 22
103.198.80.0/23 maxlen: 24
91.206.194.0/23 maxlen: 24
194.187.128.0/22 maxlen: 24
193.238.120.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 824737 (0xc95a1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e9c3d42f3b2921ba7418f382032d6b35c7159b88
Validity
Not Before: Jun 8 13:29:25 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=1af21b03e89384edf5184149958af8cb8a4266a1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e7:fc:c1:b5:9d:9d:22:a7:6f:46:a5:3d:6b:1b:
8d:91:fc:4a:55:7e:36:c0:2b:bb:99:d0:33:c5:1c:
c3:51:2e:02:35:5a:c3:cc:2a:b5:de:b9:d7:77:57:
63:79:88:a9:2e:bd:f0:d9:19:0c:e0:2b:6b:99:6f:
82:78:a5:9b:d3:ed:06:fc:44:98:16:29:9a:21:91:
61:14:ef:5c:a9:11:77:8d:5a:f5:72:42:20:32:88:
65:bd:68:8d:02:5b:16:b4:f9:85:8d:fe:27:67:1a:
4a:8e:cd:d9:75:34:5a:5b:fd:23:d4:1d:15:1f:f2:
37:b0:f6:19:8d:2a:b5:f9:14:98:3d:52:6e:ae:71:
01:90:a8:39:b5:d5:1d:6e:eb:4d:01:29:10:67:59:
70:0b:83:98:8a:5a:69:df:b9:b8:92:e9:b0:9e:bf:
2e:07:aa:05:62:a4:1d:21:b4:2c:f8:b6:3e:09:62:
72:ea:d6:4e:1b:d2:ad:37:7a:4e:29:2e:c7:4f:3b:
cb:ed:87:c5:84:2c:76:4e:e1:8c:f6:7d:45:1c:4c:
43:e7:bb:09:be:87:5d:63:08:fa:d2:8d:8d:e1:a5:
68:a2:e0:3f:8b:fc:df:7f:5a:63:ab:93:3d:ea:6c:
07:e0:e8:c6:37:52:67:0b:23:cf:2c:1b:ec:80:26:
d8:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1A:F2:1B:03:E8:93:84:ED:F5:18:41:49:95:8A:F8:CB:8A:42:66:A1
X509v3 Authority Key Identifier:
keyid:E9:C3:D4:2F:3B:29:21:BA:74:18:F3:82:03:2D:6B:35:C7:15:9B:88
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6cPULzspIbp0GPOCAy1rNccVm4g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/bdc45b-096a-493a-92d2-1a1ead2cd2b1/1/GvIbA-iThO31GEFJlYr4y4pCZqE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/bdc45b-096a-493a-92d2-1a1ead2cd2b1/1/6cPULzspIbp0GPOCAy1rNccVm4g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.205.4.0/22
91.206.194.0/23
103.198.80.0/23
193.135.112.0/22
193.238.120.0/22
194.187.128.0/22
Signature Algorithm: sha256WithRSAEncryption
42:89:6a:ed:a4:55:0f:aa:c6:fc:70:6c:ec:e1:99:54:d7:f2:
21:77:ac:ca:40:af:f9:3b:06:04:fe:6f:97:8b:94:7e:c7:08:
a8:d4:b4:d9:7d:7e:5f:72:60:ab:a1:9f:9f:ac:8c:19:14:b6:
3d:a1:c2:76:25:27:c3:f6:b4:0a:d2:d8:66:1f:22:7c:e3:5d:
37:42:40:67:8b:66:61:68:ce:5b:4b:70:b6:f5:81:83:90:f9:
d4:68:03:0a:59:12:bd:7f:1c:cc:21:75:63:dd:6b:23:82:7a:
d6:32:b3:85:9a:20:62:bb:58:d5:2b:86:c8:9d:99:02:6d:0e:
6d:82:6d:d8:9b:1c:2d:88:c0:82:3f:6d:15:6c:6a:0b:81:bd:
3f:16:cd:98:39:d8:18:0c:93:75:0e:38:fa:94:94:72:fb:b0:
9c:5b:08:8a:39:85:31:7f:d8:8f:d0:f8:5b:f1:83:ed:06:9c:
b1:f9:d2:57:c7:9e:ec:a0:d1:27:de:77:76:b5:ff:0f:13:92:
e9:2b:1d:07:26:aa:e2:e9:53:fc:7b:f6:50:0f:f0:28:12:c1:
da:61:93:03:58:f8:58:cb:f5:13:c8:4c:25:b6:09:09:6f:2e:
e9:d5:dd:96:37:a0:09:15:97:be:77:65:42:30:dd:7a:c1:b7:
66:cd:0b:5d
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgIDDJWhMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGU5
YzNkNDJmM2IyOTIxYmE3NDE4ZjM4MjAzMmQ2YjM1YzcxNTliODgwHhcNMjIwNjA4
MTMyOTI1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEygxYWYyMWIwM2U4OTM4
NGVkZjUxODQxNDk5NThhZjhjYjhhNDI2NmExMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEA5/zBtZ2dIqdvRqU9axuNkfxKVX42wCu7mdAzxRzDUS4CNVrD
zCq13rnXd1djeYipLr3w2RkM4CtrmW+CeKWb0+0G/ESYFimaIZFhFO9cqRF3jVr1
ckIgMohlvWiNAlsWtPmFjf4nZxpKjs3ZdTRaW/0j1B0VH/I3sPYZjSq1+RSYPVJu
rnEBkKg5tdUdbutNASkQZ1lwC4OYilpp37m4kumwnr8uB6oFYqQdIbQs+LY+CWJy
6tZOG9KtN3pOKS7HTzvL7YfFhCx2TuGM9n1FHExD57sJvoddYwj60o2N4aVoouA/
i/zff1pjq5M96mwH4OjGN1JnCyPPLBvsgCbYHQIDAQABo4ICJzCCAiMwHQYDVR0O
BBYEFBryGwPok4Tt9RhBSZWK+MuKQmahMB8GA1UdIwQYMBaAFOnD1C87KSG6dBjz
ggMtazXHFZuIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
NmNQVUx6c3BJYnAwR1BPQ0F5MXJOY2NWbTRnLmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC83Zi9iZGM0NWItMDk2YS00OTNhLTkyZDItMWExZWFkMmNkMmIxLzEv
R3ZJYkEtaVRoTzMxR0VGSmxZcjR5NHBDWnFFLnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Zi9i
ZGM0NWItMDk2YS00OTNhLTkyZDItMWExZWFkMmNkMmIxLzEvNmNQVUx6c3BJYnAw
R1BPQ0F5MXJOY2NWbTRnLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMD0G
CCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQCW80EAwQBW87CAwQBZ8ZQAwQCwYdw
AwQCwe54AwQCwruAMA0GCSqGSIb3DQEBCwUAA4IBAQBCiWrtpFUPqsb8cGzs4ZlU
1/Ihd6zKQK/5OwYE/m+Xi5R+xwio1LTZfX5fcmCroZ+frIwZFLY9ocJ2JSfD9rQK
0thmHyJ84103QkBni2ZhaM5bS3C29YGDkPnUaAMKWRK9fxzMIXVj3WsjgnrWMrOF
miBiu1jVK4bInZkCbQ5tgm3YmxwtiMCCP20VbGoLgb0/Fs2YOdgYDJN1Djj6lJRy
+7CcWwiKOYUxf9iP0Phb8YPtBpyx+dJXx57soNEn3nd2tf8PE5LpKx0HJqri6VP8
e/ZQD/AoEsHaYZMDWPhYy/UTyEwltgkJby7p1d2WN6AJFZe+d2VCMN16wbdmzQtd
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:36:39 2024 by rpki-client on console-fra.rpki-client.org