Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9e/c93a66-c7c7-4c33-a725-18d1a406aaed/1/GgOeA0C_CmB1puJ8ZXXbue8fzDs.roa
File: GgOeA0C_CmB1puJ8ZXXbue8fzDs.roa (raw, json)
Hash identifier: y9Oo18ZjoDupRKa7GV7IfevStBQszccSOQHv/XqKsfk=
Subject key identifier: 1A:03:9E:03:40:BF:0A:60:75:A6:E2:7C:65:75:DB:B9:EF:1F:CC:3B
Certificate issuer: /CN=af734108705a95796e8577125dd300c751dfd9a8
Certificate serial: 018510B0B07242A4D9CEB1E4627901FE2BB1
Authority key identifier: AF:73:41:08:70:5A:95:79:6E:85:77:12:5D:D3:00:C7:51:DF:D9:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/r3NBCHBalXluhXcSXdMAx1Hf2ag.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9e/c93a66-c7c7-4c33-a725-18d1a406aaed/1/GgOeA0C_CmB1puJ8ZXXbue8fzDs.roa
Signing time: Wed 14 Dec 2022 12:51:32 +0000
ROA not before: Wed 14 Dec 2022 12:51:32 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 3177
IP address blocks: 195.28.11.0/24 maxlen: 24
103.215.223.0/24 maxlen: 24
103.215.221.0/24 maxlen: 24
103.215.222.0/24 maxlen: 24
103.215.220.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:10:b0:b0:72:42:a4:d9:ce:b1:e4:62:79:01:fe:2b:b1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=af734108705a95796e8577125dd300c751dfd9a8
Validity
Not Before: Dec 14 12:51:32 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=1a039e0340bf0a6075a6e27c6575dbb9ef1fcc3b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:fb:5d:c9:6d:74:ff:c5:05:cf:fd:cc:7b:be:
94:8e:67:01:cb:0a:d9:56:e9:9c:56:86:14:b9:e9:
6d:ff:d6:b2:43:ba:70:ec:10:9e:81:c0:09:45:5f:
55:ec:43:46:04:1a:c7:38:71:f9:ba:07:fc:c4:a0:
98:50:92:a6:40:03:c4:05:ad:ff:98:f8:e5:76:c6:
78:af:14:e0:0a:37:75:cc:e7:73:8c:92:9c:92:3e:
fd:a4:d2:7a:4a:88:fa:5c:99:be:5a:c5:6d:54:15:
91:55:17:93:60:44:e9:00:2a:e6:52:eb:b9:6a:bc:
41:a6:a7:c4:04:f7:fc:31:26:b5:c5:a3:67:6d:34:
0d:72:65:cc:44:e6:eb:26:72:f3:88:2e:ff:19:a9:
d1:e1:71:98:b6:80:cd:36:87:58:13:d9:00:93:ed:
97:cb:4c:60:b2:a4:27:98:e1:40:d9:df:fd:a9:b0:
fb:b3:35:a4:61:e0:ca:ff:59:30:2e:1e:c9:4b:f4:
86:e8:21:18:0f:30:37:0f:76:ad:39:d3:85:93:2d:
c3:f1:dc:31:ed:66:89:05:d1:b0:dc:f7:90:b9:3f:
1d:8d:c6:32:42:37:75:46:85:65:81:d7:a6:90:f4:
12:b2:00:5d:4e:84:c3:85:39:f0:70:ea:9e:30:6a:
5b:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1A:03:9E:03:40:BF:0A:60:75:A6:E2:7C:65:75:DB:B9:EF:1F:CC:3B
X509v3 Authority Key Identifier:
keyid:AF:73:41:08:70:5A:95:79:6E:85:77:12:5D:D3:00:C7:51:DF:D9:A8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/r3NBCHBalXluhXcSXdMAx1Hf2ag.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/c93a66-c7c7-4c33-a725-18d1a406aaed/1/GgOeA0C_CmB1puJ8ZXXbue8fzDs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/c93a66-c7c7-4c33-a725-18d1a406aaed/1/r3NBCHBalXluhXcSXdMAx1Hf2ag.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
103.215.220.0/22
195.28.11.0/24
Signature Algorithm: sha256WithRSAEncryption
3e:ee:a5:46:5c:3b:82:f3:ee:da:54:07:36:ce:90:7a:32:57:
63:14:96:42:eb:71:1e:d6:de:29:0a:ec:fe:64:e8:15:45:8f:
74:8a:8b:42:72:af:da:80:52:6d:46:23:66:fd:87:5c:a8:04:
b6:4a:86:75:91:b1:7e:7b:0d:9c:e0:ff:5e:c6:10:8b:99:af:
8b:69:14:75:58:74:e9:32:bb:f6:e6:bc:c8:9c:c4:f9:c7:88:
65:9c:0a:69:73:f8:aa:ba:ba:7b:be:13:72:ac:d4:33:72:f0:
cc:b2:0e:f4:c5:e1:64:25:4c:6d:72:14:d3:b4:e9:bb:3e:18:
03:47:d7:32:50:71:6b:16:dd:25:f3:a2:69:d6:9c:9f:e0:81:
b9:ff:f0:58:3f:d1:27:92:48:fe:66:5c:5d:38:de:95:d8:0f:
16:67:c6:80:25:bf:14:2f:b4:e2:81:06:44:e8:84:76:db:57:
ad:76:1a:8c:e4:2e:40:ed:7c:23:9a:aa:a1:c6:2a:ee:d5:6a:
8e:2e:ce:31:a3:ae:e0:53:2a:c1:56:9e:08:7c:77:27:88:45:
bb:4f:89:23:fc:6c:18:b0:5a:c3:d9:71:5e:0d:da:fe:0a:53:
7f:93:de:4e:0f:78:2f:23:db:a4:e3:b5:ec:9c:5c:59:ce:f9:
0e:1c:3b:85
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYUQsLByQqTZzrHkYnkB/iuxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFmNzM0MTA4NzA1YTk1Nzk2ZTg1NzcxMjVkZDMwMGM3NTFk
ZmQ5YTgwHhcNMjIxMjE0MTI1MTMyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYTAzOWUwMzQwYmYwYTYwNzVhNmUyN2M2NTc1ZGJiOWVmMWZjYzNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgvtdyW10/8UFz/3Me76UjmcBywrZ
VumcVoYUuelt/9ayQ7pw7BCegcAJRV9V7ENGBBrHOHH5ugf8xKCYUJKmQAPEBa3/
mPjldsZ4rxTgCjd1zOdzjJKckj79pNJ6Soj6XJm+WsVtVBWRVReTYETpACrmUuu5
arxBpqfEBPf8MSa1xaNnbTQNcmXMRObrJnLziC7/GanR4XGYtoDNNodYE9kAk+2X
y0xgsqQnmOFA2d/9qbD7szWkYeDK/1kwLh7JS/SG6CEYDzA3D3atOdOFky3D8dwx
7WaJBdGw3PeQuT8djcYyQjd1RoVlgdemkPQSsgBdToTDhTnwcOqeMGpbXwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFBoDngNAvwpgdabifGV127nvH8w7MB8GA1UdIwQY
MBaAFK9zQQhwWpV5boV3El3TAMdR39moMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcjNOQkNIQmFsWGx1aFhjU1hkTUF4MUhmMmFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZS9jOTNhNjYtYzdjNy00YzMzLWE3MjUt
MThkMWE0MDZhYWVkLzEvR2dPZUEwQ19DbUIxcHVKOFpYWGJ1ZThmekRzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85ZS9jOTNhNjYtYzdjNy00YzMzLWE3MjUtMThkMWE0MDZhYWVk
LzEvcjNOQkNIQmFsWGx1aFhjU1hkTUF4MUhmMmFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCZ9fcAwQA
wxwLMA0GCSqGSIb3DQEBCwUAA4IBAQA+7qVGXDuC8+7aVAc2zpB6MldjFJZC63Ee
1t4pCuz+ZOgVRY90iotCcq/agFJtRiNm/YdcqAS2SoZ1kbF+ew2c4P9exhCLma+L
aRR1WHTpMrv25rzInMT5x4hlnAppc/iqurp7vhNyrNQzcvDMsg70xeFkJUxtchTT
tOm7PhgDR9cyUHFrFt0l86Jp1pyf4IG5//BYP9Enkkj+ZlxdON6V2A8WZ8aAJb8U
L7TigQZE6IR221etdhqM5C5A7Xwjmqqhxiru1WqOLs4xo67gUyrBVp4IfHcniEW7
T4kj/GwYsFrD2XFeDdr+ClN/k95OD3gvI9uk47XsnFxZzvkOHDuF
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:41:05 2024 by rpki-client on console-fra.rpki-client.org