Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b3/704973-1866-40d1-9a1d-b5f8ec0aad7c/1/Gp--WTYNywzvEn5gyFNTkmSbm08.roa
File: Gp--WTYNywzvEn5gyFNTkmSbm08.roa (raw, json)
Hash identifier: b/a5W2tBMETg/Ne1B6NS/UVTfAq51CniKfLno0+TDSI=
Subject key identifier: 1A:9F:BE:59:36:0D:CB:0C:EF:12:7E:60:C8:53:53:92:64:9B:9B:4F
Certificate issuer: /CN=3a936d2f298e6cfd56604573d1ef9e0e8299b529
Certificate serial: 01ECFA7B
Authority key identifier: 3A:93:6D:2F:29:8E:6C:FD:56:60:45:73:D1:EF:9E:0E:82:99:B5:29
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OpNtLymObP1WYEVz0e-eDoKZtSk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b3/704973-1866-40d1-9a1d-b5f8ec0aad7c/1/Gp--WTYNywzvEn5gyFNTkmSbm08.roa
Signing time: Thu 16 Jun 2022 06:58:44 +0000
ROA not before: Thu 16 Jun 2022 06:58:44 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 60855
IP address blocks: 164.131.160.0/24 maxlen: 24
164.131.198.0/23 maxlen: 23
164.131.198.0/24 maxlen: 24
164.131.197.0/24 maxlen: 24
164.131.199.0/24 maxlen: 24
164.131.125.0/24 maxlen: 24
164.131.124.0/23 maxlen: 23
164.131.124.0/24 maxlen: 24
164.131.127.0/24 maxlen: 24
164.131.126.0/23 maxlen: 23
164.131.126.0/24 maxlen: 24
164.131.130.0/23 maxlen: 23
164.131.130.0/24 maxlen: 24
164.131.132.0/23 maxlen: 23
164.131.132.0/24 maxlen: 24
164.131.131.0/24 maxlen: 24
164.131.133.0/24 maxlen: 24
164.131.143.0/24 maxlen: 24
164.131.142.0/24 maxlen: 24
164.131.142.0/23 maxlen: 23
164.131.212.0/23 maxlen: 24
164.131.214.0/23 maxlen: 24
164.131.224.0/24 maxlen: 24
164.131.226.0/23 maxlen: 24
164.131.233.0/24 maxlen: 24
164.131.232.0/23 maxlen: 23
164.131.232.0/24 maxlen: 24
164.131.244.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 32307835 (0x1ecfa7b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3a936d2f298e6cfd56604573d1ef9e0e8299b529
Validity
Not Before: Jun 16 06:58:44 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=1a9fbe59360dcb0cef127e60c8535392649b9b4f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:0e:29:4a:60:ee:4b:7a:19:70:f8:7a:bd:f9:
7b:f7:5f:cf:52:09:28:cd:68:c1:cc:37:11:e6:f1:
75:00:8e:37:79:7c:70:39:16:36:fe:0b:12:09:7b:
de:4b:f0:39:96:87:e3:7f:10:7a:30:6b:58:07:0b:
45:53:87:d9:29:d8:9e:b1:d3:72:86:96:92:77:78:
42:28:89:14:26:4e:47:55:64:32:fe:26:52:d4:33:
60:26:20:22:85:fb:36:7d:be:b8:7f:f6:4d:a0:8c:
83:be:5f:d0:b0:8b:56:a2:8c:45:e6:cc:aa:55:04:
9f:1d:f2:36:45:62:da:50:dd:ed:e9:f0:d4:2d:51:
e5:25:01:22:a0:f1:cd:66:bd:e2:a0:be:5b:bb:f4:
05:ce:a4:0b:7f:c6:fc:f7:02:90:17:48:d9:f4:1b:
05:f6:09:76:23:3b:8d:aa:5f:56:bc:c4:bc:66:94:
0e:73:1c:c4:25:c2:15:9c:55:74:e1:e5:fc:0c:ba:
7f:23:f0:59:a1:80:9e:28:db:c4:d1:0c:a0:5d:68:
c3:f0:42:cb:21:49:3a:d9:56:a2:ed:df:d2:99:a8:
07:95:26:c2:36:33:06:73:55:10:2c:c7:90:ff:28:
46:34:21:0d:4c:dd:4f:9a:89:e1:64:3f:98:a9:0b:
da:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1A:9F:BE:59:36:0D:CB:0C:EF:12:7E:60:C8:53:53:92:64:9B:9B:4F
X509v3 Authority Key Identifier:
keyid:3A:93:6D:2F:29:8E:6C:FD:56:60:45:73:D1:EF:9E:0E:82:99:B5:29
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OpNtLymObP1WYEVz0e-eDoKZtSk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/704973-1866-40d1-9a1d-b5f8ec0aad7c/1/Gp--WTYNywzvEn5gyFNTkmSbm08.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/704973-1866-40d1-9a1d-b5f8ec0aad7c/1/OpNtLymObP1WYEVz0e-eDoKZtSk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
164.131.124.0/22
164.131.130.0-164.131.133.255
164.131.142.0/23
164.131.160.0/24
164.131.197.0-164.131.199.255
164.131.212.0/22
164.131.224.0/24
164.131.226.0/23
164.131.232.0/23
164.131.244.0/24
Signature Algorithm: sha256WithRSAEncryption
3e:37:6b:48:17:e7:56:11:1f:7d:31:7b:a6:88:df:fd:15:7f:
06:a5:d5:3f:fb:3f:2b:1d:63:98:9a:01:e5:66:cc:36:d5:d9:
96:a4:80:ed:d4:27:cb:91:c9:41:7e:8f:66:5a:44:be:ab:ce:
64:41:fd:eb:58:4a:f7:12:f4:34:60:b8:c1:52:50:ab:dd:75:
81:c5:12:2d:d3:71:fa:ac:42:52:21:d6:24:3d:b1:21:b3:a7:
11:d6:3c:fd:49:ee:8b:b1:23:4a:49:0f:03:48:e9:2e:1b:0d:
b4:be:7e:55:44:a9:7a:8d:ce:af:36:39:2a:a6:d7:bd:e8:8e:
f9:af:5c:d0:23:a9:43:89:95:bf:b2:fa:1f:43:58:21:c3:09:
1f:2d:0f:5d:00:93:6d:a6:18:21:c8:ea:7c:ca:78:ae:b6:27:
4d:86:f0:fa:8c:a3:ac:cb:97:d1:af:78:5b:bc:91:a8:f9:43:
51:45:6b:c1:c3:c3:a8:b2:82:7d:d0:ae:5a:4e:21:c2:28:55:
8e:13:c5:b8:c4:f4:6e:c1:3d:69:bd:df:9d:bc:13:32:4c:78:
2e:13:25:3c:1a:47:4f:4d:a2:e8:39:35:da:89:13:9b:f2:cf:
5d:42:4e:ba:7f:93:06:e9:e6:43:a8:fd:31:77:9d:93:a1:c2:
a1:16:8e:56
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIEAez6ezANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
YTkzNmQyZjI5OGU2Y2ZkNTY2MDQ1NzNkMWVmOWUwZTgyOTliNTI5MB4XDTIyMDYx
NjA2NTg0NFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMWE5ZmJlNTkzNjBk
Y2IwY2VmMTI3ZTYwYzg1MzUzOTI2NDliOWI0ZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKgOKUpg7kt6GXD4er35e/dfz1IJKM1owcw3EebxdQCON3l8
cDkWNv4LEgl73kvwOZaH438QejBrWAcLRVOH2SnYnrHTcoaWknd4QiiJFCZOR1Vk
Mv4mUtQzYCYgIoX7Nn2+uH/2TaCMg75f0LCLVqKMRebMqlUEnx3yNkVi2lDd7enw
1C1R5SUBIqDxzWa94qC+W7v0Bc6kC3/G/PcCkBdI2fQbBfYJdiM7japfVrzEvGaU
DnMcxCXCFZxVdOHl/Ay6fyPwWaGAnijbxNEMoF1ow/BCyyFJOtlWou3f0pmoB5Um
wjYzBnNVECzHkP8oRjQhDUzdT5qJ4WQ/mKkL2vUCAwEAAaOCAk8wggJLMB0GA1Ud
DgQWBBQan75ZNg3LDO8SfmDIU1OSZJubTzAfBgNVHSMEGDAWgBQ6k20vKY5s/VZg
RXPR754Ogpm1KTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L09wTnRMeW1PYlAxV1lFVnowZS1lRG9LWnRTay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYjMvNzA0OTczLTE4NjYtNDBkMS05YTFkLWI1ZjhlYzBhYWQ3Yy8x
L0dwLS1XVFlOeXd6dkVuNWd5Rk5Ua21TYm0wOC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjMv
NzA0OTczLTE4NjYtNDBkMS05YTFkLWI1ZjhlYzBhYWQ3Yy8xL09wTnRMeW1PYlAx
V1lFVnowZS1lRG9LWnRTay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBl
BggrBgEFBQcBBwEB/wRWMFQwUgQCAAEwTAMEAqSDfDAMAwQBpIOCAwQBpIOEAwQB
pIOOAwQApIOgMAwDBACkg8UDBAOkg8ADBAKkg9QDBACkg+ADBAGkg+IDBAGkg+gD
BACkg/QwDQYJKoZIhvcNAQELBQADggEBAD43a0gX51YRH30xe6aI3/0Vfwal1T/7
PysdY5iaAeVmzDbV2ZakgO3UJ8uRyUF+j2ZaRL6rzmRB/etYSvcS9DRguMFSUKvd
dYHFEi3TcfqsQlIh1iQ9sSGzpxHWPP1J7ouxI0pJDwNI6S4bDbS+flVEqXqNzq82
OSqm173ojvmvXNAjqUOJlb+y+h9DWCHDCR8tD10Ak22mGCHI6nzKeK62J02G8PqM
o6zLl9GveFu8kaj5Q1FFa8HDw6iygn3QrlpOIcIoVY4TxbjE9G7BPWm93528EzJM
eC4TJTwaR09Noug5NdqJE5vyz11CTrp/kwbp5kOo/TF3nZOhwqEWjlY=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:36:43 2025 by rpki-client