Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/gsmMDitd0rACRYPu4f4BjrxJTQQ.roa
File: gsmMDitd0rACRYPu4f4BjrxJTQQ.roa (raw, json)
Hash identifier: JZepGSsIBA9XUtwI4dNLA257eAzESAFd/MpmZDv5DoI=
Subject key identifier: 82:C9:8C:0E:2B:5D:D2:B0:02:45:83:EE:E1:FE:01:8E:BC:49:4D:04
Certificate issuer: /CN=c2778de2a9be9802120382e750d159e95872c2ae
Certificate serial: 018481F1E85E830680F29CA5A05A2311844D
Authority key identifier: C2:77:8D:E2:A9:BE:98:02:12:03:82:E7:50:D1:59:E9:58:72:C2:AE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wneN4qm-mAISA4LnUNFZ6Vhywq4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/gsmMDitd0rACRYPu4f4BjrxJTQQ.roa
Signing time: Wed 16 Nov 2022 19:37:05 +0000
ROA not before: Wed 16 Nov 2022 19:37:05 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 202492
IP address blocks: 83.147.196.0/22 maxlen: 22
83.147.195.0/24 maxlen: 24
94.241.188.0/22 maxlen: 22
83.147.200.0/22 maxlen: 22
83.147.204.0/22 maxlen: 22
83.147.208.0/24 maxlen: 24
83.147.208.0/22 maxlen: 24
83.147.209.0/24 maxlen: 24
83.147.218.0/23 maxlen: 23
83.147.220.0/23 maxlen: 23
83.147.224.0/22 maxlen: 22
83.147.228.0/22 maxlen: 22
83.147.236.0/22 maxlen: 22
178.253.0.0/21 maxlen: 21
94.241.144.0/21 maxlen: 21
178.253.14.0/23 maxlen: 23
178.253.17.0/24 maxlen: 24
178.253.20.0/23 maxlen: 23
178.253.24.0/23 maxlen: 23
178.253.28.0/23 maxlen: 24
178.253.30.0/24 maxlen: 24
178.253.36.0/23 maxlen: 23
178.253.34.0/23 maxlen: 23
178.253.46.0/23 maxlen: 23
178.253.54.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:81:f1:e8:5e:83:06:80:f2:9c:a5:a0:5a:23:11:84:4d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c2778de2a9be9802120382e750d159e95872c2ae
Validity
Not Before: Nov 16 19:37:05 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=82c98c0e2b5dd2b0024583eee1fe018ebc494d04
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:a8:7b:e9:71:70:9b:0d:8d:e0:db:56:b1:0e:
89:b1:d0:36:b2:1d:8c:67:04:d3:b5:a3:3a:32:31:
f8:ec:50:e5:51:f0:94:08:4d:83:15:a3:4d:b2:c7:
02:39:72:77:ca:a1:47:49:56:33:b6:d0:ea:36:2e:
73:cf:27:51:88:18:fb:e8:7e:1e:45:f5:d7:00:81:
62:ad:6f:00:ab:16:ce:da:c4:be:40:99:38:a3:f3:
11:08:65:47:5a:58:cb:80:6d:d8:66:24:d3:bb:e4:
79:fb:9a:0a:8a:2e:53:a9:01:3e:5e:ae:b2:0e:c4:
fa:93:26:69:5e:cb:c0:d1:d8:6a:b2:59:3e:3b:f0:
d8:fb:f6:19:c2:9d:86:5d:3e:85:5f:04:13:6d:bd:
89:1b:ec:b7:3c:41:ca:97:f5:26:f8:0b:26:35:c1:
d0:05:84:f6:12:6b:34:d0:e0:87:3d:23:e4:e4:2b:
28:17:d9:36:bd:2c:76:74:78:08:22:6a:47:42:b2:
dc:68:3e:3a:9e:1b:b1:31:9e:ff:94:81:ba:fd:04:
f2:19:ab:bf:e5:ae:e6:d6:01:83:b3:31:f1:c4:fb:
68:b1:eb:14:b1:d5:53:b1:1a:01:f7:51:13:05:aa:
c0:5a:8f:a0:e6:3e:db:04:be:4b:4b:26:eb:6c:e1:
09:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
82:C9:8C:0E:2B:5D:D2:B0:02:45:83:EE:E1:FE:01:8E:BC:49:4D:04
X509v3 Authority Key Identifier:
keyid:C2:77:8D:E2:A9:BE:98:02:12:03:82:E7:50:D1:59:E9:58:72:C2:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wneN4qm-mAISA4LnUNFZ6Vhywq4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/gsmMDitd0rACRYPu4f4BjrxJTQQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/wneN4qm-mAISA4LnUNFZ6Vhywq4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.147.195.0-83.147.211.255
83.147.218.0-83.147.221.255
83.147.224.0/21
83.147.236.0/22
94.241.144.0/21
94.241.188.0/22
178.253.0.0/21
178.253.14.0/23
178.253.17.0/24
178.253.20.0/23
178.253.24.0/23
178.253.28.0-178.253.30.255
178.253.34.0-178.253.37.255
178.253.46.0/23
178.253.54.0/24
Signature Algorithm: sha256WithRSAEncryption
7d:e7:06:9c:8e:09:59:94:8c:ce:f3:1e:23:d3:1f:76:1c:c6:
b8:6b:32:84:79:d0:60:84:ef:03:ca:d6:18:fc:59:67:52:bf:
ae:fc:1d:e0:41:ae:72:f7:36:86:fc:d2:61:00:07:d9:4f:2d:
5a:53:13:86:69:80:19:13:14:68:80:9e:86:c2:6e:0b:8d:91:
d0:43:6b:e6:36:f4:4c:2a:82:ab:2f:a4:c9:20:e8:0b:03:b8:
11:7b:e3:26:a4:e9:e8:65:b8:b4:45:a9:80:89:75:05:58:dd:
36:54:bb:67:80:ea:01:20:54:37:be:0c:b2:12:71:90:f6:c3:
2f:6e:fa:68:ec:ca:84:dd:3c:52:29:98:b5:44:3e:fa:10:ba:
27:ba:c8:05:b2:f5:30:64:33:a4:1c:12:09:8b:48:5e:f6:05:
ab:73:da:05:4d:2a:ad:ec:7d:e4:bf:ea:06:6d:00:79:b4:89:
9a:89:c2:d6:ad:e9:37:85:07:95:a9:1b:e3:69:24:57:64:a8:
ec:8b:c2:fc:ec:f7:b9:84:f2:b2:6d:6f:ab:a4:15:ad:61:92:
6a:25:e6:34:3d:56:42:cb:65:df:04:03:35:0e:4a:46:21:5a:
5f:35:03:c4:bc:20:1e:7c:cd:b6:40:ec:86:4e:67:c7:ba:5c:
64:02:94:aa
-----BEGIN CERTIFICATE-----
MIIFdTCCBF2gAwIBAgISAYSB8ehegwaA8pyloFojEYRNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMyNzc4ZGUyYTliZTk4MDIxMjAzODJlNzUwZDE1OWU5NTg3
MmMyYWUwHhcNMjIxMTE2MTkzNzA1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MmM5OGMwZTJiNWRkMmIwMDI0NTgzZWVlMWZlMDE4ZWJjNDk0ZDA0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgah76XFwmw2N4NtWsQ6JsdA2sh2M
ZwTTtaM6MjH47FDlUfCUCE2DFaNNsscCOXJ3yqFHSVYzttDqNi5zzydRiBj76H4e
RfXXAIFirW8AqxbO2sS+QJk4o/MRCGVHWljLgG3YZiTTu+R5+5oKii5TqQE+Xq6y
DsT6kyZpXsvA0dhqslk+O/DY+/YZwp2GXT6FXwQTbb2JG+y3PEHKl/Um+AsmNcHQ
BYT2Ems00OCHPSPk5CsoF9k2vSx2dHgIImpHQrLcaD46nhuxMZ7/lIG6/QTyGau/
5a7m1gGDszHxxPtosesUsdVTsRoB91ETBarAWo+g5j7bBL5LSybrbOEJLQIDAQAB
o4ICgTCCAn0wHQYDVR0OBBYEFILJjA4rXdKwAkWD7uH+AY68SU0EMB8GA1UdIwQY
MBaAFMJ3jeKpvpgCEgOC51DRWelYcsKuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd25lTjRxbS1tQUlTQTRMblVORlo2Vmh5d3E0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOC80MTA5MzAtOWQ2NS00YmU4LTllYmEt
Zjk4ZGE1NGFmNDM0LzEvZ3NtTURpdGQwckFDUllQdTRmNEJqcnhKVFFRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOC80MTA5MzAtOWQ2NS00YmU4LTllYmEtZjk4ZGE1NGFmNDM0
LzEvd25lTjRxbS1tQUlTQTRMblVORlo2Vmh5d3E0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGWBggrBgEFBQcBBwEB/wSBhjCBgzCBgAQCAAEwejAMAwQA
U5PDAwQCU5PQMAwDBAFTk9oDBAFTk9wDBANTk+ADBAJTk+wDBANe8ZADBAJe8bwD
BAOy/QADBAGy/Q4DBACy/REDBAGy/RQDBAGy/RgwDAMEArL9HAMEALL9HjAMAwQB
sv0iAwQBsv0kAwQBsv0uAwQAsv02MA0GCSqGSIb3DQEBCwUAA4IBAQB95wacjglZ
lIzO8x4j0x92HMa4azKEedBghO8DytYY/FlnUr+u/B3gQa5y9zaG/NJhAAfZTy1a
UxOGaYAZExRogJ6Gwm4LjZHQQ2vmNvRMKoKrL6TJIOgLA7gRe+MmpOnoZbi0RamA
iXUFWN02VLtngOoBIFQ3vgyyEnGQ9sMvbvpo7MqE3TxSKZi1RD76ELonusgFsvUw
ZDOkHBIJi0he9gWrc9oFTSqt7H3kv+oGbQB5tImaicLWrek3hQeVqRvjaSRXZKjs
i8L87Pe5hPKybW+rpBWtYZJqJeY0PVZCy2XfBAM1DkpGIVpfNQPEvCAefM22QOyG
TmfHulxkApSq
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:06:38 2023 by rpki-client on console-ams.rpki-client.org