Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/eb7f7e-a880-497b-b54c-b708c40a667f/1/GgqdBOjkzRzDHO9Y-Yen9UsCP80.roa
File: GgqdBOjkzRzDHO9Y-Yen9UsCP80.roa (raw, json)
Hash identifier: XnXWz9UUaWyP3YTKiBAa1H2ddZBh5dJuRvtgIwKcpXw=
Subject key identifier: 1A:0A:9D:04:E8:E4:CD:1C:C3:1C:EF:58:F9:87:A7:F5:4B:02:3F:CD
Certificate issuer: /CN=3f81a8e8c75b58f7d1efd4c3e6522d27863f9ccf
Certificate serial: 14E31FFC
Authority key identifier: 3F:81:A8:E8:C7:5B:58:F7:D1:EF:D4:C3:E6:52:2D:27:86:3F:9C:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P4Go6MdbWPfR79TD5lItJ4Y_nM8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e7/eb7f7e-a880-497b-b54c-b708c40a667f/1/GgqdBOjkzRzDHO9Y-Yen9UsCP80.roa
Signing time: Sat 01 Jan 2022 02:51:13 +0000
ROA not before: Sat 01 Jan 2022 02:51:13 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 6867
IP address blocks: 147.52.0.0/16 maxlen: 16
192.103.20.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 350429180 (0x14e31ffc)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3f81a8e8c75b58f7d1efd4c3e6522d27863f9ccf
Validity
Not Before: Jan 1 02:51:13 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=1a0a9d04e8e4cd1cc31cef58f987a7f54b023fcd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:a0:b1:8c:52:7f:60:b9:b5:ef:07:1e:f0:09:
3d:da:c2:15:2d:0d:6b:33:65:e5:64:40:04:48:8c:
90:fd:5c:27:33:1f:82:a5:5c:fa:15:84:16:f8:bf:
2c:c0:75:a5:8c:9e:08:5f:33:a4:6f:72:ee:01:12:
f2:0b:d0:f7:33:05:b7:81:fc:5e:40:4c:1e:b7:7a:
05:b5:3b:ab:f1:7a:0c:75:73:fb:0a:1a:52:a0:04:
85:28:4e:9b:81:ea:58:77:f7:48:d3:e8:16:d4:34:
bb:a6:b0:3f:64:a2:b3:5f:6d:fb:b4:c7:a2:c6:af:
26:6c:8d:d8:5a:1d:70:f1:30:51:11:eb:fb:79:f8:
c9:83:64:a3:24:06:45:a2:24:be:52:49:4c:93:cd:
9d:4d:0b:76:72:1b:57:8b:d0:79:5e:61:dd:50:f2:
e3:be:0f:77:ea:0f:66:35:25:0d:67:6f:b0:f2:7c:
b1:51:bf:b5:1b:d7:da:f2:3c:ab:56:0d:26:6f:c3:
67:39:87:8f:51:2b:54:40:a2:a8:43:7c:46:2f:f9:
94:98:5e:d5:5c:92:48:dc:20:c2:9c:af:9b:48:52:
89:03:98:19:66:b3:10:80:15:5d:fe:46:65:70:ef:
90:f0:2d:a8:6d:e0:b8:2c:92:e2:90:5d:21:7a:ee:
19:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1A:0A:9D:04:E8:E4:CD:1C:C3:1C:EF:58:F9:87:A7:F5:4B:02:3F:CD
X509v3 Authority Key Identifier:
keyid:3F:81:A8:E8:C7:5B:58:F7:D1:EF:D4:C3:E6:52:2D:27:86:3F:9C:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P4Go6MdbWPfR79TD5lItJ4Y_nM8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/eb7f7e-a880-497b-b54c-b708c40a667f/1/GgqdBOjkzRzDHO9Y-Yen9UsCP80.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/eb7f7e-a880-497b-b54c-b708c40a667f/1/P4Go6MdbWPfR79TD5lItJ4Y_nM8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.52.0.0/16
192.103.20.0/24
Signature Algorithm: sha256WithRSAEncryption
79:69:54:20:21:fd:d6:d1:a6:77:bc:c9:9e:8f:fd:92:e7:fa:
48:fd:b4:76:3e:e4:6c:3b:77:69:65:d8:c3:ff:f9:23:38:3a:
36:dd:ce:4b:bb:16:f1:ad:1c:05:9c:2a:5d:ea:ae:f8:5e:27:
aa:4b:b0:e1:e3:99:db:8c:01:bd:0d:bf:be:d4:a6:de:a9:0e:
07:59:dd:c1:a3:d9:9a:45:c1:f0:5e:64:48:47:29:e4:6f:76:
92:dd:2a:76:88:e9:73:2a:a8:e7:89:06:4b:87:32:af:81:fb:
3f:a4:7c:bd:b2:be:0a:e8:75:a3:d8:ab:c6:fe:7c:a6:ac:4d:
8a:e7:b5:23:8c:53:5f:e4:9a:ac:ef:3d:36:1a:17:2a:85:a1:
8c:d7:98:e0:8e:cf:24:31:16:04:2b:a9:21:da:37:7a:81:85:
14:01:ea:c0:f0:57:e5:61:3d:d8:b2:df:36:2d:43:42:fe:18:
c7:d2:5a:b7:cb:5e:60:1f:03:40:48:aa:c9:4d:06:ee:38:80:
63:b7:0d:27:08:49:ce:cd:3d:e1:5e:65:5e:62:2e:f3:23:69:
5d:d4:7e:ef:3e:ad:9b:78:f4:44:46:2b:eb:f1:9f:f8:b4:d0:
73:72:43:85:9c:b3:47:23:32:b2:f1:fa:54:4d:2b:6a:a9:79:
a3:f4:05:e2
-----BEGIN CERTIFICATE-----
MIIE9DCCA9ygAwIBAgIEFOMf/DANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
ZjgxYThlOGM3NWI1OGY3ZDFlZmQ0YzNlNjUyMmQyNzg2M2Y5Y2NmMB4XDTIyMDEw
MTAyNTExM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMWEwYTlkMDRlOGU0
Y2QxY2MzMWNlZjU4Zjk4N2E3ZjU0YjAyM2ZjZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOCgsYxSf2C5te8HHvAJPdrCFS0NazNl5WRABEiMkP1cJzMf
gqVc+hWEFvi/LMB1pYyeCF8zpG9y7gES8gvQ9zMFt4H8XkBMHrd6BbU7q/F6DHVz
+woaUqAEhShOm4HqWHf3SNPoFtQ0u6awP2Sis19t+7THosavJmyN2FodcPEwURHr
+3n4yYNkoyQGRaIkvlJJTJPNnU0LdnIbV4vQeV5h3VDy474Pd+oPZjUlDWdvsPJ8
sVG/tRvX2vI8q1YNJm/DZzmHj1ErVECiqEN8Ri/5lJhe1VySSNwgwpyvm0hSiQOY
GWazEIAVXf5GZXDvkPAtqG3guCyS4pBdIXruGXkCAwEAAaOCAg4wggIKMB0GA1Ud
DgQWBBQaCp0E6OTNHMMc71j5h6f1SwI/zTAfBgNVHSMEGDAWgBQ/gajox1tY99Hv
1MPmUi0nhj+czzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1A0R282TWRiV1BmUjc5VEQ1bEl0SjRZX25NOC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZTcvZWI3ZjdlLWE4ODAtNDk3Yi1iNTRjLWI3MDhjNDBhNjY3Zi8x
L0dncWRCT2prelJ6REhPOVktWWVuOVVzQ1A4MC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZTcv
ZWI3ZjdlLWE4ODAtNDk3Yi1iNTRjLWI3MDhjNDBhNjY3Zi8xL1A0R282TWRiV1Bm
Ujc5VEQ1bEl0SjRZX25NOC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAk
BggrBgEFBQcBBwEB/wQVMBMwEQQCAAEwCwMDAJM0AwQAwGcUMA0GCSqGSIb3DQEB
CwUAA4IBAQB5aVQgIf3W0aZ3vMmej/2S5/pI/bR2PuRsO3dpZdjD//kjODo23c5L
uxbxrRwFnCpd6q74XieqS7Dh45nbjAG9Db++1KbeqQ4HWd3Bo9maRcHwXmRIRynk
b3aS3Sp2iOlzKqjniQZLhzKvgfs/pHy9sr4K6HWj2KvG/nymrE2K57UjjFNf5Jqs
7z02GhcqhaGM15jgjs8kMRYEK6kh2jd6gYUUAerA8FflYT3Yst82LUNC/hjH0lq3
y15gHwNASKrJTQbuOIBjtw0nCEnOzT3hXmVeYi7zI2ld1H7vPq2bePRERivr8Z/4
tNBzckOFnLNHIzKy8fpUTStqqXmj9AXi
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:05:45 2023 by rpki-client on console-fra.rpki-client.org