Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e9/de1db4-ec78-4e41-9570-097c3c1c2540/1/GYfnC5Ef6oA0T01ZwhE2Ztp058A.roa
File: GYfnC5Ef6oA0T01ZwhE2Ztp058A.roa (raw, json)
Hash identifier: nqOAtPfI5rNvoqY76xrvxy13JX7kycHtjdW629WjffM=
Subject key identifier: 19:87:E7:0B:91:1F:EA:80:34:4F:4D:59:C2:11:36:66:DA:74:E7:C0
Certificate issuer: /CN=2ac64dc21cb5fd4d0bcb02cc2b43fd751fd91e1e
Certificate serial: 06EBA54A
Authority key identifier: 2A:C6:4D:C2:1C:B5:FD:4D:0B:CB:02:CC:2B:43:FD:75:1F:D9:1E:1E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KsZNwhy1_U0LywLMK0P9dR_ZHh4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e9/de1db4-ec78-4e41-9570-097c3c1c2540/1/GYfnC5Ef6oA0T01ZwhE2Ztp058A.roa
Signing time: Sat 01 Jan 2022 01:59:24 +0000
ROA not before: Sat 01 Jan 2022 01:59:24 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 8286
IP address blocks: 212.14.32.0/20 maxlen: 20
109.69.88.0/21 maxlen: 21
82.145.64.0/19 maxlen: 19
31.193.96.0/21 maxlen: 21
212.14.0.0/19 maxlen: 19
2001:4c58::/30 maxlen: 30
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 116106570 (0x6eba54a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2ac64dc21cb5fd4d0bcb02cc2b43fd751fd91e1e
Validity
Not Before: Jan 1 01:59:24 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=1987e70b911fea80344f4d59c2113666da74e7c0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:f4:5c:8b:10:84:52:9a:b5:1a:5e:30:7e:3a:
6d:97:d9:1f:f7:08:23:27:9b:56:9e:fb:dd:8c:dd:
bb:40:43:d9:1a:df:33:30:f7:b3:d9:5a:a3:bd:30:
81:82:93:9e:2e:5d:90:34:8a:00:a0:c7:83:47:c2:
27:f3:be:fb:ee:2f:55:93:b1:8e:ec:18:61:f9:cd:
bd:61:17:08:13:b1:2f:f8:8e:e9:c8:0b:c4:64:46:
0b:6b:5d:7a:6f:fa:2b:72:83:ea:7a:c5:61:ea:98:
00:90:e5:33:7d:f3:b9:43:06:1e:a9:3c:ff:68:b9:
d5:05:cf:93:c4:e9:0a:4b:89:77:ab:dc:83:02:ee:
b3:70:44:e0:f1:15:2f:88:bc:6a:04:32:24:96:75:
95:b2:29:14:1d:86:2a:a4:73:70:68:f1:d5:b8:9a:
2e:9f:66:79:77:88:53:af:0f:b3:04:3d:69:d8:29:
bf:62:0e:61:d9:4b:56:dd:70:4b:d8:c0:10:a5:d7:
32:c6:d2:05:b5:8e:59:c1:29:2f:67:d3:a7:6c:0d:
b3:62:bf:52:2c:16:a0:bd:d1:be:6e:f7:be:bc:4d:
b0:d6:8c:7f:07:3e:48:97:68:d9:da:b8:26:1f:16:
2a:55:5b:fe:1b:21:c3:ce:18:08:b5:2c:c3:0e:6f:
00:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
19:87:E7:0B:91:1F:EA:80:34:4F:4D:59:C2:11:36:66:DA:74:E7:C0
X509v3 Authority Key Identifier:
keyid:2A:C6:4D:C2:1C:B5:FD:4D:0B:CB:02:CC:2B:43:FD:75:1F:D9:1E:1E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KsZNwhy1_U0LywLMK0P9dR_ZHh4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/de1db4-ec78-4e41-9570-097c3c1c2540/1/GYfnC5Ef6oA0T01ZwhE2Ztp058A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/de1db4-ec78-4e41-9570-097c3c1c2540/1/KsZNwhy1_U0LywLMK0P9dR_ZHh4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.193.96.0/21
82.145.64.0/19
109.69.88.0/21
212.14.0.0-212.14.47.255
IPv6:
2001:4c58::/30
Signature Algorithm: sha256WithRSAEncryption
4a:74:90:22:96:6c:a3:75:d5:06:b3:f2:d7:28:e6:0f:20:29:
33:87:b9:c3:bf:8c:05:a8:0e:4f:17:08:0c:d2:f2:61:f3:f0:
4e:8d:cb:9e:fc:02:c2:93:80:a4:4a:44:b1:6c:6a:cd:77:0f:
ae:64:e2:6b:0f:2d:d4:40:93:09:c4:89:10:43:44:53:ea:52:
bf:dc:10:d7:4c:02:2d:9b:6c:72:d5:ad:c5:70:67:25:43:33:
ca:93:f6:6c:a9:d3:b4:21:e0:8f:27:e2:11:ec:a8:0a:15:57:
c3:03:0f:a7:e0:57:e2:2d:23:d7:13:48:4c:ef:ea:07:bc:30:
de:f1:31:8a:69:ab:2b:62:b1:06:18:a6:67:b2:52:df:2d:ee:
8a:f7:42:74:5c:0a:54:e5:91:6a:0c:a2:a8:73:f5:30:69:50:
1a:c0:5e:c4:15:f1:74:9e:e3:8b:6c:35:ed:94:da:99:57:9a:
39:72:fe:24:3b:11:47:25:ee:04:b3:6b:0e:e7:4a:c5:70:92:
46:b0:c1:9d:c2:c6:b8:0a:b0:ea:b4:81:4b:7b:30:ec:90:ad:
47:0c:dc:f2:00:65:e5:51:f2:ad:66:ce:94:32:12:84:33:07:
42:df:e7:6d:85:2b:f0:1b:3b:9f:cf:0e:08:05:6b:c9:a0:92:
bb:de:d0:01
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgIEBuulSjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
YWM2NGRjMjFjYjVmZDRkMGJjYjAyY2MyYjQzZmQ3NTFmZDkxZTFlMB4XDTIyMDEw
MTAxNTkyNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMTk4N2U3MGI5MTFm
ZWE4MDM0NGY0ZDU5YzIxMTM2NjZkYTc0ZTdjMDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMz0XIsQhFKatRpeMH46bZfZH/cIIyebVp773Yzdu0BD2Rrf
MzD3s9lao70wgYKTni5dkDSKAKDHg0fCJ/O+++4vVZOxjuwYYfnNvWEXCBOxL/iO
6cgLxGRGC2tdem/6K3KD6nrFYeqYAJDlM33zuUMGHqk8/2i51QXPk8TpCkuJd6vc
gwLus3BE4PEVL4i8agQyJJZ1lbIpFB2GKqRzcGjx1biaLp9meXeIU68PswQ9adgp
v2IOYdlLVt1wS9jAEKXXMsbSBbWOWcEpL2fTp2wNs2K/UiwWoL3Rvm73vrxNsNaM
fwc+SJdo2dq4Jh8WKlVb/hshw84YCLUsww5vAK8CAwEAAaOCAjEwggItMB0GA1Ud
DgQWBBQZh+cLkR/qgDRPTVnCETZm2nTnwDAfBgNVHSMEGDAWgBQqxk3CHLX9TQvL
AswrQ/11H9keHjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0tzWk53aHkxX1UwTHl3TE1LMFA5ZFJfWkhoNC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZTkvZGUxZGI0LWVjNzgtNGU0MS05NTcwLTA5N2MzYzFjMjU0MC8x
L0dZZm5DNUVmNm9BMFQwMVp3aEUyWnRwMDU4QS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZTkv
ZGUxZGI0LWVjNzgtNGU0MS05NTcwLTA5N2MzYzFjMjU0MC8xL0tzWk53aHkxX1Uw
THl3TE1LMFA5ZFJfWkhoNC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBH
BggrBgEFBQcBBwEB/wQ4MDYwJQQCAAEwHwMEAx/BYAMEBVKRQAMEA21FWDALAwMB
1A4DBATUDiAwDQQCAAIwBwMFAiABTFgwDQYJKoZIhvcNAQELBQADggEBAEp0kCKW
bKN11Qaz8tco5g8gKTOHucO/jAWoDk8XCAzS8mHz8E6Ny578AsKTgKRKRLFsas13
D65k4msPLdRAkwnEiRBDRFPqUr/cENdMAi2bbHLVrcVwZyVDM8qT9myp07Qh4I8n
4hHsqAoVV8MDD6fgV+ItI9cTSEzv6ge8MN7xMYppqytisQYYpmeyUt8t7or3QnRc
ClTlkWoMoqhz9TBpUBrAXsQV8XSe44tsNe2U2plXmjly/iQ7EUcl7gSzaw7nSsVw
kkawwZ3CxrgKsOq0gUt7MOyQrUcM3PIAZeVR8q1mzpQyEoQzB0Lf522FK/AbO5/P
DggFa8mgkrve0AE=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:32:29 2025 by rpki-client