Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/ec0b89-1e68-45a0-8b93-13a06a269aa8/1/GDVX9NmWyCKJjVwYuWg7IPOcaGs.roa
File: GDVX9NmWyCKJjVwYuWg7IPOcaGs.roa (raw, json)
Hash identifier: 8H/DFA+5rzTpE8cwsEX1+0oE6PrDd/Fiw28EP8SRLlM=
Subject key identifier: 18:35:57:F4:D9:96:C8:22:89:8D:5C:18:B9:68:3B:20:F3:9C:68:6B
Certificate issuer: /CN=7ce68daf5f089456c0e1d02245393531ac5b8fcb
Certificate serial: 198F00CE
Authority key identifier: 7C:E6:8D:AF:5F:08:94:56:C0:E1:D0:22:45:39:35:31:AC:5B:8F:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fOaNr18IlFbA4dAiRTk1Maxbj8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/eb/ec0b89-1e68-45a0-8b93-13a06a269aa8/1/GDVX9NmWyCKJjVwYuWg7IPOcaGs.roa
Signing time: Wed 23 Mar 2022 15:30:26 +0000
ROA not before: Wed 23 Mar 2022 15:30:26 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 8075
IP address blocks: 94.245.64.0/18 maxlen: 24
51.124.0.0/16 maxlen: 16
192.100.112.0/21 maxlen: 21
192.100.120.0/21 maxlen: 21
192.100.128.0/22 maxlen: 22
192.100.132.0/23 maxlen: 23
51.144.0.0/15 maxlen: 15
51.107.0.0/16 maxlen: 16
193.149.64.0/19 maxlen: 24
192.100.104.0/21 maxlen: 21
51.116.0.0/16 maxlen: 16
51.138.0.0/16 maxlen: 16
51.10.0.0/15 maxlen: 15
194.110.197.0/24 maxlen: 24
51.104.0.0/15 maxlen: 15
51.136.0.0/15 maxlen: 15
51.12.0.0/15 maxlen: 15
51.103.0.0/16 maxlen: 16
51.140.0.0/14 maxlen: 14
194.41.16.0/20 maxlen: 20
194.41.18.0/24 maxlen: 24
194.41.22.0/24 maxlen: 24
194.41.23.0/24 maxlen: 24
194.41.20.0/24 maxlen: 24
194.41.21.0/24 maxlen: 24
194.41.19.0/24 maxlen: 24
51.132.0.0/16 maxlen: 16
213.199.128.0/18 maxlen: 24
193.221.113.0/24 maxlen: 24
51.53.0.0/16 maxlen: 16
51.120.0.0/16 maxlen: 16
147.243.0.0/16 maxlen: 24
51.51.0.0/16 maxlen: 16
2a01:111::/32 maxlen: 32
2a01:111:f000::/36 maxlen: 36
2a01:111:2000::/36 maxlen: 36
2a01:111:4000::/36 maxlen: 36
2a01:111:4004::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 428802254 (0x198f00ce)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7ce68daf5f089456c0e1d02245393531ac5b8fcb
Validity
Not Before: Mar 23 15:30:26 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=183557f4d996c822898d5c18b9683b20f39c686b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:b9:ec:a1:8a:46:af:0e:c3:6d:f6:8f:ba:7a:
9f:8a:fa:ea:a9:73:2a:dd:24:6c:8c:84:0b:4c:a4:
40:36:9d:51:d4:38:a2:e0:7e:9f:7a:07:c1:96:32:
32:f5:29:1b:87:c6:57:21:72:6a:a4:2d:ac:2f:99:
d9:42:9d:be:81:a8:e7:54:2b:7b:c6:f6:f3:d9:5a:
07:25:0d:83:82:0f:16:51:c9:d0:be:14:11:85:a0:
53:39:1d:38:34:b7:63:04:3b:94:f0:96:c8:29:c3:
d5:eb:d0:20:0d:16:c7:50:5f:13:d1:19:a0:2b:f9:
73:85:af:56:3a:54:4b:14:e6:a9:0e:51:2b:12:43:
21:ba:7b:cc:53:25:d6:b8:34:4a:25:6f:95:2f:60:
1e:2a:a3:42:2e:98:5a:db:9c:38:84:4f:9c:08:ac:
80:d5:a0:28:12:e6:87:93:64:95:9c:7f:9b:51:ee:
b0:2b:06:8e:54:9b:63:8e:75:62:16:dc:9a:f2:74:
75:0c:26:9a:6d:7b:83:1f:0e:eb:04:8d:ed:78:de:
e3:9c:5f:9b:e1:76:8e:0d:aa:45:e1:21:62:e6:69:
92:57:04:ac:89:0e:f2:dc:29:c1:fa:10:f9:4a:9c:
f7:e6:d1:1e:b9:5c:e6:84:17:6a:a8:6e:d6:6e:57:
96:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
18:35:57:F4:D9:96:C8:22:89:8D:5C:18:B9:68:3B:20:F3:9C:68:6B
X509v3 Authority Key Identifier:
keyid:7C:E6:8D:AF:5F:08:94:56:C0:E1:D0:22:45:39:35:31:AC:5B:8F:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fOaNr18IlFbA4dAiRTk1Maxbj8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/ec0b89-1e68-45a0-8b93-13a06a269aa8/1/GDVX9NmWyCKJjVwYuWg7IPOcaGs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/ec0b89-1e68-45a0-8b93-13a06a269aa8/1/fOaNr18IlFbA4dAiRTk1Maxbj8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.10.0.0-51.13.255.255
51.51.0.0/16
51.53.0.0/16
51.103.0.0-51.105.255.255
51.107.0.0/16
51.116.0.0/16
51.120.0.0/16
51.124.0.0/16
51.132.0.0/16
51.136.0.0-51.138.255.255
51.140.0.0-51.145.255.255
94.245.64.0/18
147.243.0.0/16
192.100.104.0-192.100.133.255
193.149.64.0/19
193.221.113.0/24
194.41.16.0/20
194.110.197.0/24
213.199.128.0/18
IPv6:
2a01:111::/32
Signature Algorithm: sha256WithRSAEncryption
08:8e:64:01:dd:af:b1:98:0d:56:24:48:1e:28:c4:95:0d:90:
da:72:43:be:f8:a5:89:c6:5e:b5:1f:92:7a:14:94:6d:d4:e5:
7d:fb:00:2b:0a:94:2c:63:ee:d6:fd:42:60:13:80:04:9e:1b:
41:a3:48:5b:78:5a:1a:5c:98:af:3e:de:c1:2c:67:13:2f:78:
9d:86:90:8f:ca:12:c8:e0:d6:10:55:29:d4:62:cd:88:4c:25:
6d:c0:8b:ac:7c:3b:c4:92:9f:e5:80:24:5a:97:b8:74:c3:5d:
fb:dc:d9:08:bf:fd:09:f7:61:a0:8f:39:dd:a1:17:5d:5a:21:
d8:5d:a0:a1:72:d3:65:84:d0:39:81:7b:05:02:6e:1f:da:b4:
50:4d:9c:a4:8f:f5:45:e1:9d:92:51:57:80:b4:91:17:47:59:
a3:32:9e:f2:a9:9a:55:91:70:11:44:65:e8:e6:29:a4:00:f4:
67:fb:53:31:ac:30:e0:9a:da:65:b1:ae:72:6d:16:a3:67:ef:
62:29:5a:18:85:ca:fc:15:aa:da:b2:16:9e:32:0b:05:72:15:
ad:e4:ba:8c:47:00:68:dd:83:6f:46:8e:11:c3:10:bc:70:d9:
eb:b3:9f:c6:6b:ae:12:62:f2:e8:38:29:28:b2:3f:7e:1d:9d:
aa:84:26:78
-----BEGIN CERTIFICATE-----
MIIFhzCCBG+gAwIBAgIEGY8AzjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
Y2U2OGRhZjVmMDg5NDU2YzBlMWQwMjI0NTM5MzUzMWFjNWI4ZmNiMB4XDTIyMDMy
MzE1MzAyNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMTgzNTU3ZjRkOTk2
YzgyMjg5OGQ1YzE4Yjk2ODNiMjBmMzljNjg2YjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKi57KGKRq8Ow232j7p6n4r66qlzKt0kbIyEC0ykQDadUdQ4
ouB+n3oHwZYyMvUpG4fGVyFyaqQtrC+Z2UKdvoGo51Qre8b289laByUNg4IPFlHJ
0L4UEYWgUzkdODS3YwQ7lPCWyCnD1evQIA0Wx1BfE9EZoCv5c4WvVjpUSxTmqQ5R
KxJDIbp7zFMl1rg0SiVvlS9gHiqjQi6YWtucOIRPnAisgNWgKBLmh5NklZx/m1Hu
sCsGjlSbY451YhbcmvJ0dQwmmm17gx8O6wSN7Xje45xfm+F2jg2qReEhYuZpklcE
rIkO8twpwfoQ+Uqc9+bRHrlc5oQXaqhu1m5XlisCAwEAAaOCAqEwggKdMB0GA1Ud
DgQWBBQYNVf02ZbIIomNXBi5aDsg85xoazAfBgNVHSMEGDAWgBR85o2vXwiUVsDh
0CJFOTUxrFuPyzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2ZPYU5yMThJbEZiQTRkQWlSVGsxTWF4Ymo4cy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZWIvZWMwYjg5LTFlNjgtNDVhMC04YjkzLTEzYTA2YTI2OWFhOC8x
L0dEVlg5Tm1XeUNLSmpWd1l1V2c3SVBPY2FHcy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZWIv
ZWMwYjg5LTFlNjgtNDVhMC04YjkzLTEzYTA2YTI2OWFhOC8xL2ZPYU5yMThJbEZi
QTRkQWlSVGsxTWF4Ymo4cy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCB
tgYIKwYBBQUHAQcBAf8EgaYwgaMwgZEEAgABMIGKMAoDAwEzCgMDATMMAwMAMzMD
AwAzNTAKAwMAM2cDAwEzaAMDADNrAwMAM3QDAwAzeAMDADN8AwMAM4QwCgMDAzOI
AwMAM4owCgMDAjOMAwMBM5ADBAZe9UADAwCT8zAMAwQDwGRoAwQBwGSEAwQFwZVA
AwQAwd1xAwQEwikQAwQAwm7FAwQG1ceAMA0EAgACMAcDBQAqAQERMA0GCSqGSIb3
DQEBCwUAA4IBAQAIjmQB3a+xmA1WJEgeKMSVDZDackO++KWJxl61H5J6FJRt1OV9
+wArCpQsY+7W/UJgE4AEnhtBo0hbeFoaXJivPt7BLGcTL3idhpCPyhLI4NYQVSnU
Ys2ITCVtwIusfDvEkp/lgCRal7h0w1373NkIv/0J92GgjzndoRddWiHYXaChctNl
hNA5gXsFAm4f2rRQTZykj/VF4Z2SUVeAtJEXR1mjMp7yqZpVkXARRGXo5imkAPRn
+1MxrDDgmtplsa5ybRajZ+9iKVoYhcr8FarashaeMgsFchWt5LqMRwBo3YNvRo4R
wxC8cNnrs5/Ga64SYvLoOCkosj9+HZ2qhCZ4
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:58:32 2024 by rpki-client on console-fra.rpki-client.org