Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f8/b1f6ee-c4ef-4355-af36-a558ee65431f/1/GiAPTh5oAslna2KL5od1ONO6elY.roa
File: GiAPTh5oAslna2KL5od1ONO6elY.roa (raw, json)
Hash identifier: trJDD0p0vanXA//b4V0+8dX8I7MHnkvQMtwmurJ3wAo=
Subject key identifier: 1A:20:0F:4E:1E:68:02:C9:67:6B:62:8B:E6:87:75:38:D3:BA:7A:56
Certificate issuer: /CN=722a8c1d311895016108ffbd14575c77cc28773a
Certificate serial: 2FE00BFD
Authority key identifier: 72:2A:8C:1D:31:18:95:01:61:08:FF:BD:14:57:5C:77:CC:28:77:3A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ciqMHTEYlQFhCP-9FFdcd8wodzo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f8/b1f6ee-c4ef-4355-af36-a558ee65431f/1/GiAPTh5oAslna2KL5od1ONO6elY.roa
Signing time: Sat 01 Jan 2022 12:03:18 +0000
ROA not before: Sat 01 Jan 2022 12:03:18 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 59463
IP address blocks: 109.160.62.0/24 maxlen: 24
109.160.16.0/24 maxlen: 24
109.160.16.0/21 maxlen: 21
109.160.17.0/24 maxlen: 24
109.160.21.0/24 maxlen: 24
109.160.23.0/24 maxlen: 24
109.160.22.0/24 maxlen: 24
109.160.18.0/24 maxlen: 24
109.160.20.0/24 maxlen: 24
109.160.19.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 803212285 (0x2fe00bfd)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=722a8c1d311895016108ffbd14575c77cc28773a
Validity
Not Before: Jan 1 12:03:18 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=1a200f4e1e6802c9676b628be6877538d3ba7a56
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:6a:c6:c9:52:b8:7f:6d:c5:02:63:90:66:58:
86:7b:6b:78:bf:a4:0d:6f:94:4d:1f:c8:b6:bc:c2:
2d:06:1a:c5:41:d8:4b:66:9c:c3:db:a5:e4:a9:a1:
49:67:fb:52:af:e0:9f:48:a0:c4:b4:0d:17:80:7f:
85:c6:9f:65:32:f9:4c:fd:9b:a0:f4:e0:57:6f:af:
a2:82:5c:71:dc:9f:7d:98:f7:57:97:a6:7b:62:37:
cc:87:aa:da:d8:87:ed:3e:3c:41:d2:62:9a:6d:63:
fa:02:42:a4:ef:c0:0d:6c:fb:d7:db:96:11:fd:54:
5e:09:db:f9:58:06:1d:67:f4:5f:14:2f:ad:50:b4:
f1:b1:b9:54:97:26:2e:7d:dd:6b:bd:4e:a3:1e:00:
5f:7f:c0:6b:f4:ff:8f:5e:74:1a:75:f8:38:53:d9:
fe:63:c5:20:f9:f9:ec:53:f8:d5:2f:c0:38:2b:3d:
3f:31:0b:4a:49:bc:68:66:55:05:7a:1c:3a:ae:23:
03:9c:d5:07:f6:46:ba:ef:93:f8:86:e8:85:82:0c:
17:6d:3b:a8:61:af:57:b3:a1:95:26:46:9c:0d:85:
7b:39:26:8f:07:89:7a:11:91:1a:64:08:12:96:d3:
f3:d9:22:2e:6b:d0:1a:0f:10:f7:6f:a0:b9:9a:d6:
62:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1A:20:0F:4E:1E:68:02:C9:67:6B:62:8B:E6:87:75:38:D3:BA:7A:56
X509v3 Authority Key Identifier:
keyid:72:2A:8C:1D:31:18:95:01:61:08:FF:BD:14:57:5C:77:CC:28:77:3A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ciqMHTEYlQFhCP-9FFdcd8wodzo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/b1f6ee-c4ef-4355-af36-a558ee65431f/1/GiAPTh5oAslna2KL5od1ONO6elY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/b1f6ee-c4ef-4355-af36-a558ee65431f/1/ciqMHTEYlQFhCP-9FFdcd8wodzo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.160.16.0/21
109.160.62.0/24
Signature Algorithm: sha256WithRSAEncryption
43:b6:16:bd:3c:39:a8:a6:29:76:d7:a1:13:de:ab:5d:23:af:
06:63:e6:bc:a2:05:ca:3e:4f:c8:1b:46:2a:2b:00:21:8e:30:
df:fd:a6:50:a2:c7:80:2e:b9:6c:f4:bb:cc:fd:d3:4f:bd:3b:
a2:60:3b:5a:78:84:53:2c:0c:fa:77:2a:9f:11:eb:23:0f:fe:
4e:07:09:d6:cc:83:63:1f:26:38:51:16:e5:f8:7d:82:d4:99:
88:b7:5e:ae:44:95:9e:cd:2a:d2:87:b9:51:ab:2d:44:03:20:
46:31:46:20:d2:dc:7c:91:07:ea:31:ea:aa:4b:5e:1a:ce:54:
64:9d:f6:e9:5e:01:3f:22:f0:ea:d9:6d:53:e0:71:26:87:c8:
f7:32:d7:ee:d7:04:f9:92:76:f7:ab:4a:e0:be:d7:44:a5:5f:
75:43:de:4c:9a:6d:4f:b9:60:e6:3c:9c:6c:99:5e:e4:81:f5:
92:a5:3f:62:15:54:92:55:21:e3:bb:20:64:49:17:7e:1c:d2:
dc:0c:0b:13:af:bc:70:5a:d1:94:d4:f1:c4:dc:1e:b0:0d:b8:
1a:2d:39:b0:d0:a3:5b:52:9a:ad:1f:56:9f:ae:a5:0e:17:e1:
98:fd:94:30:78:a2:a6:14:d7:02:fd:74:51:04:14:fe:47:63:
bf:4f:7f:4c
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIEL+AL/TANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
MjJhOGMxZDMxMTg5NTAxNjEwOGZmYmQxNDU3NWM3N2NjMjg3NzNhMB4XDTIyMDEw
MTEyMDMxOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMWEyMDBmNGUxZTY4
MDJjOTY3NmI2MjhiZTY4Nzc1MzhkM2JhN2E1NjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALBqxslSuH9txQJjkGZYhntreL+kDW+UTR/ItrzCLQYaxUHY
S2acw9ul5KmhSWf7Uq/gn0igxLQNF4B/hcafZTL5TP2boPTgV2+vooJccdyffZj3
V5eme2I3zIeq2tiH7T48QdJimm1j+gJCpO/ADWz719uWEf1UXgnb+VgGHWf0XxQv
rVC08bG5VJcmLn3da71Oox4AX3/Aa/T/j150GnX4OFPZ/mPFIPn57FP41S/AOCs9
PzELSkm8aGZVBXocOq4jA5zVB/ZGuu+T+IbohYIMF207qGGvV7OhlSZGnA2Fezkm
jweJehGRGmQIEpbT89kiLmvQGg8Q92+guZrWYjkCAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBQaIA9OHmgCyWdrYovmh3U407p6VjAfBgNVHSMEGDAWgBRyKowdMRiVAWEI
/70UV1x3zCh3OjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2NpcU1IVEVZbFFGaENQLTlGRmRjZDh3b2R6by5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZjgvYjFmNmVlLWM0ZWYtNDM1NS1hZjM2LWE1NThlZTY1NDMxZi8x
L0dpQVBUaDVvQXNsbmEyS0w1b2QxT05PNmVsWS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZjgv
YjFmNmVlLWM0ZWYtNDM1NS1hZjM2LWE1NThlZTY1NDMxZi8xL2NpcU1IVEVZbFFG
aENQLTlGRmRjZDh3b2R6by5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEA22gEAMEAG2gPjANBgkqhkiG9w0B
AQsFAAOCAQEAQ7YWvTw5qKYpdtehE96rXSOvBmPmvKIFyj5PyBtGKisAIY4w3/2m
UKLHgC65bPS7zP3TT707omA7WniEUywM+ncqnxHrIw/+TgcJ1syDYx8mOFEW5fh9
gtSZiLderkSVns0q0oe5UastRAMgRjFGINLcfJEH6jHqqkteGs5UZJ326V4BPyLw
6tltU+BxJofI9zLX7tcE+ZJ296tK4L7XRKVfdUPeTJptT7lg5jycbJle5IH1kqU/
YhVUklUh47sgZEkXfhzS3AwLE6+8cFrRlNTxxNwesA24Gi05sNCjW1KarR9Wn66l
DhfhmP2UMHiiphTXAv10UQQU/kdjv09/TA==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:10:32 2023 by rpki-client on console-ams.rpki-client.org