Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/18/ba2362-0cc5-49bd-a522-4f0e8ce11a7d/1/GbXxdgI7T0DiP_lM6Q3L2VL2WgU.roa
File: GbXxdgI7T0DiP_lM6Q3L2VL2WgU.roa (raw, json)
Hash identifier: XSQ0By1iHCFc3Ai1WIp6IlZBCbGy4Xu2hNQrgZ0eMN4=
Subject key identifier: 19:B5:F1:76:02:3B:4F:40:E2:3F:F9:4C:E9:0D:CB:D9:52:F6:5A:05
Certificate issuer: /CN=d747017564c711bcbd57680a0dfd00f2a5d099db
Certificate serial: 018C5A3F4AA7BC7D86D2B12644377A4C95BA
Authority key identifier: D7:47:01:75:64:C7:11:BC:BD:57:68:0A:0D:FD:00:F2:A5:D0:99:DB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/10cBdWTHEby9V2gKDf0A8qXQmds.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/18/ba2362-0cc5-49bd-a522-4f0e8ce11a7d/1/GbXxdgI7T0DiP_lM6Q3L2VL2WgU.roa
Signing time: Mon 11 Dec 2023 18:59:06 +0000
ROA not before: Mon 11 Dec 2023 18:59:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 21700
IP address blocks: 194.195.48.0/20 maxlen: 20
194.195.16.0/20 maxlen: 24
62.138.76.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:5a:3f:4a:a7:bc:7d:86:d2:b1:26:44:37:7a:4c:95:ba
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d747017564c711bcbd57680a0dfd00f2a5d099db
Validity
Not Before: Dec 11 18:59:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=19b5f176023b4f40e23ff94ce90dcbd952f65a05
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:7b:9e:ee:59:c2:d9:30:12:81:0c:a2:96:6d:
e1:44:a4:94:1b:78:23:27:72:39:b9:b9:19:10:83:
22:8d:c5:08:94:f6:07:fc:62:bd:53:59:bb:a3:e6:
47:c6:3f:c5:20:59:2b:23:cb:c0:7c:97:44:76:68:
3e:bd:26:41:1b:b3:a4:c3:66:34:00:31:f8:7c:cb:
32:c7:6a:e4:48:37:8a:59:a8:df:60:c5:76:32:82:
e8:4f:eb:c3:d2:4b:8c:f3:67:f2:b2:7e:44:de:c1:
b8:56:14:d2:7e:25:ad:27:09:9c:a4:cb:2e:8c:81:
88:07:ee:cf:75:32:ba:ae:ec:94:6e:f6:a7:7c:16:
e3:40:d9:1e:9f:63:35:78:ef:0d:78:cb:e2:b2:d1:
bc:e1:b4:09:71:ea:f9:75:d5:9e:75:09:61:68:0c:
b8:7a:69:39:1f:49:5a:48:96:8a:f7:89:b0:e1:1e:
31:25:ad:51:49:0c:3c:16:95:29:9d:b1:5b:cf:df:
58:f9:b1:93:3a:f8:aa:f7:88:f5:ab:bc:67:1f:13:
2b:84:c9:b1:b7:1c:f4:77:bf:37:47:45:8e:79:25:
65:aa:95:4c:27:38:5d:90:a2:be:fd:3c:4f:0b:9a:
25:52:4d:6c:e7:ce:cf:74:54:96:dd:8f:1d:fe:a0:
c9:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
19:B5:F1:76:02:3B:4F:40:E2:3F:F9:4C:E9:0D:CB:D9:52:F6:5A:05
X509v3 Authority Key Identifier:
keyid:D7:47:01:75:64:C7:11:BC:BD:57:68:0A:0D:FD:00:F2:A5:D0:99:DB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/10cBdWTHEby9V2gKDf0A8qXQmds.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/18/ba2362-0cc5-49bd-a522-4f0e8ce11a7d/1/GbXxdgI7T0DiP_lM6Q3L2VL2WgU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/18/ba2362-0cc5-49bd-a522-4f0e8ce11a7d/1/10cBdWTHEby9V2gKDf0A8qXQmds.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.138.76.0/22
194.195.16.0/20
194.195.48.0/20
Signature Algorithm: sha256WithRSAEncryption
22:3e:bd:17:75:16:b7:4a:79:a9:9c:c7:07:00:00:db:87:65:
8a:bc:97:c8:d9:ce:01:b9:d3:fa:01:da:93:12:55:77:92:ff:
ab:c9:99:e9:d3:cc:8e:f0:3a:af:a1:46:79:11:79:71:c8:7c:
d7:ed:ce:8c:7c:1c:46:67:b9:d0:c3:4c:02:65:25:79:2a:fb:
85:06:3b:d8:a9:98:1b:c7:60:0a:4c:b4:c0:0c:20:cd:13:9f:
c7:fb:89:1a:31:fb:a9:80:a3:01:e4:c7:c4:93:9d:6d:83:d2:
04:83:28:ad:aa:96:5f:71:a3:92:7a:98:3b:01:71:37:ff:05:
8a:38:2f:c1:ca:cf:4f:7a:47:88:4c:3d:bb:73:1b:cb:73:99:
e0:a2:73:3b:b9:03:32:7e:2f:c6:cd:fb:23:e4:d8:72:70:78:
6c:cb:26:62:e1:68:80:a7:55:99:c8:44:f0:2f:ec:d4:5b:ac:
fb:3b:d0:48:58:be:02:87:53:28:15:58:ac:ee:69:6c:31:9a:
b9:76:2b:53:1b:7b:e8:fa:cb:77:bf:b5:cd:b8:5b:87:cc:3e:
43:6a:6f:66:22:c1:96:e0:17:14:10:ec:4e:dc:7b:65:3b:2a:
b5:9b:26:eb:37:ca:2e:f3:34:04:72:34:5e:c3:96:42:06:19:
82:28:5b:41
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYxaP0qnvH2G0rEmRDd6TJW6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ3NDcwMTc1NjRjNzExYmNiZDU3NjgwYTBkZmQwMGYyYTVk
MDk5ZGIwHhcNMjMxMjExMTg1OTA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxOWI1ZjE3NjAyM2I0ZjQwZTIzZmY5NGNlOTBkY2JkOTUyZjY1YTA1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmnue7lnC2TASgQyilm3hRKSUG3gj
J3I5ubkZEIMijcUIlPYH/GK9U1m7o+ZHxj/FIFkrI8vAfJdEdmg+vSZBG7Okw2Y0
ADH4fMsyx2rkSDeKWajfYMV2MoLoT+vD0kuM82fysn5E3sG4VhTSfiWtJwmcpMsu
jIGIB+7PdTK6ruyUbvanfBbjQNken2M1eO8NeMvistG84bQJcer5ddWedQlhaAy4
emk5H0laSJaK94mw4R4xJa1RSQw8FpUpnbFbz99Y+bGTOviq94j1q7xnHxMrhMmx
txz0d783R0WOeSVlqpVMJzhdkKK+/TxPC5olUk1s587PdFSW3Y8d/qDJdQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFBm18XYCO09A4j/5TOkNy9lS9loFMB8GA1UdIwQY
MBaAFNdHAXVkxxG8vVdoCg39APKl0JnbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMTBjQmRXVEhFYnk5VjJnS0RmMEE4cVhRbWRzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOC9iYTIzNjItMGNjNS00OWJkLWE1MjIt
NGYwZThjZTExYTdkLzEvR2JYeGRnSTdUMERpUF9sTTZRM0wyVkwyV2dVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOC9iYTIzNjItMGNjNS00OWJkLWE1MjItNGYwZThjZTExYTdk
LzEvMTBjQmRXVEhFYnk5VjJnS0RmMEE4cVhRbWRzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCPopMAwQE
wsMQAwQEwsMwMA0GCSqGSIb3DQEBCwUAA4IBAQAiPr0XdRa3SnmpnMcHAADbh2WK
vJfI2c4BudP6AdqTElV3kv+ryZnp08yO8DqvoUZ5EXlxyHzX7c6MfBxGZ7nQw0wC
ZSV5KvuFBjvYqZgbx2AKTLTADCDNE5/H+4kaMfupgKMB5MfEk51tg9IEgyitqpZf
caOSepg7AXE3/wWKOC/Bys9PekeITD27cxvLc5ngonM7uQMyfi/Gzfsj5NhycHhs
yyZi4WiAp1WZyETwL+zUW6z7O9BIWL4Ch1MoFVis7mlsMZq5ditTG3vo+st3v7XN
uFuHzD5Dam9mIsGW4BcUEOxO3HtlOyq1mybrN8ou8zQEcjRew5ZCBhmCKFtB
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:08:05 2025 by rpki-client