Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/081b84-4ece-4005-b28d-9f293172bb6b/1/g63RgnLm5pGcwQ6FsLq_iT5t_IU.roa
File: g63RgnLm5pGcwQ6FsLq_iT5t_IU.roa (raw, json)
Hash identifier: LS39WTUpdoxoul5rM3090wNPjhW1gE2TiQBqQYdAcnI=
Subject key identifier: 83:AD:D1:82:72:E6:E6:91:9C:C1:0E:85:B0:BA:BF:89:3E:6D:FC:85
Certificate issuer: /CN=67fd3e19f583361fe5d90a412b1280f7cffb801f
Certificate serial: 184505E3
Authority key identifier: 67:FD:3E:19:F5:83:36:1F:E5:D9:0A:41:2B:12:80:F7:CF:FB:80:1F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Z_0-GfWDNh_l2QpBKxKA98_7gB8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/081b84-4ece-4005-b28d-9f293172bb6b/1/g63RgnLm5pGcwQ6FsLq_iT5t_IU.roa
Signing time: Sat 01 Jan 2022 15:05:25 +0000
ROA not before: Sat 01 Jan 2022 15:05:25 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 51395
IP address blocks: 194.15.228.0/22 maxlen: 22
2001:67c:2f0::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 407176675 (0x184505e3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=67fd3e19f583361fe5d90a412b1280f7cffb801f
Validity
Not Before: Jan 1 15:05:25 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=83add18272e6e6919cc10e85b0babf893e6dfc85
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:06:c0:43:cc:2e:35:96:cb:87:09:e2:88:0d:
1f:82:3a:2c:d6:ee:c8:b4:bf:f6:30:0a:73:6c:2f:
26:f9:0a:3b:0d:81:9a:1a:23:b8:b8:83:6b:4b:97:
c4:2f:ee:87:b0:37:52:21:17:9e:f9:ff:5f:f1:db:
ff:1d:51:04:ce:46:af:b4:7e:4b:fc:5e:60:d2:ff:
b8:46:58:cb:79:4b:d9:f5:53:31:59:88:d9:be:db:
f1:c6:04:3b:52:d5:2f:c0:34:b2:39:88:e2:4d:b7:
c7:65:e0:bb:0b:1c:9a:40:06:ad:59:d5:ed:7e:c8:
97:6a:a8:54:41:87:2c:63:51:ba:f9:07:6d:2e:49:
40:89:8e:e0:9d:01:eb:6d:d8:3a:2d:af:52:35:db:
cd:df:d7:5b:11:01:55:67:ed:35:a3:d1:5c:cb:7a:
ba:61:ff:84:0e:b5:e5:bb:c4:0d:6f:07:38:9e:a2:
78:ce:3a:85:47:7a:8d:06:ea:5c:be:c4:2a:d2:0f:
bb:22:62:c3:b5:d8:73:f8:15:f3:3c:76:0f:5d:82:
b9:38:62:41:d2:c4:2e:64:c7:f2:e7:64:64:5d:6e:
a3:f4:91:4e:b5:47:7e:09:0b:1f:7f:b9:d0:b2:ad:
15:fc:4d:a7:fe:e7:31:c1:84:18:7b:ce:d1:8e:41:
da:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
83:AD:D1:82:72:E6:E6:91:9C:C1:0E:85:B0:BA:BF:89:3E:6D:FC:85
X509v3 Authority Key Identifier:
keyid:67:FD:3E:19:F5:83:36:1F:E5:D9:0A:41:2B:12:80:F7:CF:FB:80:1F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Z_0-GfWDNh_l2QpBKxKA98_7gB8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/081b84-4ece-4005-b28d-9f293172bb6b/1/g63RgnLm5pGcwQ6FsLq_iT5t_IU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/081b84-4ece-4005-b28d-9f293172bb6b/1/Z_0-GfWDNh_l2QpBKxKA98_7gB8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.15.228.0/22
IPv6:
2001:67c:2f0::/48
Signature Algorithm: sha256WithRSAEncryption
43:74:15:f1:da:70:fd:26:2f:c8:f6:0f:8a:6d:6d:69:20:9f:
1d:0c:95:27:0c:cf:c1:10:3c:bf:ef:f6:fd:7b:d2:93:e4:6d:
77:9a:28:88:97:e5:5c:a6:e0:94:f0:30:d0:94:de:31:7f:25:
d5:fc:67:e9:bd:61:f8:c3:f8:e4:4f:77:7f:e3:de:99:9e:dd:
d1:4f:58:3c:7e:12:1e:a5:cb:9f:dc:f5:85:e9:a2:92:25:40:
3a:d9:6c:e6:6e:23:9d:97:73:8c:fc:f7:5c:f6:52:63:65:2c:
27:96:6b:7a:22:9d:ec:d9:91:41:ee:d2:68:8f:77:24:f9:56:
c6:47:41:e7:2d:67:be:e9:71:6e:cb:93:09:6d:10:a9:59:ac:
8b:73:c1:70:a0:c7:24:1b:97:14:87:af:2b:4d:08:5d:15:ab:
a1:8d:b2:69:03:ae:97:79:28:99:db:63:d3:d9:6a:2d:51:8f:
d5:92:b6:d5:e2:77:48:d6:e6:dc:d4:ce:b3:4c:01:4c:72:f3:
37:89:d2:cb:d3:32:9c:c3:bf:b3:7f:ca:2a:06:d9:48:58:d5:
a5:e2:1a:e2:74:25:17:29:76:3b:28:ed:75:fd:f9:27:d0:16:
26:53:e7:f3:58:a9:39:28:dd:fc:8c:f3:91:2b:65:47:80:e9:
2b:0f:f1:f0
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIEGEUF4zANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
N2ZkM2UxOWY1ODMzNjFmZTVkOTBhNDEyYjEyODBmN2NmZmI4MDFmMB4XDTIyMDEw
MTE1MDUyNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoODNhZGQxODI3MmU2
ZTY5MTljYzEwZTg1YjBiYWJmODkzZTZkZmM4NTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAN0GwEPMLjWWy4cJ4ogNH4I6LNbuyLS/9jAKc2wvJvkKOw2B
mhojuLiDa0uXxC/uh7A3UiEXnvn/X/Hb/x1RBM5Gr7R+S/xeYNL/uEZYy3lL2fVT
MVmI2b7b8cYEO1LVL8A0sjmI4k23x2XguwscmkAGrVnV7X7Il2qoVEGHLGNRuvkH
bS5JQImO4J0B623YOi2vUjXbzd/XWxEBVWftNaPRXMt6umH/hA615bvEDW8HOJ6i
eM46hUd6jQbqXL7EKtIPuyJiw7XYc/gV8zx2D12CuThiQdLELmTH8udkZF1uo/SR
TrVHfgkLH3+50LKtFfxNp/7nMcGEGHvO0Y5B2kkCAwEAAaOCAhowggIWMB0GA1Ud
DgQWBBSDrdGCcubmkZzBDoWwur+JPm38hTAfBgNVHSMEGDAWgBRn/T4Z9YM2H+XZ
CkErEoD3z/uAHzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1pfMC1HZldETmhfbDJRcEJLeEtBOThfN2dCOC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMDMvMDgxYjg0LTRlY2UtNDAwNS1iMjhkLTlmMjkzMTcyYmI2Yi8x
L2c2M1JnbkxtNXBHY3dRNkZzTHFfaVQ1dF9JVS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMDMv
MDgxYjg0LTRlY2UtNDAwNS1iMjhkLTlmMjkzMTcyYmI2Yi8xL1pfMC1HZldETmhf
bDJRcEJLeEtBOThfN2dCOC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAw
BggrBgEFBQcBBwEB/wQhMB8wDAQCAAEwBgMEAsIP5DAPBAIAAjAJAwcAIAEGfALw
MA0GCSqGSIb3DQEBCwUAA4IBAQBDdBXx2nD9Ji/I9g+KbW1pIJ8dDJUnDM/BEDy/
7/b9e9KT5G13miiIl+VcpuCU8DDQlN4xfyXV/GfpvWH4w/jkT3d/496Znt3RT1g8
fhIepcuf3PWF6aKSJUA62WzmbiOdl3OM/Pdc9lJjZSwnlmt6Ip3s2ZFB7tJoj3ck
+VbGR0HnLWe+6XFuy5MJbRCpWayLc8FwoMckG5cUh68rTQhdFauhjbJpA66XeSiZ
22PT2WotUY/VkrbV4ndI1ubc1M6zTAFMcvM3idLL0zKcw7+zf8oqBtlIWNWl4hri
dCUXKXY7KO11/fkn0BYmU+fzWKk5KN38jPORK2VHgOkrD/Hw
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:48:04 2025 by rpki-client