Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/32779d-3656-44c0-8ab5-981fbb3442dd/1/gL3xS8uYnG6Km0odgYd8eiFKMFI.roa
File: gL3xS8uYnG6Km0odgYd8eiFKMFI.roa (raw, json)
Hash identifier: 1E7fwWCqQEE77M+6fbbo3gCZ3S9P1xz0Z4tqD1GrpwQ=
Subject key identifier: 80:BD:F1:4B:CB:98:9C:6E:8A:9B:4A:1D:81:87:7C:7A:21:4A:30:52
Certificate issuer: /CN=ecf7ca9ffafe72a30966f7e43d92b58e774ce741
Certificate serial: 01892EC000F3230726FFD8D306D71C2E67EF
Authority key identifier: EC:F7:CA:9F:FA:FE:72:A3:09:66:F7:E4:3D:92:B5:8E:77:4C:E7:41
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7PfKn_r-cqMJZvfkPZK1jndM50E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/32779d-3656-44c0-8ab5-981fbb3442dd/1/gL3xS8uYnG6Km0odgYd8eiFKMFI.roa
Signing time: Fri 07 Jul 2023 05:08:02 +0000
ROA not before: Fri 07 Jul 2023 05:08:02 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 50676
IP address blocks: 193.32.176.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:2e:c0:00:f3:23:07:26:ff:d8:d3:06:d7:1c:2e:67:ef
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ecf7ca9ffafe72a30966f7e43d92b58e774ce741
Validity
Not Before: Jul 7 05:08:02 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=80bdf14bcb989c6e8a9b4a1d81877c7a214a3052
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:fa:dd:6b:f1:e5:76:2f:26:e6:6c:76:7b:cc:
17:df:4e:95:55:a5:54:45:56:0e:8b:66:ae:d4:d5:
2c:1d:47:e8:8b:91:49:66:bc:fb:33:6f:20:f3:47:
ab:7c:9b:5f:e1:a4:a1:11:e6:96:7d:b9:67:5a:fb:
38:ee:db:db:e6:f0:c6:07:55:82:38:2b:7e:c2:0c:
af:94:9c:a6:0f:d3:0c:6d:f7:0c:45:f5:2f:81:ae:
35:ed:87:16:39:bf:2e:6c:c5:cf:00:bc:db:cc:21:
33:a7:64:69:fa:b7:16:d3:68:f9:79:d1:9c:9f:f1:
d6:23:b3:e7:7f:4b:9d:df:e8:e6:8d:b4:25:eb:2e:
df:c4:9b:72:40:26:67:26:f6:2a:38:79:79:a5:8e:
b5:e2:be:8b:01:9c:5c:03:51:b6:84:07:23:3b:b9:
9a:ec:e8:a2:52:79:ca:cd:f6:83:a2:42:2e:ad:f2:
af:51:dd:93:89:91:c0:f6:6b:15:8c:fd:15:ec:c1:
46:15:50:00:3d:f8:8d:eb:29:96:77:92:f5:87:64:
7a:e8:ca:74:0a:68:44:6b:4c:68:d6:b2:32:9c:1a:
a4:26:41:51:b3:d7:e4:a4:dc:bf:a7:6c:8b:f6:b1:
da:b3:a4:e1:21:14:5e:a4:b0:19:2d:66:39:4d:6b:
24:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
80:BD:F1:4B:CB:98:9C:6E:8A:9B:4A:1D:81:87:7C:7A:21:4A:30:52
X509v3 Authority Key Identifier:
keyid:EC:F7:CA:9F:FA:FE:72:A3:09:66:F7:E4:3D:92:B5:8E:77:4C:E7:41
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7PfKn_r-cqMJZvfkPZK1jndM50E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/32779d-3656-44c0-8ab5-981fbb3442dd/1/gL3xS8uYnG6Km0odgYd8eiFKMFI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/32779d-3656-44c0-8ab5-981fbb3442dd/1/7PfKn_r-cqMJZvfkPZK1jndM50E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.32.176.0/24
Signature Algorithm: sha256WithRSAEncryption
95:49:b3:42:da:94:21:17:fc:ea:f7:e5:a9:2f:10:51:7a:f9:
7c:51:ee:9b:d7:7e:b8:5f:68:8d:19:6f:35:a9:2b:f0:41:a1:
32:fc:70:e3:9d:c2:bb:a6:85:a6:69:63:20:b8:b8:80:b3:13:
9e:34:c1:2b:56:34:d3:62:02:44:1c:b6:e6:56:c3:37:9f:49:
d5:aa:aa:4f:f0:57:fd:bf:cc:e2:91:cb:e2:83:9d:e6:60:17:
03:4c:58:aa:73:d3:f3:81:8a:2a:cd:0b:36:0e:b8:be:fb:18:
f5:ad:45:40:ac:a4:05:a5:4a:6b:e4:a8:9d:9d:c3:aa:27:13:
19:7b:75:09:d9:a9:27:99:6f:20:aa:67:c6:f2:a1:21:13:a2:
32:02:5e:02:f6:4f:91:c7:82:f8:ff:bb:85:4a:df:b0:d0:59:
a1:d5:40:f9:0c:8e:f8:e8:ab:b2:b3:d8:2f:46:ab:df:22:f9:
a1:c8:df:65:2b:e6:3b:07:2b:e5:96:50:89:98:e6:c3:6e:76:
fb:e5:04:3f:0a:f1:35:b2:80:40:b5:a1:63:b7:e1:23:b9:e1:
36:f2:d4:3f:e9:12:dd:9f:66:9d:88:a0:27:11:e9:38:bb:1c:
58:57:9d:28:08:9a:cc:2e:06:92:7d:90:00:9c:c0:41:fd:f0:
af:4b:9f:1b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYkuwADzIwcm/9jTBtccLmfvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVjZjdjYTlmZmFmZTcyYTMwOTY2ZjdlNDNkOTJiNThlNzc0
Y2U3NDEwHhcNMjMwNzA3MDUwODAyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MGJkZjE0YmNiOTg5YzZlOGE5YjRhMWQ4MTg3N2M3YTIxNGEzMDUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlPrda/Hldi8m5mx2e8wX306VVaVU
RVYOi2au1NUsHUfoi5FJZrz7M28g80erfJtf4aShEeaWfblnWvs47tvb5vDGB1WC
OCt+wgyvlJymD9MMbfcMRfUvga417YcWOb8ubMXPALzbzCEzp2Rp+rcW02j5edGc
n/HWI7Pnf0ud3+jmjbQl6y7fxJtyQCZnJvYqOHl5pY614r6LAZxcA1G2hAcjO7ma
7OiiUnnKzfaDokIurfKvUd2TiZHA9msVjP0V7MFGFVAAPfiN6ymWd5L1h2R66Mp0
CmhEa0xo1rIynBqkJkFRs9fkpNy/p2yL9rHas6ThIRRepLAZLWY5TWskCQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIC98UvLmJxuiptKHYGHfHohSjBSMB8GA1UdIwQY
MBaAFOz3yp/6/nKjCWb35D2StY53TOdBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN1BmS25fci1jcU1KWnZma1BaSzFqbmRNNTBFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy8zMjc3OWQtMzY1Ni00NGMwLThhYjUt
OTgxZmJiMzQ0MmRkLzEvZ0wzeFM4dVluRzZLbTBvZGdZZDhlaUZLTUZJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy8zMjc3OWQtMzY1Ni00NGMwLThhYjUtOTgxZmJiMzQ0MmRk
LzEvN1BmS25fci1jcU1KWnZma1BaSzFqbmRNNTBFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwSCwMA0G
CSqGSIb3DQEBCwUAA4IBAQCVSbNC2pQhF/zq9+WpLxBRevl8Ue6b1364X2iNGW81
qSvwQaEy/HDjncK7poWmaWMguLiAsxOeNMErVjTTYgJEHLbmVsM3n0nVqqpP8Ff9
v8zikcvig53mYBcDTFiqc9PzgYoqzQs2Dri++xj1rUVArKQFpUpr5KidncOqJxMZ
e3UJ2aknmW8gqmfG8qEhE6IyAl4C9k+Rx4L4/7uFSt+w0Fmh1UD5DI746Kuys9gv
RqvfIvmhyN9lK+Y7ByvlllCJmObDbnb75QQ/CvE1soBAtaFjt+EjueE28tQ/6RLd
n2adiKAnEek4uxxYV50oCJrMLgaSfZAAnMBB/fCvS58b
-----END CERTIFICATE-----
Generated at Mon Apr 7 20:05:28 2025 by rpki-client