Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/c99ae7-b671-40b9-bb1e-a19444f7a337/1/GVijo9jXITjx2WjBNAVljfYQ5lM.roa
File: GVijo9jXITjx2WjBNAVljfYQ5lM.roa (raw, json)
Hash identifier: N5wwG5cBvDjTIUyGSlrvLjDiqarKxCO3rzHjuTh30xM=
Subject key identifier: 19:58:A3:A3:D8:D7:21:38:F1:D9:68:C1:34:05:65:8D:F6:10:E6:53
Certificate issuer: /CN=d2f1c8842e7cf891b234d3a1e0e2e0ef73e842aa
Certificate serial: 0188D3D66967AF0F3217D3F6685547C0DC7C
Authority key identifier: D2:F1:C8:84:2E:7C:F8:91:B2:34:D3:A1:E0:E2:E0:EF:73:E8:42:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0vHIhC58-JGyNNOh4OLg73PoQqo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/09/c99ae7-b671-40b9-bb1e-a19444f7a337/1/GVijo9jXITjx2WjBNAVljfYQ5lM.roa
Signing time: Mon 19 Jun 2023 13:27:04 +0000
ROA not before: Mon 19 Jun 2023 13:27:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 8559
IP address blocks: 141.98.176.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:d3:d6:69:67:af:0f:32:17:d3:f6:68:55:47:c0:dc:7c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d2f1c8842e7cf891b234d3a1e0e2e0ef73e842aa
Validity
Not Before: Jun 19 13:27:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1958a3a3d8d72138f1d968c13405658df610e653
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:01:e6:e0:d1:85:03:8f:9f:da:f1:6d:e5:3f:
37:83:ab:10:4e:f9:f8:b4:7d:ff:d2:e3:34:ce:99:
11:6b:02:37:47:83:35:8d:60:1c:45:27:32:2b:fa:
0d:48:36:c9:4b:ec:a5:da:48:7a:4c:7b:70:96:4b:
fe:40:14:46:41:35:3d:7f:00:2f:8e:fe:4c:82:f2:
70:51:4e:1c:79:ef:0a:5b:fc:a9:20:90:7b:a5:3a:
2e:f2:2b:4b:6a:42:12:58:86:e8:db:3f:0f:22:8f:
ba:0b:c1:c3:25:7a:f6:ee:7b:c4:61:2d:6f:61:d3:
90:4a:98:25:8c:25:42:65:39:bf:72:45:d2:58:87:
fc:1c:cf:fa:fe:df:a7:57:a6:db:45:a9:32:2d:04:
86:c3:43:1e:da:09:a3:62:69:b9:a7:f1:a9:15:81:
d9:6f:2d:f1:9e:75:09:5b:5d:5a:23:5e:41:ca:03:
f2:66:37:16:ea:8e:10:f6:76:1b:28:64:4f:9c:f0:
01:e6:3e:da:1e:6b:41:2b:58:31:e9:ab:41:34:b1:
f7:ee:a4:e5:09:21:b8:71:57:2d:d5:6e:e5:dc:69:
63:bb:12:6f:31:0a:7d:ed:18:bc:d6:eb:08:91:10:
53:87:b3:f8:a8:6b:53:4f:9c:42:a2:3b:df:a0:f6:
3e:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
19:58:A3:A3:D8:D7:21:38:F1:D9:68:C1:34:05:65:8D:F6:10:E6:53
X509v3 Authority Key Identifier:
keyid:D2:F1:C8:84:2E:7C:F8:91:B2:34:D3:A1:E0:E2:E0:EF:73:E8:42:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0vHIhC58-JGyNNOh4OLg73PoQqo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/c99ae7-b671-40b9-bb1e-a19444f7a337/1/GVijo9jXITjx2WjBNAVljfYQ5lM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/09/c99ae7-b671-40b9-bb1e-a19444f7a337/1/0vHIhC58-JGyNNOh4OLg73PoQqo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
141.98.176.0/22
Signature Algorithm: sha256WithRSAEncryption
5c:b7:0c:62:45:6c:47:d0:e2:be:27:18:a0:f6:90:34:cd:23:
54:dd:6c:d6:01:a8:97:17:b0:6a:2b:0e:eb:ca:23:06:85:61:
76:49:2c:02:c3:88:ab:2d:25:cf:00:d3:67:00:4e:f0:07:9d:
93:87:65:4e:83:4d:4f:69:29:6f:7a:66:74:63:56:f4:4a:cb:
de:fb:0a:39:3e:bd:1b:09:c8:35:27:81:22:3b:a0:c6:68:ec:
ab:df:3a:53:19:f2:20:06:9a:0c:98:da:c9:88:95:f4:c4:8c:
f3:44:79:56:55:4a:c4:86:f6:55:4d:bc:25:53:74:a4:5a:6a:
4a:43:bc:db:34:31:15:73:35:01:c1:6d:57:27:11:3f:c7:76:
8e:5b:ae:1b:8a:34:e9:1f:54:21:15:86:ed:77:08:ea:09:40:
81:92:5b:55:86:1d:04:83:43:af:db:e5:8a:f1:b6:f4:78:71:
32:78:51:64:d8:f9:fd:24:36:14:9f:bc:76:dd:c6:0e:2a:97:
a6:40:55:ea:19:14:e0:c5:0c:51:46:45:32:40:87:d0:60:70:
dd:a9:40:78:55:4a:ed:78:31:cf:31:3d:bc:63:f3:8b:07:0e:
9d:1a:44:18:4b:35:fb:89:50:86:ca:27:82:90:c7:df:b9:9e:
54:ed:88:d7
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYjT1mlnrw8yF9P2aFVHwNx8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQyZjFjODg0MmU3Y2Y4OTFiMjM0ZDNhMWUwZTJlMGVmNzNl
ODQyYWEwHhcNMjMwNjE5MTMyNzA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxOTU4YTNhM2Q4ZDcyMTM4ZjFkOTY4YzEzNDA1NjU4ZGY2MTBlNjUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtAHm4NGFA4+f2vFt5T83g6sQTvn4
tH3/0uM0zpkRawI3R4M1jWAcRScyK/oNSDbJS+yl2kh6THtwlkv+QBRGQTU9fwAv
jv5MgvJwUU4cee8KW/ypIJB7pTou8itLakISWIbo2z8PIo+6C8HDJXr27nvEYS1v
YdOQSpgljCVCZTm/ckXSWIf8HM/6/t+nV6bbRakyLQSGw0Me2gmjYmm5p/GpFYHZ
by3xnnUJW11aI15BygPyZjcW6o4Q9nYbKGRPnPAB5j7aHmtBK1gx6atBNLH37qTl
CSG4cVct1W7l3GljuxJvMQp97Ri81usIkRBTh7P4qGtTT5xCojvfoPY+0QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBlYo6PY1yE48dlowTQFZY32EOZTMB8GA1UdIwQY
MBaAFNLxyIQufPiRsjTToeDi4O9z6EKqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMHZISWhDNTgtSkd5Tk5PaDRPTGc3M1BvUXFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOS9jOTlhZTctYjY3MS00MGI5LWJiMWUt
YTE5NDQ0ZjdhMzM3LzEvR1Zpam85alhJVGp4MldqQk5BVmxqZllRNWxNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOS9jOTlhZTctYjY3MS00MGI5LWJiMWUtYTE5NDQ0ZjdhMzM3
LzEvMHZISWhDNTgtSkd5Tk5PaDRPTGc3M1BvUXFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCjWKwMA0G
CSqGSIb3DQEBCwUAA4IBAQBctwxiRWxH0OK+Jxig9pA0zSNU3WzWAaiXF7BqKw7r
yiMGhWF2SSwCw4irLSXPANNnAE7wB52Th2VOg01PaSlvemZ0Y1b0Ssve+wo5Pr0b
Ccg1J4EiO6DGaOyr3zpTGfIgBpoMmNrJiJX0xIzzRHlWVUrEhvZVTbwlU3SkWmpK
Q7zbNDEVczUBwW1XJxE/x3aOW64bijTpH1QhFYbtdwjqCUCBkltVhh0Eg0Ov2+WK
8bb0eHEyeFFk2Pn9JDYUn7x23cYOKpemQFXqGRTgxQxRRkUyQIfQYHDdqUB4VUrt
eDHPMT28Y/OLBw6dGkQYSzX7iVCGyieCkMffuZ5U7YjX
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:27:20 2025 by rpki-client