Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/32/15d896-2f69-4697-a6fc-08da6652a867/1/G5GPNUXUPdEMD412Jk1hR3I37XU.roa
File: G5GPNUXUPdEMD412Jk1hR3I37XU.roa (raw, json)
Hash identifier: vbYORIHfFyFmAmN5nmLaHHCxDhEI6ZOeOX4OnHb0eSQ=
Subject key identifier: 1B:91:8F:35:45:D4:3D:D1:0C:0F:8D:76:26:4D:61:47:72:37:ED:75
Certificate issuer: /CN=2d9e31c9029ee44bd681b515330335c6a1cfdeee
Certificate serial: 4197A39E
Authority key identifier: 2D:9E:31:C9:02:9E:E4:4B:D6:81:B5:15:33:03:35:C6:A1:CF:DE:EE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LZ4xyQKe5EvWgbUVMwM1xqHP3u4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/32/15d896-2f69-4697-a6fc-08da6652a867/1/G5GPNUXUPdEMD412Jk1hR3I37XU.roa
Signing time: Sat 01 Jan 2022 15:04:16 +0000
ROA not before: Sat 01 Jan 2022 15:04:16 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 44530
IP address blocks: 37.77.32.0/20 maxlen: 20
2a02:e5c::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1100456862 (0x4197a39e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2d9e31c9029ee44bd681b515330335c6a1cfdeee
Validity
Not Before: Jan 1 15:04:16 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=1b918f3545d43dd10c0f8d76264d61477237ed75
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:c8:6b:2e:3f:22:35:84:c9:91:4d:e0:df:13:
98:63:fe:b6:1e:88:ca:07:fa:9f:5d:27:f9:d2:d6:
a8:29:51:d3:cb:96:05:a5:ac:45:45:5b:80:87:b7:
6e:6f:d2:ee:87:69:23:c6:d7:0a:55:f9:b4:11:f2:
dd:99:28:a3:a3:28:c8:c4:ab:24:98:13:f7:1b:36:
70:62:f6:76:52:e2:d7:1e:2f:06:e0:e3:c6:a9:97:
62:de:23:c0:8b:87:73:68:12:3e:d1:a6:b1:44:11:
f2:ab:92:26:2c:14:29:4d:9a:3c:c1:94:a6:d5:a0:
7b:af:b1:e7:f8:ad:15:66:a3:b2:92:ef:31:b3:41:
ac:c7:2e:d9:04:f4:f5:d1:15:eb:79:76:e7:ac:43:
5c:11:e0:50:19:bc:a5:15:d9:fd:d4:3b:25:f1:bf:
1f:96:37:06:7b:13:78:a0:60:14:6f:6b:0b:a2:3a:
13:35:28:06:4c:03:11:76:93:b4:05:41:aa:f9:53:
a2:a1:e7:20:0f:83:15:3c:d7:39:17:7c:f6:5c:dc:
a4:08:f4:16:ed:17:61:19:91:9d:f8:e2:35:a1:6f:
15:9a:40:eb:ba:fc:95:94:2b:78:38:ef:1d:82:13:
89:68:0e:2f:36:d0:0a:1f:10:b6:cd:93:52:71:06:
c4:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1B:91:8F:35:45:D4:3D:D1:0C:0F:8D:76:26:4D:61:47:72:37:ED:75
X509v3 Authority Key Identifier:
keyid:2D:9E:31:C9:02:9E:E4:4B:D6:81:B5:15:33:03:35:C6:A1:CF:DE:EE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LZ4xyQKe5EvWgbUVMwM1xqHP3u4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/32/15d896-2f69-4697-a6fc-08da6652a867/1/G5GPNUXUPdEMD412Jk1hR3I37XU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/32/15d896-2f69-4697-a6fc-08da6652a867/1/LZ4xyQKe5EvWgbUVMwM1xqHP3u4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.77.32.0/20
IPv6:
2a02:e5c::/32
Signature Algorithm: sha256WithRSAEncryption
b8:22:49:e9:bc:ec:bd:f9:6b:2b:cb:64:7e:de:99:16:2e:36:
e2:69:e9:f3:4c:f3:4c:cd:b3:b3:0d:ed:f8:86:3e:5c:58:83:
8a:0a:97:f9:e5:af:8c:32:30:e7:54:09:ab:d5:d1:a8:1d:e3:
a3:2d:da:57:1c:6e:3a:93:af:25:bc:e8:19:63:82:d2:21:14:
71:b8:c7:bf:40:f5:7c:8f:59:68:58:75:8e:1b:ff:56:da:5d:
b6:68:2e:e7:9f:22:4f:80:2e:cb:68:a1:02:96:f6:ca:eb:07:
a4:6c:8d:c9:48:c6:ee:c2:3b:eb:d8:4d:cc:5f:d1:e4:8f:4e:
ab:4b:01:19:5d:03:86:ed:fc:d3:5f:49:47:70:3b:b9:a2:d3:
20:32:6f:7d:79:31:34:e8:49:39:78:37:60:24:6e:c4:38:fe:
eb:cc:70:6a:4a:f0:79:63:c1:76:ec:36:c7:96:5a:f6:fd:38:
05:44:7c:0f:f7:b1:24:f8:b7:ce:53:d2:a8:6e:16:bb:76:f1:
99:15:24:c5:da:f0:e2:b3:69:46:90:d0:e3:29:59:2b:3f:bd:
3a:13:bd:2f:05:9a:91:a3:45:d7:62:7e:8f:ee:66:70:94:cc:
8a:ab:8d:1c:fb:16:2d:7f:80:3a:80:b9:10:a6:31:ef:27:7f:
43:39:1c:1b
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIEQZejnjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
ZDllMzFjOTAyOWVlNDRiZDY4MWI1MTUzMzAzMzVjNmExY2ZkZWVlMB4XDTIyMDEw
MTE1MDQxNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMWI5MThmMzU0NWQ0
M2RkMTBjMGY4ZDc2MjY0ZDYxNDc3MjM3ZWQ3NTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALDIay4/IjWEyZFN4N8TmGP+th6Iygf6n10n+dLWqClR08uW
BaWsRUVbgIe3bm/S7odpI8bXClX5tBHy3Zkoo6MoyMSrJJgT9xs2cGL2dlLi1x4v
BuDjxqmXYt4jwIuHc2gSPtGmsUQR8quSJiwUKU2aPMGUptWge6+x5/itFWajspLv
MbNBrMcu2QT09dEV63l256xDXBHgUBm8pRXZ/dQ7JfG/H5Y3BnsTeKBgFG9rC6I6
EzUoBkwDEXaTtAVBqvlToqHnIA+DFTzXORd89lzcpAj0Fu0XYRmRnfjiNaFvFZpA
67r8lZQreDjvHYITiWgOLzbQCh8Qts2TUnEGxPMCAwEAAaOCAhgwggIUMB0GA1Ud
DgQWBBQbkY81RdQ90QwPjXYmTWFHcjftdTAfBgNVHSMEGDAWgBQtnjHJAp7kS9aB
tRUzAzXGoc/e7jAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0xaNHh5UUtlNUV2V2diVVZNd00xeHFIUDN1NC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzIvMTVkODk2LTJmNjktNDY5Ny1hNmZjLTA4ZGE2NjUyYTg2Ny8x
L0c1R1BOVVhVUGRFTUQ0MTJKazFoUjNJMzdYVS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzIv
MTVkODk2LTJmNjktNDY5Ny1hNmZjLTA4ZGE2NjUyYTg2Ny8xL0xaNHh5UUtlNUV2
V2diVVZNd00xeHFIUDN1NC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAu
BggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEBCVNIDANBAIAAjAHAwUAKgIOXDAN
BgkqhkiG9w0BAQsFAAOCAQEAuCJJ6bzsvflrK8tkft6ZFi424mnp80zzTM2zsw3t
+IY+XFiDigqX+eWvjDIw51QJq9XRqB3joy3aVxxuOpOvJbzoGWOC0iEUcbjHv0D1
fI9ZaFh1jhv/Vtpdtmgu558iT4Auy2ihApb2yusHpGyNyUjG7sI769hNzF/R5I9O
q0sBGV0Dhu38019JR3A7uaLTIDJvfXkxNOhJOXg3YCRuxDj+68xwakrweWPBduw2
x5Za9v04BUR8D/exJPi3zlPSqG4Wu3bxmRUkxdrw4rNpRpDQ4ylZKz+9OhO9LwWa
kaNF12J+j+5mcJTMiquNHPsWLX+AOoC5EKYx7yd/QzkcGw==
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:06:57 2025 by rpki-client