Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/33/ac689b-0e36-49fd-8f9c-ded720142744/1/p4QhTOtQMYzii5xQgn4O_qNUdrU.roa
File: p4QhTOtQMYzii5xQgn4O_qNUdrU.roa (raw, json)
Hash identifier: vknNb7HiPMY48f3hGXAM0GwHwUavO7hrXr2ffhETH0w=
Subject key identifier: A7:84:21:4C:EB:50:31:8C:E2:8B:9C:50:82:7E:0E:FE:A3:54:76:B5
Certificate issuer: /CN=826be1fb71af48d6b318510aa8bdf9a815f33db8
Certificate serial: 018B90703AA8DD42E5E02D56BBBA3448061A
Authority key identifier: 82:6B:E1:FB:71:AF:48:D6:B3:18:51:0A:A8:BD:F9:A8:15:F3:3D:B8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gmvh-3GvSNazGFEKqL35qBXzPbg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/33/ac689b-0e36-49fd-8f9c-ded720142744/1/p4QhTOtQMYzii5xQgn4O_qNUdrU.roa
Signing time: Thu 02 Nov 2023 14:29:15 +0000
ROA not before: Thu 02 Nov 2023 14:29:15 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 57043
IP address blocks: 192.166.227.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:90:70:3a:a8:dd:42:e5:e0:2d:56:bb:ba:34:48:06:1a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=826be1fb71af48d6b318510aa8bdf9a815f33db8
Validity
Not Before: Nov 2 14:29:15 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a784214ceb50318ce28b9c50827e0efea35476b5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:1b:31:3c:80:76:47:ea:83:47:de:32:ad:4c:
82:30:9b:40:d8:ab:38:e2:6e:83:8f:21:b4:d3:c2:
30:0e:e4:b3:7c:fa:33:7f:d0:f6:6f:ee:ef:32:ff:
75:1d:23:f8:3c:61:f4:bf:4f:f6:79:17:b7:5e:1d:
51:80:ed:6f:70:36:9d:9d:5c:34:b0:df:6c:c1:ab:
b7:c9:fd:1c:82:87:0a:cf:8d:4b:4f:80:94:29:b1:
8d:9e:66:92:62:d3:60:e6:74:fe:c4:85:a1:1e:1f:
8f:8e:e8:64:96:72:d6:6e:53:bb:8b:bb:00:db:81:
fd:47:4d:04:e7:2c:bf:c0:ca:56:2d:0f:cd:a8:7f:
5b:67:56:e9:3a:38:4a:e7:76:64:ec:64:d9:b3:5e:
53:86:ce:d6:2f:48:5b:aa:7c:85:63:7d:83:b5:9b:
56:7e:53:59:f8:7b:e9:2f:0f:88:0d:30:78:12:43:
63:ad:46:64:c0:4a:97:30:8f:5e:0a:8e:c1:9c:5e:
a6:08:e3:ad:03:41:4c:10:72:c2:75:49:cd:bd:cd:
65:90:bb:eb:0f:48:f1:24:67:2a:f4:a0:cd:4f:d2:
e8:d8:43:c6:26:dc:5a:54:4d:c2:87:fb:04:58:a7:
e8:39:01:f1:d3:f7:5f:ee:92:8a:cf:86:fc:ea:d2:
5c:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A7:84:21:4C:EB:50:31:8C:E2:8B:9C:50:82:7E:0E:FE:A3:54:76:B5
X509v3 Authority Key Identifier:
keyid:82:6B:E1:FB:71:AF:48:D6:B3:18:51:0A:A8:BD:F9:A8:15:F3:3D:B8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gmvh-3GvSNazGFEKqL35qBXzPbg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/33/ac689b-0e36-49fd-8f9c-ded720142744/1/p4QhTOtQMYzii5xQgn4O_qNUdrU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/33/ac689b-0e36-49fd-8f9c-ded720142744/1/gmvh-3GvSNazGFEKqL35qBXzPbg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.166.227.0/24
Signature Algorithm: sha256WithRSAEncryption
9e:63:b4:ba:60:c6:e9:59:a7:d3:35:11:1b:79:16:61:1f:9d:
31:3e:3a:a4:85:87:b8:50:6f:bd:c7:53:bf:6b:d4:88:91:f7:
84:4e:24:7c:e9:27:09:37:9f:da:82:df:9d:bb:e6:21:1f:2a:
4a:62:f7:2a:21:e2:2d:fc:07:b6:a5:2f:02:67:ff:e7:f7:3c:
ff:ae:19:20:a8:7d:5d:ab:48:d5:f5:5c:d7:ea:9e:26:b3:f7:
f7:3a:9d:c6:4f:ae:b8:b3:6f:84:34:33:70:bb:9f:1d:ab:d5:
0f:a9:4a:75:13:8e:fb:dd:06:d3:db:be:ac:b4:85:d4:9c:54:
92:ec:a6:c9:cb:08:39:df:cb:31:4b:3c:fc:21:da:90:7f:7b:
aa:26:e4:af:fc:50:27:cb:e0:f5:b3:85:58:67:c0:92:2d:8c:
2e:21:71:1d:db:c4:bd:9a:11:1f:4a:d0:40:bc:dc:ab:8c:99:
8c:53:8f:99:67:1d:90:4e:ae:d7:0b:b1:98:76:c9:84:02:b3:
3f:81:1e:71:84:85:5d:05:48:eb:7d:c3:a4:22:27:65:4e:f4:
53:49:4b:a4:b7:83:72:32:7c:d1:18:3b:9b:1b:98:bd:f1:84:
db:d0:be:72:5b:a3:ee:db:cc:f2:ed:06:54:6a:1f:e8:54:0a:
c8:eb:50:53
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYuQcDqo3ULl4C1Wu7o0SAYaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgyNmJlMWZiNzFhZjQ4ZDZiMzE4NTEwYWE4YmRmOWE4MTVm
MzNkYjgwHhcNMjMxMTAyMTQyOTE1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNzg0MjE0Y2ViNTAzMThjZTI4YjljNTA4MjdlMGVmZWEzNTQ3NmI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmBsxPIB2R+qDR94yrUyCMJtA2Ks4
4m6DjyG008IwDuSzfPozf9D2b+7vMv91HSP4PGH0v0/2eRe3Xh1RgO1vcDadnVw0
sN9swau3yf0cgocKz41LT4CUKbGNnmaSYtNg5nT+xIWhHh+PjuhklnLWblO7i7sA
24H9R00E5yy/wMpWLQ/NqH9bZ1bpOjhK53Zk7GTZs15Ths7WL0hbqnyFY32DtZtW
flNZ+HvpLw+IDTB4EkNjrUZkwEqXMI9eCo7BnF6mCOOtA0FMEHLCdUnNvc1lkLvr
D0jxJGcq9KDNT9Lo2EPGJtxaVE3Ch/sEWKfoOQHx0/df7pKKz4b86tJcHwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKeEIUzrUDGM4oucUIJ+Dv6jVHa1MB8GA1UdIwQY
MBaAFIJr4ftxr0jWsxhRCqi9+agV8z24MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ212aC0zR3ZTTmF6R0ZFS3FMMzVxQlh6UGJnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMy9hYzY4OWItMGUzNi00OWZkLThmOWMt
ZGVkNzIwMTQyNzQ0LzEvcDRRaFRPdFFNWXppaTV4UWduNE9fcU5VZHJVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMy9hYzY4OWItMGUzNi00OWZkLThmOWMtZGVkNzIwMTQyNzQ0
LzEvZ212aC0zR3ZTTmF6R0ZFS3FMMzVxQlh6UGJnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwKbjMA0G
CSqGSIb3DQEBCwUAA4IBAQCeY7S6YMbpWafTNREbeRZhH50xPjqkhYe4UG+9x1O/
a9SIkfeETiR86ScJN5/agt+du+YhHypKYvcqIeIt/Ae2pS8CZ//n9zz/rhkgqH1d
q0jV9VzX6p4ms/f3Op3GT664s2+ENDNwu58dq9UPqUp1E4773QbT276stIXUnFSS
7KbJywg538sxSzz8IdqQf3uqJuSv/FAny+D1s4VYZ8CSLYwuIXEd28S9mhEfStBA
vNyrjJmMU4+ZZx2QTq7XC7GYdsmEArM/gR5xhIVdBUjrfcOkIidlTvRTSUukt4Ny
MnzRGDubG5i98YTb0L5yW6Pu28zy7QZUah/oVArI61BT
-----END CERTIFICATE-----
Generated at Thu Apr 17 07:38:36 2025 by rpki-client