Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/7bc8da-cb82-4abc-b2f0-13b4b80c54ba/1/GpdsP-RQ-ZutG0N2SOXZZtkr3-w.roa
File: GpdsP-RQ-ZutG0N2SOXZZtkr3-w.roa (raw, json)
Hash identifier: JpRaW27deLJw5HTM3fMHHpEeW07ySLIPq0st/QR0ujs=
Subject key identifier: 1A:97:6C:3F:E4:50:F9:9B:AD:1B:43:76:48:E5:D9:66:D9:2B:DF:EC
Certificate issuer: /CN=1732f334d8abb68ef822546d8f6f8e81563c6fd9
Certificate serial: 0186FEB4CDB65A39D5F767C45095E1FEF21E
Authority key identifier: 17:32:F3:34:D8:AB:B6:8E:F8:22:54:6D:8F:6F:8E:81:56:3C:6F:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FzLzNNirto74IlRtj2-OgVY8b9k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/7bc8da-cb82-4abc-b2f0-13b4b80c54ba/1/GpdsP-RQ-ZutG0N2SOXZZtkr3-w.roa
Signing time: Mon 20 Mar 2023 11:08:27 +0000
ROA not before: Mon 20 Mar 2023 11:08:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 60939
IP address blocks: 2a13:1d40::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:fe:b4:cd:b6:5a:39:d5:f7:67:c4:50:95:e1:fe:f2:1e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1732f334d8abb68ef822546d8f6f8e81563c6fd9
Validity
Not Before: Mar 20 11:08:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1a976c3fe450f99bad1b437648e5d966d92bdfec
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:ba:4e:3b:2e:c1:c3:87:10:a5:31:7e:1c:3c:
84:3c:e3:fe:1c:83:b6:af:98:0c:c6:7a:a0:1e:5e:
e7:cc:86:0f:3b:7f:cd:37:cc:8a:f1:ec:07:f0:88:
e0:26:9b:74:81:af:e8:c1:9c:ce:7d:37:a4:b3:52:
f1:85:b9:55:86:1a:c4:9c:78:ba:e4:3b:23:80:3d:
1e:f7:e8:9d:91:e6:82:bd:2a:46:20:c5:5f:62:6d:
f4:b2:4f:a1:08:c4:98:ef:09:7b:eb:56:54:1a:31:
3d:30:17:0a:cb:e7:4c:b3:6a:8e:a6:3e:16:79:a4:
97:50:10:7b:de:68:4f:54:b1:87:7d:c0:ff:0e:73:
31:ab:68:e8:c2:5a:db:26:2d:5b:d5:9c:33:20:cb:
b2:da:de:ad:86:5f:72:8f:20:48:55:ef:1c:b0:ef:
e0:6b:b6:ae:28:63:19:53:fb:ff:cc:6f:67:17:5c:
bd:23:82:de:52:27:a6:f5:79:8b:96:35:70:0c:f4:
ce:6f:a3:b7:ea:7d:b9:12:35:6d:39:49:85:66:12:
59:d0:04:45:19:17:fb:35:95:ca:13:05:2a:d6:3e:
b7:97:5c:f9:d2:d5:25:89:af:f1:76:55:04:b8:f1:
35:bc:47:04:fd:c3:5e:cf:94:79:95:eb:bc:22:f3:
06:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1A:97:6C:3F:E4:50:F9:9B:AD:1B:43:76:48:E5:D9:66:D9:2B:DF:EC
X509v3 Authority Key Identifier:
keyid:17:32:F3:34:D8:AB:B6:8E:F8:22:54:6D:8F:6F:8E:81:56:3C:6F:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FzLzNNirto74IlRtj2-OgVY8b9k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/7bc8da-cb82-4abc-b2f0-13b4b80c54ba/1/GpdsP-RQ-ZutG0N2SOXZZtkr3-w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/7bc8da-cb82-4abc-b2f0-13b4b80c54ba/1/FzLzNNirto74IlRtj2-OgVY8b9k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:1d40::/29
Signature Algorithm: sha256WithRSAEncryption
18:e1:61:8f:3f:f4:d2:38:84:06:14:52:2b:5a:df:8d:8d:cb:
ab:d3:b0:01:0b:2e:5e:99:a4:1c:4f:27:8c:4b:bf:ee:ae:71:
fc:ae:6d:93:c1:f1:ea:8b:f3:3c:5a:e2:2c:ee:f7:b6:bc:cd:
89:d4:31:32:93:d1:58:30:cc:56:30:35:84:d9:ca:19:52:52:
e7:a3:b5:3a:81:f9:4e:79:8f:1d:d9:eb:54:da:a1:c8:1f:14:
8f:de:1c:98:37:5f:5f:62:88:46:a6:b6:9f:c0:1c:0a:4b:9f:
a2:80:9f:62:26:e9:e4:f3:2c:9f:7b:d5:4b:de:8c:7d:69:54:
b0:72:1a:a7:b5:0d:0e:16:a2:75:5f:04:5f:3a:84:be:27:79:
57:21:05:94:38:5e:ca:b8:c2:97:49:d8:89:b2:b8:d9:6b:a0:
9c:1b:4e:db:04:e4:52:cd:e0:78:c7:6c:fd:e8:49:a7:dd:e7:
95:5a:5f:4d:2c:39:3b:78:9d:3d:b5:9f:cd:05:59:f2:04:10:
92:29:1b:89:3b:f7:8c:18:04:2c:d2:f6:1b:ac:60:b9:20:3a:
17:2e:e1:f7:ee:23:bf:9b:44:f2:36:4f:56:d7:9c:97:21:46:
36:91:f4:90:98:1f:33:44:3a:53:77:a6:ee:3a:95:75:a9:88:
f7:31:d5:9f
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYb+tM22WjnV92fEUJXh/vIeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE3MzJmMzM0ZDhhYmI2OGVmODIyNTQ2ZDhmNmY4ZTgxNTYz
YzZmZDkwHhcNMjMwMzIwMTEwODI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYTk3NmMzZmU0NTBmOTliYWQxYjQzNzY0OGU1ZDk2NmQ5MmJkZmVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA17pOOy7Bw4cQpTF+HDyEPOP+HIO2
r5gMxnqgHl7nzIYPO3/NN8yK8ewH8IjgJpt0ga/owZzOfTeks1LxhblVhhrEnHi6
5DsjgD0e9+idkeaCvSpGIMVfYm30sk+hCMSY7wl761ZUGjE9MBcKy+dMs2qOpj4W
eaSXUBB73mhPVLGHfcD/DnMxq2jowlrbJi1b1ZwzIMuy2t6thl9yjyBIVe8csO/g
a7auKGMZU/v/zG9nF1y9I4LeUiem9XmLljVwDPTOb6O36n25EjVtOUmFZhJZ0ARF
GRf7NZXKEwUq1j63l1z50tUlia/xdlUEuPE1vEcE/cNez5R5leu8IvMGDwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFBqXbD/kUPmbrRtDdkjl2WbZK9/sMB8GA1UdIwQY
MBaAFBcy8zTYq7aO+CJUbY9vjoFWPG/ZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRnpMek5OaXJ0bzc0SWxSdGoyLU9nVlk4YjlrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC83YmM4ZGEtY2I4Mi00YWJjLWIyZjAt
MTNiNGI4MGM1NGJhLzEvR3Bkc1AtUlEtWnV0RzBOMlNPWFpadGtyMy13LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC83YmM4ZGEtY2I4Mi00YWJjLWIyZjAtMTNiNGI4MGM1NGJh
LzEvRnpMek5OaXJ0bzc0SWxSdGoyLU9nVlk4YjlrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKhMdQDAN
BgkqhkiG9w0BAQsFAAOCAQEAGOFhjz/00jiEBhRSK1rfjY3Lq9OwAQsuXpmkHE8n
jEu/7q5x/K5tk8Hx6ovzPFriLO73trzNidQxMpPRWDDMVjA1hNnKGVJS56O1OoH5
TnmPHdnrVNqhyB8Uj94cmDdfX2KIRqa2n8AcCkufooCfYibp5PMsn3vVS96MfWlU
sHIap7UNDhaidV8EXzqEvid5VyEFlDheyrjCl0nYibK42WugnBtO2wTkUs3geMds
/ehJp93nlVpfTSw5O3idPbWfzQVZ8gQQkikbiTv3jBgELNL2G6xguSA6Fy7h9+4j
v5tE8jZPVteclyFGNpH0kJgfM0Q6U3em7jqVdamI9zHVnw==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:12:23 2025 by rpki-client