Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/37/8809bb-2468-41e6-8a42-de25cdc8f211/1/GldK7K5kE8e0tr6MSInINq3OgqE.roa
File: GldK7K5kE8e0tr6MSInINq3OgqE.roa (raw, json)
Hash identifier: MgeogbIE1Fl7983qFeo0TFXtcLgr2Ij3DZxOa0gOJS4=
Subject key identifier: 1A:57:4A:EC:AE:64:13:C7:B4:B6:BE:8C:48:89:C8:36:AD:CE:82:A1
Certificate issuer: /CN=45fd3374c7ac3c03778707f367f9148f1fe0390d
Certificate serial: 0185F29BB2DD0F8BA0E50B4EC1452618F464
Authority key identifier: 45:FD:33:74:C7:AC:3C:03:77:87:07:F3:67:F9:14:8F:1F:E0:39:0D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Rf0zdMesPAN3hwfzZ_kUjx_gOQ0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/37/8809bb-2468-41e6-8a42-de25cdc8f211/1/GldK7K5kE8e0tr6MSInINq3OgqE.roa
Signing time: Fri 27 Jan 2023 09:42:48 +0000
ROA not before: Fri 27 Jan 2023 09:42:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 16177
IP address blocks: 193.41.176.0/22 maxlen: 24
194.9.220.0/23 maxlen: 24
82.195.32.0/19 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:f2:9b:b2:dd:0f:8b:a0:e5:0b:4e:c1:45:26:18:f4:64
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=45fd3374c7ac3c03778707f367f9148f1fe0390d
Validity
Not Before: Jan 27 09:42:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1a574aecae6413c7b4b6be8c4889c836adce82a1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:6c:fb:5c:43:1a:d1:8d:2a:0b:c1:e8:07:9c:
7e:37:cb:4c:c2:69:1f:f3:60:86:2a:6e:48:cc:bf:
b5:6a:6c:16:42:14:de:2f:3e:90:b6:a9:2a:d4:f7:
fb:c9:3d:05:c6:64:4a:83:aa:4b:a2:da:42:2f:d6:
6f:92:a3:ae:12:9e:21:cd:2e:bd:21:13:85:71:70:
6a:4b:80:e6:cb:d6:4a:b9:55:17:a7:16:39:63:68:
c1:df:b8:64:e0:e4:d5:57:30:00:0c:28:ba:af:06:
aa:f9:e6:27:96:6a:cb:b0:ba:3d:12:01:2b:1c:37:
31:a3:e2:3c:c0:74:36:da:cd:75:33:25:f2:a7:ae:
71:10:cd:43:54:78:90:35:9b:51:91:0d:eb:15:bf:
e0:8c:da:d3:20:cd:ab:04:2e:cc:f3:e6:5d:be:40:
f6:6e:29:79:a1:b0:86:5c:59:cb:99:a1:58:88:84:
4d:f2:5f:0e:f2:2b:fc:52:3c:de:3f:49:c3:73:af:
f9:6a:6c:2b:66:16:51:c9:17:fa:0e:d7:7e:91:93:
e0:69:e6:7b:5a:eb:35:57:e5:39:45:2c:70:c7:69:
2a:f1:82:44:11:d0:69:e4:b7:fc:cb:d8:cb:d6:a5:
df:fb:46:2f:91:5f:2a:2d:5d:66:be:13:39:ec:9b:
23:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1A:57:4A:EC:AE:64:13:C7:B4:B6:BE:8C:48:89:C8:36:AD:CE:82:A1
X509v3 Authority Key Identifier:
keyid:45:FD:33:74:C7:AC:3C:03:77:87:07:F3:67:F9:14:8F:1F:E0:39:0D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Rf0zdMesPAN3hwfzZ_kUjx_gOQ0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/37/8809bb-2468-41e6-8a42-de25cdc8f211/1/GldK7K5kE8e0tr6MSInINq3OgqE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/37/8809bb-2468-41e6-8a42-de25cdc8f211/1/Rf0zdMesPAN3hwfzZ_kUjx_gOQ0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.195.32.0/19
193.41.176.0/22
194.9.220.0/23
Signature Algorithm: sha256WithRSAEncryption
c0:55:77:98:34:3b:91:4c:41:2a:f5:bb:90:d8:ee:02:44:a0:
da:72:b5:7f:00:49:6b:73:79:29:37:8b:43:ff:94:d8:ec:34:
e0:96:2c:ff:92:6c:da:4d:1b:83:88:1a:ff:df:89:1b:d5:5c:
4f:af:7d:91:07:e7:b8:da:75:c9:f2:c2:a6:09:e5:69:54:83:
b7:cd:9f:e0:8b:fb:34:e8:ac:0b:ab:3a:44:82:48:b5:55:09:
8a:12:aa:fc:5e:1a:e9:be:41:14:22:c7:fb:b7:a4:4c:77:67:
62:22:bb:52:c3:85:c4:5a:83:14:90:c2:2c:b2:bc:e7:09:b7:
50:61:7f:a8:d1:30:4c:e1:95:39:be:f1:17:0d:66:61:f3:4c:
b9:55:91:92:44:2c:3e:4a:8f:82:cc:6e:e4:bc:bc:91:2a:b9:
d9:c7:92:ae:8d:d2:d8:ae:c4:43:ec:5a:8b:7e:6a:10:3f:8b:
8b:3e:8c:e9:4f:fd:98:42:7e:60:12:c9:f0:72:1a:15:7d:99:
fc:80:df:4b:87:f0:84:ea:85:1f:f8:2c:87:5b:f1:9b:d4:be:
cb:1c:d4:34:e8:ee:e0:f1:91:d7:d0:11:52:ca:aa:50:2e:0d:
60:89:29:61:0a:c0:3e:15:0c:eb:63:76:03:cc:63:92:05:52:
22:b5:9c:d1
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYXym7LdD4ug5QtOwUUmGPRkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ1ZmQzMzc0YzdhYzNjMDM3Nzg3MDdmMzY3ZjkxNDhmMWZl
MDM5MGQwHhcNMjMwMTI3MDk0MjQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYTU3NGFlY2FlNjQxM2M3YjRiNmJlOGM0ODg5YzgzNmFkY2U4MmExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz2z7XEMa0Y0qC8HoB5x+N8tMwmkf
82CGKm5IzL+1amwWQhTeLz6Qtqkq1Pf7yT0FxmRKg6pLotpCL9ZvkqOuEp4hzS69
IROFcXBqS4Dmy9ZKuVUXpxY5Y2jB37hk4OTVVzAADCi6rwaq+eYnlmrLsLo9EgEr
HDcxo+I8wHQ22s11MyXyp65xEM1DVHiQNZtRkQ3rFb/gjNrTIM2rBC7M8+ZdvkD2
bil5obCGXFnLmaFYiIRN8l8O8iv8UjzeP0nDc6/5amwrZhZRyRf6Dtd+kZPgaeZ7
Wus1V+U5RSxwx2kq8YJEEdBp5Lf8y9jL1qXf+0YvkV8qLV1mvhM57Jsj8QIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFBpXSuyuZBPHtLa+jEiJyDatzoKhMB8GA1UdIwQY
MBaAFEX9M3THrDwDd4cH82f5FI8f4DkNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUmYwemRNZXNQQU4zaHdmelpfa1VqeF9nT1EwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNy84ODA5YmItMjQ2OC00MWU2LThhNDIt
ZGUyNWNkYzhmMjExLzEvR2xkSzdLNWtFOGUwdHI2TVNJbklOcTNPZ3FFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNy84ODA5YmItMjQ2OC00MWU2LThhNDItZGUyNWNkYzhmMjEx
LzEvUmYwemRNZXNQQU4zaHdmelpfa1VqeF9nT1EwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQFUsMgAwQC
wSmwAwQBwgncMA0GCSqGSIb3DQEBCwUAA4IBAQDAVXeYNDuRTEEq9buQ2O4CRKDa
crV/AElrc3kpN4tD/5TY7DTgliz/kmzaTRuDiBr/34kb1VxPr32RB+e42nXJ8sKm
CeVpVIO3zZ/gi/s06KwLqzpEgki1VQmKEqr8XhrpvkEUIsf7t6RMd2diIrtSw4XE
WoMUkMIssrznCbdQYX+o0TBM4ZU5vvEXDWZh80y5VZGSRCw+So+CzG7kvLyRKrnZ
x5KujdLYrsRD7FqLfmoQP4uLPozpT/2YQn5gEsnwchoVfZn8gN9Lh/CE6oUf+CyH
W/Gb1L7LHNQ06O7g8ZHX0BFSyqpQLg1giSlhCsA+FQzrY3YDzGOSBVIitZzR
-----END CERTIFICATE-----
Generated at Tue Apr 15 05:39:29 2025 by rpki-client