Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/ca618c-35ce-4d31-bb89-ce8dd6898b27/1/GHm8a5rVKc6Wn_OIP2U3OlAfyI4.roa
File: GHm8a5rVKc6Wn_OIP2U3OlAfyI4.roa (raw, json)
Hash identifier: evT+TgdNAqZqZ4/M5vjlXq1VAxG1xGx2aYL57D3UXHE=
Subject key identifier: 18:79:BC:6B:9A:D5:29:CE:96:9F:F3:88:3F:65:37:3A:50:1F:C8:8E
Certificate issuer: /CN=5484b53ec069e302623596fb3aa79f5d782c09f9
Certificate serial: 0183CC9F5159FF1BA36D563DDC6837845E52
Authority key identifier: 54:84:B5:3E:C0:69:E3:02:62:35:96:FB:3A:A7:9F:5D:78:2C:09:F9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VIS1PsBp4wJiNZb7OqefXXgsCfk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/40/ca618c-35ce-4d31-bb89-ce8dd6898b27/1/GHm8a5rVKc6Wn_OIP2U3OlAfyI4.roa
Signing time: Wed 12 Oct 2022 14:35:36 +0000
ROA not before: Wed 12 Oct 2022 14:35:36 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 25540
IP address blocks: 109.239.114.0/23 maxlen: 24
109.239.124.0/24 maxlen: 24
159.100.36.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:cc:9f:51:59:ff:1b:a3:6d:56:3d:dc:68:37:84:5e:52
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5484b53ec069e302623596fb3aa79f5d782c09f9
Validity
Not Before: Oct 12 14:35:36 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=1879bc6b9ad529ce969ff3883f65373a501fc88e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:79:da:db:07:bb:bd:d8:49:61:b7:d8:2b:62:
b6:55:50:48:a3:8b:43:8e:1f:b8:69:6b:63:ad:98:
81:5a:4a:ee:20:9a:47:f5:81:4f:ed:42:e1:56:80:
9f:b1:54:14:25:7e:85:ec:34:e1:23:c5:f1:37:17:
61:34:cf:fe:2e:9b:0e:b4:15:f3:1a:92:70:d5:c7:
26:66:bc:57:27:85:2b:2a:39:43:62:87:69:6c:dc:
9b:b2:c0:4c:31:c9:ff:e0:19:0a:44:ab:fc:07:7a:
03:e6:6b:98:9e:c4:34:82:ef:42:f5:89:03:b7:7b:
fb:7f:52:b0:75:80:cf:2d:25:89:5c:df:1c:a6:a9:
b7:1d:33:e6:5b:c7:bd:fe:73:24:ed:fe:51:50:11:
73:33:92:26:12:8a:6f:9f:d8:1c:2d:79:1e:9c:62:
07:23:b6:66:32:b2:f2:10:23:8d:66:31:ce:17:33:
de:f2:70:6a:29:c2:4e:f0:e9:0b:3d:fd:98:e5:c1:
de:4e:a9:c9:eb:6c:a2:a8:85:ea:2b:fe:b0:33:65:
3b:0f:42:6a:40:a9:94:5b:1c:7d:98:da:58:56:60:
30:36:82:40:7a:0a:24:b4:b4:e8:da:38:68:5a:ac:
64:74:39:a1:17:a2:2a:6d:00:ff:24:0c:ae:de:0f:
70:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
18:79:BC:6B:9A:D5:29:CE:96:9F:F3:88:3F:65:37:3A:50:1F:C8:8E
X509v3 Authority Key Identifier:
keyid:54:84:B5:3E:C0:69:E3:02:62:35:96:FB:3A:A7:9F:5D:78:2C:09:F9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VIS1PsBp4wJiNZb7OqefXXgsCfk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/ca618c-35ce-4d31-bb89-ce8dd6898b27/1/GHm8a5rVKc6Wn_OIP2U3OlAfyI4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/40/ca618c-35ce-4d31-bb89-ce8dd6898b27/1/VIS1PsBp4wJiNZb7OqefXXgsCfk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.239.114.0/23
109.239.124.0/24
159.100.36.0/23
Signature Algorithm: sha256WithRSAEncryption
ad:8a:f6:2f:42:90:df:22:ad:2e:b8:51:d3:c8:b7:a7:3a:5a:
3e:98:76:d7:53:35:fb:a8:fe:a4:7d:54:16:60:d4:32:30:91:
8b:bd:9a:e7:80:d8:6d:21:e3:cf:ad:25:05:85:1a:66:6d:a0:
4a:65:02:cd:f3:04:6b:0b:35:68:31:50:31:28:b2:c1:66:68:
d0:70:0f:5f:1c:a0:a7:a3:a8:a2:26:56:7d:5d:40:82:42:d6:
33:a9:54:ac:06:de:09:95:c7:ef:e3:cf:5b:90:ad:bc:6a:73:
a0:bc:3f:60:64:dc:6e:e9:25:40:6e:aa:21:cb:2e:74:a2:3d:
3d:04:cd:fb:2c:3b:ba:4e:59:26:2a:6c:7c:98:21:04:f7:f4:
87:8e:4a:94:f4:3f:50:78:b8:24:69:6e:30:b5:2b:c2:4c:3e:
ee:ac:62:c2:11:5d:f9:ed:3c:2a:67:59:18:00:4c:eb:55:e8:
40:f7:e3:8f:1b:8b:96:d4:51:f9:15:58:e3:e1:35:47:38:ab:
30:76:e7:a3:96:ec:58:fc:ab:f9:75:f1:b4:e7:94:77:28:c8:
5c:6f:ab:91:35:12:54:1c:bd:0c:27:79:a1:33:0e:08:26:bf:
03:bc:72:c7:99:fe:d5:4c:26:95:96:a4:53:c1:2f:18:b1:a4:
5f:72:bd:25
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYPMn1FZ/xujbVY93Gg3hF5SMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU0ODRiNTNlYzA2OWUzMDI2MjM1OTZmYjNhYTc5ZjVkNzgy
YzA5ZjkwHhcNMjIxMDEyMTQzNTM2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxODc5YmM2YjlhZDUyOWNlOTY5ZmYzODgzZjY1MzczYTUwMWZjODhlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoXna2we7vdhJYbfYK2K2VVBIo4tD
jh+4aWtjrZiBWkruIJpH9YFP7ULhVoCfsVQUJX6F7DThI8XxNxdhNM/+LpsOtBXz
GpJw1ccmZrxXJ4UrKjlDYodpbNybssBMMcn/4BkKRKv8B3oD5muYnsQ0gu9C9YkD
t3v7f1KwdYDPLSWJXN8cpqm3HTPmW8e9/nMk7f5RUBFzM5ImEopvn9gcLXkenGIH
I7ZmMrLyECONZjHOFzPe8nBqKcJO8OkLPf2Y5cHeTqnJ62yiqIXqK/6wM2U7D0Jq
QKmUWxx9mNpYVmAwNoJAegoktLTo2jhoWqxkdDmhF6IqbQD/JAyu3g9wVQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFBh5vGua1SnOlp/ziD9lNzpQH8iOMB8GA1UdIwQY
MBaAFFSEtT7AaeMCYjWW+zqnn114LAn5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVklTMVBzQnA0d0ppTlpiN09xZWZYWGdzQ2ZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC9jYTYxOGMtMzVjZS00ZDMxLWJiODkt
Y2U4ZGQ2ODk4YjI3LzEvR0htOGE1clZLYzZXbl9PSVAyVTNPbEFmeUk0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC9jYTYxOGMtMzVjZS00ZDMxLWJiODktY2U4ZGQ2ODk4YjI3
LzEvVklTMVBzQnA0d0ppTlpiN09xZWZYWGdzQ2ZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBbe9yAwQA
be98AwQBn2QkMA0GCSqGSIb3DQEBCwUAA4IBAQCtivYvQpDfIq0uuFHTyLenOlo+
mHbXUzX7qP6kfVQWYNQyMJGLvZrngNhtIePPrSUFhRpmbaBKZQLN8wRrCzVoMVAx
KLLBZmjQcA9fHKCno6iiJlZ9XUCCQtYzqVSsBt4Jlcfv489bkK28anOgvD9gZNxu
6SVAbqohyy50oj09BM37LDu6TlkmKmx8mCEE9/SHjkqU9D9QeLgkaW4wtSvCTD7u
rGLCEV357TwqZ1kYAEzrVehA9+OPG4uW1FH5FVjj4TVHOKswduejluxY/Kv5dfG0
55R3KMhcb6uRNRJUHL0MJ3mhMw4IJr8DvHLHmf7VTCaVlqRTwS8YsaRfcr0l
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:15:25 2025 by rpki-client