Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/61/8d0cae-ec13-45fb-9afc-3d593ebe5220/1/GVadsi_jLwkyOrPMD6qFnINSwkw.roa
File: GVadsi_jLwkyOrPMD6qFnINSwkw.roa (raw, json)
Hash identifier: Xu1DbLxISDFQdxbD0vzH8yaIC+A3qnUHNzRS4fY4m20=
Subject key identifier: 19:56:9D:B2:2F:E3:2F:09:32:3A:B3:CC:0F:AA:85:9C:83:52:C2:4C
Certificate issuer: /CN=c6583f58c7110ad4cc609f4ffb7cab2f80c83581
Certificate serial: 0185728356FE0F9B67C27F9E12C5687B672E
Authority key identifier: C6:58:3F:58:C7:11:0A:D4:CC:60:9F:4F:FB:7C:AB:2F:80:C8:35:81
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xlg_WMcRCtTMYJ9P-3yrL4DINYE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/61/8d0cae-ec13-45fb-9afc-3d593ebe5220/1/GVadsi_jLwkyOrPMD6qFnINSwkw.roa
Signing time: Mon 02 Jan 2023 12:44:48 +0000
ROA not before: Mon 02 Jan 2023 12:44:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 15659
IP address blocks: 213.187.160.0/19 maxlen: 19
80.202.0.0/16 maxlen: 16
89.10.0.0/16 maxlen: 16
217.13.0.0/19 maxlen: 19
213.187.190.0/24 maxlen: 24
213.145.160.0/19 maxlen: 19
84.48.0.0/17 maxlen: 17
89.11.0.0/17 maxlen: 17
84.49.101.0/24 maxlen: 24
84.49.0.0/16 maxlen: 16
2a04:980::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:83:56:fe:0f:9b:67:c2:7f:9e:12:c5:68:7b:67:2e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c6583f58c7110ad4cc609f4ffb7cab2f80c83581
Validity
Not Before: Jan 2 12:44:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=19569db22fe32f09323ab3cc0faa859c8352c24c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:29:b5:75:2b:28:ac:90:e7:e8:27:59:2f:84:
e5:d5:5a:a0:c3:a1:1a:3c:94:e5:3e:21:f9:ee:b2:
39:57:87:48:88:0a:a6:c5:ab:70:a0:bf:23:b5:c8:
4c:79:f0:93:4f:0a:2f:c0:1f:1b:6d:c4:f1:17:78:
34:45:03:a4:a0:f2:e6:6c:3b:8f:6b:fb:fd:0f:aa:
5c:58:63:b7:ff:e4:d5:f8:30:7d:81:35:a3:8f:d4:
c4:cf:d1:cb:4d:03:fa:0b:e9:4d:cf:de:00:e0:85:
3c:e7:78:50:9c:c5:02:18:c3:cc:b3:e0:49:a7:1f:
ad:de:bb:a7:c1:ae:72:ff:f9:7a:3b:cd:fa:af:a2:
e4:1c:be:29:61:33:47:ec:9b:b1:41:38:96:ef:a0:
c5:d3:f5:21:ff:fc:41:8d:87:d7:b8:42:bd:e4:c1:
05:ab:6b:97:63:52:42:f2:43:ab:5c:2b:b9:18:aa:
24:d9:42:8b:a7:8b:df:47:f5:93:a9:df:c8:9c:a7:
96:80:a2:97:eb:20:83:33:75:8b:d1:c2:df:62:47:
26:cd:1c:6f:71:7f:75:6a:4c:72:30:96:8f:4e:3b:
f9:42:bd:dc:a4:a7:df:64:f4:b8:57:a7:37:4a:6a:
18:55:6b:11:00:d1:d2:45:f1:97:65:d3:e4:7c:17:
ff:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
19:56:9D:B2:2F:E3:2F:09:32:3A:B3:CC:0F:AA:85:9C:83:52:C2:4C
X509v3 Authority Key Identifier:
keyid:C6:58:3F:58:C7:11:0A:D4:CC:60:9F:4F:FB:7C:AB:2F:80:C8:35:81
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xlg_WMcRCtTMYJ9P-3yrL4DINYE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/61/8d0cae-ec13-45fb-9afc-3d593ebe5220/1/GVadsi_jLwkyOrPMD6qFnINSwkw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/61/8d0cae-ec13-45fb-9afc-3d593ebe5220/1/xlg_WMcRCtTMYJ9P-3yrL4DINYE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.202.0.0/16
84.48.0.0/17
84.49.0.0/16
89.10.0.0-89.11.127.255
213.145.160.0/19
213.187.160.0/19
217.13.0.0/19
IPv6:
2a04:980::/29
Signature Algorithm: sha256WithRSAEncryption
25:0c:aa:a8:9b:e8:af:09:b3:0d:c4:ff:36:99:4f:53:30:88:
5f:12:f1:0c:e6:93:55:c8:40:72:e4:2b:d7:b2:f0:65:13:41:
fd:fe:18:f7:d4:02:29:77:24:7c:2c:31:93:77:ec:aa:04:bd:
dc:b5:e6:1b:a6:04:3b:20:78:9f:6f:8b:ea:fb:f7:64:a7:61:
be:a1:61:3b:f4:50:6b:df:e8:17:7a:d8:97:16:26:99:3e:d3:
9a:b8:ef:84:67:8b:7b:69:a7:0c:b9:f1:d4:7f:bd:b5:2c:ae:
72:e3:91:29:6e:53:2f:84:09:85:ba:0a:5c:ee:aa:2f:ba:ec:
8d:b6:a7:23:55:99:a4:29:6b:0f:8e:c5:32:d8:cb:fd:77:f7:
75:49:8d:63:ab:f5:28:f6:35:71:90:0e:d8:a2:7e:29:44:49:
6e:3d:18:ae:0a:70:27:45:7f:93:b2:c7:a5:4c:c5:e5:94:fa:
16:0f:b7:8b:be:c6:72:b0:8e:c2:94:5b:6a:cd:da:22:c3:b0:
cc:d8:bd:62:9c:17:bc:74:82:24:33:65:4e:83:68:95:e0:db:
89:59:19:0b:f5:e7:26:5d:bb:0a:33:31:2e:78:0e:52:49:fe:
09:6c:ed:b8:28:86:9d:51:0d:97:87:8d:64:4d:65:53:03:22:
55:f0:d6:99
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgISAYVyg1b+D5tnwn+eEsVoe2cuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NTgzZjU4YzcxMTBhZDRjYzYwOWY0ZmZiN2NhYjJmODBj
ODM1ODEwHhcNMjMwMTAyMTI0NDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxOTU2OWRiMjJmZTMyZjA5MzIzYWIzY2MwZmFhODU5YzgzNTJjMjRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiCm1dSsorJDn6CdZL4Tl1Vqgw6Ea
PJTlPiH57rI5V4dIiAqmxatwoL8jtchMefCTTwovwB8bbcTxF3g0RQOkoPLmbDuP
a/v9D6pcWGO3/+TV+DB9gTWjj9TEz9HLTQP6C+lNz94A4IU853hQnMUCGMPMs+BJ
px+t3runwa5y//l6O836r6LkHL4pYTNH7JuxQTiW76DF0/Uh//xBjYfXuEK95MEF
q2uXY1JC8kOrXCu5GKok2UKLp4vfR/WTqd/InKeWgKKX6yCDM3WL0cLfYkcmzRxv
cX91akxyMJaPTjv5Qr3cpKffZPS4V6c3SmoYVWsRANHSRfGXZdPkfBf/VQIDAQAB
o4ICQTCCAj0wHQYDVR0OBBYEFBlWnbIv4y8JMjqzzA+qhZyDUsJMMB8GA1UdIwQY
MBaAFMZYP1jHEQrUzGCfT/t8qy+AyDWBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveGxnX1dNY1JDdFRNWUo5UC0zeXJMNERJTllFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MS84ZDBjYWUtZWMxMy00NWZiLTlhZmMt
M2Q1OTNlYmU1MjIwLzEvR1ZhZHNpX2pMd2t5T3JQTUQ2cUZuSU5Td2t3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MS84ZDBjYWUtZWMxMy00NWZiLTlhZmMtM2Q1OTNlYmU1MjIw
LzEveGxnX1dNY1JDdFRNWUo5UC0zeXJMNERJTllFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFcGCCsGAQUFBwEHAQH/BEgwRjA1BAIAATAvAwMAUMoDBAdU
MAADAwBUMTALAwMBWQoDBAdZCwADBAXVkaADBAXVu6ADBAXZDQAwDQQCAAIwBwMF
AyoECYAwDQYJKoZIhvcNAQELBQADggEBACUMqqib6K8Jsw3E/zaZT1MwiF8S8Qzm
k1XIQHLkK9ey8GUTQf3+GPfUAil3JHwsMZN37KoEvdy15humBDsgeJ9vi+r792Sn
Yb6hYTv0UGvf6Bd62JcWJpk+05q474Rni3tppwy58dR/vbUsrnLjkSluUy+ECYW6
Clzuqi+67I22pyNVmaQpaw+OxTLYy/1393VJjWOr9Sj2NXGQDtiifilESW49GK4K
cCdFf5Oyx6VMxeWU+hYPt4u+xnKwjsKUW2rN2iLDsMzYvWKcF7x0giQzZU6DaJXg
24lZGQv15yZduwozMS54DlJJ/gls7bgohp1RDZeHjWRNZVMDIlXw1pk=
-----END CERTIFICATE-----
Generated at Thu Mar 13 20:29:59 2025 by rpki-client