Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/68/7c66b0-c808-45a1-9b50-5e758e81eff6/1/gbHcj17UJ7B1zonOBxlZoEGjgtI.roa
File: gbHcj17UJ7B1zonOBxlZoEGjgtI.roa (raw, json)
Hash identifier: tuZbf/vWDI+R+QXWalnSMOM5Rv7p5ZMjU5ghHtqNaVo=
Subject key identifier: 81:B1:DC:8F:5E:D4:27:B0:75:CE:89:CE:07:19:59:A0:41:A3:82:D2
Certificate issuer: /CN=67af9014b0dedd2c04840ae385b5339f6c6790f5
Certificate serial: 01856E6FB4FFF4BF29E863F58D076DD71CA6
Authority key identifier: 67:AF:90:14:B0:DE:DD:2C:04:84:0A:E3:85:B5:33:9F:6C:67:90:F5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Z6-QFLDe3SwEhArjhbUzn2xnkPU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/68/7c66b0-c808-45a1-9b50-5e758e81eff6/1/gbHcj17UJ7B1zonOBxlZoEGjgtI.roa
Signing time: Sun 01 Jan 2023 17:44:52 +0000
ROA not before: Sun 01 Jan 2023 17:44:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 44491
IP address blocks: 62.182.8.0/21 maxlen: 24
2a00:5180:1::/48 maxlen: 48
2a00:5180:2::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:6f:b4:ff:f4:bf:29:e8:63:f5:8d:07:6d:d7:1c:a6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=67af9014b0dedd2c04840ae385b5339f6c6790f5
Validity
Not Before: Jan 1 17:44:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=81b1dc8f5ed427b075ce89ce071959a041a382d2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:06:69:3c:8d:6c:5b:fb:80:c5:e2:f3:3c:cf:
f4:fd:49:e3:47:00:6d:46:ca:26:51:e6:fd:3a:73:
7e:84:f9:61:f7:d4:84:cf:18:56:3c:c0:fe:4b:9d:
5d:b7:40:7f:2d:15:b5:7c:83:5e:da:9a:8c:92:27:
ea:c3:bf:78:73:62:62:77:53:79:20:dd:86:c8:5a:
09:6c:46:55:a9:95:ae:ab:ad:66:9b:ae:34:db:fb:
21:dc:b7:d9:4b:e4:50:87:27:6a:5b:0f:f3:e6:c2:
f5:bb:9b:2d:83:f6:95:c3:7d:f1:c0:f2:1a:f2:25:
d5:89:58:57:2d:e3:b7:a4:ae:99:a9:3f:c6:9c:e7:
d8:e1:55:f7:a3:d3:f1:52:d0:f4:7f:70:1d:37:08:
52:7b:89:13:78:a0:1d:86:7d:b3:93:c1:1a:74:ac:
c8:83:43:61:8b:72:f1:b8:3d:28:db:f7:76:99:ef:
14:eb:1a:b0:87:8a:6e:60:f0:d5:13:c7:1a:65:81:
df:1f:18:ee:8d:f5:78:24:76:1b:5e:6d:86:6d:7b:
59:5f:7f:d2:ab:d3:c1:6a:bc:34:2e:26:1a:af:3e:
0b:c2:bf:18:83:2f:b8:4f:de:29:58:15:b5:1f:18:
7a:55:51:23:e7:df:0c:c3:9c:86:5d:e5:9f:a8:dd:
c8:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
81:B1:DC:8F:5E:D4:27:B0:75:CE:89:CE:07:19:59:A0:41:A3:82:D2
X509v3 Authority Key Identifier:
keyid:67:AF:90:14:B0:DE:DD:2C:04:84:0A:E3:85:B5:33:9F:6C:67:90:F5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Z6-QFLDe3SwEhArjhbUzn2xnkPU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/68/7c66b0-c808-45a1-9b50-5e758e81eff6/1/gbHcj17UJ7B1zonOBxlZoEGjgtI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/68/7c66b0-c808-45a1-9b50-5e758e81eff6/1/Z6-QFLDe3SwEhArjhbUzn2xnkPU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.182.8.0/21
IPv6:
2a00:5180:1::-2a00:5180:2:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
87:c3:f1:30:c6:3a:0a:eb:3d:c6:30:a5:0f:fb:f0:b1:72:57:
2e:cd:8e:29:01:57:4f:ad:cc:f5:5f:96:4a:29:a4:d2:cc:60:
31:7f:fb:12:99:84:f8:ac:0e:fa:a9:49:aa:73:6d:7a:21:da:
f7:7a:78:b5:ea:67:b9:71:22:4b:94:81:d2:c0:75:da:13:2c:
af:38:b2:3d:d8:55:12:30:8f:4e:3e:d8:98:ec:ed:fd:6d:a4:
93:e8:ea:1c:69:f7:f6:66:34:62:48:ca:f3:08:9c:a7:b8:e8:
28:ba:6c:1c:57:38:9c:66:b2:1d:a5:82:de:83:95:d4:d8:2b:
53:e8:d5:22:98:c6:c2:7d:be:95:c8:89:0f:cf:8d:5d:17:fd:
9a:e0:ce:fc:69:7e:f0:da:4a:55:7a:50:f2:3a:0d:f6:58:f2:
ff:2c:5c:df:c5:7d:20:ba:33:f9:de:f9:41:f4:45:12:59:a4:
f0:c1:60:ae:ee:d0:2e:01:97:1d:8f:04:81:7e:b5:91:66:64:
a6:fd:86:5f:e7:0c:32:df:37:36:51:45:56:e6:4b:67:a4:2c:
bc:8a:d7:7f:2b:34:da:52:ef:21:13:71:b7:b0:4d:ea:56:a1:
66:4c:33:db:09:7f:e4:dc:dc:f8:42:4d:d0:9f:b9:c2:54:a8:
7f:29:5b:b2
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAYVub7T/9L8p6GP1jQdt1xymMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY3YWY5MDE0YjBkZWRkMmMwNDg0MGFlMzg1YjUzMzlmNmM2
NzkwZjUwHhcNMjMwMTAxMTc0NDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MWIxZGM4ZjVlZDQyN2IwNzVjZTg5Y2UwNzE5NTlhMDQxYTM4MmQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAygZpPI1sW/uAxeLzPM/0/UnjRwBt
RsomUeb9OnN+hPlh99SEzxhWPMD+S51dt0B/LRW1fINe2pqMkifqw794c2Jid1N5
IN2GyFoJbEZVqZWuq61mm6402/sh3LfZS+RQhydqWw/z5sL1u5stg/aVw33xwPIa
8iXViVhXLeO3pK6ZqT/GnOfY4VX3o9PxUtD0f3AdNwhSe4kTeKAdhn2zk8EadKzI
g0Nhi3LxuD0o2/d2me8U6xqwh4puYPDVE8caZYHfHxjujfV4JHYbXm2GbXtZX3/S
q9PBarw0LiYarz4Lwr8Ygy+4T94pWBW1Hxh6VVEj598Mw5yGXeWfqN3InwIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFIGx3I9e1Cewdc6JzgcZWaBBo4LSMB8GA1UdIwQY
MBaAFGevkBSw3t0sBIQK44W1M59sZ5D1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWjYtUUZMRGUzU3dFaEFyamhiVXpuMnhua1BVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OC83YzY2YjAtYzgwOC00NWExLTliNTAt
NWU3NThlODFlZmY2LzEvZ2JIY2oxN1VKN0Ixem9uT0J4bFpvRUdqZ3RJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OC83YzY2YjAtYzgwOC00NWExLTliNTAtNWU3NThlODFlZmY2
LzEvWjYtUUZMRGUzU3dFaEFyamhiVXpuMnhua1BVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjAMBAIAATAGAwQDPrYIMBoE
AgACMBQwEgMHACoAUYAAAQMHACoAUYAAAjANBgkqhkiG9w0BAQsFAAOCAQEAh8Px
MMY6Cus9xjClD/vwsXJXLs2OKQFXT63M9V+WSimk0sxgMX/7EpmE+KwO+qlJqnNt
eiHa93p4tepnuXEiS5SB0sB12hMsrziyPdhVEjCPTj7YmOzt/W2kk+jqHGn39mY0
YkjK8wicp7joKLpsHFc4nGayHaWC3oOV1NgrU+jVIpjGwn2+lciJD8+NXRf9muDO
/Gl+8NpKVXpQ8joN9ljy/yxc38V9ILoz+d75QfRFElmk8MFgru7QLgGXHY8EgX61
kWZkpv2GX+cMMt83NlFFVuZLZ6QsvIrXfys02lLvIRNxt7BN6lahZkwz2wl/5Nzc
+EJN0J+5wlSofylbsg==
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:16:17 2025 by rpki-client