Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7a/f96532-d7ff-4538-bccd-2d38e7779348/1/gxSGGBz54w53czrUhhF2wBPpd5Q.roa
File: gxSGGBz54w53czrUhhF2wBPpd5Q.roa (raw, json)
Hash identifier: OuxnbZ7x+ZnYaeFdymEcvaJcIAhFs/1sJmfefAyfyXQ=
Subject key identifier: 83:14:86:18:1C:F9:E3:0E:77:73:3A:D4:86:11:76:C0:13:E9:77:94
Certificate issuer: /CN=ba2f1a11de190c81c0b7752cf52b569425dc54cb
Certificate serial: 01856CEF242A2598FD00AE5D7F82E7577AB5
Authority key identifier: BA:2F:1A:11:DE:19:0C:81:C0:B7:75:2C:F5:2B:56:94:25:DC:54:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ui8aEd4ZDIHAt3Us9StWlCXcVMs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7a/f96532-d7ff-4538-bccd-2d38e7779348/1/gxSGGBz54w53czrUhhF2wBPpd5Q.roa
Signing time: Sun 01 Jan 2023 10:44:49 +0000
ROA not before: Sun 01 Jan 2023 10:44:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 12779
IP address blocks: 2a02:c480::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:ef:24:2a:25:98:fd:00:ae:5d:7f:82:e7:57:7a:b5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ba2f1a11de190c81c0b7752cf52b569425dc54cb
Validity
Not Before: Jan 1 10:44:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=831486181cf9e30e77733ad4861176c013e97794
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:89:5c:67:d6:e2:2e:2b:12:bf:d8:0e:77:c4:
d5:6b:f6:c7:e3:49:74:7d:a4:e1:c2:a8:bc:0d:19:
52:ea:2d:13:d9:d8:44:52:da:f2:67:c9:bd:0f:99:
0c:6f:f5:8a:a3:a0:8e:2c:70:f0:83:f0:9f:cd:0f:
bd:ab:67:08:9e:94:eb:1f:53:df:1c:d9:e9:e9:b1:
8e:5a:d6:be:f1:83:5a:7a:af:05:7b:18:45:25:d1:
89:17:4e:0f:9b:13:c7:4b:00:e5:eb:60:98:bc:03:
8e:76:bd:04:b7:da:09:58:c7:7f:8d:dc:91:af:b6:
e8:26:91:d2:5a:e2:7e:fe:dc:5c:10:6f:ef:e4:b8:
34:c5:94:1c:e3:8a:21:ec:40:ba:a2:0a:65:f3:34:
df:e9:07:f4:09:cd:b1:89:5b:b3:00:fc:22:41:b5:
22:cd:b1:ab:98:00:51:cc:3a:5f:c3:94:c9:ba:1f:
3f:88:1a:5d:c0:07:0a:c5:e5:58:d1:11:d3:35:3d:
8c:1b:a0:67:4d:67:15:83:08:7d:cb:4c:6d:5c:a5:
01:4d:cf:8c:e6:a3:05:26:7f:dd:97:a0:9c:5d:8b:
13:da:ef:ac:b2:9f:28:b7:9d:8b:28:52:cb:c6:e6:
c1:f3:44:e8:b7:3c:3c:dd:c8:da:b2:0d:29:5c:ea:
af:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
83:14:86:18:1C:F9:E3:0E:77:73:3A:D4:86:11:76:C0:13:E9:77:94
X509v3 Authority Key Identifier:
keyid:BA:2F:1A:11:DE:19:0C:81:C0:B7:75:2C:F5:2B:56:94:25:DC:54:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ui8aEd4ZDIHAt3Us9StWlCXcVMs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/f96532-d7ff-4538-bccd-2d38e7779348/1/gxSGGBz54w53czrUhhF2wBPpd5Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/f96532-d7ff-4538-bccd-2d38e7779348/1/ui8aEd4ZDIHAt3Us9StWlCXcVMs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a02:c480::/32
Signature Algorithm: sha256WithRSAEncryption
2b:60:55:88:b0:c4:3d:41:37:5e:9e:cf:f6:2b:57:4b:68:e2:
cc:b2:1b:3e:da:df:26:e0:75:68:74:ed:30:f9:83:69:07:2e:
e7:bb:59:1d:9b:39:19:41:fd:85:99:61:7f:9c:8f:3b:86:5c:
e1:8b:c5:f2:30:de:a5:12:ec:57:b3:d3:1a:58:d3:b1:a3:20:
5b:ae:5d:68:08:86:81:61:be:de:ed:82:1b:47:0b:73:7d:ef:
e1:7d:3c:4f:88:51:7a:2c:9b:1d:cf:19:22:a1:45:2a:ac:20:
d9:96:05:cc:45:ff:ed:05:ea:4d:3a:73:7e:95:b2:f8:f5:e7:
ff:d7:0a:db:fc:b2:0c:47:55:a0:0b:eb:9e:a3:1e:e5:c8:53:
7e:97:61:1c:51:fd:f8:c9:5e:fe:26:cc:b0:a4:0d:8c:9e:e9:
52:93:ca:cd:c7:f6:92:b3:be:85:89:20:61:6b:26:c1:ca:b8:
51:3b:d3:2d:ca:99:23:b9:33:06:2e:87:ae:bc:b1:9a:e0:a5:
af:86:66:08:0c:9a:b6:1d:81:d0:ea:76:ac:1b:78:39:f8:0c:
be:cf:0e:9b:ef:08:10:24:06:ae:5b:02:51:44:00:4e:09:3b:
47:00:91:5f:5f:92:e3:6a:37:b4:83:6b:dc:ee:fd:27:a8:e1:
8d:b5:d4:ad
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYVs7yQqJZj9AK5df4LnV3q1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJhMmYxYTExZGUxOTBjODFjMGI3NzUyY2Y1MmI1Njk0MjVk
YzU0Y2IwHhcNMjMwMTAxMTA0NDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MzE0ODYxODFjZjllMzBlNzc3MzNhZDQ4NjExNzZjMDEzZTk3Nzk0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuYlcZ9biLisSv9gOd8TVa/bH40l0
faThwqi8DRlS6i0T2dhEUtryZ8m9D5kMb/WKo6COLHDwg/CfzQ+9q2cInpTrH1Pf
HNnp6bGOWta+8YNaeq8FexhFJdGJF04PmxPHSwDl62CYvAOOdr0Et9oJWMd/jdyR
r7boJpHSWuJ+/txcEG/v5Lg0xZQc44oh7EC6ogpl8zTf6Qf0Cc2xiVuzAPwiQbUi
zbGrmABRzDpfw5TJuh8/iBpdwAcKxeVY0RHTNT2MG6BnTWcVgwh9y0xtXKUBTc+M
5qMFJn/dl6CcXYsT2u+ssp8ot52LKFLLxubB80Totzw83cjasg0pXOqv3QIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFIMUhhgc+eMOd3M61IYRdsAT6XeUMB8GA1UdIwQY
MBaAFLovGhHeGQyBwLd1LPUrVpQl3FTLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdWk4YUVkNFpESUhBdDNVczlTdFdsQ1hjVk1zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83YS9mOTY1MzItZDdmZi00NTM4LWJjY2Qt
MmQzOGU3Nzc5MzQ4LzEvZ3hTR0dCejU0dzUzY3pyVWhoRjJ3QlBwZDVRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83YS9mOTY1MzItZDdmZi00NTM4LWJjY2QtMmQzOGU3Nzc5MzQ4
LzEvdWk4YUVkNFpESUhBdDNVczlTdFdsQ1hjVk1zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKgLEgDAN
BgkqhkiG9w0BAQsFAAOCAQEAK2BViLDEPUE3Xp7P9itXS2jizLIbPtrfJuB1aHTt
MPmDaQcu57tZHZs5GUH9hZlhf5yPO4Zc4YvF8jDepRLsV7PTGljTsaMgW65daAiG
gWG+3u2CG0cLc33v4X08T4hReiybHc8ZIqFFKqwg2ZYFzEX/7QXqTTpzfpWy+PXn
/9cK2/yyDEdVoAvrnqMe5chTfpdhHFH9+Mle/ibMsKQNjJ7pUpPKzcf2krO+hYkg
YWsmwcq4UTvTLcqZI7kzBi6HrryxmuClr4ZmCAyath2B0Op2rBt4OfgMvs8Om+8I
ECQGrlsCUUQATgk7RwCRX1+S42o3tINr3O79J6jhjbXUrQ==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:20:37 2025 by rpki-client