Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/74177c-5e3b-4836-8867-e8d47bba25bf/1/gdPz8MF8Ng1KCeRWsq8GsPX6mfQ.roa
File: gdPz8MF8Ng1KCeRWsq8GsPX6mfQ.roa (raw, json)
Hash identifier: ox7lcTUQsK9VTQ30ic2+JK1hPcX0NvsTKOW+fpiFF4g=
Subject key identifier: 81:D3:F3:F0:C1:7C:36:0D:4A:09:E4:56:B2:AF:06:B0:F5:FA:99:F4
Certificate issuer: /CN=d8a56e2d63ac5da9bed35da01cbfad225f04beb0
Certificate serial: 0185032B7EB4F4247FBC9AC77F5F32083BDD
Authority key identifier: D8:A5:6E:2D:63:AC:5D:A9:BE:D3:5D:A0:1C:BF:AD:22:5F:04:BE:B0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2KVuLWOsXam-012gHL-tIl8EvrA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/74177c-5e3b-4836-8867-e8d47bba25bf/1/gdPz8MF8Ng1KCeRWsq8GsPX6mfQ.roa
Signing time: Sun 11 Dec 2022 21:51:00 +0000
ROA not before: Sun 11 Dec 2022 21:51:00 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 5608
IP address blocks: 193.16.32.0/22 maxlen: 22
2a00:9b40:200::/40 maxlen: 40
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:03:2b:7e:b4:f4:24:7f:bc:9a:c7:7f:5f:32:08:3b:dd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d8a56e2d63ac5da9bed35da01cbfad225f04beb0
Validity
Not Before: Dec 11 21:51:00 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=81d3f3f0c17c360d4a09e456b2af06b0f5fa99f4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:02:e5:14:d7:a8:49:0a:38:ac:c8:64:09:8a:
70:20:b3:3f:16:6c:7c:d2:f7:75:62:da:bd:9a:a5:
b7:9a:fb:04:0b:20:b0:ef:13:d7:a7:8d:87:b2:ce:
49:e2:c9:eb:d7:6e:61:5d:f9:42:9e:f9:8e:40:70:
1b:63:2e:47:4c:25:a6:af:b4:38:25:ce:08:58:27:
c4:9e:c3:ee:5c:92:11:a0:ef:1e:67:c7:66:a5:2a:
f0:76:80:4a:1b:39:1b:9d:67:56:dc:3f:e0:54:2f:
ad:cd:c3:2e:7a:c2:bc:f8:49:00:e4:0a:19:f2:70:
af:74:44:9e:a4:a7:5e:cf:61:4e:d0:4b:af:52:15:
09:87:d7:1c:12:65:d8:da:f7:df:3d:d8:a5:9e:bc:
fe:ab:2e:f4:16:92:ba:0f:f4:60:e5:46:21:cc:d6:
07:dc:98:f4:f0:d1:00:1c:be:31:71:58:a5:32:98:
91:e0:95:c7:ea:76:58:59:47:32:fc:9c:f9:61:32:
42:25:1a:d9:09:53:98:62:94:03:1d:2c:66:1f:86:
ad:ee:e2:e4:49:97:3d:c1:ff:e2:f4:03:25:10:7c:
f1:36:fc:aa:a2:45:9f:31:3b:41:83:93:d7:04:86:
ef:e7:99:5c:25:f8:c7:a8:f3:9a:b2:37:9a:1b:d2:
dd:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
81:D3:F3:F0:C1:7C:36:0D:4A:09:E4:56:B2:AF:06:B0:F5:FA:99:F4
X509v3 Authority Key Identifier:
keyid:D8:A5:6E:2D:63:AC:5D:A9:BE:D3:5D:A0:1C:BF:AD:22:5F:04:BE:B0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2KVuLWOsXam-012gHL-tIl8EvrA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/74177c-5e3b-4836-8867-e8d47bba25bf/1/gdPz8MF8Ng1KCeRWsq8GsPX6mfQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/74177c-5e3b-4836-8867-e8d47bba25bf/1/2KVuLWOsXam-012gHL-tIl8EvrA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.16.32.0/22
IPv6:
2a00:9b40:200::/40
Signature Algorithm: sha256WithRSAEncryption
2d:e6:cd:38:ea:da:b0:77:db:6e:37:0e:25:6c:f3:15:41:32:
b4:49:73:62:d1:6e:fb:26:7f:ec:ba:d2:4b:36:2a:30:fe:73:
01:08:54:de:f1:9d:dd:67:97:87:93:bf:c6:d4:00:bf:c8:c5:
1c:bb:9a:77:ac:86:5f:73:82:e0:da:4a:87:81:eb:67:60:aa:
36:66:14:ac:71:49:9a:fd:b8:81:2d:29:d4:df:e7:4d:f5:8b:
9e:a3:28:3c:a2:2d:44:0f:32:48:23:97:48:71:b8:fd:31:ec:
a1:c1:47:2f:3f:35:9f:bd:a9:df:68:02:9c:77:d4:ac:45:b1:
96:a1:c5:fe:a0:bf:48:ef:4b:ab:7a:9c:21:77:32:e9:47:51:
a5:81:18:37:90:62:17:d0:53:2b:20:1f:76:0a:84:37:5a:de:
6c:44:2f:79:ce:65:a4:88:e5:84:f2:46:6c:2e:76:12:fe:ca:
f8:96:93:35:0d:15:f4:13:8e:c7:c9:b1:89:9e:f3:c3:be:d4:
47:a0:9f:2a:c6:fa:9d:58:fd:d1:9e:16:e9:a9:7f:db:73:4f:
b6:08:eb:b4:d0:fd:ae:16:17:f3:bb:9e:2a:25:a2:cd:0c:02:
30:56:27:52:06:46:c9:4c:70:96:a2:cf:68:e4:1c:87:63:0a:
dd:f1:b0:d5
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgISAYUDK3609CR/vJrHf18yCDvdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ4YTU2ZTJkNjNhYzVkYTliZWQzNWRhMDFjYmZhZDIyNWYw
NGJlYjAwHhcNMjIxMjExMjE1MTAwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MWQzZjNmMGMxN2MzNjBkNGEwOWU0NTZiMmFmMDZiMGY1ZmE5OWY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkwLlFNeoSQo4rMhkCYpwILM/Fmx8
0vd1Ytq9mqW3mvsECyCw7xPXp42Hss5J4snr125hXflCnvmOQHAbYy5HTCWmr7Q4
Jc4IWCfEnsPuXJIRoO8eZ8dmpSrwdoBKGzkbnWdW3D/gVC+tzcMuesK8+EkA5AoZ
8nCvdESepKdez2FO0EuvUhUJh9ccEmXY2vffPdilnrz+qy70FpK6D/Rg5UYhzNYH
3Jj08NEAHL4xcVilMpiR4JXH6nZYWUcy/Jz5YTJCJRrZCVOYYpQDHSxmH4at7uLk
SZc9wf/i9AMlEHzxNvyqokWfMTtBg5PXBIbv55lcJfjHqPOasjeaG9LdBwIDAQAB
o4ICGTCCAhUwHQYDVR0OBBYEFIHT8/DBfDYNSgnkVrKvBrD1+pn0MB8GA1UdIwQY
MBaAFNilbi1jrF2pvtNdoBy/rSJfBL6wMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMktWdUxXT3NYYW0tMDEyZ0hMLXRJbDhFdnJBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC83NDE3N2MtNWUzYi00ODM2LTg4Njct
ZThkNDdiYmEyNWJmLzEvZ2RQejhNRjhOZzFLQ2VSV3NxOEdzUFg2bWZRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC83NDE3N2MtNWUzYi00ODM2LTg4NjctZThkNDdiYmEyNWJm
LzEvMktWdUxXT3NYYW0tMDEyZ0hMLXRJbDhFdnJBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC8GCCsGAQUFBwEHAQH/BCAwHjAMBAIAATAGAwQCwRAgMA4E
AgACMAgDBgAqAJtAAjANBgkqhkiG9w0BAQsFAAOCAQEALebNOOrasHfbbjcOJWzz
FUEytElzYtFu+yZ/7LrSSzYqMP5zAQhU3vGd3WeXh5O/xtQAv8jFHLuad6yGX3OC
4NpKh4HrZ2CqNmYUrHFJmv24gS0p1N/nTfWLnqMoPKItRA8ySCOXSHG4/THsocFH
Lz81n72p32gCnHfUrEWxlqHF/qC/SO9Lq3qcIXcy6UdRpYEYN5BiF9BTKyAfdgqE
N1rebEQvec5lpIjlhPJGbC52Ev7K+JaTNQ0V9BOOx8mxiZ7zw77UR6CfKsb6nVj9
0Z4W6al/23NPtgjrtND9rhYX87ueKiWizQwCMFYnUgZGyUxwlqLPaOQch2MK3fGw
1Q==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:36:50 2024 by rpki-client on console-fra.rpki-client.org