Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8c/995881-39cd-4104-9b29-0b6459775b64/1/G1hPTUb3UdhER39mRBbFfc1hdlA.roa
File: G1hPTUb3UdhER39mRBbFfc1hdlA.roa (raw, json)
Hash identifier: lKHF7qxPqU7E52Q/4z5yL8XC7lc1ZzMLGnXWlQdquBg=
Subject key identifier: 1B:58:4F:4D:46:F7:51:D8:44:47:7F:66:44:16:C5:7D:CD:61:76:50
Certificate issuer: /CN=3a1a0c0016b9b33f93e8a7a393d09190d5e18499
Certificate serial: 01856F26D4F827645F76FDA636CD3F44D970
Authority key identifier: 3A:1A:0C:00:16:B9:B3:3F:93:E8:A7:A3:93:D0:91:90:D5:E1:84:99
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OhoMABa5sz-T6Kejk9CRkNXhhJk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8c/995881-39cd-4104-9b29-0b6459775b64/1/G1hPTUb3UdhER39mRBbFfc1hdlA.roa
Signing time: Sun 01 Jan 2023 21:04:53 +0000
ROA not before: Sun 01 Jan 2023 21:04:53 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 30848
IP address blocks: 178.250.200.0/21 maxlen: 21
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:26:d4:f8:27:64:5f:76:fd:a6:36:cd:3f:44:d9:70
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3a1a0c0016b9b33f93e8a7a393d09190d5e18499
Validity
Not Before: Jan 1 21:04:53 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1b584f4d46f751d844477f664416c57dcd617650
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:31:c8:00:3e:13:6a:b7:1c:cf:70:aa:f3:7f:
98:25:5a:ef:b1:b8:bc:ec:c8:02:5b:00:4b:7b:9a:
82:8b:87:a3:06:94:0f:ed:1c:ff:19:e9:39:e7:09:
17:87:35:e9:92:2d:e2:9d:72:66:c6:37:84:a7:29:
95:96:00:fc:7a:f2:bd:1a:ba:82:5e:95:62:e4:5f:
7e:e1:82:14:45:98:e4:51:ef:49:54:9d:fe:8e:3c:
b9:9e:36:83:52:c0:9c:55:93:50:f6:a3:45:7f:33:
e2:bb:3e:5e:c2:2b:6d:05:d2:e5:35:2a:29:37:45:
4d:a0:d5:2d:9c:d1:e2:65:d8:56:e3:d6:0b:99:36:
ef:b8:c2:36:62:b4:4b:9b:87:2e:70:d9:a4:6a:40:
32:12:f7:30:8c:e0:7a:d6:9d:45:ac:0a:f2:23:9f:
9c:d9:55:95:62:a9:25:82:98:4d:cb:09:44:e5:ae:
49:9e:a3:69:a1:f3:de:3e:62:d8:3c:d6:f5:75:37:
62:08:bf:c7:d8:54:e3:a7:01:ff:8d:73:b4:a6:ef:
fe:70:33:a9:a5:dc:39:25:a7:10:19:51:b7:33:21:
49:dc:ba:4c:8a:97:c8:e1:51:15:7a:db:3c:23:81:
e5:64:84:bb:af:5d:13:11:a3:9c:31:8f:fc:64:13:
db:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1B:58:4F:4D:46:F7:51:D8:44:47:7F:66:44:16:C5:7D:CD:61:76:50
X509v3 Authority Key Identifier:
keyid:3A:1A:0C:00:16:B9:B3:3F:93:E8:A7:A3:93:D0:91:90:D5:E1:84:99
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OhoMABa5sz-T6Kejk9CRkNXhhJk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8c/995881-39cd-4104-9b29-0b6459775b64/1/G1hPTUb3UdhER39mRBbFfc1hdlA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8c/995881-39cd-4104-9b29-0b6459775b64/1/OhoMABa5sz-T6Kejk9CRkNXhhJk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.250.200.0/21
Signature Algorithm: sha256WithRSAEncryption
78:9c:ed:14:f6:1f:e1:9b:03:99:f7:73:b0:6a:dc:47:2c:e4:
5f:a7:29:2c:29:ab:29:40:ef:79:9b:6e:23:3e:a3:a1:18:e1:
88:3f:bc:e7:d2:b9:21:e7:40:d8:9f:2e:32:b2:51:af:03:34:
00:81:4a:48:75:66:e3:b0:e7:ec:81:50:84:7b:4c:5a:62:47:
0e:c2:b9:bf:40:69:78:e0:40:c8:a8:8b:22:67:fa:dd:00:de:
6c:31:4c:4e:e1:0b:bd:af:69:eb:5b:a7:e0:8e:e7:69:40:ee:
55:89:74:0f:da:09:80:86:2c:06:99:cf:11:38:78:df:c5:91:
eb:f1:41:68:15:29:77:20:d4:af:a3:e3:f9:bc:21:c6:4c:6f:
8e:76:4e:2f:7c:8d:0a:6f:e1:ef:84:1d:9d:37:ce:9d:64:22:
0d:2d:cf:06:d6:76:6e:ec:5d:2e:f8:3e:09:89:10:5b:74:f0:
45:78:97:e5:37:9a:d9:20:c7:9a:99:d9:8d:1a:d4:6b:37:95:
3a:19:44:59:5c:d6:5a:7e:05:c4:fa:e9:ec:64:87:2d:80:c2:
d3:5b:a9:f7:f4:21:1d:94:3c:cc:b5:f6:78:59:f6:9a:7d:15:
d7:e7:20:dc:f6:85:20:f7:c8:a0:57:83:15:d5:07:61:31:e6:
70:e5:58:f9
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvJtT4J2Rfdv2mNs0/RNlwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhMWEwYzAwMTZiOWIzM2Y5M2U4YTdhMzkzZDA5MTkwZDVl
MTg0OTkwHhcNMjMwMTAxMjEwNDUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYjU4NGY0ZDQ2Zjc1MWQ4NDQ0NzdmNjY0NDE2YzU3ZGNkNjE3NjUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuTHIAD4Tarccz3Cq83+YJVrvsbi8
7MgCWwBLe5qCi4ejBpQP7Rz/Gek55wkXhzXpki3inXJmxjeEpymVlgD8evK9GrqC
XpVi5F9+4YIURZjkUe9JVJ3+jjy5njaDUsCcVZNQ9qNFfzPiuz5ewittBdLlNSop
N0VNoNUtnNHiZdhW49YLmTbvuMI2YrRLm4cucNmkakAyEvcwjOB61p1FrAryI5+c
2VWVYqklgphNywlE5a5JnqNpofPePmLYPNb1dTdiCL/H2FTjpwH/jXO0pu/+cDOp
pdw5JacQGVG3MyFJ3LpMipfI4VEVets8I4HlZIS7r10TEaOcMY/8ZBPbdQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBtYT01G91HYREd/ZkQWxX3NYXZQMB8GA1UdIwQY
MBaAFDoaDAAWubM/k+ino5PQkZDV4YSZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT2hvTUFCYTVzei1UNktlams5Q1JrTlhoaEprLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yy85OTU4ODEtMzljZC00MTA0LTliMjkt
MGI2NDU5Nzc1YjY0LzEvRzFoUFRVYjNVZGhFUjM5bVJCYkZmYzFoZGxBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yy85OTU4ODEtMzljZC00MTA0LTliMjktMGI2NDU5Nzc1YjY0
LzEvT2hvTUFCYTVzei1UNktlams5Q1JrTlhoaEprLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDsvrIMA0G
CSqGSIb3DQEBCwUAA4IBAQB4nO0U9h/hmwOZ93OwatxHLORfpyksKaspQO95m24j
PqOhGOGIP7zn0rkh50DYny4yslGvAzQAgUpIdWbjsOfsgVCEe0xaYkcOwrm/QGl4
4EDIqIsiZ/rdAN5sMUxO4Qu9r2nrW6fgjudpQO5ViXQP2gmAhiwGmc8ROHjfxZHr
8UFoFSl3INSvo+P5vCHGTG+Odk4vfI0Kb+HvhB2dN86dZCINLc8G1nZu7F0u+D4J
iRBbdPBFeJflN5rZIMeamdmNGtRrN5U6GURZXNZafgXE+unsZIctgMLTW6n39CEd
lDzMtfZ4WfaafRXX5yDc9oUg98igV4MV1QdhMeZw5Vj5
-----END CERTIFICATE-----
Generated at Mon Apr 21 22:21:41 2025 by rpki-client