Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8d/087353-76a0-4068-96df-119c3e7479d9/1/GpiJ0nBJdKTZe-xjsg4Yz25t2Dw.roa
File: GpiJ0nBJdKTZe-xjsg4Yz25t2Dw.roa (raw, json)
Hash identifier: 0nyj0pEcBaaB9fLisqfG6+r1BviFLdXeXXj2F0YFTqE=
Subject key identifier: 1A:98:89:D2:70:49:74:A4:D9:7B:EC:63:B2:0E:18:CF:6E:6D:D8:3C
Certificate issuer: /CN=94848162892831add5a07d4302e7fcfff52f02fd
Certificate serial: 01856F4B581C321E9641D46ED51534C93534
Authority key identifier: 94:84:81:62:89:28:31:AD:D5:A0:7D:43:02:E7:FC:FF:F5:2F:02:FD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lISBYokoMa3VoH1DAuf8__UvAv0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8d/087353-76a0-4068-96df-119c3e7479d9/1/GpiJ0nBJdKTZe-xjsg4Yz25t2Dw.roa
Signing time: Sun 01 Jan 2023 21:44:46 +0000
ROA not before: Sun 01 Jan 2023 21:44:46 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 210463
IP address blocks: 146.19.77.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:4b:58:1c:32:1e:96:41:d4:6e:d5:15:34:c9:35:34
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=94848162892831add5a07d4302e7fcfff52f02fd
Validity
Not Before: Jan 1 21:44:46 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1a9889d2704974a4d97bec63b20e18cf6e6dd83c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:eb:14:9f:6a:84:3b:b2:0c:b2:73:9b:61:2a:
ea:5e:3b:1d:ea:3a:e0:99:d2:49:aa:70:f5:69:91:
2e:93:6d:ee:35:bd:ce:22:f3:25:07:0e:88:e0:61:
c3:c9:49:1a:51:7b:37:ae:69:d7:7f:ad:84:4e:6c:
dc:cf:95:ec:ab:f4:05:7d:15:54:cb:3e:1f:fe:ae:
57:79:af:1f:37:10:62:fb:c2:25:1c:1a:be:6f:87:
b7:49:01:a5:11:d1:83:25:81:a4:68:63:e8:97:5f:
0e:08:8b:77:f2:fb:57:c4:1d:5b:17:91:07:18:9b:
2e:8d:21:5b:b1:6d:77:08:de:31:04:3e:23:6d:52:
31:1a:7d:94:fa:5d:b5:8d:5f:6b:31:d8:bf:f7:27:
48:2b:ca:d7:3e:80:1d:d4:fe:ac:39:64:28:3d:9e:
ac:53:23:d9:8e:2e:14:30:f9:2b:5a:25:e1:3f:df:
8b:0f:7b:35:8e:d0:cb:ac:4d:10:08:a1:36:d9:a0:
17:69:f6:3f:5a:f9:44:86:64:91:f7:a4:14:b5:ab:
a1:bf:46:d8:80:64:16:a8:61:76:ae:0b:0c:6c:c9:
3e:49:4c:cb:f0:77:98:47:bc:f0:4a:d4:14:46:56:
6e:65:f2:80:98:27:d1:75:0d:89:01:8e:a0:38:9d:
ab:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1A:98:89:D2:70:49:74:A4:D9:7B:EC:63:B2:0E:18:CF:6E:6D:D8:3C
X509v3 Authority Key Identifier:
keyid:94:84:81:62:89:28:31:AD:D5:A0:7D:43:02:E7:FC:FF:F5:2F:02:FD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lISBYokoMa3VoH1DAuf8__UvAv0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/087353-76a0-4068-96df-119c3e7479d9/1/GpiJ0nBJdKTZe-xjsg4Yz25t2Dw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/087353-76a0-4068-96df-119c3e7479d9/1/lISBYokoMa3VoH1DAuf8__UvAv0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
146.19.77.0/24
Signature Algorithm: sha256WithRSAEncryption
a2:51:1d:4b:ff:00:91:da:1d:8c:ba:7e:5c:82:d0:43:90:f5:
16:56:b1:d9:12:50:f9:f1:39:55:5f:97:a3:2f:53:7e:80:48:
65:f6:34:f4:31:0e:80:11:3e:ce:80:a8:bb:d8:4f:3f:78:e1:
3d:a9:82:9b:67:ad:66:62:40:bd:16:8e:5a:59:1b:02:05:2f:
f5:2f:bf:3b:85:72:c0:0f:48:24:c0:5d:4f:55:59:3c:a0:62:
da:9f:c7:8d:bf:6e:3d:71:f7:c9:36:a9:17:2f:d7:f3:19:d2:
9a:69:aa:1b:37:61:e0:68:a5:4d:a9:de:fb:b4:61:63:1b:32:
b0:77:4d:31:b3:a0:8e:89:9e:4e:3e:29:71:37:37:cd:00:f4:
b0:df:99:bb:18:51:91:a9:87:64:82:c0:dd:1a:a0:e8:dd:51:
62:25:c1:4e:1f:9d:44:e5:64:f5:f3:66:a1:3b:f5:07:7d:a6:
fe:a7:11:c5:78:64:f1:fc:b1:e1:38:b5:c3:ab:e8:dc:a3:f0:
59:21:67:c8:6b:76:6f:50:07:2a:b4:25:77:ba:3e:14:b9:36:
51:a9:a6:db:08:8b:ae:19:6d:de:44:5b:9a:37:64:11:07:68:
ff:8b:9c:ab:dd:25:f0:27:79:1e:82:b4:aa:dc:e2:2b:be:6a:
ec:a3:c9:70
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvS1gcMh6WQdRu1RU0yTU0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk0ODQ4MTYyODkyODMxYWRkNWEwN2Q0MzAyZTdmY2ZmZjUy
ZjAyZmQwHhcNMjMwMTAxMjE0NDQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYTk4ODlkMjcwNDk3NGE0ZDk3YmVjNjNiMjBlMThjZjZlNmRkODNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqOsUn2qEO7IMsnObYSrqXjsd6jrg
mdJJqnD1aZEuk23uNb3OIvMlBw6I4GHDyUkaUXs3rmnXf62ETmzcz5Xsq/QFfRVU
yz4f/q5Xea8fNxBi+8IlHBq+b4e3SQGlEdGDJYGkaGPol18OCIt38vtXxB1bF5EH
GJsujSFbsW13CN4xBD4jbVIxGn2U+l21jV9rMdi/9ydIK8rXPoAd1P6sOWQoPZ6s
UyPZji4UMPkrWiXhP9+LD3s1jtDLrE0QCKE22aAXafY/WvlEhmSR96QUtauhv0bY
gGQWqGF2rgsMbMk+SUzL8HeYR7zwStQURlZuZfKAmCfRdQ2JAY6gOJ2r1wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBqYidJwSXSk2XvsY7IOGM9ubdg8MB8GA1UdIwQY
MBaAFJSEgWKJKDGt1aB9QwLn/P/1LwL9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbElTQllva29NYTNWb0gxREF1ZjhfX1V2QXYwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZC8wODczNTMtNzZhMC00MDY4LTk2ZGYt
MTE5YzNlNzQ3OWQ5LzEvR3BpSjBuQkpkS1RaZS14anNnNFl6MjV0MkR3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZC8wODczNTMtNzZhMC00MDY4LTk2ZGYtMTE5YzNlNzQ3OWQ5
LzEvbElTQllva29NYTNWb0gxREF1ZjhfX1V2QXYwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAkhNNMA0G
CSqGSIb3DQEBCwUAA4IBAQCiUR1L/wCR2h2Mun5cgtBDkPUWVrHZElD58TlVX5ej
L1N+gEhl9jT0MQ6AET7OgKi72E8/eOE9qYKbZ61mYkC9Fo5aWRsCBS/1L787hXLA
D0gkwF1PVVk8oGLan8eNv249cffJNqkXL9fzGdKaaaobN2HgaKVNqd77tGFjGzKw
d00xs6COiZ5OPilxNzfNAPSw35m7GFGRqYdkgsDdGqDo3VFiJcFOH51E5WT182ah
O/UHfab+pxHFeGTx/LHhOLXDq+jco/BZIWfIa3ZvUAcqtCV3uj4UuTZRqabbCIuu
GW3eRFuaN2QRB2j/i5yr3SXwJ3kegrSq3OIrvmrso8lw
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:59:20 2025 by rpki-client