Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/94/f71cc2-b71d-4668-8661-0538e95f3f12/1/GLdSdBWVIsON7anXi4Db9MNFn3A.roa
File: GLdSdBWVIsON7anXi4Db9MNFn3A.roa (raw, json)
Hash identifier: /V0SGodJpHhUwLhA4GLERgZC/r+Qv4YU7byJSmy1W4g=
Subject key identifier: 18:B7:52:74:15:95:22:C3:8D:ED:A9:D7:8B:80:DB:F4:C3:45:9F:70
Certificate issuer: /CN=4776afb74fad5baf0a6180b49510d8b8497df8d3
Certificate serial: 1B5FDD0B
Authority key identifier: 47:76:AF:B7:4F:AD:5B:AF:0A:61:80:B4:95:10:D8:B8:49:7D:F8:D3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/R3avt0-tW68KYYC0lRDYuEl9-NM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/94/f71cc2-b71d-4668-8661-0538e95f3f12/1/GLdSdBWVIsON7anXi4Db9MNFn3A.roa
Signing time: Sat 01 Jan 2022 08:54:21 +0000
ROA not before: Sat 01 Jan 2022 08:54:21 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 204055
IP address blocks: 212.18.251.0/24 maxlen: 24
2a04:2b00:14bb::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 459267339 (0x1b5fdd0b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4776afb74fad5baf0a6180b49510d8b8497df8d3
Validity
Not Before: Jan 1 08:54:21 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=18b75274159522c38deda9d78b80dbf4c3459f70
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:29:d8:f9:87:6e:90:e4:6b:b2:cb:cf:32:0b:
5f:97:73:2a:1b:f0:63:0a:06:8f:29:83:92:42:81:
4e:b5:5d:93:80:2b:03:64:a8:87:bf:3a:77:bf:67:
47:b2:39:3d:da:6c:df:17:17:99:70:41:53:cb:7f:
f5:e6:17:fa:15:c1:7b:f5:8d:36:45:17:6a:06:eb:
a7:07:a7:a5:ca:71:7b:d0:77:0f:46:54:57:c1:ef:
e4:e9:4f:ed:0f:61:1b:45:2b:26:9a:1f:46:a7:e8:
76:5f:ef:4e:f9:75:60:e3:2e:56:4a:88:53:e1:60:
71:14:13:4f:ca:9e:74:cc:ff:79:23:31:16:53:c5:
a4:97:68:af:f3:dd:41:30:f6:92:58:ac:4c:e0:92:
f3:33:8d:d5:b2:ba:db:22:86:c6:48:3c:bf:88:78:
2c:db:db:b9:75:d5:5e:66:27:81:98:5f:30:db:87:
41:20:cc:e3:8a:00:0e:8b:47:d2:ee:71:05:9b:f7:
3a:7f:45:ea:3e:65:93:39:6b:f8:61:d9:61:4f:44:
a7:83:46:a9:1a:d1:9c:9a:3b:41:6b:1e:0c:9f:25:
b8:02:4c:73:5c:9a:7e:fc:54:d9:d9:e3:28:eb:ad:
a9:45:ff:ad:9d:3a:e0:3f:16:67:82:2f:ea:9e:ac:
f0:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
18:B7:52:74:15:95:22:C3:8D:ED:A9:D7:8B:80:DB:F4:C3:45:9F:70
X509v3 Authority Key Identifier:
keyid:47:76:AF:B7:4F:AD:5B:AF:0A:61:80:B4:95:10:D8:B8:49:7D:F8:D3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/R3avt0-tW68KYYC0lRDYuEl9-NM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/94/f71cc2-b71d-4668-8661-0538e95f3f12/1/GLdSdBWVIsON7anXi4Db9MNFn3A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/94/f71cc2-b71d-4668-8661-0538e95f3f12/1/R3avt0-tW68KYYC0lRDYuEl9-NM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.18.251.0/24
IPv6:
2a04:2b00:14bb::/48
Signature Algorithm: sha256WithRSAEncryption
8d:a4:57:c1:99:a3:db:60:ef:28:37:d0:91:df:23:c6:c0:9f:
aa:f1:4e:a7:e5:7a:d9:bb:51:9f:82:9f:5f:a7:f5:e2:e6:2d:
c4:bc:2e:40:e4:74:7d:af:3c:73:42:aa:0f:bb:01:92:e1:55:
37:75:6e:2f:fb:a5:06:af:ec:a9:ae:97:32:e5:7d:44:87:e0:
13:7e:ee:64:d2:99:a2:18:50:1a:fa:4d:08:8f:eb:af:86:e4:
71:99:4a:e6:cd:53:4a:7f:29:31:bd:ba:f8:b6:a8:72:80:af:
4d:a4:8b:87:d8:93:67:0c:ee:7f:c6:b9:33:6c:8e:a6:07:a4:
a9:8b:dd:27:f3:17:50:f2:05:2e:15:2e:69:4c:1e:41:a1:e4:
a7:52:1f:09:b3:ca:0e:24:6d:bc:eb:5a:cc:44:ca:20:17:11:
d9:64:df:53:05:cd:68:dc:8e:3c:1b:a0:27:21:bc:5d:ca:d3:
76:e5:9c:f8:3d:cf:89:fb:d0:f2:fa:87:92:ff:bc:65:87:19:
1d:8b:9f:f6:c0:d1:a3:3e:7f:fe:4a:dd:b6:8d:1b:f1:f0:99:
b2:02:09:1d:ee:be:f5:55:be:ce:d6:b8:84:72:22:78:3d:5b:
6f:46:25:84:40:8d:36:f8:50:0d:68:a9:c1:8b:c8:3a:4a:96:
cc:70:1b:f6
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIEG1/dCzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0
Nzc2YWZiNzRmYWQ1YmFmMGE2MTgwYjQ5NTEwZDhiODQ5N2RmOGQzMB4XDTIyMDEw
MTA4NTQyMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMThiNzUyNzQxNTk1
MjJjMzhkZWRhOWQ3OGI4MGRiZjRjMzQ1OWY3MDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAL4p2PmHbpDka7LLzzILX5dzKhvwYwoGjymDkkKBTrVdk4Ar
A2Soh786d79nR7I5Pdps3xcXmXBBU8t/9eYX+hXBe/WNNkUXagbrpwenpcpxe9B3
D0ZUV8Hv5OlP7Q9hG0UrJpofRqfodl/vTvl1YOMuVkqIU+FgcRQTT8qedMz/eSMx
FlPFpJdor/PdQTD2klisTOCS8zON1bK62yKGxkg8v4h4LNvbuXXVXmYngZhfMNuH
QSDM44oADotH0u5xBZv3On9F6j5lkzlr+GHZYU9Ep4NGqRrRnJo7QWseDJ8luAJM
c1yafvxU2dnjKOutqUX/rZ064D8WZ4Iv6p6s8LkCAwEAAaOCAhowggIWMB0GA1Ud
DgQWBBQYt1J0FZUiw43tqdeLgNv0w0WfcDAfBgNVHSMEGDAWgBRHdq+3T61brwph
gLSVENi4SX340zAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1IzYXZ0MC10VzY4S1lZQzBsUkRZdUVsOS1OTS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOTQvZjcxY2MyLWI3MWQtNDY2OC04NjYxLTA1MzhlOTVmM2YxMi8x
L0dMZFNkQldWSXNPTjdhblhpNERiOU1ORm4zQS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOTQv
ZjcxY2MyLWI3MWQtNDY2OC04NjYxLTA1MzhlOTVmM2YxMi8xL1IzYXZ0MC10VzY4
S1lZQzBsUkRZdUVsOS1OTS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAw
BggrBgEFBQcBBwEB/wQhMB8wDAQCAAEwBgMEANQS+zAPBAIAAjAJAwcAKgQrABS7
MA0GCSqGSIb3DQEBCwUAA4IBAQCNpFfBmaPbYO8oN9CR3yPGwJ+q8U6n5XrZu1Gf
gp9fp/Xi5i3EvC5A5HR9rzxzQqoPuwGS4VU3dW4v+6UGr+yprpcy5X1Eh+ATfu5k
0pmiGFAa+k0Ij+uvhuRxmUrmzVNKfykxvbr4tqhygK9NpIuH2JNnDO5/xrkzbI6m
B6Spi90n8xdQ8gUuFS5pTB5BoeSnUh8Js8oOJG2861rMRMogFxHZZN9TBc1o3I48
G6AnIbxdytN25Zz4Pc+J+9Dy+oeS/7xlhxkdi5/2wNGjPn/+St22jRvx8JmyAgkd
7r71Vb7O1riEciJ4PVtvRiWEQI02+FANaKnBi8g6SpbMcBv2
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:14:07 2025 by rpki-client