Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/98/3e3b17-84c9-4472-bd33-12674e661e13/1/GimE8U-rZkZKKRYQG55K-cTcv_Q.roa
File: GimE8U-rZkZKKRYQG55K-cTcv_Q.roa (raw, json)
Hash identifier: aZUAY6bUV+jRpVlC7GYcwWRuPcWOFVGJX4tqT3OrwjQ=
Subject key identifier: 1A:29:84:F1:4F:AB:66:46:4A:29:16:10:1B:9E:4A:F9:C4:DC:BF:F4
Certificate issuer: /CN=98907806ddacb48430bdd0254898019e413a2bde
Certificate serial: 0185711E37D1731276242BE4C26ECF621C01
Authority key identifier: 98:90:78:06:DD:AC:B4:84:30:BD:D0:25:48:98:01:9E:41:3A:2B:DE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mJB4Bt2stIQwvdAlSJgBnkE6K94.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/98/3e3b17-84c9-4472-bd33-12674e661e13/1/GimE8U-rZkZKKRYQG55K-cTcv_Q.roa
Signing time: Mon 02 Jan 2023 06:14:43 +0000
ROA not before: Mon 02 Jan 2023 06:14:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 3303
IP address blocks: 193.239.200.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:1e:37:d1:73:12:76:24:2b:e4:c2:6e:cf:62:1c:01
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=98907806ddacb48430bdd0254898019e413a2bde
Validity
Not Before: Jan 2 06:14:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1a2984f14fab66464a2916101b9e4af9c4dcbff4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:ef:74:2e:32:5e:44:4f:1b:7d:d2:de:80:3f:
6e:12:1b:dc:65:76:ee:3f:dc:1f:c1:54:44:25:c7:
65:45:60:88:7f:a5:70:32:6f:e3:7a:3e:6d:ad:1f:
75:63:ea:fc:50:ec:67:8b:a0:0c:aa:96:68:46:25:
4e:9c:99:ff:fa:81:45:9a:40:53:c4:3f:f8:c7:dd:
63:43:4b:24:24:5d:f1:fa:d9:43:1c:0f:ef:3d:3e:
42:4d:1e:c2:d1:d2:49:e9:26:8f:f1:02:ba:b3:ee:
27:c6:4b:3b:e3:5b:a5:6a:6b:2e:ec:aa:7d:d9:69:
6a:6d:38:1f:8a:f6:09:62:a9:6f:b4:23:17:0c:34:
18:78:6d:d4:76:6c:8c:99:65:c1:8c:0a:b9:02:f5:
8e:68:42:9f:2a:f2:d0:7e:27:7e:4b:1a:c6:86:d9:
3a:b9:fd:b7:af:a9:99:40:94:8d:8a:b5:94:86:41:
c4:93:d1:b0:63:11:16:17:58:9b:04:e8:3b:5c:1a:
6b:10:36:7d:7b:ac:8a:6d:36:d3:f1:f6:a8:28:c7:
37:d2:32:6b:81:8b:26:da:1b:28:01:01:ef:68:5e:
39:92:a7:37:83:03:a3:2c:c7:c2:84:d5:24:49:c8:
0a:de:57:8c:5d:cf:43:26:0c:04:e7:8b:1c:c1:d1:
a3:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1A:29:84:F1:4F:AB:66:46:4A:29:16:10:1B:9E:4A:F9:C4:DC:BF:F4
X509v3 Authority Key Identifier:
keyid:98:90:78:06:DD:AC:B4:84:30:BD:D0:25:48:98:01:9E:41:3A:2B:DE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mJB4Bt2stIQwvdAlSJgBnkE6K94.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/98/3e3b17-84c9-4472-bd33-12674e661e13/1/GimE8U-rZkZKKRYQG55K-cTcv_Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/98/3e3b17-84c9-4472-bd33-12674e661e13/1/mJB4Bt2stIQwvdAlSJgBnkE6K94.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.239.200.0/23
Signature Algorithm: sha256WithRSAEncryption
58:12:3a:2e:24:da:4f:49:d3:7b:51:3f:2a:64:2d:cb:54:7f:
28:5b:bf:cb:04:6f:ba:eb:54:76:e9:32:53:ec:66:f0:42:8a:
52:86:f5:ca:7c:fe:0a:23:ae:77:ea:6e:81:fa:9c:9b:d9:37:
91:57:ca:7e:9a:32:86:1a:80:81:3d:24:be:65:da:5e:99:e5:
47:17:db:19:82:4f:b8:3c:15:15:97:2c:35:3c:24:3e:37:43:
51:c8:50:e4:48:9a:d3:95:15:c1:ae:44:0f:cd:89:1a:a5:35:
3a:7a:c0:aa:01:42:b1:ee:82:dc:44:d3:4e:ce:42:4e:24:59:
90:27:9e:ba:1c:61:3f:64:c1:54:cc:e4:bf:0e:35:03:7d:52:
9a:11:10:83:2e:c1:cb:ca:75:0a:00:11:f8:fa:ff:ac:c3:13:
33:05:e3:84:36:05:c8:e5:ba:92:60:4a:f9:bf:c9:5a:63:29:
3f:7d:6d:45:68:c3:b2:5a:3c:5f:8a:67:dc:45:f7:47:4e:8c:
7e:42:cc:c8:5c:62:2d:56:c9:29:b9:53:96:f7:92:6f:83:fb:
6f:91:c0:7e:31:15:d2:7a:84:2f:28:fd:9e:8c:32:17:73:c7:
94:0f:c9:41:e6:c6:e6:b2:e0:7d:8f:37:cb:9b:3b:34:4b:91:
51:e4:a5:69
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVxHjfRcxJ2JCvkwm7PYhwBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk4OTA3ODA2ZGRhY2I0ODQzMGJkZDAyNTQ4OTgwMTllNDEz
YTJiZGUwHhcNMjMwMTAyMDYxNDQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYTI5ODRmMTRmYWI2NjQ2NGEyOTE2MTAxYjllNGFmOWM0ZGNiZmY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhO90LjJeRE8bfdLegD9uEhvcZXbu
P9wfwVREJcdlRWCIf6VwMm/jej5trR91Y+r8UOxni6AMqpZoRiVOnJn/+oFFmkBT
xD/4x91jQ0skJF3x+tlDHA/vPT5CTR7C0dJJ6SaP8QK6s+4nxks741ulamsu7Kp9
2WlqbTgfivYJYqlvtCMXDDQYeG3UdmyMmWXBjAq5AvWOaEKfKvLQfid+SxrGhtk6
uf23r6mZQJSNirWUhkHEk9GwYxEWF1ibBOg7XBprEDZ9e6yKbTbT8faoKMc30jJr
gYsm2hsoAQHvaF45kqc3gwOjLMfChNUkScgK3leMXc9DJgwE54scwdGjHQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBophPFPq2ZGSikWEBueSvnE3L/0MB8GA1UdIwQY
MBaAFJiQeAbdrLSEML3QJUiYAZ5BOiveMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbUpCNEJ0MnN0SVF3dmRBbFNKZ0Jua0U2Szk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OC8zZTNiMTctODRjOS00NDcyLWJkMzMt
MTI2NzRlNjYxZTEzLzEvR2ltRThVLXJaa1pLS1JZUUc1NUstY1Rjdl9RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OC8zZTNiMTctODRjOS00NDcyLWJkMzMtMTI2NzRlNjYxZTEz
LzEvbUpCNEJ0MnN0SVF3dmRBbFNKZ0Jua0U2Szk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBwe/IMA0G
CSqGSIb3DQEBCwUAA4IBAQBYEjouJNpPSdN7UT8qZC3LVH8oW7/LBG+661R26TJT
7GbwQopShvXKfP4KI6536m6B+pyb2TeRV8p+mjKGGoCBPSS+ZdpemeVHF9sZgk+4
PBUVlyw1PCQ+N0NRyFDkSJrTlRXBrkQPzYkapTU6esCqAUKx7oLcRNNOzkJOJFmQ
J566HGE/ZMFUzOS/DjUDfVKaERCDLsHLynUKABH4+v+swxMzBeOENgXI5bqSYEr5
v8laYyk/fW1FaMOyWjxfimfcRfdHTox+QszIXGItVskpuVOW95Jvg/tvkcB+MRXS
eoQvKP2ejDIXc8eUD8lB5sbmsuB9jzfLmzs0S5FR5KVp
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:37:58 2025 by rpki-client