Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9d/56167f-5327-4c88-b4ea-3beccaae336d/1/G1y_V8fByouJYGNNxLc0hTY7YnY.roa
File: G1y_V8fByouJYGNNxLc0hTY7YnY.roa (raw, json)
Hash identifier: ZIl44CAx6O8ReFd1e4jpXe+PttdRtWodebZPGjy852M=
Subject key identifier: 1B:5C:BF:57:C7:C1:CA:8B:89:60:63:4D:C4:B7:34:85:36:3B:62:76
Certificate issuer: /CN=49e14bf76f42da4f2ac003a6c69d61c2320e2cd8
Certificate serial: 018BF1D136F5CD7AD6022F277BF66300D38D
Authority key identifier: 49:E1:4B:F7:6F:42:DA:4F:2A:C0:03:A6:C6:9D:61:C2:32:0E:2C:D8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SeFL929C2k8qwAOmxp1hwjIOLNg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9d/56167f-5327-4c88-b4ea-3beccaae336d/1/G1y_V8fByouJYGNNxLc0hTY7YnY.roa
Signing time: Tue 21 Nov 2023 12:18:21 +0000
ROA not before: Tue 21 Nov 2023 12:18:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 146.19.189.0/24 maxlen: 24
195.225.98.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:f1:d1:36:f5:cd:7a:d6:02:2f:27:7b:f6:63:00:d3:8d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=49e14bf76f42da4f2ac003a6c69d61c2320e2cd8
Validity
Not Before: Nov 21 12:18:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1b5cbf57c7c1ca8b8960634dc4b73485363b6276
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:ed:2f:30:94:40:25:63:a0:9e:08:86:f7:a8:
7a:1f:cf:bc:5f:60:a5:93:b3:ba:b9:95:95:dc:92:
01:c2:00:56:50:ae:32:41:ec:04:bd:f5:7b:53:e8:
c5:98:32:01:92:82:21:d6:86:43:29:8c:33:87:f9:
03:67:58:57:17:da:18:8c:f3:b3:b3:7b:f7:2d:77:
48:f7:45:c8:ca:87:95:1b:8a:0f:27:6b:15:19:c1:
87:23:52:dc:6b:a5:fe:de:24:17:f7:50:63:2b:14:
ee:2e:9a:51:ec:1f:4b:a5:03:2b:de:5b:22:51:3e:
cf:88:95:31:6c:45:4d:fc:70:24:e0:a9:50:dc:64:
c6:bb:fa:ab:b6:ce:6f:ae:d2:57:e1:32:4e:d0:44:
de:1a:f1:51:50:8e:27:4c:fc:85:a4:be:0e:95:9e:
e9:5e:56:1a:75:70:11:a1:d7:9e:1b:ce:99:7f:71:
1a:fa:40:48:84:34:21:ea:ef:e3:ca:4d:1d:72:aa:
7a:5b:ca:aa:fd:cd:75:ba:ce:ed:ec:4d:1c:16:6c:
13:76:ae:d5:b9:9b:b3:73:35:40:47:d1:69:6e:40:
e9:38:ad:29:e7:3b:c8:5c:5b:66:b0:73:fa:17:0b:
e9:44:b8:1f:d9:9f:7f:5e:1b:d8:a6:36:74:42:f3:
76:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1B:5C:BF:57:C7:C1:CA:8B:89:60:63:4D:C4:B7:34:85:36:3B:62:76
X509v3 Authority Key Identifier:
keyid:49:E1:4B:F7:6F:42:DA:4F:2A:C0:03:A6:C6:9D:61:C2:32:0E:2C:D8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SeFL929C2k8qwAOmxp1hwjIOLNg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/56167f-5327-4c88-b4ea-3beccaae336d/1/G1y_V8fByouJYGNNxLc0hTY7YnY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/56167f-5327-4c88-b4ea-3beccaae336d/1/SeFL929C2k8qwAOmxp1hwjIOLNg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
146.19.189.0/24
195.225.98.0/24
Signature Algorithm: sha256WithRSAEncryption
8f:99:a0:88:68:f3:6d:25:29:3c:bb:71:4d:97:96:43:01:2f:
93:82:83:ac:0e:b2:d8:dc:79:c8:8d:09:66:bc:dc:06:73:8f:
6b:11:ac:08:c6:4d:2f:c2:bf:5f:f3:e2:bf:03:01:a5:b2:fa:
9b:99:01:a8:72:35:e8:97:9b:53:2a:a0:f1:01:ac:eb:55:ae:
0d:36:94:f4:00:4e:bc:d4:33:89:30:e2:31:ff:65:5e:cd:c0:
16:a7:c8:8e:69:22:46:27:53:73:c1:6e:33:6a:94:70:c0:a8:
0b:a1:9b:ec:83:89:32:d0:aa:7b:1e:5c:3d:d2:9a:35:96:f1:
54:ed:e0:f7:4e:6f:e8:eb:d0:3d:68:50:0d:82:f8:c2:1d:44:
64:ea:f8:44:9f:d5:c6:68:14:99:90:31:e0:60:ad:ed:52:1d:
d1:af:63:a8:0f:ad:fd:71:ba:b5:ee:22:36:7b:c8:1a:a6:e9:
b5:bb:8e:a3:6f:d5:a1:09:63:f3:9e:c3:7d:ab:38:d8:b1:e7:
5e:41:53:21:dc:c7:be:62:b8:2a:59:54:2e:7f:16:68:08:8e:
e9:72:0b:10:8d:46:f6:b6:ae:7c:89:62:dc:19:f1:c5:d3:fd:
ea:7b:de:d0:06:bb:f0:cb:d4:4b:0e:4b:8c:c5:e7:e8:75:58:
25:72:45:18
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYvx0Tb1zXrWAi8ne/ZjANONMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ5ZTE0YmY3NmY0MmRhNGYyYWMwMDNhNmM2OWQ2MWMyMzIw
ZTJjZDgwHhcNMjMxMTIxMTIxODIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYjVjYmY1N2M3YzFjYThiODk2MDYzNGRjNGI3MzQ4NTM2M2I2Mjc2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsu0vMJRAJWOgngiG96h6H8+8X2Cl
k7O6uZWV3JIBwgBWUK4yQewEvfV7U+jFmDIBkoIh1oZDKYwzh/kDZ1hXF9oYjPOz
s3v3LXdI90XIyoeVG4oPJ2sVGcGHI1Lca6X+3iQX91BjKxTuLppR7B9LpQMr3lsi
UT7PiJUxbEVN/HAk4KlQ3GTGu/qrts5vrtJX4TJO0ETeGvFRUI4nTPyFpL4OlZ7p
XlYadXARodeeG86Zf3Ea+kBIhDQh6u/jyk0dcqp6W8qq/c11us7t7E0cFmwTdq7V
uZuzczVAR9FpbkDpOK0p5zvIXFtmsHP6FwvpRLgf2Z9/XhvYpjZ0QvN2EwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFBtcv1fHwcqLiWBjTcS3NIU2O2J2MB8GA1UdIwQY
MBaAFEnhS/dvQtpPKsADpsadYcIyDizYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU2VGTDkyOUMyazhxd0FPbXhwMWh3aklPTE5nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZC81NjE2N2YtNTMyNy00Yzg4LWI0ZWEt
M2JlY2NhYWUzMzZkLzEvRzF5X1Y4ZkJ5b3VKWUdOTnhMYzBoVFk3WW5ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85ZC81NjE2N2YtNTMyNy00Yzg4LWI0ZWEtM2JlY2NhYWUzMzZk
LzEvU2VGTDkyOUMyazhxd0FPbXhwMWh3aklPTE5nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAkhO9AwQA
w+FiMA0GCSqGSIb3DQEBCwUAA4IBAQCPmaCIaPNtJSk8u3FNl5ZDAS+TgoOsDrLY
3HnIjQlmvNwGc49rEawIxk0vwr9f8+K/AwGlsvqbmQGocjXol5tTKqDxAazrVa4N
NpT0AE681DOJMOIx/2VezcAWp8iOaSJGJ1NzwW4zapRwwKgLoZvsg4ky0Kp7Hlw9
0po1lvFU7eD3Tm/o69A9aFANgvjCHURk6vhEn9XGaBSZkDHgYK3tUh3Rr2OoD639
cbq17iI2e8gapum1u46jb9WhCWPznsN9qzjYsedeQVMh3Me+YrgqWVQufxZoCI7p
cgsQjUb2tq58iWLcGfHF0/3qe97QBrvwy9RLDkuMxefodVglckUY
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:14:42 2025 by rpki-client