Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9e/1ad26f-a33e-4069-a802-373b522a821d/1/GKu4hAYffVV-aHrIp4h5TFUJwXc.roa
File: GKu4hAYffVV-aHrIp4h5TFUJwXc.roa (raw, json)
Hash identifier: hpZLfaXjA5V1lXxQyGv/L67z3tWF6FR1g2KFi/zx+0A=
Subject key identifier: 18:AB:B8:84:06:1F:7D:55:7E:68:7A:C8:A7:88:79:4C:55:09:C1:77
Certificate issuer: /CN=389b2fa3651383a7fc6a86adba56c7c6207d7568
Certificate serial: 018571276715BB10EE05C0C1FB1EF3E73247
Authority key identifier: 38:9B:2F:A3:65:13:83:A7:FC:6A:86:AD:BA:56:C7:C6:20:7D:75:68
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OJsvo2UTg6f8aoatulbHxiB9dWg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9e/1ad26f-a33e-4069-a802-373b522a821d/1/GKu4hAYffVV-aHrIp4h5TFUJwXc.roa
Signing time: Mon 02 Jan 2023 06:24:45 +0000
ROA not before: Mon 02 Jan 2023 06:24:45 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 58173
IP address blocks: 185.96.192.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:27:67:15:bb:10:ee:05:c0:c1:fb:1e:f3:e7:32:47
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=389b2fa3651383a7fc6a86adba56c7c6207d7568
Validity
Not Before: Jan 2 06:24:45 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=18abb884061f7d557e687ac8a788794c5509c177
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:23:91:74:3a:cc:b3:63:2f:25:bb:15:a8:d7:
66:df:c3:69:ee:4c:3a:cd:e6:ac:0f:5e:48:c9:dd:
5e:85:9f:1b:b3:07:25:53:19:02:11:46:f0:51:b0:
8b:a2:e9:e2:b5:66:75:03:5f:ec:28:5b:4b:89:39:
ab:f0:05:59:49:ba:16:b2:39:f5:81:3b:44:96:90:
0b:a6:64:25:e8:1a:b0:a2:d5:7c:8c:55:59:48:bc:
ba:e5:a1:51:af:99:39:e0:64:6d:96:72:3b:a9:b5:
94:37:7e:01:86:91:d9:48:df:e1:d6:f7:d0:1b:9c:
dc:ef:31:61:04:90:a3:9c:9e:41:b8:60:e0:44:e3:
05:3e:8a:b2:1d:07:42:07:2c:28:b3:4a:3c:5a:eb:
ad:60:fb:97:75:ce:49:6e:61:23:5a:cf:6d:46:e1:
66:49:4b:2d:7e:35:bf:93:b7:f1:f7:93:14:f9:9b:
b0:42:23:a0:41:a3:13:18:3f:d8:27:cc:5f:ec:46:
74:03:4c:74:48:9e:3f:57:0a:cf:a2:e6:36:e8:07:
09:c2:6d:7b:ae:c4:19:03:16:5e:46:e0:b5:56:69:
98:48:20:8f:7e:5e:38:cd:ad:4f:d4:20:41:44:12:
46:c7:e6:c6:f1:68:ee:df:ee:af:9a:17:d8:e2:94:
2a:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
18:AB:B8:84:06:1F:7D:55:7E:68:7A:C8:A7:88:79:4C:55:09:C1:77
X509v3 Authority Key Identifier:
keyid:38:9B:2F:A3:65:13:83:A7:FC:6A:86:AD:BA:56:C7:C6:20:7D:75:68
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OJsvo2UTg6f8aoatulbHxiB9dWg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/1ad26f-a33e-4069-a802-373b522a821d/1/GKu4hAYffVV-aHrIp4h5TFUJwXc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/1ad26f-a33e-4069-a802-373b522a821d/1/OJsvo2UTg6f8aoatulbHxiB9dWg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.96.192.0/22
Signature Algorithm: sha256WithRSAEncryption
27:8d:32:53:a9:72:06:b6:2a:6c:54:2b:16:ca:57:dd:78:30:
dc:84:9d:c5:32:29:50:ea:71:39:7e:ce:1c:d9:3f:57:be:ca:
ca:39:9c:5b:7e:d4:2f:3c:96:28:d6:4a:07:e5:2f:29:f6:ca:
04:78:c5:8d:20:17:49:2c:5c:df:dd:11:48:ac:59:5d:a1:24:
9f:f8:24:e6:b4:71:7f:35:6c:8e:de:1f:04:ba:86:2d:47:94:
a5:6c:38:3f:7d:6a:d8:24:da:bf:4d:2d:66:3f:58:b4:3b:d0:
b8:d2:92:1f:5d:e1:76:75:49:9e:2d:31:7c:64:ea:9b:84:f5:
e9:0e:8d:61:50:2c:24:db:43:15:09:18:12:32:27:b7:41:24:
68:0a:09:d0:72:0c:1d:39:36:a8:b4:78:90:d1:e9:ab:63:d9:
49:ef:84:d6:4f:53:52:0e:b6:28:a9:5c:fd:5d:21:07:4c:e2:
6d:96:21:2a:79:4b:20:2e:e1:62:66:57:f8:14:f2:17:eb:4d:
2e:8c:04:d1:81:bc:22:aa:5d:76:05:3c:16:e8:f6:99:b7:f4:
59:ae:66:14:46:46:53:4b:54:8a:12:00:a7:b7:4d:7a:7d:5f:
85:8e:8f:61:0e:11:1d:04:25:da:bc:0b:d5:b2:f0:cf:f5:25:
14:b4:6e:97
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVxJ2cVuxDuBcDB+x7z5zJHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4OWIyZmEzNjUxMzgzYTdmYzZhODZhZGJhNTZjN2M2MjA3
ZDc1NjgwHhcNMjMwMTAyMDYyNDQ1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxOGFiYjg4NDA2MWY3ZDU1N2U2ODdhYzhhNzg4Nzk0YzU1MDljMTc3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhSORdDrMs2MvJbsVqNdm38Np7kw6
zeasD15Iyd1ehZ8bswclUxkCEUbwUbCLounitWZ1A1/sKFtLiTmr8AVZSboWsjn1
gTtElpALpmQl6BqwotV8jFVZSLy65aFRr5k54GRtlnI7qbWUN34BhpHZSN/h1vfQ
G5zc7zFhBJCjnJ5BuGDgROMFPoqyHQdCBywos0o8WuutYPuXdc5JbmEjWs9tRuFm
SUstfjW/k7fx95MU+ZuwQiOgQaMTGD/YJ8xf7EZ0A0x0SJ4/VwrPouY26AcJwm17
rsQZAxZeRuC1VmmYSCCPfl44za1P1CBBRBJGx+bG8Wju3+6vmhfY4pQqNQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBiruIQGH31Vfmh6yKeIeUxVCcF3MB8GA1UdIwQY
MBaAFDibL6NlE4On/GqGrbpWx8YgfXVoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT0pzdm8yVVRnNmY4YW9hdHVsYkh4aUI5ZFdnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZS8xYWQyNmYtYTMzZS00MDY5LWE4MDIt
MzczYjUyMmE4MjFkLzEvR0t1NGhBWWZmVlYtYUhySXA0aDVURlVKd1hjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85ZS8xYWQyNmYtYTMzZS00MDY5LWE4MDItMzczYjUyMmE4MjFk
LzEvT0pzdm8yVVRnNmY4YW9hdHVsYkh4aUI5ZFdnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuWDAMA0G
CSqGSIb3DQEBCwUAA4IBAQAnjTJTqXIGtipsVCsWylfdeDDchJ3FMilQ6nE5fs4c
2T9XvsrKOZxbftQvPJYo1koH5S8p9soEeMWNIBdJLFzf3RFIrFldoSSf+CTmtHF/
NWyO3h8EuoYtR5SlbDg/fWrYJNq/TS1mP1i0O9C40pIfXeF2dUmeLTF8ZOqbhPXp
Do1hUCwk20MVCRgSMie3QSRoCgnQcgwdOTaotHiQ0emrY9lJ74TWT1NSDrYoqVz9
XSEHTOJtliEqeUsgLuFiZlf4FPIX600ujATRgbwiql12BTwW6PaZt/RZrmYURkZT
S1SKEgCnt016fV+Fjo9hDhEdBCXavAvVsvDP9SUUtG6X
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:19:43 2025 by rpki-client