Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/8cc506-7e71-4705-a289-b42364895083/1/GYglUDNVwv2wSqKF9fjoKe4lko4.roa
File: GYglUDNVwv2wSqKF9fjoKe4lko4.roa (raw, json)
Hash identifier: AXIEW3Dl+u1izKroV64nBw7EXXRQU7GcpURRYhKqk4U=
Subject key identifier: 19:88:25:50:33:55:C2:FD:B0:4A:A2:85:F5:F8:E8:29:EE:25:92:8E
Certificate issuer: /CN=d6e2694652aa298511edafbe18d2b1cdbc792638
Certificate serial: 1C08AF09
Authority key identifier: D6:E2:69:46:52:AA:29:85:11:ED:AF:BE:18:D2:B1:CD:BC:79:26:38
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1uJpRlKqKYUR7a--GNKxzbx5Jjg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/8cc506-7e71-4705-a289-b42364895083/1/GYglUDNVwv2wSqKF9fjoKe4lko4.roa
Signing time: Thu 14 Apr 2022 14:22:13 +0000
ROA not before: Thu 14 Apr 2022 14:22:13 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 60256
IP address blocks: 5.145.119.0/24 maxlen: 24
185.24.254.0/24 maxlen: 24
5.145.112.0/23 maxlen: 23
5.145.112.0/24 maxlen: 24
5.145.115.0/24 maxlen: 24
5.145.114.0/24 maxlen: 24
5.145.113.0/24 maxlen: 24
5.145.118.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 470331145 (0x1c08af09)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d6e2694652aa298511edafbe18d2b1cdbc792638
Validity
Not Before: Apr 14 14:22:13 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=198825503355c2fdb04aa285f5f8e829ee25928e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:71:7e:b0:98:ee:47:21:ac:37:4e:89:dc:3f:
e8:d5:cd:72:9e:f4:0e:cc:fc:64:6d:06:a1:4a:5d:
10:ed:d9:e7:ec:20:5a:da:41:c0:6c:2e:8b:43:76:
be:6a:c2:dd:bb:bd:cb:07:2d:ea:57:2b:17:93:80:
36:e3:e4:4c:23:f8:c9:03:f9:f5:e2:35:0f:cb:ac:
d0:10:aa:27:29:fb:f7:87:59:4d:98:39:95:fd:b9:
fd:17:79:96:cf:0f:a8:03:03:30:37:85:f4:f0:5d:
36:69:44:d6:c6:f0:fb:81:cd:eb:0a:93:03:e9:10:
6f:f7:70:2f:dc:21:db:8c:eb:e9:6d:55:f7:12:78:
a4:00:fb:e2:d1:2f:fa:45:9c:e1:52:91:d3:07:6b:
a8:be:36:0e:9d:cd:07:6c:fe:e3:61:06:d9:9c:02:
e3:d9:87:32:6b:35:e0:65:35:41:ba:64:69:b5:97:
ad:b0:cc:f5:70:ba:6b:e5:7a:06:19:18:ad:3b:56:
77:67:c4:24:7c:16:6c:12:eb:2f:30:09:21:99:bc:
1a:0f:93:2a:fb:b9:1e:b0:5b:67:98:bd:1c:ea:c2:
09:cf:e1:da:f5:d7:b5:f2:75:5c:e0:c9:f4:93:00:
3a:54:cf:9e:0d:5f:54:a1:a4:bb:39:b0:89:6e:1e:
c7:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
19:88:25:50:33:55:C2:FD:B0:4A:A2:85:F5:F8:E8:29:EE:25:92:8E
X509v3 Authority Key Identifier:
keyid:D6:E2:69:46:52:AA:29:85:11:ED:AF:BE:18:D2:B1:CD:BC:79:26:38
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1uJpRlKqKYUR7a--GNKxzbx5Jjg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/8cc506-7e71-4705-a289-b42364895083/1/GYglUDNVwv2wSqKF9fjoKe4lko4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/8cc506-7e71-4705-a289-b42364895083/1/1uJpRlKqKYUR7a--GNKxzbx5Jjg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.145.112.0/22
5.145.118.0/23
185.24.254.0/24
Signature Algorithm: sha256WithRSAEncryption
5b:72:15:f6:3c:26:4d:19:ab:f5:29:a3:76:e2:2f:02:5e:54:
1e:0f:86:65:db:8f:24:ac:4c:8d:97:d9:9d:6d:c3:8c:cf:a8:
40:c3:19:a7:ac:0e:7c:2e:60:e9:e7:42:43:04:a0:9d:18:eb:
11:9f:4f:24:d1:36:8a:d1:90:41:84:3c:8a:61:88:b3:4f:59:
08:79:2d:e3:9d:91:1a:6e:80:18:48:b4:d8:92:76:6d:76:29:
b5:91:48:7f:d9:d4:e7:55:f8:89:bd:93:2c:bd:8c:ac:e2:3a:
d3:5e:f5:e2:da:b2:7e:b2:40:17:f4:ff:c9:a7:4d:ad:1e:4e:
0e:d0:ab:08:42:e6:75:f1:5a:88:65:3c:b9:ab:c1:4f:07:03:
b5:ca:e2:a8:16:97:da:8e:b8:2d:fa:76:1a:30:5e:45:97:9d:
bc:c3:ab:58:79:bf:41:3e:3a:ba:bc:c9:69:2d:c8:24:2b:45:
97:2f:1c:77:68:d5:df:44:fe:db:aa:fc:80:b3:ca:60:cf:5b:
aa:84:2e:91:05:8b:c6:66:e2:fd:d8:f1:3f:ca:5e:e7:2b:42:
60:5d:52:0f:79:c5:d8:b7:5f:63:44:f9:91:49:b3:a0:3a:6e:
9f:df:7d:ae:96:88:e0:b8:bf:97:52:93:f9:7d:f3:ca:cb:00:
b8:01:00:fd
-----BEGIN CERTIFICATE-----
MIIE+zCCA+OgAwIBAgIEHAivCTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
NmUyNjk0NjUyYWEyOTg1MTFlZGFmYmUxOGQyYjFjZGJjNzkyNjM4MB4XDTIyMDQx
NDE0MjIxM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMTk4ODI1NTAzMzU1
YzJmZGIwNGFhMjg1ZjVmOGU4MjllZTI1OTI4ZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKxxfrCY7kchrDdOidw/6NXNcp70Dsz8ZG0GoUpdEO3Z5+wg
WtpBwGwui0N2vmrC3bu9ywct6lcrF5OANuPkTCP4yQP59eI1D8us0BCqJyn794dZ
TZg5lf25/Rd5ls8PqAMDMDeF9PBdNmlE1sbw+4HN6wqTA+kQb/dwL9wh24zr6W1V
9xJ4pAD74tEv+kWc4VKR0wdrqL42Dp3NB2z+42EG2ZwC49mHMms14GU1QbpkabWX
rbDM9XC6a+V6BhkYrTtWd2fEJHwWbBLrLzAJIZm8Gg+TKvu5HrBbZ5i9HOrCCc/h
2vXXtfJ1XODJ9JMAOlTPng1fVKGkuzmwiW4ex7sCAwEAAaOCAhUwggIRMB0GA1Ud
DgQWBBQZiCVQM1XC/bBKooX1+Ogp7iWSjjAfBgNVHSMEGDAWgBTW4mlGUqophRHt
r74Y0rHNvHkmODAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzF1SnBSbEtxS1lVUjdhLS1HTkt4emJ4NUpqZy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYzAvOGNjNTA2LTdlNzEtNDcwNS1hMjg5LWI0MjM2NDg5NTA4My8x
L0dZZ2xVRE5Wd3Yyd1NxS0Y5ZmpvS2U0bGtvNC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYzAv
OGNjNTA2LTdlNzEtNDcwNS1hMjg5LWI0MjM2NDg5NTA4My8xLzF1SnBSbEtxS1lV
UjdhLS1HTkt4emJ4NUpqZy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAr
BggrBgEFBQcBBwEB/wQcMBowGAQCAAEwEgMEAgWRcAMEAQWRdgMEALkY/jANBgkq
hkiG9w0BAQsFAAOCAQEAW3IV9jwmTRmr9SmjduIvAl5UHg+GZduPJKxMjZfZnW3D
jM+oQMMZp6wOfC5g6edCQwSgnRjrEZ9PJNE2itGQQYQ8imGIs09ZCHkt452RGm6A
GEi02JJ2bXYptZFIf9nU51X4ib2TLL2MrOI601714tqyfrJAF/T/yadNrR5ODtCr
CELmdfFaiGU8uavBTwcDtcriqBaX2o64Lfp2GjBeRZedvMOrWHm/QT46urzJaS3I
JCtFly8cd2jV30T+26r8gLPKYM9bqoQukQWLxmbi/djxP8pe5ytCYF1SD3nF2Ldf
Y0T5kUmzoDpun999rpaI4Li/l1KT+X3zyssAuAEA/Q==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:22:12 2025 by rpki-client