Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/bba973-7c9f-4b11-b611-ad575522b365/1/ghpyC188M70-3n44EacI5Wmrmlw.roa
File: ghpyC188M70-3n44EacI5Wmrmlw.roa (raw, json)
Hash identifier: nlrWGd71NMs9oAxe9eVyeJaB8bYsLHogf/ENganmj1s=
Subject key identifier: 82:1A:72:0B:5F:3C:33:BD:3E:DE:7E:38:11:A7:08:E5:69:AB:9A:5C
Certificate issuer: /CN=b05d28d16626bc5dcabf2e915435782b96e14071
Certificate serial: 018A4ACBCBA6F168404464290BB415669D84
Authority key identifier: B0:5D:28:D1:66:26:BC:5D:CA:BF:2E:91:54:35:78:2B:96:E1:40:71
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sF0o0WYmvF3Kvy6RVDV4K5bhQHE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/bba973-7c9f-4b11-b611-ad575522b365/1/ghpyC188M70-3n44EacI5Wmrmlw.roa
Signing time: Thu 31 Aug 2023 08:53:04 +0000
ROA not before: Thu 31 Aug 2023 08:53:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 38915
IP address blocks: 2a07:3500:1998::/48 maxlen: 48
2a07:3500:19d8::/48 maxlen: 48
2a07:3500:19a8::/48 maxlen: 48
2a07:3500:19e8::/48 maxlen: 48
2a07:3500:19e0::/48 maxlen: 48
2a07:3500:19a0::/48 maxlen: 48
2a07:3500:19b0::/48 maxlen: 48
2a07:3500:19f0::/48 maxlen: 48
2a07:3500:1a00::/48 maxlen: 48
2a07:3500:1200::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:4a:cb:cb:a6:f1:68:40:44:64:29:0b:b4:15:66:9d:84
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b05d28d16626bc5dcabf2e915435782b96e14071
Validity
Not Before: Aug 31 08:53:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=821a720b5f3c33bd3ede7e3811a708e569ab9a5c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:1d:8d:f6:3f:2e:c7:3d:c6:5a:38:34:43:d8:
36:5d:77:40:37:55:eb:a3:d3:17:47:16:70:4c:56:
b3:5b:2a:68:c1:13:4a:01:5d:17:0e:74:14:c0:cc:
e3:22:64:ca:30:26:85:26:46:24:97:f0:c3:49:4b:
c2:63:4f:61:2a:7d:e6:df:5f:bd:e5:ee:af:6a:de:
c1:f2:ee:67:23:e1:fc:bf:88:f1:8c:a2:44:1c:19:
33:b1:3f:96:1d:1e:d8:04:df:d7:5a:8f:29:5e:7d:
28:19:40:bf:13:a8:18:36:cc:03:58:2a:3f:98:0d:
eb:90:80:64:3e:7b:f5:ac:9c:fc:16:54:7b:9d:26:
5d:00:ac:9e:c0:96:8d:8e:8b:71:da:8e:dd:9e:70:
98:f2:73:44:c9:5c:0d:6c:aa:eb:6c:44:82:a4:c5:
32:4b:ba:68:49:ff:22:14:f0:b1:c5:90:84:d4:e7:
6f:c1:8c:41:76:ef:f3:c6:94:8b:db:97:cd:4c:52:
2c:96:d2:31:e0:aa:99:ee:64:c3:4b:b0:7d:da:00:
ad:86:27:5e:80:72:0b:16:93:e4:1c:3e:47:7d:e7:
a2:b1:ea:d3:28:c5:58:26:ae:30:b3:21:f0:67:9b:
65:18:a3:ee:6c:12:53:fa:9b:53:01:dc:e8:fd:ab:
e3:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
82:1A:72:0B:5F:3C:33:BD:3E:DE:7E:38:11:A7:08:E5:69:AB:9A:5C
X509v3 Authority Key Identifier:
keyid:B0:5D:28:D1:66:26:BC:5D:CA:BF:2E:91:54:35:78:2B:96:E1:40:71
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sF0o0WYmvF3Kvy6RVDV4K5bhQHE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/bba973-7c9f-4b11-b611-ad575522b365/1/ghpyC188M70-3n44EacI5Wmrmlw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/bba973-7c9f-4b11-b611-ad575522b365/1/sF0o0WYmvF3Kvy6RVDV4K5bhQHE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a07:3500:1200::/48
2a07:3500:1998::/48
2a07:3500:19a0::/48
2a07:3500:19a8::/48
2a07:3500:19b0::/48
2a07:3500:19d8::/48
2a07:3500:19e0::/48
2a07:3500:19e8::/48
2a07:3500:19f0::/48
2a07:3500:1a00::/48
Signature Algorithm: sha256WithRSAEncryption
bc:0c:06:aa:29:b5:b8:28:ef:87:08:d0:8c:53:9b:17:8a:d4:
96:09:2f:d6:29:f4:62:b8:91:14:a5:8d:a8:ff:de:36:42:f3:
13:ac:b0:e5:04:79:17:5f:fe:97:ec:7c:b4:ac:82:f3:09:57:
65:ac:bf:ca:02:0b:4f:63:06:ce:7a:e6:67:a7:db:69:2a:f5:
2f:e7:a9:6d:8c:a7:89:f8:47:da:53:b9:14:94:2b:45:d9:da:
a9:53:33:c8:91:bc:49:79:25:ec:5d:31:d2:a9:e8:87:14:95:
f6:e0:62:3d:b7:46:29:d0:0d:a6:c7:48:53:a3:e5:2a:a6:4a:
a9:60:b3:6a:41:db:3c:3e:dd:67:88:cb:08:fc:a0:f3:ef:b0:
d1:ca:69:a3:fd:9f:9b:ba:3a:c9:48:e7:9b:5d:14:55:a1:f5:
db:24:5d:8c:8d:88:56:43:b4:e0:6a:15:3a:0f:de:b3:c9:30:
a8:3a:4c:f4:2d:4e:32:f1:6a:25:1b:13:2b:6a:e1:62:21:3d:
e9:2a:c3:bb:ee:bc:2a:b6:d0:4f:af:a9:af:2a:dc:d9:59:78:
18:80:24:01:df:ea:1f:9d:cd:e4:52:d8:16:2f:91:1c:21:ab:
88:a4:ec:c0:98:10:24:d1:a8:6a:d4:fd:e7:d0:3c:67:b2:77:
3e:9a:f9:51
-----BEGIN CERTIFICATE-----
MIIFUTCCBDmgAwIBAgISAYpKy8um8WhARGQpC7QVZp2EMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIwNWQyOGQxNjYyNmJjNWRjYWJmMmU5MTU0MzU3ODJiOTZl
MTQwNzEwHhcNMjMwODMxMDg1MzA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MjFhNzIwYjVmM2MzM2JkM2VkZTdlMzgxMWE3MDhlNTY5YWI5YTVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzh2N9j8uxz3GWjg0Q9g2XXdAN1Xr
o9MXRxZwTFazWypowRNKAV0XDnQUwMzjImTKMCaFJkYkl/DDSUvCY09hKn3m31+9
5e6vat7B8u5nI+H8v4jxjKJEHBkzsT+WHR7YBN/XWo8pXn0oGUC/E6gYNswDWCo/
mA3rkIBkPnv1rJz8FlR7nSZdAKyewJaNjotx2o7dnnCY8nNEyVwNbKrrbESCpMUy
S7poSf8iFPCxxZCE1OdvwYxBdu/zxpSL25fNTFIsltIx4KqZ7mTDS7B92gCthide
gHILFpPkHD5HfeeiserTKMVYJq4wsyHwZ5tlGKPubBJT+ptTAdzo/avj9QIDAQAB
o4ICXTCCAlkwHQYDVR0OBBYEFIIacgtfPDO9Pt5+OBGnCOVpq5pcMB8GA1UdIwQY
MBaAFLBdKNFmJrxdyr8ukVQ1eCuW4UBxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc0YwbzBXWW12RjNLdnk2UlZEVjRLNWJoUUhFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy9iYmE5NzMtN2M5Zi00YjExLWI2MTEt
YWQ1NzU1MjJiMzY1LzEvZ2hweUMxODhNNzAtM240NEVhY0k1V21ybWx3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy9iYmE5NzMtN2M5Zi00YjExLWI2MTEtYWQ1NzU1MjJiMzY1
LzEvc0YwbzBXWW12RjNLdnk2UlZEVjRLNWJoUUhFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHMGCCsGAQUFBwEHAQH/BGQwYjBgBAIAAjBaAwcAKgc1ABIA
AwcAKgc1ABmYAwcAKgc1ABmgAwcAKgc1ABmoAwcAKgc1ABmwAwcAKgc1ABnYAwcA
Kgc1ABngAwcAKgc1ABnoAwcAKgc1ABnwAwcAKgc1ABoAMA0GCSqGSIb3DQEBCwUA
A4IBAQC8DAaqKbW4KO+HCNCMU5sXitSWCS/WKfRiuJEUpY2o/942QvMTrLDlBHkX
X/6X7Hy0rILzCVdlrL/KAgtPYwbOeuZnp9tpKvUv56ltjKeJ+EfaU7kUlCtF2dqp
UzPIkbxJeSXsXTHSqeiHFJX24GI9t0Yp0A2mx0hTo+UqpkqpYLNqQds8Pt1niMsI
/KDz77DRymmj/Z+bujrJSOebXRRVofXbJF2MjYhWQ7TgahU6D96zyTCoOkz0LU4y
8WolGxMrauFiIT3pKsO77rwqttBPr6mvKtzZWXgYgCQB3+ofnc3kUtgWL5EcIauI
pOzAmBAk0ahq1P3n0Dxnsnc+mvlR
-----END CERTIFICATE-----
Generated at Sun Apr 20 17:36:13 2025 by rpki-client