Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/a9f93b-be31-45cf-aa7e-aaa4553d2abd/1/K-GtBirf9_g8Nz-LjZN6_grlqIA.roa
File: K-GtBirf9_g8Nz-LjZN6_grlqIA.roa (raw, json)
Hash identifier: R0npmz+JCzLpqakZmrfEFBwF2rwdbLch3XAM07NM/QU=
Subject key identifier: 2B:E1:AD:06:2A:DF:F7:F8:3C:37:3F:8B:8D:93:7A:FE:0A:E5:A8:80
Certificate issuer: /CN=5a6f9295521df30a158f506ba7cb873ab9529dc3
Certificate serial: 3940B62A
Authority key identifier: 5A:6F:92:95:52:1D:F3:0A:15:8F:50:6B:A7:CB:87:3A:B9:52:9D:C3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Wm-SlVId8woVj1Brp8uHOrlSncM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/a9f93b-be31-45cf-aa7e-aaa4553d2abd/1/K-GtBirf9_g8Nz-LjZN6_grlqIA.roa
Signing time: Sat 01 Jan 2022 03:53:00 +0000
ROA not before: Sat 01 Jan 2022 03:53:00 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 8762
IP address blocks: 195.251.48.0/24 maxlen: 24
194.177.198.0/24 maxlen: 24
2001:648:2c10::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 960542250 (0x3940b62a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5a6f9295521df30a158f506ba7cb873ab9529dc3
Validity
Not Before: Jan 1 03:53:00 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=2be1ad062adff7f83c373f8b8d937afe0ae5a880
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:06:0c:7a:62:7c:ac:6f:75:de:76:42:d1:d5:
29:7f:10:0a:a4:31:c3:ea:78:f0:1e:82:a2:e3:12:
d6:79:00:7a:86:73:86:b7:ba:f0:45:e8:17:30:4d:
8f:a6:74:29:5b:00:44:96:88:79:55:c5:51:e9:21:
af:bf:15:b4:24:51:68:af:37:1e:4f:1b:ef:dc:12:
9f:32:4a:23:33:32:b4:ef:32:85:79:78:67:33:96:
23:60:08:6e:85:b2:99:cd:1c:24:82:fe:f0:11:3b:
22:e8:20:39:4b:87:d5:26:e5:dd:44:cf:fe:d5:62:
a9:a7:f9:7d:b5:0e:43:6a:44:a8:0d:55:d3:89:df:
55:7a:a2:7c:ca:02:56:5e:b1:92:df:40:1e:f2:a8:
71:c0:b9:a1:51:b7:dc:0d:02:2d:7d:77:f6:4b:fe:
08:da:d5:23:78:41:d4:bd:17:ae:b9:6e:f6:0f:17:
da:c4:20:75:38:6f:1b:f6:7c:a6:a6:b2:74:bd:93:
68:e7:d7:a1:ff:a9:44:a1:13:4e:dc:17:68:ee:16:
3a:cf:c9:53:4e:c5:42:39:c5:1f:0f:81:5a:67:e0:
ff:8d:34:b9:2e:a6:3f:18:37:c0:1e:4a:ce:e6:5a:
1c:8a:09:92:c5:17:2c:e5:ef:d5:5a:74:84:7c:3c:
78:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:E1:AD:06:2A:DF:F7:F8:3C:37:3F:8B:8D:93:7A:FE:0A:E5:A8:80
X509v3 Authority Key Identifier:
keyid:5A:6F:92:95:52:1D:F3:0A:15:8F:50:6B:A7:CB:87:3A:B9:52:9D:C3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Wm-SlVId8woVj1Brp8uHOrlSncM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/a9f93b-be31-45cf-aa7e-aaa4553d2abd/1/K-GtBirf9_g8Nz-LjZN6_grlqIA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/a9f93b-be31-45cf-aa7e-aaa4553d2abd/1/Wm-SlVId8woVj1Brp8uHOrlSncM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.177.198.0/24
195.251.48.0/24
IPv6:
2001:648:2c10::/48
Signature Algorithm: sha256WithRSAEncryption
2a:b3:5f:96:47:ef:34:30:a0:9a:bd:0e:67:97:9a:fd:3c:b7:
20:ce:0a:18:07:03:27:87:da:71:18:4d:dd:bc:b1:5f:b8:19:
09:ef:13:05:c3:11:f1:55:5e:08:de:8e:e5:97:69:fe:65:ec:
3a:af:e5:09:bd:2a:93:af:14:71:7b:5d:98:cb:6c:22:4c:9b:
9b:cf:4b:1c:89:44:c1:48:9c:7d:6b:17:7c:28:29:5f:c8:57:
87:e3:c7:56:55:19:2c:6d:8d:8f:18:de:89:bc:4b:46:15:4c:
e1:92:c8:ed:a5:5b:88:5d:d5:81:5d:19:64:ff:15:eb:43:03:
b5:d1:8b:c5:79:49:a3:d5:ef:be:9f:9f:14:3e:78:6d:e9:cc:
3b:ff:2d:a2:b5:da:ec:df:73:d7:1f:23:0d:ce:3c:24:dd:eb:
9a:c9:c4:e3:ad:ab:df:8f:1a:d2:7b:64:36:b1:ea:16:e1:94:
3f:ff:e7:af:21:69:ed:d4:80:64:b4:43:a2:c0:4c:0d:d6:24:
a2:f7:36:e6:f0:b6:f0:b1:b9:5f:a7:d2:33:07:74:c2:76:e9:
15:54:49:88:c8:50:d2:22:3f:fb:bc:c7:07:6a:0e:8f:66:0d:
e0:7f:7a:26:56:55:a6:08:43:9b:72:7c:02:64:87:5c:3a:9b:
eb:f7:f0:07
-----BEGIN CERTIFICATE-----
MIIFBjCCA+6gAwIBAgIEOUC2KjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg1
YTZmOTI5NTUyMWRmMzBhMTU4ZjUwNmJhN2NiODczYWI5NTI5ZGMzMB4XDTIyMDEw
MTAzNTMwMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMmJlMWFkMDYyYWRm
ZjdmODNjMzczZjhiOGQ5MzdhZmUwYWU1YTg4MDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALwGDHpifKxvdd52QtHVKX8QCqQxw+p48B6CouMS1nkAeoZz
hre68EXoFzBNj6Z0KVsARJaIeVXFUekhr78VtCRRaK83Hk8b79wSnzJKIzMytO8y
hXl4ZzOWI2AIboWymc0cJIL+8BE7IuggOUuH1Sbl3UTP/tViqaf5fbUOQ2pEqA1V
04nfVXqifMoCVl6xkt9AHvKoccC5oVG33A0CLX139kv+CNrVI3hB1L0Xrrlu9g8X
2sQgdThvG/Z8pqaydL2TaOfXof+pRKETTtwXaO4WOs/JU07FQjnFHw+BWmfg/400
uS6mPxg3wB5KzuZaHIoJksUXLOXv1Vp0hHw8ePsCAwEAAaOCAiAwggIcMB0GA1Ud
DgQWBBQr4a0GKt/3+Dw3P4uNk3r+CuWogDAfBgNVHSMEGDAWgBRab5KVUh3zChWP
UGuny4c6uVKdwzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1dtLVNsVklkOHdvVmoxQnJwOHVIT3JsU25jTS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYzgvYTlmOTNiLWJlMzEtNDVjZi1hYTdlLWFhYTQ1NTNkMmFiZC8x
L0stR3RCaXJmOV9nOE56LUxqWk42X2dybHFJQS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYzgv
YTlmOTNiLWJlMzEtNDVjZi1hYTdlLWFhYTQ1NTNkMmFiZC8xL1dtLVNsVklkOHdv
VmoxQnJwOHVIT3JsU25jTS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA2
BggrBgEFBQcBBwEB/wQnMCUwEgQCAAEwDAMEAMKxxgMEAMP7MDAPBAIAAjAJAwcA
IAEGSCwQMA0GCSqGSIb3DQEBCwUAA4IBAQAqs1+WR+80MKCavQ5nl5r9PLcgzgoY
BwMnh9pxGE3dvLFfuBkJ7xMFwxHxVV4I3o7ll2n+Zew6r+UJvSqTrxRxe12Yy2wi
TJubz0sciUTBSJx9axd8KClfyFeH48dWVRksbY2PGN6JvEtGFUzhksjtpVuIXdWB
XRlk/xXrQwO10YvFeUmj1e++n58UPnht6cw7/y2itdrs33PXHyMNzjwk3euaycTj
ravfjxrSe2Q2seoW4ZQ//+evIWnt1IBktEOiwEwN1iSi9zbm8Lbwsblfp9IzB3TC
dukVVEmIyFDSIj/7vMcHag6PZg3gf3omVlWmCEObcnwCZIdcOpvr9/AH
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:09:25 2025 by rpki-client