Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/6bef22-f345-4603-a1e9-5cc2ef099aee/1/GPUFFYfm9xORRTpLNcNiKXMB31E.roa
File: GPUFFYfm9xORRTpLNcNiKXMB31E.roa (raw, json)
Hash identifier: HhLsRPnTQpVInR8hm8AULjv+i5eYMQXgU4RMvoxKqus=
Subject key identifier: 18:F5:05:15:87:E6:F7:13:91:45:3A:4B:35:C3:62:29:73:01:DF:51
Certificate issuer: /CN=92933e013644db9c9ee9b91df72e1338db8e2097
Certificate serial: 018BB3627ABEA63F5622C9064E48598EC8E1
Authority key identifier: 92:93:3E:01:36:44:DB:9C:9E:E9:B9:1D:F7:2E:13:38:DB:8E:20:97
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kpM-ATZE25ye6bkd9y4TONuOIJc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/6bef22-f345-4603-a1e9-5cc2ef099aee/1/GPUFFYfm9xORRTpLNcNiKXMB31E.roa
Signing time: Thu 09 Nov 2023 09:20:57 +0000
ROA not before: Thu 09 Nov 2023 09:20:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 200845
IP address blocks: 178.251.16.0/24 maxlen: 24
178.251.16.0/22 maxlen: 22
178.251.19.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:b3:62:7a:be:a6:3f:56:22:c9:06:4e:48:59:8e:c8:e1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=92933e013644db9c9ee9b91df72e1338db8e2097
Validity
Not Before: Nov 9 09:20:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=18f5051587e6f71391453a4b35c362297301df51
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:ea:5d:41:51:9c:4b:9c:5a:d8:31:23:11:a4:
5c:bd:c4:17:f1:26:13:88:81:37:75:1b:05:ce:e1:
09:ab:50:c6:14:26:40:3f:24:57:15:fd:ef:c7:9c:
54:0d:20:69:43:b0:dc:4a:b7:9f:1a:dc:41:41:8e:
51:da:4b:54:a0:d8:af:8f:03:5e:84:62:c5:e7:d8:
1a:b8:ec:1b:3c:f4:45:91:48:45:f3:e6:69:c8:9b:
ef:a1:20:17:80:1a:be:1a:bd:db:f7:eb:f5:a4:68:
ae:ee:4e:00:a2:88:73:c7:7a:99:7f:db:d8:69:ae:
e7:97:6c:2b:53:6f:7f:ab:20:5b:31:59:4b:94:4c:
9f:12:1a:b2:20:4b:b5:fc:06:59:84:10:e7:5f:cc:
94:08:0a:fd:93:ee:56:ff:29:b0:e1:84:b9:fe:1f:
3d:81:c1:77:83:d4:0c:54:08:cc:fe:3c:a8:4f:18:
c0:e6:56:93:3c:b1:67:82:75:55:a3:bf:c3:ee:31:
af:f7:18:18:d3:86:14:8e:96:1a:82:13:d2:b9:75:
6e:19:b7:7d:76:bb:88:3a:90:4a:6b:ea:fc:ec:6d:
bf:1b:35:39:f7:4d:18:42:f0:73:d6:fe:a7:07:95:
cc:f7:79:a2:22:46:54:28:36:fc:d2:eb:fe:1a:8a:
ed:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
18:F5:05:15:87:E6:F7:13:91:45:3A:4B:35:C3:62:29:73:01:DF:51
X509v3 Authority Key Identifier:
keyid:92:93:3E:01:36:44:DB:9C:9E:E9:B9:1D:F7:2E:13:38:DB:8E:20:97
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kpM-ATZE25ye6bkd9y4TONuOIJc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/6bef22-f345-4603-a1e9-5cc2ef099aee/1/GPUFFYfm9xORRTpLNcNiKXMB31E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/6bef22-f345-4603-a1e9-5cc2ef099aee/1/kpM-ATZE25ye6bkd9y4TONuOIJc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.251.16.0/22
Signature Algorithm: sha256WithRSAEncryption
07:d3:47:b1:f8:57:84:e6:eb:db:5f:ab:fb:6a:34:c3:cd:e3:
a3:a9:15:6b:69:49:cd:b1:10:1e:d7:36:6f:57:3b:1a:00:96:
7e:68:27:10:41:11:52:2a:ac:08:b7:a9:fd:c3:ef:6a:17:eb:
a5:f9:7f:ae:b3:1b:99:60:d0:5e:bf:63:ea:2e:3c:db:55:d0:
d2:1b:2b:50:d9:49:51:4c:ec:70:40:16:78:c1:01:4b:98:f3:
80:f9:5a:27:4e:6f:77:88:9a:a6:0d:e3:7f:b1:14:7b:9f:98:
80:9b:63:ea:da:45:e8:0d:d8:07:0a:9c:55:62:8c:ae:cb:1c:
70:71:95:e8:78:a4:e0:ed:07:3d:b1:1e:36:1e:52:58:86:28:
92:f3:54:e1:49:c0:b1:06:0a:80:27:8c:9c:30:09:df:73:da:
32:c7:a6:e1:8c:81:ef:a6:b5:a0:b4:6f:d1:80:05:00:18:3f:
96:c3:8b:38:d4:0f:0e:56:28:e5:2b:5f:3d:21:7c:49:2e:02:
92:98:e6:cd:c2:68:12:d6:7c:c4:bc:8b:66:ad:d9:21:79:96:
74:9a:91:1d:98:bc:ee:23:a0:6e:08:21:40:53:b9:1f:b1:3f:
88:5c:bb:2c:27:ac:7a:f7:b0:f0:73:4e:69:0e:a9:38:4d:8e:
c2:17:38:e7
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYuzYnq+pj9WIskGTkhZjsjhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyOTMzZTAxMzY0NGRiOWM5ZWU5YjkxZGY3MmUxMzM4ZGI4
ZTIwOTcwHhcNMjMxMTA5MDkyMDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxOGY1MDUxNTg3ZTZmNzEzOTE0NTNhNGIzNWMzNjIyOTczMDFkZjUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk+pdQVGcS5xa2DEjEaRcvcQX8SYT
iIE3dRsFzuEJq1DGFCZAPyRXFf3vx5xUDSBpQ7DcSrefGtxBQY5R2ktUoNivjwNe
hGLF59gauOwbPPRFkUhF8+ZpyJvvoSAXgBq+Gr3b9+v1pGiu7k4Aoohzx3qZf9vY
aa7nl2wrU29/qyBbMVlLlEyfEhqyIEu1/AZZhBDnX8yUCAr9k+5W/ymw4YS5/h89
gcF3g9QMVAjM/jyoTxjA5laTPLFngnVVo7/D7jGv9xgY04YUjpYaghPSuXVuGbd9
druIOpBKa+r87G2/GzU5900YQvBz1v6nB5XM93miIkZUKDb80uv+GortWwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBj1BRWH5vcTkUU6SzXDYilzAd9RMB8GA1UdIwQY
MBaAFJKTPgE2RNucnum5HfcuEzjbjiCXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva3BNLUFUWkUyNXllNmJrZDl5NFRPTnVPSUpjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy82YmVmMjItZjM0NS00NjAzLWExZTkt
NWNjMmVmMDk5YWVlLzEvR1BVRkZZZm05eE9SUlRwTE5jTmlLWE1CMzFFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy82YmVmMjItZjM0NS00NjAzLWExZTktNWNjMmVmMDk5YWVl
LzEva3BNLUFUWkUyNXllNmJrZDl5NFRPTnVPSUpjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCsvsQMA0G
CSqGSIb3DQEBCwUAA4IBAQAH00ex+FeE5uvbX6v7ajTDzeOjqRVraUnNsRAe1zZv
VzsaAJZ+aCcQQRFSKqwIt6n9w+9qF+ul+X+usxuZYNBev2PqLjzbVdDSGytQ2UlR
TOxwQBZ4wQFLmPOA+VonTm93iJqmDeN/sRR7n5iAm2Pq2kXoDdgHCpxVYoyuyxxw
cZXoeKTg7Qc9sR42HlJYhiiS81ThScCxBgqAJ4ycMAnfc9oyx6bhjIHvprWgtG/R
gAUAGD+Ww4s41A8OVijlK189IXxJLgKSmObNwmgS1nzEvItmrdkheZZ0mpEdmLzu
I6BuCCFAU7kfsT+IXLssJ6x697Dwc05pDqk4TY7CFzjn
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:39:44 2025 by rpki-client