Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/da/a34a16-f880-4873-868b-5ecafda471f7/1/Gp5oUvYMizhFCo4nQYoZKK030Dc.roa
File: Gp5oUvYMizhFCo4nQYoZKK030Dc.roa (raw, json)
Hash identifier: Pfmk1IucucHyc+IzjoQlMATB3q6bgs962b3ZvHvmvQ4=
Subject key identifier: 1A:9E:68:52:F6:0C:8B:38:45:0A:8E:27:41:8A:19:28:AD:37:D0:37
Certificate issuer: /CN=c2eafaa30b340ecf810a4cb9af3b51c702566598
Certificate serial: 0186A2C6493F45FB80BE7D06B6F41BC4C375
Authority key identifier: C2:EA:FA:A3:0B:34:0E:CF:81:0A:4C:B9:AF:3B:51:C7:02:56:65:98
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wur6ows0Ds-BCky5rztRxwJWZZg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/da/a34a16-f880-4873-868b-5ecafda471f7/1/Gp5oUvYMizhFCo4nQYoZKK030Dc.roa
Signing time: Thu 02 Mar 2023 14:42:29 +0000
ROA not before: Thu 02 Mar 2023 14:42:29 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 210616
IP address blocks: 212.15.56.0/22 maxlen: 22
212.15.56.0/24 maxlen: 24
212.15.56.0/23 maxlen: 23
212.15.58.0/24 maxlen: 24
212.15.58.0/23 maxlen: 23
212.15.57.0/24 maxlen: 24
212.15.63.0/24 maxlen: 24
212.15.59.0/24 maxlen: 24
212.15.62.0/24 maxlen: 24
212.15.62.0/23 maxlen: 23
212.15.61.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:a2:c6:49:3f:45:fb:80:be:7d:06:b6:f4:1b:c4:c3:75
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c2eafaa30b340ecf810a4cb9af3b51c702566598
Validity
Not Before: Mar 2 14:42:29 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1a9e6852f60c8b38450a8e27418a1928ad37d037
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:fd:6a:3f:b3:6e:bd:87:6c:0c:b2:b8:ee:71:
3b:75:f4:46:31:cc:3a:46:be:eb:97:42:c1:9a:c7:
17:a3:1f:fc:88:ae:f2:1c:b9:0b:93:ed:ad:ee:f5:
70:76:e3:1a:9e:5b:9c:c4:f0:d7:5b:b2:d6:75:4e:
c5:74:88:0e:cc:e3:77:05:88:22:ae:2e:b6:85:79:
89:94:dd:e2:7a:69:a4:62:b9:b8:11:11:aa:a5:bf:
71:90:9d:a7:f4:28:6e:6a:65:9d:f2:ba:90:84:6d:
58:b9:30:2c:84:95:9f:5c:b5:93:60:70:e6:d8:a7:
62:7e:94:0e:25:68:0e:6e:3d:ca:26:cb:2d:f0:30:
2c:30:0d:5a:15:10:02:36:3c:cf:ca:50:ae:d8:eb:
4c:65:81:07:24:0d:f9:fe:c1:ed:de:99:04:bf:79:
08:e6:10:bd:40:20:7f:bf:d4:5f:d3:01:c5:36:77:
bf:14:18:56:12:4d:f5:aa:c7:9c:b7:0b:51:a6:7b:
77:b9:71:ff:69:b7:b6:30:34:80:be:05:4a:70:ed:
22:59:95:09:91:52:7f:3b:68:ca:46:2c:5a:8a:8d:
30:14:a1:11:de:8d:07:cf:8f:d1:de:76:ce:f7:57:
94:7b:29:58:91:1c:7c:fa:ca:84:c0:e6:71:52:0d:
82:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1A:9E:68:52:F6:0C:8B:38:45:0A:8E:27:41:8A:19:28:AD:37:D0:37
X509v3 Authority Key Identifier:
keyid:C2:EA:FA:A3:0B:34:0E:CF:81:0A:4C:B9:AF:3B:51:C7:02:56:65:98
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wur6ows0Ds-BCky5rztRxwJWZZg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/da/a34a16-f880-4873-868b-5ecafda471f7/1/Gp5oUvYMizhFCo4nQYoZKK030Dc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/da/a34a16-f880-4873-868b-5ecafda471f7/1/wur6ows0Ds-BCky5rztRxwJWZZg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.15.56.0/22
212.15.61.0-212.15.63.255
Signature Algorithm: sha256WithRSAEncryption
33:bd:43:96:d1:f2:8b:a6:4a:6e:24:6e:8b:9b:e0:88:30:16:
e5:32:c9:46:56:f3:45:fb:d8:7d:51:56:28:16:db:25:10:c3:
86:1b:fc:33:d4:12:a8:f7:bb:cf:52:1b:6e:05:ed:b7:b0:10:
a7:39:03:26:da:51:bf:d7:fa:9b:dc:a4:4a:bb:b3:34:e1:99:
7c:6b:2b:e6:75:b9:d6:4b:f8:3c:4b:93:9a:ac:e9:7a:bc:c6:
5c:a8:6d:0b:70:54:6a:65:56:ae:ad:fd:c2:8b:a5:72:4a:96:
f6:8e:2e:a6:15:52:19:7e:fe:8b:ba:f7:3c:67:6a:82:e6:a6:
70:8d:4c:3a:88:c2:83:ee:fa:e6:ad:10:0f:61:af:10:fc:e5:
6e:df:e3:6d:8e:ac:dc:80:dc:a0:45:66:ce:c7:4a:1a:42:2f:
5e:fb:c8:97:62:3b:7e:82:ae:82:f5:d0:62:a8:d4:6c:b0:04:
24:7c:94:f6:5e:ca:2d:97:f7:28:cc:3b:ed:80:57:6a:23:a7:
bf:20:d5:9b:3d:f7:14:a1:00:1c:30:aa:d7:6b:b2:86:a5:41:
70:28:22:5d:f2:95:f2:29:f3:8c:64:2e:f7:d1:ec:0a:b1:93:
61:95:80:d7:96:3d:4d:5b:9e:c0:b0:2d:98:ab:e9:c9:69:4b:
62:2a:c5:26
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYaixkk/RfuAvn0GtvQbxMN1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMyZWFmYWEzMGIzNDBlY2Y4MTBhNGNiOWFmM2I1MWM3MDI1
NjY1OTgwHhcNMjMwMzAyMTQ0MjI5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYTllNjg1MmY2MGM4YjM4NDUwYThlMjc0MThhMTkyOGFkMzdkMDM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx/1qP7NuvYdsDLK47nE7dfRGMcw6
Rr7rl0LBmscXox/8iK7yHLkLk+2t7vVwduManlucxPDXW7LWdU7FdIgOzON3BYgi
ri62hXmJlN3iemmkYrm4ERGqpb9xkJ2n9ChuamWd8rqQhG1YuTAshJWfXLWTYHDm
2KdifpQOJWgObj3KJsst8DAsMA1aFRACNjzPylCu2OtMZYEHJA35/sHt3pkEv3kI
5hC9QCB/v9Rf0wHFNne/FBhWEk31qsectwtRpnt3uXH/abe2MDSAvgVKcO0iWZUJ
kVJ/O2jKRixaio0wFKER3o0Hz4/R3nbO91eUeylYkRx8+sqEwOZxUg2CuQIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFBqeaFL2DIs4RQqOJ0GKGSitN9A3MB8GA1UdIwQY
MBaAFMLq+qMLNA7PgQpMua87UccCVmWYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd3VyNm93czBEcy1CQ2t5NXJ6dFJ4d0pXWlpnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYS9hMzRhMTYtZjg4MC00ODczLTg2OGIt
NWVjYWZkYTQ3MWY3LzEvR3A1b1V2WU1pemhGQ280blFZb1pLSzAzMERjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYS9hMzRhMTYtZjg4MC00ODczLTg2OGItNWVjYWZkYTQ3MWY3
LzEvd3VyNm93czBEcy1CQ2t5NXJ6dFJ4d0pXWlpnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUAwQC1A84MAwD
BADUDz0DBAbUDwAwDQYJKoZIhvcNAQELBQADggEBADO9Q5bR8oumSm4kboub4Igw
FuUyyUZW80X72H1RVigW2yUQw4Yb/DPUEqj3u89SG24F7bewEKc5AybaUb/X+pvc
pEq7szThmXxrK+Z1udZL+DxLk5qs6Xq8xlyobQtwVGplVq6t/cKLpXJKlvaOLqYV
Uhl+/ou69zxnaoLmpnCNTDqIwoPu+uatEA9hrxD85W7f422OrNyA3KBFZs7HShpC
L177yJdiO36CroL10GKo1GywBCR8lPZeyi2X9yjMO+2AV2ojp78g1Zs99xShABww
qtdrsoalQXAoIl3ylfIp84xkLvfR7Aqxk2GVgNeWPU1bnsCwLZir6clpS2IqxSY=
-----END CERTIFICATE-----
Generated at Fri Apr 18 06:58:53 2025 by rpki-client