Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/8d3c82-e403-4da6-b315-8790206f0d74/1/GA_ULbdwhZdMOaWbjTCZh5jsiYk.roa
File: GA_ULbdwhZdMOaWbjTCZh5jsiYk.roa (raw, json)
Hash identifier: iUqhvwqsPdPYNzYjlTkww5FoVueTKE+T0tNeqP4DGI4=
Subject key identifier: 18:0F:D4:2D:B7:70:85:97:4C:39:A5:9B:8D:30:99:87:98:EC:89:89
Certificate issuer: /CN=41f5a10e4fd2655adbbb40ede18b2615ac558ea9
Certificate serial: 3670F8F8
Authority key identifier: 41:F5:A1:0E:4F:D2:65:5A:DB:BB:40:ED:E1:8B:26:15:AC:55:8E:A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QfWhDk_SZVrbu0Dt4YsmFaxVjqk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/8d3c82-e403-4da6-b315-8790206f0d74/1/GA_ULbdwhZdMOaWbjTCZh5jsiYk.roa
Signing time: Thu 07 Apr 2022 12:34:29 +0000
ROA not before: Thu 07 Apr 2022 12:34:29 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 209371
IP address blocks: 192.109.200.0/24 maxlen: 24
192.109.139.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 913373432 (0x3670f8f8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=41f5a10e4fd2655adbbb40ede18b2615ac558ea9
Validity
Not Before: Apr 7 12:34:29 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=180fd42db77085974c39a59b8d30998798ec8989
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:0e:81:8e:d8:c4:79:97:d1:a4:a7:57:18:f7:
8b:32:1d:5a:aa:15:82:82:6c:e9:50:7e:a3:c8:4a:
c9:54:06:0d:44:f5:7c:e1:a4:37:09:58:18:77:83:
35:ed:f4:0e:36:19:f3:d9:2a:f5:0e:f7:3d:09:9c:
c1:06:bd:24:47:db:85:f4:fa:6a:f2:6a:c6:7d:84:
00:7b:2f:66:2e:7e:84:54:80:9e:ac:43:f0:dc:8e:
6a:73:e3:cb:ed:76:ed:22:65:f6:d7:bd:9e:00:bf:
41:9f:eb:b7:61:00:6d:51:97:d7:59:b4:51:66:c9:
a6:8b:db:27:6a:bc:1f:a6:e0:f5:03:98:d2:a6:1b:
9c:f3:e6:0c:68:6c:14:29:a9:8c:72:f3:63:6b:16:
9d:b9:ae:71:17:12:b2:8b:5b:33:7f:77:32:3b:d2:
07:aa:06:94:30:27:0b:78:f3:71:bc:f6:24:d1:ff:
a8:38:a9:7d:df:71:64:5f:52:b2:eb:e7:24:b5:dc:
3c:78:ba:da:59:99:d6:be:04:a6:74:40:a9:22:aa:
33:e8:f1:0c:94:9d:53:84:b1:ab:25:f9:35:9c:0f:
e7:90:dd:64:90:87:38:dc:3d:5b:78:72:67:48:a6:
38:cd:df:cd:6c:7d:36:bc:8d:cf:00:3a:86:d8:a8:
e8:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
18:0F:D4:2D:B7:70:85:97:4C:39:A5:9B:8D:30:99:87:98:EC:89:89
X509v3 Authority Key Identifier:
keyid:41:F5:A1:0E:4F:D2:65:5A:DB:BB:40:ED:E1:8B:26:15:AC:55:8E:A9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QfWhDk_SZVrbu0Dt4YsmFaxVjqk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8d3c82-e403-4da6-b315-8790206f0d74/1/GA_ULbdwhZdMOaWbjTCZh5jsiYk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8d3c82-e403-4da6-b315-8790206f0d74/1/QfWhDk_SZVrbu0Dt4YsmFaxVjqk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.109.139.0/24
192.109.200.0/24
Signature Algorithm: sha256WithRSAEncryption
ac:d3:81:a5:b7:cf:0f:cb:2b:3f:e8:87:70:6c:93:a1:39:a1:
6b:b6:7c:e9:b7:37:97:84:a0:b9:e3:a0:6d:91:98:fb:26:80:
4f:49:08:e8:aa:17:54:9c:ec:c7:90:61:a5:1e:25:a1:38:7b:
16:40:6d:51:1f:ff:c0:47:62:9b:d1:3d:ea:f6:39:9d:53:25:
ed:c1:04:6c:69:8f:66:a8:1b:74:27:df:3c:8c:50:fa:c4:c0:
ca:5b:1e:e0:7a:2c:8f:cd:e8:a4:de:e1:56:46:77:d5:ab:81:
c6:02:2b:13:b5:64:33:b3:9d:ff:63:11:49:79:01:8f:50:54:
57:55:a4:0e:ee:1a:b9:3e:40:ac:00:7d:e0:c6:28:25:e2:4e:
09:f3:95:b4:73:8b:5f:de:24:c1:87:de:3b:b0:c9:00:3e:1b:
36:7c:c0:69:13:06:79:d9:a5:dd:d1:28:5d:21:7f:f3:cf:dc:
20:c2:fe:b6:2b:fa:a2:56:52:5b:59:b9:00:38:1f:db:f9:9c:
14:b2:84:5f:39:3f:30:fb:ba:f9:24:15:60:77:9e:be:d0:b4:
79:10:df:ee:cc:e3:1e:af:cd:18:aa:e1:0a:10:9d:e0:a9:b1:
02:02:f4:08:25:b7:5c:ee:0f:24:88:35:2d:04:89:03:af:ca:
bf:f2:c1:25
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIENnD4+DANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0
MWY1YTEwZTRmZDI2NTVhZGJiYjQwZWRlMThiMjYxNWFjNTU4ZWE5MB4XDTIyMDQw
NzEyMzQyOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMTgwZmQ0MmRiNzcw
ODU5NzRjMzlhNTliOGQzMDk5ODc5OGVjODk4OTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALUOgY7YxHmX0aSnVxj3izIdWqoVgoJs6VB+o8hKyVQGDUT1
fOGkNwlYGHeDNe30DjYZ89kq9Q73PQmcwQa9JEfbhfT6avJqxn2EAHsvZi5+hFSA
nqxD8NyOanPjy+127SJl9te9ngC/QZ/rt2EAbVGX11m0UWbJpovbJ2q8H6bg9QOY
0qYbnPPmDGhsFCmpjHLzY2sWnbmucRcSsotbM393MjvSB6oGlDAnC3jzcbz2JNH/
qDipfd9xZF9SsuvnJLXcPHi62lmZ1r4EpnRAqSKqM+jxDJSdU4SxqyX5NZwP55Dd
ZJCHONw9W3hyZ0imOM3fzWx9NryNzwA6htio6H8CAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBQYD9Qtt3CFl0w5pZuNMJmHmOyJiTAfBgNVHSMEGDAWgBRB9aEOT9JlWtu7
QO3hiyYVrFWOqTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1FmV2hEa19TWlZyYnUwRHQ0WXNtRmF4Vmpxay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZjYvOGQzYzgyLWU0MDMtNGRhNi1iMzE1LTg3OTAyMDZmMGQ3NC8x
L0dBX1VMYmR3aFpkTU9hV2JqVENaaDVqc2lZay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZjYv
OGQzYzgyLWU0MDMtNGRhNi1iMzE1LTg3OTAyMDZmMGQ3NC8xL1FmV2hEa19TWlZy
YnUwRHQ0WXNtRmF4Vmpxay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEAMBtiwMEAMBtyDANBgkqhkiG9w0B
AQsFAAOCAQEArNOBpbfPD8srP+iHcGyToTmha7Z86bc3l4SgueOgbZGY+yaAT0kI
6KoXVJzsx5BhpR4loTh7FkBtUR//wEdim9E96vY5nVMl7cEEbGmPZqgbdCffPIxQ
+sTAylse4Hosj83opN7hVkZ31auBxgIrE7VkM7Od/2MRSXkBj1BUV1WkDu4auT5A
rAB94MYoJeJOCfOVtHOLX94kwYfeO7DJAD4bNnzAaRMGedml3dEoXSF/88/cIML+
tiv6olZSW1m5ADgf2/mcFLKEXzk/MPu6+SQVYHeevtC0eRDf7szjHq/NGKrhChCd
4KmxAgL0CCW3XO4PJIg1LQSJA6/Kv/LBJQ==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:12:19 2025 by rpki-client