Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/5786ab-067e-440c-b276-1b06d1c704c1/1/gKjpmLTCNB_lIaItcHIiJYDB84g.roa
File: gKjpmLTCNB_lIaItcHIiJYDB84g.roa (raw, json)
Hash identifier: rbo3D7Ndd45gPEuV6A08AEontyk/DmfGbuNeNylyh4Q=
Subject key identifier: 80:A8:E9:98:B4:C2:34:1F:E5:21:A2:2D:70:72:22:25:80:C1:F3:88
Certificate issuer: /CN=d3d56f07be184cba52f6fdc049e8114d2616c32a
Certificate serial: 018572C376F43EBA337E9E68EDF33BD9384A
Authority key identifier: D3:D5:6F:07:BE:18:4C:BA:52:F6:FD:C0:49:E8:11:4D:26:16:C3:2A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/09VvB74YTLpS9v3ASegRTSYWwyo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fd/5786ab-067e-440c-b276-1b06d1c704c1/1/gKjpmLTCNB_lIaItcHIiJYDB84g.roa
Signing time: Mon 02 Jan 2023 13:54:50 +0000
ROA not before: Mon 02 Jan 2023 13:54:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 50607
IP address blocks: 176.126.56.0/22 maxlen: 22
91.198.97.0/24 maxlen: 24
2001:67c:778::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:c3:76:f4:3e:ba:33:7e:9e:68:ed:f3:3b:d9:38:4a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3d56f07be184cba52f6fdc049e8114d2616c32a
Validity
Not Before: Jan 2 13:54:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=80a8e998b4c2341fe521a22d7072222580c1f388
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:f7:db:ff:aa:bd:ca:c9:68:67:07:00:5b:ba:
93:58:ed:f0:97:19:70:b7:7f:26:13:59:2c:eb:6a:
d7:df:46:03:3e:38:ba:05:3d:40:4c:88:e5:c5:bb:
e1:ff:51:4e:2d:04:4e:8d:42:8e:91:63:b0:30:50:
e7:3d:85:b0:ef:9b:ff:79:9c:3f:86:c1:bb:42:24:
6f:0e:e0:b9:15:32:c6:9a:3c:c8:59:42:ee:1f:92:
fd:22:41:97:fa:3e:82:8d:5e:ea:7e:fd:e6:0c:18:
06:0c:ed:be:8c:eb:db:78:9a:cf:d4:9f:2c:81:7c:
1d:f1:3c:48:be:a9:92:6d:8b:ab:89:64:65:a7:f3:
48:eb:9b:cd:5b:3a:eb:13:6c:95:6b:88:e2:a0:d7:
77:52:ba:66:57:e8:6e:eb:c4:f4:02:6c:11:98:1e:
55:f7:7a:66:bc:50:bf:fd:34:bf:9e:f4:0d:8d:14:
16:67:e6:70:79:80:cc:fc:c7:09:07:05:38:c2:ff:
d9:ff:b2:ef:ef:37:1b:90:e5:6d:28:aa:bb:ee:2f:
07:49:e7:7d:cd:37:5c:52:e7:51:ec:2f:4d:cf:ca:
50:c7:2d:45:b4:54:2a:71:fe:05:09:50:27:65:4e:
cf:f2:c8:0a:74:85:8d:e2:67:34:d0:34:14:16:5e:
e2:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
80:A8:E9:98:B4:C2:34:1F:E5:21:A2:2D:70:72:22:25:80:C1:F3:88
X509v3 Authority Key Identifier:
keyid:D3:D5:6F:07:BE:18:4C:BA:52:F6:FD:C0:49:E8:11:4D:26:16:C3:2A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/09VvB74YTLpS9v3ASegRTSYWwyo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/5786ab-067e-440c-b276-1b06d1c704c1/1/gKjpmLTCNB_lIaItcHIiJYDB84g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/5786ab-067e-440c-b276-1b06d1c704c1/1/09VvB74YTLpS9v3ASegRTSYWwyo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.198.97.0/24
176.126.56.0/22
IPv6:
2001:67c:778::/48
Signature Algorithm: sha256WithRSAEncryption
26:92:ec:56:50:36:c8:f9:7b:0f:0b:c4:80:9a:50:5c:8d:a4:
78:59:f3:4b:ee:3f:10:6f:c0:0b:70:c1:44:be:0b:32:86:8d:
ab:ce:cd:ae:af:ac:cf:ed:ac:a6:2a:27:4b:16:6a:20:8f:f3:
e5:bd:8e:b2:3e:9f:7f:4f:a1:96:8b:91:1e:b3:0f:38:65:9d:
41:e6:87:b1:7f:cf:d4:07:5a:2f:70:00:b0:07:7e:93:d8:6d:
4c:a8:d1:50:36:31:4e:87:db:6e:10:10:b3:fa:86:b0:bf:68:
20:ee:bf:56:95:7e:98:48:54:f1:5d:10:93:ba:c5:cf:83:e4:
89:15:2f:c2:62:19:9a:3f:64:38:47:ba:3a:04:57:fe:05:51:
16:13:6a:96:0b:7e:cc:8d:93:7e:ea:34:19:ec:05:a5:40:8c:
48:01:ea:6f:bc:83:a0:b2:1c:d3:d2:e9:bd:7e:0a:68:76:69:
54:8f:de:fd:1c:f8:49:17:62:2a:c3:27:43:f1:5c:74:47:1e:
e1:63:1f:33:92:8d:0c:e4:39:93:e4:62:55:d8:bf:59:bf:eb:
f0:25:05:a4:dc:a7:1a:de:6f:d9:4d:86:d2:81:82:a4:50:54:
a3:c6:81:ce:0e:ce:6b:2c:f0:ff:60:73:b7:8b:44:33:17:3f:
31:08:d0:ae
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAYVyw3b0Prozfp5o7fM72ThKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzZDU2ZjA3YmUxODRjYmE1MmY2ZmRjMDQ5ZTgxMTRkMjYx
NmMzMmEwHhcNMjMwMTAyMTM1NDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MGE4ZTk5OGI0YzIzNDFmZTUyMWEyMmQ3MDcyMjIyNTgwYzFmMzg4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkffb/6q9ysloZwcAW7qTWO3wlxlw
t38mE1ks62rX30YDPji6BT1ATIjlxbvh/1FOLQROjUKOkWOwMFDnPYWw75v/eZw/
hsG7QiRvDuC5FTLGmjzIWULuH5L9IkGX+j6CjV7qfv3mDBgGDO2+jOvbeJrP1J8s
gXwd8TxIvqmSbYuriWRlp/NI65vNWzrrE2yVa4jioNd3UrpmV+hu68T0AmwRmB5V
93pmvFC//TS/nvQNjRQWZ+ZweYDM/McJBwU4wv/Z/7Lv7zcbkOVtKKq77i8HSed9
zTdcUudR7C9Nz8pQxy1FtFQqcf4FCVAnZU7P8sgKdIWN4mc00DQUFl7i4wIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFICo6Zi0wjQf5SGiLXByIiWAwfOIMB8GA1UdIwQY
MBaAFNPVbwe+GEy6Uvb9wEnoEU0mFsMqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDlWdkI3NFlUTHBTOXYzQVNlZ1JUU1lXd3lvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC81Nzg2YWItMDY3ZS00NDBjLWIyNzYt
MWIwNmQxYzcwNGMxLzEvZ0tqcG1MVENOQl9sSWFJdGNISWlKWURCODRnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZC81Nzg2YWItMDY3ZS00NDBjLWIyNzYtMWIwNmQxYzcwNGMx
LzEvMDlWdkI3NFlUTHBTOXYzQVNlZ1JUU1lXd3lvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQAW8ZhAwQC
sH44MA8EAgACMAkDBwAgAQZ8B3gwDQYJKoZIhvcNAQELBQADggEBACaS7FZQNsj5
ew8LxICaUFyNpHhZ80vuPxBvwAtwwUS+CzKGjavOza6vrM/trKYqJ0sWaiCP8+W9
jrI+n39PoZaLkR6zDzhlnUHmh7F/z9QHWi9wALAHfpPYbUyo0VA2MU6H224QELP6
hrC/aCDuv1aVfphIVPFdEJO6xc+D5IkVL8JiGZo/ZDhHujoEV/4FURYTapYLfsyN
k37qNBnsBaVAjEgB6m+8g6CyHNPS6b1+Cmh2aVSP3v0c+EkXYirDJ0PxXHRHHuFj
HzOSjQzkOZPkYlXYv1m/6/AlBaTcpxreb9lNhtKBgqRQVKPGgc4Ozmss8P9gc7eL
RDMXPzEI0K4=
-----END CERTIFICATE-----
Generated at Wed Feb 19 21:57:36 2025 by rpki-client