Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/GFi-uyG3CtjilbgCuOALAxxh2fY.roa
File: GFi-uyG3CtjilbgCuOALAxxh2fY.roa (raw, json)
Hash identifier: gFhqfCfIivc85V/Ri+jZQBoI5V4HdgMfaxQCfhvsXZQ=
Subject key identifier: 18:58:BE:BB:21:B7:0A:D8:E2:95:B8:02:B8:E0:0B:03:1C:61:D9:F6
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 0185E2B8C3638CC58977B5B9A7C48403D3D4
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/GFi-uyG3CtjilbgCuOALAxxh2fY.roa
Signing time: Tue 24 Jan 2023 07:40:37 +0000
ROA not before: Tue 24 Jan 2023 07:40:37 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 56655
IP address blocks: 2a0e:15c0:1::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:e2:b8:c3:63:8c:c5:89:77:b5:b9:a7:c4:84:03:d3:d4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Jan 24 07:40:37 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1858bebb21b70ad8e295b802b8e00b031c61d9f6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:96:6d:a5:1a:16:33:36:e6:53:e2:7c:b9:68:
5e:5f:53:53:83:4c:2d:c7:ae:fb:4a:8c:e2:56:88:
38:83:98:81:d8:b9:9f:1d:ac:6b:3e:dd:f2:c2:13:
3c:28:7f:e7:a1:26:aa:08:f2:f8:cd:22:d6:ab:52:
10:b5:56:c7:40:7b:98:5f:be:1a:8e:f0:f9:75:6e:
f3:0b:1e:b1:2a:b9:a4:e1:5a:0f:e5:db:16:42:7c:
8c:c6:73:9a:6f:18:0a:30:f8:08:42:e6:d5:38:bf:
ca:b8:c4:65:25:f3:6c:ba:6e:e7:3a:ec:07:5e:b4:
8a:b3:d7:91:a2:95:3b:41:e6:cd:92:85:6b:5e:74:
21:14:3b:0d:91:ca:ec:9e:84:2a:de:43:c5:c6:ad:
6e:58:8c:76:22:da:09:65:0b:05:f6:79:88:86:79:
d4:1e:53:a3:1f:85:96:2d:a6:da:ad:74:80:6a:c3:
e9:de:41:90:1a:b6:f3:c9:ef:83:ec:ad:7f:be:41:
36:e0:9f:08:ea:52:c8:b4:90:54:44:23:8b:7b:23:
ca:cd:19:50:0f:55:4e:67:84:d2:7b:47:2f:06:8a:
a0:d2:89:a7:55:53:3b:1e:fb:96:3b:91:93:df:96:
20:7c:18:d4:27:d6:0f:bd:36:21:13:53:41:28:cd:
ac:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
18:58:BE:BB:21:B7:0A:D8:E2:95:B8:02:B8:E0:0B:03:1C:61:D9:F6
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/GFi-uyG3CtjilbgCuOALAxxh2fY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:15c0:1::/48
Signature Algorithm: sha256WithRSAEncryption
b4:6a:00:78:4c:03:7a:8f:ff:46:16:ef:bf:08:6c:74:ed:52:
9e:e1:07:d6:65:98:2a:f4:d0:99:ad:3f:08:f6:c9:14:fa:b1:
b8:2a:7f:b3:94:35:bd:9f:28:4b:41:ef:2f:bd:56:8d:7d:15:
d1:70:0e:6b:09:40:e0:ea:6a:0d:32:11:dc:33:fa:86:95:60:
8c:28:71:91:69:cf:1f:a3:c3:cd:1f:a2:f2:3b:4a:5b:7c:5d:
f6:de:7a:af:16:d9:d8:7d:0c:10:f8:d5:cf:8f:28:5b:db:f3:
a3:77:cc:39:25:35:3a:fe:4d:3c:06:94:b2:8f:28:25:9d:6a:
0e:b6:f0:1d:aa:9a:f5:1c:d6:06:69:73:b5:1e:31:8b:d0:12:
0e:bc:75:6c:f9:55:1c:21:86:79:94:5f:49:f9:a9:d0:91:e7:
6f:a9:cb:56:7a:7b:0b:7c:cd:f6:fb:82:3b:0a:89:b6:89:a5:
23:c6:54:00:f4:29:82:e7:8f:a6:e3:2a:1e:97:ff:aa:7d:e3:
fe:32:45:d9:50:fd:35:cc:e5:ad:7c:5d:c8:be:b0:52:bf:51:
15:01:7d:4d:a7:0c:35:16:c3:d3:c0:0b:51:22:ea:37:2b:d4:
77:1b:48:3b:f9:e0:3b:52:75:e8:cb:5b:69:4e:2f:72:5a:51:
76:fb:f6:3b
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYXiuMNjjMWJd7W5p8SEA9PUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjMwMTI0MDc0MDM3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxODU4YmViYjIxYjcwYWQ4ZTI5NWI4MDJiOGUwMGIwMzFjNjFkOWY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhZZtpRoWMzbmU+J8uWheX1NTg0wt
x677SoziVog4g5iB2LmfHaxrPt3ywhM8KH/noSaqCPL4zSLWq1IQtVbHQHuYX74a
jvD5dW7zCx6xKrmk4VoP5dsWQnyMxnOabxgKMPgIQubVOL/KuMRlJfNsum7nOuwH
XrSKs9eRopU7QebNkoVrXnQhFDsNkcrsnoQq3kPFxq1uWIx2ItoJZQsF9nmIhnnU
HlOjH4WWLabarXSAasPp3kGQGrbzye+D7K1/vkE24J8I6lLItJBURCOLeyPKzRlQ
D1VOZ4TSe0cvBoqg0omnVVM7HvuWO5GT35YgfBjUJ9YPvTYhE1NBKM2sKwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFBhYvrshtwrY4pW4ArjgCwMcYdn2MB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvR0ZpLXV5RzNDdGppbGJnQ3VPQUxBeHhoMmZZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg4VwAAB
MA0GCSqGSIb3DQEBCwUAA4IBAQC0agB4TAN6j/9GFu+/CGx07VKe4QfWZZgq9NCZ
rT8I9skU+rG4Kn+zlDW9nyhLQe8vvVaNfRXRcA5rCUDg6moNMhHcM/qGlWCMKHGR
ac8fo8PNH6LyO0pbfF323nqvFtnYfQwQ+NXPjyhb2/Ojd8w5JTU6/k08BpSyjygl
nWoOtvAdqpr1HNYGaXO1HjGL0BIOvHVs+VUcIYZ5lF9J+anQkedvqctWensLfM32
+4I7Com2iaUjxlQA9CmC54+m4yoel/+qfeP+MkXZUP01zOWtfF3IvrBSv1EVAX1N
pww1FsPTwAtRIuo3K9R3G0g7+eA7UnXoy1tpTi9yWlF2+/Y7
-----END CERTIFICATE-----
Generated at Mon May 12 16:08:25 2025 by rpki-client