Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7c/2716ec-5657-4f56-8f43-e23103a88052/1/GCUlg_6Bimy9cbV-CEufqHi39S0.roa
File: GCUlg_6Bimy9cbV-CEufqHi39S0.roa (raw, json)
Hash identifier: uNNOQ3GHfeKl0O2ceJ59bqVcPhoDmMlx7KslN7Fy1ls=
Subject key identifier: 18:25:25:83:FE:81:8A:6C:BD:71:B5:7E:08:4B:9F:A8:78:B7:F5:2D
Certificate issuer: /CN=b872da0f9c6c5686a3db9ee124a99042b0a882d1
Certificate serial: 0DB97D65
Authority key identifier: B8:72:DA:0F:9C:6C:56:86:A3:DB:9E:E1:24:A9:90:42:B0:A8:82:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uHLaD5xsVoaj257hJKmQQrCogtE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7c/2716ec-5657-4f56-8f43-e23103a88052/1/GCUlg_6Bimy9cbV-CEufqHi39S0.roa
Signing time: Sat 01 Jan 2022 15:04:07 +0000
ROA not before: Sat 01 Jan 2022 15:04:07 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 41960
IP address blocks: 213.156.16.0/20 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 230260069 (0xdb97d65)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b872da0f9c6c5686a3db9ee124a99042b0a882d1
Validity
Not Before: Jan 1 15:04:07 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=18252583fe818a6cbd71b57e084b9fa878b7f52d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:e0:82:39:48:2c:e1:67:0f:e5:30:39:aa:b8:
96:91:01:94:cf:8a:bd:f3:7e:61:18:50:e9:8d:92:
93:a7:6d:5d:5d:3f:a2:ba:c5:9e:71:78:3f:56:a7:
5b:d5:67:56:3f:7d:da:ca:42:55:f6:fc:82:5e:65:
bc:b8:7a:34:c6:6b:9a:d7:75:33:09:20:b1:c9:b5:
5b:f0:dd:9e:5e:2f:6b:39:9e:bd:94:6e:c8:1d:a8:
b2:57:c1:1d:b1:92:03:92:4b:75:c0:25:9d:bd:94:
87:03:c5:fd:ff:e7:1a:81:ab:8f:b6:62:10:43:30:
5d:c8:01:f8:9e:c7:bf:fe:eb:be:88:99:56:3c:e0:
39:2c:84:df:46:7c:71:d3:b8:72:c2:ef:93:28:17:
e5:60:84:1f:fa:e6:ff:9f:2f:75:ce:ad:8d:70:7d:
ef:ac:ef:bb:3a:a1:d5:eb:c9:5c:e9:ab:23:a0:76:
8e:4f:7a:91:6d:b3:1b:a0:82:17:3d:8b:3a:c1:9d:
e3:8d:a2:d8:0b:8c:7f:60:89:95:92:58:37:aa:d3:
dc:1b:14:9d:db:17:29:62:c5:2d:0d:3e:30:d4:08:
c3:1b:21:0b:97:8f:f7:6d:b3:b3:f5:3b:6e:03:7c:
25:5d:3c:d3:8c:e7:55:56:c7:08:7f:9d:e6:2c:1e:
b2:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
18:25:25:83:FE:81:8A:6C:BD:71:B5:7E:08:4B:9F:A8:78:B7:F5:2D
X509v3 Authority Key Identifier:
keyid:B8:72:DA:0F:9C:6C:56:86:A3:DB:9E:E1:24:A9:90:42:B0:A8:82:D1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uHLaD5xsVoaj257hJKmQQrCogtE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7c/2716ec-5657-4f56-8f43-e23103a88052/1/GCUlg_6Bimy9cbV-CEufqHi39S0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7c/2716ec-5657-4f56-8f43-e23103a88052/1/uHLaD5xsVoaj257hJKmQQrCogtE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.156.16.0/20
Signature Algorithm: sha256WithRSAEncryption
43:11:ee:54:5a:67:54:9d:8e:84:f5:65:14:75:a2:ea:49:7c:
bf:56:8a:0e:07:6f:f3:86:a3:31:f2:b0:c6:69:49:3f:31:48:
e0:da:dd:f3:46:fe:47:8b:d4:f3:2d:81:81:e6:dc:1a:ca:ef:
2c:ef:aa:16:ff:28:8b:90:42:02:fc:33:7f:59:9a:57:2d:27:
9c:aa:63:d2:22:42:d1:f4:82:b3:76:83:56:3e:cf:26:05:72:
e0:51:58:e8:20:7b:bf:9e:3f:9b:b0:11:58:ae:ed:83:d7:e8:
a5:36:d3:cd:18:a0:42:bc:99:ec:f4:1f:07:f4:1f:ba:df:c6:
43:22:a9:21:43:41:7f:6b:3a:ac:2e:b8:fe:76:0a:9c:a2:e4:
22:fe:0e:47:e4:c9:7c:8a:e7:c7:b2:8a:f6:74:1c:25:cd:e8:
a6:02:65:19:12:c7:1c:d1:f9:fb:77:23:1a:34:76:ff:c9:4c:
c4:f4:ab:77:fd:da:bf:05:24:43:6c:2a:ac:c6:a6:f4:c9:36:
85:8a:9d:d3:0b:34:cc:13:30:c3:83:cc:0a:29:a3:2d:8d:74:
6c:40:d1:ec:67:62:e4:9e:2a:c4:db:86:03:bb:ef:56:a4:18:
6b:a9:9d:da:1e:fe:af:91:ef:e1:82:f7:28:38:a4:05:69:49:
04:16:97:14
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEDbl9ZTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
ODcyZGEwZjljNmM1Njg2YTNkYjllZTEyNGE5OTA0MmIwYTg4MmQxMB4XDTIyMDEw
MTE1MDQwN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMTgyNTI1ODNmZTgx
OGE2Y2JkNzFiNTdlMDg0YjlmYTg3OGI3ZjUyZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALbggjlILOFnD+UwOaq4lpEBlM+KvfN+YRhQ6Y2Sk6dtXV0/
orrFnnF4P1anW9VnVj992spCVfb8gl5lvLh6NMZrmtd1Mwkgscm1W/Ddnl4vazme
vZRuyB2oslfBHbGSA5JLdcAlnb2UhwPF/f/nGoGrj7ZiEEMwXcgB+J7Hv/7rvoiZ
VjzgOSyE30Z8cdO4csLvkygX5WCEH/rm/58vdc6tjXB976zvuzqh1evJXOmrI6B2
jk96kW2zG6CCFz2LOsGd442i2AuMf2CJlZJYN6rT3BsUndsXKWLFLQ0+MNQIwxsh
C5eP922zs/U7bgN8JV0804znVVbHCH+d5iwesnMCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQYJSWD/oGKbL1xtX4IS5+oeLf1LTAfBgNVHSMEGDAWgBS4ctoPnGxWhqPb
nuEkqZBCsKiC0TAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3VITGFENXhzVm9hajI1N2hKS21RUXJDb2d0RS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvN2MvMjcxNmVjLTU2NTctNGY1Ni04ZjQzLWUyMzEwM2E4ODA1Mi8x
L0dDVWxnXzZCaW15OWNiVi1DRXVmcUhpMzlTMC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvN2Mv
MjcxNmVjLTU2NTctNGY1Ni04ZjQzLWUyMzEwM2E4ODA1Mi8xL3VITGFENXhzVm9h
ajI1N2hKS21RUXJDb2d0RS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBNWcEDANBgkqhkiG9w0BAQsFAAOC
AQEAQxHuVFpnVJ2OhPVlFHWi6kl8v1aKDgdv84ajMfKwxmlJPzFI4Nrd80b+R4vU
8y2BgebcGsrvLO+qFv8oi5BCAvwzf1maVy0nnKpj0iJC0fSCs3aDVj7PJgVy4FFY
6CB7v54/m7ARWK7tg9fopTbTzRigQryZ7PQfB/Qfut/GQyKpIUNBf2s6rC64/nYK
nKLkIv4OR+TJfIrnx7KK9nQcJc3opgJlGRLHHNH5+3cjGjR2/8lMxPSrd/3avwUk
Q2wqrMam9Mk2hYqd0ws0zBMww4PMCimjLY10bEDR7Gdi5J4qxNuGA7vvVqQYa6md
2h7+r5Hv4YL3KDikBWlJBBaXFA==
-----END CERTIFICATE-----
Generated at Fri May 2 09:33:42 2025 by rpki-client