Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/b41ab6-b9f3-4b4a-9b7b-1ed10954bd96/1/GECY87HYTf9BWo_4wKn-wb53xbc.roa
File: GECY87HYTf9BWo_4wKn-wb53xbc.roa (raw, json)
Hash identifier: 1RVSbGB+3gA4eKDjcRp6pWXO1qjOq2sB1hnFVj/0f5E=
Subject key identifier: 18:40:98:F3:B1:D8:4D:FF:41:5A:8F:F8:C0:A9:FE:C1:BE:77:C5:B7
Certificate issuer: /CN=5753c06290a371994d7577318685f5bc4a538d47
Certificate serial: 02CF7119
Authority key identifier: 57:53:C0:62:90:A3:71:99:4D:75:77:31:86:85:F5:BC:4A:53:8D:47
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/V1PAYpCjcZlNdXcxhoX1vEpTjUc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e7/b41ab6-b9f3-4b4a-9b7b-1ed10954bd96/1/GECY87HYTf9BWo_4wKn-wb53xbc.roa
Signing time: Sat 01 Jan 2022 13:02:35 +0000
ROA not before: Sat 01 Jan 2022 13:02:35 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 202766
IP address blocks: 158.172.142.0/24 maxlen: 24
158.172.140.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 47149337 (0x2cf7119)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5753c06290a371994d7577318685f5bc4a538d47
Validity
Not Before: Jan 1 13:02:35 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=184098f3b1d84dff415a8ff8c0a9fec1be77c5b7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:6c:8b:35:5b:77:50:cd:4f:57:47:f1:4e:59:
eb:16:e7:0d:64:d5:be:8e:70:41:8e:c1:29:b9:8c:
58:50:bf:45:99:92:26:12:dc:18:21:3d:03:25:95:
ab:22:5c:f3:e1:ca:1f:5c:c0:93:f8:16:9f:26:32:
5b:c7:8d:a7:bd:45:7a:29:22:6a:87:77:ce:8b:9b:
46:13:58:1a:b0:87:63:cd:05:2e:c9:06:14:71:20:
79:b2:96:5c:51:ef:9f:f4:a6:0d:7c:07:5b:16:d2:
18:7b:9a:be:00:4d:f2:f8:5d:6e:0d:d5:46:70:61:
7c:b1:53:11:a8:03:9c:ff:dc:56:84:9b:43:80:37:
a7:94:4c:83:19:d6:c8:e1:78:22:17:e3:17:aa:72:
79:ad:36:c9:70:c0:3e:c3:8f:d2:5a:8e:7b:2e:cb:
cf:01:d0:f9:dc:b3:e1:c1:ba:9b:05:2a:07:5f:f6:
ab:58:ee:a2:c6:f7:da:5b:49:a9:ce:71:db:6a:81:
00:cc:ab:ae:c0:d7:e8:33:c7:29:16:50:7c:d1:70:
38:85:96:e4:99:24:20:d0:f0:87:ce:f0:71:ec:68:
72:e5:c2:46:a2:c2:4f:12:34:e8:99:1a:eb:38:3b:
8d:38:5f:8a:df:3f:87:03:ef:dd:84:d6:18:c0:bd:
95:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
18:40:98:F3:B1:D8:4D:FF:41:5A:8F:F8:C0:A9:FE:C1:BE:77:C5:B7
X509v3 Authority Key Identifier:
keyid:57:53:C0:62:90:A3:71:99:4D:75:77:31:86:85:F5:BC:4A:53:8D:47
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/V1PAYpCjcZlNdXcxhoX1vEpTjUc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/b41ab6-b9f3-4b4a-9b7b-1ed10954bd96/1/GECY87HYTf9BWo_4wKn-wb53xbc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/b41ab6-b9f3-4b4a-9b7b-1ed10954bd96/1/V1PAYpCjcZlNdXcxhoX1vEpTjUc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
158.172.140.0-158.172.142.255
Signature Algorithm: sha256WithRSAEncryption
79:3e:a0:10:8e:d5:ba:b4:3a:69:3c:f9:02:67:0e:10:65:9e:
f2:15:fd:17:d1:5a:5d:94:44:79:fc:d7:8f:52:6a:62:e4:dc:
99:8b:3e:00:c5:e3:6f:2c:1a:50:5f:ce:5b:92:11:d5:60:fe:
ce:35:23:4a:b0:3b:8d:d1:e3:94:df:82:f8:6e:01:9e:88:98:
2a:00:9d:6a:21:22:a8:3d:7f:37:3c:74:41:39:70:32:f3:41:
20:70:10:55:b1:5a:60:18:7d:94:b6:8c:93:d6:c2:41:2e:3e:
b7:7f:d4:08:ae:f7:49:8b:fb:f6:77:a5:ac:6c:30:9a:58:9d:
b7:c4:3f:37:b8:7b:af:79:88:0f:3f:bf:fb:c5:20:8a:8e:81:
8e:a1:20:f0:77:f1:a5:93:36:a7:21:e9:26:4f:ff:b7:e5:93:
38:73:3e:4e:3a:a9:7b:bf:17:a8:70:2b:88:87:81:ca:8f:7b:
70:ec:74:d8:9a:55:5b:4a:10:eb:86:d5:15:f4:47:9e:8e:84:
3a:e9:bd:61:32:b6:94:e1:db:20:0a:00:30:e8:e0:81:e8:45:
ed:23:32:57:fa:2a:4b:3e:57:15:64:91:14:7c:56:87:a9:60:
6c:b5:02:e2:b7:68:5d:5e:cb:aa:a8:24:b8:5c:7e:25:ea:79:
c7:09:cc:95
-----BEGIN CERTIFICATE-----
MIIE9zCCA9+gAwIBAgIEAs9xGTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg1
NzUzYzA2MjkwYTM3MTk5NGQ3NTc3MzE4Njg1ZjViYzRhNTM4ZDQ3MB4XDTIyMDEw
MTEzMDIzNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMTg0MDk4ZjNiMWQ4
NGRmZjQxNWE4ZmY4YzBhOWZlYzFiZTc3YzViNzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANNsizVbd1DNT1dH8U5Z6xbnDWTVvo5wQY7BKbmMWFC/RZmS
JhLcGCE9AyWVqyJc8+HKH1zAk/gWnyYyW8eNp71Feikiaod3zoubRhNYGrCHY80F
LskGFHEgebKWXFHvn/SmDXwHWxbSGHuavgBN8vhdbg3VRnBhfLFTEagDnP/cVoSb
Q4A3p5RMgxnWyOF4IhfjF6pyea02yXDAPsOP0lqOey7LzwHQ+dyz4cG6mwUqB1/2
q1juosb32ltJqc5x22qBAMyrrsDX6DPHKRZQfNFwOIWW5JkkINDwh87wcexocuXC
RqLCTxI06Jka6zg7jThfit8/hwPv3YTWGMC9lVkCAwEAAaOCAhEwggINMB0GA1Ud
DgQWBBQYQJjzsdhN/0Faj/jAqf7BvnfFtzAfBgNVHSMEGDAWgBRXU8BikKNxmU11
dzGGhfW8SlONRzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1YxUEFZcENqY1psTmRYY3hob1gxdkVwVGpVYy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZTcvYjQxYWI2LWI5ZjMtNGI0YS05YjdiLTFlZDEwOTU0YmQ5Ni8x
L0dFQ1k4N0hZVGY5QldvXzR3S24td2I1M3hiYy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZTcv
YjQxYWI2LWI5ZjMtNGI0YS05YjdiLTFlZDEwOTU0YmQ5Ni8xL1YxUEFZcENqY1ps
TmRYY3hob1gxdkVwVGpVYy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAn
BggrBgEFBQcBBwEB/wQYMBYwFAQCAAEwDjAMAwQCnqyMAwQAnqyOMA0GCSqGSIb3
DQEBCwUAA4IBAQB5PqAQjtW6tDppPPkCZw4QZZ7yFf0X0VpdlER5/NePUmpi5NyZ
iz4AxeNvLBpQX85bkhHVYP7ONSNKsDuN0eOU34L4bgGeiJgqAJ1qISKoPX83PHRB
OXAy80EgcBBVsVpgGH2UtoyT1sJBLj63f9QIrvdJi/v2d6WsbDCaWJ23xD83uHuv
eYgPP7/7xSCKjoGOoSDwd/GlkzanIekmT/+35ZM4cz5OOql7vxeocCuIh4HKj3tw
7HTYmlVbShDrhtUV9EeejoQ66b1hMraU4dsgCgAw6OCB6EXtIzJX+ipLPlcVZJEU
fFaHqWBstQLit2hdXsuqqCS4XH4l6nnHCcyV
-----END CERTIFICATE-----
Generated at Sun Apr 27 17:44:42 2025 by rpki-client