Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/8d2e35-9fed-4fdf-9034-76ae812f076c/1/gGk5RFeW8T17tY5sjZfKjBrb0d4.roa
File: gGk5RFeW8T17tY5sjZfKjBrb0d4.roa (raw, json)
Hash identifier: KrYIfPJTo49h6roxxRMho3cQipvV/6rPpnYmpFTgL0g=
Subject key identifier: 80:69:39:44:57:96:F1:3D:7B:B5:8E:6C:8D:97:CA:8C:1A:DB:D1:DE
Certificate issuer: /CN=4a54821a91b1dbdc73bdda34bced7107067964ad
Certificate serial: 0185DA54ED4F5A6D250720D4B1A3DDDFB85D
Authority key identifier: 4A:54:82:1A:91:B1:DB:DC:73:BD:DA:34:BC:ED:71:07:06:79:64:AD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SlSCGpGx29xzvdo0vO1xBwZ5ZK0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5b/8d2e35-9fed-4fdf-9034-76ae812f076c/1/gGk5RFeW8T17tY5sjZfKjBrb0d4.roa
Signing time: Sun 22 Jan 2023 16:34:36 +0000
ROA not before: Sun 22 Jan 2023 16:34:36 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 43183
IP address blocks: 193.246.170.0/23 maxlen: 32
91.194.146.0/23 maxlen: 24
2001:67c:8ac::/48 maxlen: 128
2001:678:fbc::/48 maxlen: 128
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:da:54:ed:4f:5a:6d:25:07:20:d4:b1:a3:dd:df:b8:5d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4a54821a91b1dbdc73bdda34bced7107067964ad
Validity
Not Before: Jan 22 16:34:36 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=806939445796f13d7bb58e6c8d97ca8c1adbd1de
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ea:75:a7:e8:e4:d0:f3:8a:11:52:37:2f:c8:75:
29:8c:04:84:cb:53:d3:3e:88:d8:02:74:3b:d5:52:
16:26:41:68:ee:14:ea:ae:f0:cb:20:7e:d8:76:a0:
3c:0b:0c:27:db:83:bc:8f:0b:f4:4a:a7:7a:40:75:
4b:ea:97:61:da:87:cf:58:d9:6f:96:4d:c6:9e:02:
ef:a7:fb:26:c6:58:9b:1b:c1:93:0c:95:e9:10:47:
cc:0d:6f:c9:5c:b2:8d:22:5d:dd:c2:c8:c5:06:9a:
cb:71:f4:ad:8c:29:a6:6a:78:3e:3f:d6:a8:bc:91:
fa:78:5d:79:54:b6:cb:3e:cd:1d:01:4e:55:07:05:
e3:c4:f0:0d:b8:f2:df:bc:e8:ae:60:61:12:f0:2d:
36:bd:b8:26:d0:b1:a3:e0:19:51:02:3c:b1:f9:e3:
84:46:96:e0:db:ab:39:ad:86:94:46:06:74:ff:dc:
5f:1e:94:62:16:ca:7e:42:1c:05:57:da:98:a0:b6:
73:80:6f:39:81:a5:85:2a:2d:6e:56:25:4a:3c:12:
af:b6:8e:32:9b:41:ae:d6:9e:96:65:5c:18:70:7c:
67:c7:a0:26:14:b3:22:a1:a0:44:4f:a2:c8:32:cf:
bd:7f:9b:97:d5:91:ee:ab:cd:5f:85:86:7a:cc:b6:
b7:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
80:69:39:44:57:96:F1:3D:7B:B5:8E:6C:8D:97:CA:8C:1A:DB:D1:DE
X509v3 Authority Key Identifier:
keyid:4A:54:82:1A:91:B1:DB:DC:73:BD:DA:34:BC:ED:71:07:06:79:64:AD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SlSCGpGx29xzvdo0vO1xBwZ5ZK0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/8d2e35-9fed-4fdf-9034-76ae812f076c/1/gGk5RFeW8T17tY5sjZfKjBrb0d4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/8d2e35-9fed-4fdf-9034-76ae812f076c/1/SlSCGpGx29xzvdo0vO1xBwZ5ZK0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.194.146.0/23
193.246.170.0/23
IPv6:
2001:678:fbc::/48
2001:67c:8ac::/48
Signature Algorithm: sha256WithRSAEncryption
4b:85:3d:de:89:e9:99:70:ea:30:e0:20:1c:c7:43:b6:b0:1f:
ba:62:0e:52:4d:42:53:f1:d8:5e:b6:5a:0b:6e:2a:9e:ce:9c:
87:15:09:f2:73:51:7d:0d:fb:2a:3b:da:02:58:ed:73:76:e0:
90:30:af:ca:ea:b2:28:41:c1:03:7d:c5:0f:a0:e2:c3:5d:95:
87:ab:6e:be:65:dc:7f:14:5d:c4:44:87:7c:ad:c3:c8:68:90:
ce:dd:60:ee:cf:98:37:af:48:bd:26:b0:9d:71:b7:90:bc:f3:
a0:0a:76:1b:94:5d:b8:ef:04:0c:64:37:31:52:04:8a:8f:88:
c7:c2:6c:2f:41:c6:86:e3:48:40:35:79:da:d8:34:37:b3:ee:
3f:1d:97:01:6d:d4:c3:cf:89:c4:80:67:65:7f:d7:79:7f:2a:
e0:8f:b9:67:b2:f5:d7:02:14:aa:97:04:3b:aa:d1:e7:c7:cc:
11:76:38:30:33:6e:4a:a7:fb:ef:56:64:76:1d:14:03:83:d6:
e4:fd:b7:0e:11:6f:ee:6c:c0:74:4b:67:ea:cd:7b:f8:a4:cb:
b7:8b:24:e8:53:69:43:e2:f1:67:ff:45:91:ea:99:35:d3:ca:
9b:b7:ce:18:14:9e:8f:2f:dd:6c:20:02:90:a2:4d:09:1f:f8:
4a:fc:6b:40
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAYXaVO1PWm0lByDUsaPd37hdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRhNTQ4MjFhOTFiMWRiZGM3M2JkZGEzNGJjZWQ3MTA3MDY3
OTY0YWQwHhcNMjMwMTIyMTYzNDM2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MDY5Mzk0NDU3OTZmMTNkN2JiNThlNmM4ZDk3Y2E4YzFhZGJkMWRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6nWn6OTQ84oRUjcvyHUpjASEy1PT
PojYAnQ71VIWJkFo7hTqrvDLIH7YdqA8Cwwn24O8jwv0Sqd6QHVL6pdh2ofPWNlv
lk3GngLvp/smxlibG8GTDJXpEEfMDW/JXLKNIl3dwsjFBprLcfStjCmmang+P9ao
vJH6eF15VLbLPs0dAU5VBwXjxPANuPLfvOiuYGES8C02vbgm0LGj4BlRAjyx+eOE
Rpbg26s5rYaURgZ0/9xfHpRiFsp+QhwFV9qYoLZzgG85gaWFKi1uViVKPBKvto4y
m0Gu1p6WZVwYcHxnx6AmFLMioaBET6LIMs+9f5uX1ZHuq81fhYZ6zLa3kwIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFIBpOURXlvE9e7WObI2Xyowa29HeMB8GA1UdIwQY
MBaAFEpUghqRsdvcc73aNLztcQcGeWStMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU2xTQ0dwR3gyOXh6dmRvMHZPMXhCd1o1WkswLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi84ZDJlMzUtOWZlZC00ZmRmLTkwMzQt
NzZhZTgxMmYwNzZjLzEvZ0drNVJGZVc4VDE3dFk1c2paZktqQnJiMGQ0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi84ZDJlMzUtOWZlZC00ZmRmLTkwMzQtNzZhZTgxMmYwNzZj
LzEvU2xTQ0dwR3gyOXh6dmRvMHZPMXhCd1o1WkswLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjASBAIAATAMAwQBW8KSAwQB
wfaqMBgEAgACMBIDBwAgAQZ4D7wDBwAgAQZ8CKwwDQYJKoZIhvcNAQELBQADggEB
AEuFPd6J6Zlw6jDgIBzHQ7awH7piDlJNQlPx2F62WgtuKp7OnIcVCfJzUX0N+yo7
2gJY7XN24JAwr8rqsihBwQN9xQ+g4sNdlYerbr5l3H8UXcREh3ytw8hokM7dYO7P
mDevSL0msJ1xt5C886AKdhuUXbjvBAxkNzFSBIqPiMfCbC9BxobjSEA1edrYNDez
7j8dlwFt1MPPicSAZ2V/13l/KuCPuWey9dcCFKqXBDuq0efHzBF2ODAzbkqn++9W
ZHYdFAOD1uT9tw4Rb+5swHRLZ+rNe/iky7eLJOhTaUPi8Wf/RZHqmTXTypu3zhgU
no8v3WwgApCiTQkf+Er8a0A=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:22:06 2025 by rpki-client