Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e4/6266af-ffbb-4462-baa6-5739ed83c691/1/gUZNcQ-ix4_fncayUiP_7pdi1HM.roa
File: gUZNcQ-ix4_fncayUiP_7pdi1HM.roa (raw, json)
Hash identifier: cPH566rqPdk2w7EdDputiLfZMbQN4ZZE1+a7nWg/ELc=
Subject key identifier: 81:46:4D:71:0F:A2:C7:8F:DF:9D:C6:B2:52:23:FF:EE:97:62:D4:73
Certificate issuer: /CN=6fe561f84c5bab17d503bf93d3c3d325c2a2252e
Certificate serial: 0188D7EA1DD3F32AB19DE4F4C4732262E4B5
Authority key identifier: 6F:E5:61:F8:4C:5B:AB:17:D5:03:BF:93:D3:C3:D3:25:C2:A2:25:2E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/b-Vh-ExbqxfVA7-T08PTJcKiJS4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e4/6266af-ffbb-4462-baa6-5739ed83c691/1/gUZNcQ-ix4_fncayUiP_7pdi1HM.roa
Signing time: Tue 20 Jun 2023 08:27:04 +0000
ROA not before: Tue 20 Jun 2023 08:27:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 61028
IP address blocks: 185.133.112.0/22 maxlen: 24
188.209.160.0/19 maxlen: 24
109.226.128.0/18 maxlen: 24
2a0d:c80::/29 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:d7:ea:1d:d3:f3:2a:b1:9d:e4:f4:c4:73:22:62:e4:b5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6fe561f84c5bab17d503bf93d3c3d325c2a2252e
Validity
Not Before: Jun 20 08:27:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=81464d710fa2c78fdf9dc6b25223ffee9762d473
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:ec:fd:52:f2:52:91:d4:f4:01:0b:c4:57:c5:
ab:2d:3c:07:0e:fd:cd:f4:06:cd:f3:0a:a4:ce:14:
c7:2d:99:29:ab:82:e1:8a:bb:2f:8b:24:ad:05:96:
65:6a:8f:ef:e7:13:1f:ad:30:1e:64:5c:c9:02:98:
93:86:51:cb:e8:12:27:96:b8:02:35:30:ea:70:bd:
0f:09:48:9c:7a:d8:54:df:18:61:1f:b7:89:e6:2d:
d6:55:b4:39:a8:d9:03:49:00:43:e4:24:ed:3b:b9:
2e:9a:f7:ef:25:43:62:2e:fe:0b:3b:09:a6:af:ec:
02:c1:0e:96:b8:4c:87:17:8f:d2:ae:17:a2:92:7f:
80:a3:65:35:d9:5d:d5:f5:6e:45:c1:23:a0:13:05:
4e:ae:1a:9d:16:aa:d5:e9:76:e3:08:f7:d4:e2:37:
45:8d:2a:71:c0:33:b2:6a:11:63:22:3a:cb:09:45:
9c:8e:b3:55:ef:8d:3d:f5:13:d7:ac:b8:c2:75:0c:
c2:e1:6a:cc:81:ce:a5:98:46:7d:64:3a:60:ad:da:
25:5a:9e:fd:50:92:d4:62:0a:3b:1d:ee:84:1f:23:
d5:39:d9:d3:34:ca:1b:43:38:11:46:b2:3d:18:25:
a5:16:39:68:7d:66:cd:2a:59:19:11:22:60:21:1f:
67:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
81:46:4D:71:0F:A2:C7:8F:DF:9D:C6:B2:52:23:FF:EE:97:62:D4:73
X509v3 Authority Key Identifier:
keyid:6F:E5:61:F8:4C:5B:AB:17:D5:03:BF:93:D3:C3:D3:25:C2:A2:25:2E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b-Vh-ExbqxfVA7-T08PTJcKiJS4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/6266af-ffbb-4462-baa6-5739ed83c691/1/gUZNcQ-ix4_fncayUiP_7pdi1HM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/6266af-ffbb-4462-baa6-5739ed83c691/1/b-Vh-ExbqxfVA7-T08PTJcKiJS4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.226.128.0/18
185.133.112.0/22
188.209.160.0/19
IPv6:
2a0d:c80::/29
Signature Algorithm: sha256WithRSAEncryption
8a:35:3b:c8:44:11:1c:fb:e8:79:44:b5:c5:15:a7:7a:03:74:
42:ee:0f:20:65:cd:ff:bd:a2:cb:f1:eb:ba:10:83:1d:73:a4:
66:35:6e:83:2b:3a:d0:7e:f1:6e:cf:b5:7e:e2:97:0c:4b:4b:
59:c3:1f:b9:35:81:89:ae:a9:33:25:38:81:e9:e6:5f:a0:a6:
55:85:0e:cc:5f:dc:ed:e7:0f:ab:71:a9:66:2d:17:13:17:86:
54:d5:f5:7a:c9:bb:ba:21:d5:32:fb:af:79:99:df:ba:c0:df:
93:54:ca:b8:b1:68:28:d4:21:17:0e:e3:6e:e8:80:09:74:e2:
a5:1a:87:d8:fb:58:09:7b:c0:d8:9f:70:bf:29:03:fe:a2:bd:
7b:5d:8f:31:c3:0d:70:16:a6:4d:ae:ab:ba:11:26:7a:41:9d:
e3:39:84:4e:b8:a1:c9:88:66:d5:3c:b3:12:69:ac:4b:e8:de:
12:e0:78:06:f8:be:2b:21:21:84:03:cd:bf:82:c6:03:66:73:
f3:29:17:3b:bb:87:31:32:25:1a:31:e1:9c:1c:e7:80:3c:14:
1b:ac:2b:5f:39:38:0e:cb:33:22:ff:74:02:83:bc:dc:f1:91:
cc:e5:d4:b4:e5:cc:1e:6f:1d:f1:bf:30:bf:b5:32:30:17:4d:
5d:21:58:88
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYjX6h3T8yqxneT0xHMiYuS1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmZTU2MWY4NGM1YmFiMTdkNTAzYmY5M2QzYzNkMzI1YzJh
MjI1MmUwHhcNMjMwNjIwMDgyNzA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MTQ2NGQ3MTBmYTJjNzhmZGY5ZGM2YjI1MjIzZmZlZTk3NjJkNDczMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArOz9UvJSkdT0AQvEV8WrLTwHDv3N
9AbN8wqkzhTHLZkpq4LhirsviyStBZZlao/v5xMfrTAeZFzJApiThlHL6BInlrgC
NTDqcL0PCUicethU3xhhH7eJ5i3WVbQ5qNkDSQBD5CTtO7kumvfvJUNiLv4LOwmm
r+wCwQ6WuEyHF4/Srheikn+Ao2U12V3V9W5FwSOgEwVOrhqdFqrV6XbjCPfU4jdF
jSpxwDOyahFjIjrLCUWcjrNV74099RPXrLjCdQzC4WrMgc6lmEZ9ZDpgrdolWp79
UJLUYgo7He6EHyPVOdnTNMobQzgRRrI9GCWlFjlofWbNKlkZESJgIR9nNQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFIFGTXEPoseP353GslIj/+6XYtRzMB8GA1UdIwQY
MBaAFG/lYfhMW6sX1QO/k9PD0yXCoiUuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYi1WaC1FeGJxeGZWQTctVDA4UFRKY0tpSlM0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNC82MjY2YWYtZmZiYi00NDYyLWJhYTYt
NTczOWVkODNjNjkxLzEvZ1VaTmNRLWl4NF9mbmNheVVpUF83cGRpMUhNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNC82MjY2YWYtZmZiYi00NDYyLWJhYTYtNTczOWVkODNjNjkx
LzEvYi1WaC1FeGJxeGZWQTctVDA4UFRKY0tpSlM0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQGbeKAAwQC
uYVwAwQFvNGgMA0EAgACMAcDBQMqDQyAMA0GCSqGSIb3DQEBCwUAA4IBAQCKNTvI
RBEc++h5RLXFFad6A3RC7g8gZc3/vaLL8eu6EIMdc6RmNW6DKzrQfvFuz7V+4pcM
S0tZwx+5NYGJrqkzJTiB6eZfoKZVhQ7MX9zt5w+rcalmLRcTF4ZU1fV6ybu6IdUy
+695md+6wN+TVMq4sWgo1CEXDuNu6IAJdOKlGofY+1gJe8DYn3C/KQP+or17XY8x
ww1wFqZNrqu6ESZ6QZ3jOYROuKHJiGbVPLMSaaxL6N4S4HgG+L4rISGEA82/gsYD
ZnPzKRc7u4cxMiUaMeGcHOeAPBQbrCtfOTgOyzMi/3QCg7zc8ZHM5dS05cwebx3x
vzC/tTIwF01dIViI
-----END CERTIFICATE-----
Generated at Wed Apr 23 02:38:56 2025 by rpki-client