Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/22/3b157d-8196-4e40-ab36-15141c66854d/1/gwIro7w73rbKZwVB4DmsvrhMNaU.roa
File: gwIro7w73rbKZwVB4DmsvrhMNaU.roa (raw, json)
Hash identifier: 8LPzW9bkijAnRBTMje1ihRs1ns4oAyxqBFtGGoY4qSI=
Subject key identifier: 83:02:2B:A3:BC:3B:DE:B6:CA:67:05:41:E0:39:AC:BE:B8:4C:35:A5
Certificate issuer: /CN=8ebb0eb19e7777d7038000f6c12d39ded1204242
Certificate serial: 01856D6635F0BE49B140B667FA737330164E
Authority key identifier: 8E:BB:0E:B1:9E:77:77:D7:03:80:00:F6:C1:2D:39:DE:D1:20:42:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jrsOsZ53d9cDgAD2wS053tEgQkI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/22/3b157d-8196-4e40-ab36-15141c66854d/1/gwIro7w73rbKZwVB4DmsvrhMNaU.roa
Signing time: Sun 01 Jan 2023 12:54:53 +0000
ROA not before: Sun 01 Jan 2023 12:54:53 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 43099
IP address blocks: 91.194.66.0/23 maxlen: 24
2001:67c:a2c::/48 maxlen: 56
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:66:35:f0:be:49:b1:40:b6:67:fa:73:73:30:16:4e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8ebb0eb19e7777d7038000f6c12d39ded1204242
Validity
Not Before: Jan 1 12:54:53 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=83022ba3bc3bdeb6ca670541e039acbeb84c35a5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:ec:f6:ab:75:65:f3:bb:1d:88:51:0c:bc:46:
4f:e0:99:e2:af:78:93:78:08:e0:b9:c0:9d:1c:cf:
89:3f:fd:43:64:a9:a8:37:f7:7a:41:e6:95:da:3f:
83:67:53:20:42:6e:39:ce:ff:6e:f4:19:2b:bc:72:
3b:e4:fe:5b:77:62:79:60:8a:d4:7d:ea:f7:3a:51:
4c:2b:02:20:43:93:1b:a8:95:69:93:c0:46:dc:90:
48:c0:bb:42:54:1f:26:c7:cb:08:19:46:43:cd:9e:
38:91:63:0b:fe:12:9f:72:26:7c:56:15:7a:c0:d2:
2b:1b:66:0e:3b:bd:e0:74:85:bd:13:95:76:69:9c:
4f:5e:07:37:c2:88:10:7f:0e:cc:eb:7e:00:47:14:
74:63:8b:0a:da:ca:ce:18:ce:72:8e:4a:10:30:8f:
89:3b:7c:c6:8c:60:5c:bb:7b:b7:dd:ef:8a:fd:30:
b0:79:63:ef:c8:06:e3:13:ff:d1:b4:ec:eb:b9:d1:
a9:cf:ec:4f:46:bf:3c:07:8e:2d:ef:c4:0d:b4:44:
1a:6f:5c:49:be:a4:a5:27:88:f8:d3:74:70:15:91:
9c:e9:3c:1d:fe:6a:0b:05:10:62:d0:a8:13:d2:47:
ff:27:04:74:0c:19:0f:4c:b4:d0:8d:c8:b3:b8:b1:
06:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
83:02:2B:A3:BC:3B:DE:B6:CA:67:05:41:E0:39:AC:BE:B8:4C:35:A5
X509v3 Authority Key Identifier:
keyid:8E:BB:0E:B1:9E:77:77:D7:03:80:00:F6:C1:2D:39:DE:D1:20:42:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jrsOsZ53d9cDgAD2wS053tEgQkI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/22/3b157d-8196-4e40-ab36-15141c66854d/1/gwIro7w73rbKZwVB4DmsvrhMNaU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/22/3b157d-8196-4e40-ab36-15141c66854d/1/jrsOsZ53d9cDgAD2wS053tEgQkI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.194.66.0/23
IPv6:
2001:67c:a2c::/48
Signature Algorithm: sha256WithRSAEncryption
a6:02:1e:f0:de:84:79:cf:c6:e2:41:8f:32:22:5e:28:07:d6:
16:f5:45:ca:22:33:9b:30:0f:3c:20:27:3e:da:a7:74:05:cf:
80:31:34:1a:11:01:57:27:67:49:4b:ec:2a:9d:cd:50:74:55:
fc:91:57:89:af:eb:5a:18:e8:fd:f9:25:cf:cb:79:57:0b:cb:
04:67:4d:55:7b:0e:4a:6b:57:ce:1b:71:6d:d3:76:4b:84:4a:
17:3c:ee:ae:c2:30:8c:07:48:20:44:a4:41:4f:55:00:d6:21:
bf:d3:1a:b2:5a:1f:e0:88:c5:01:1f:6f:3d:ea:ab:4c:58:3a:
06:be:7d:a2:29:51:a1:b8:cf:c9:42:5a:a4:c3:2d:e2:38:56:
80:85:11:45:d2:e8:40:22:43:49:06:15:a1:2b:9c:33:3e:1d:
45:a4:e1:96:c9:17:94:97:97:9f:9b:09:f7:bc:24:93:17:13:
e3:09:20:ed:8f:3c:06:0e:b0:63:99:c1:9a:15:ad:cb:f3:0f:
3d:c9:c0:13:c9:f6:05:b2:8c:8d:c5:e2:4a:b6:25:60:3a:5a:
be:7a:83:65:ef:8a:8f:81:19:8c:3a:24:68:e5:e0:7e:70:f7:
e9:12:a7:81:6c:61:6b:d1:58:2a:27:56:98:8b:45:0d:52:e3:
31:3c:27:bf
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYVtZjXwvkmxQLZn+nNzMBZOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhlYmIwZWIxOWU3Nzc3ZDcwMzgwMDBmNmMxMmQzOWRlZDEy
MDQyNDIwHhcNMjMwMTAxMTI1NDUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MzAyMmJhM2JjM2JkZWI2Y2E2NzA1NDFlMDM5YWNiZWI4NGMzNWE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAouz2q3Vl87sdiFEMvEZP4Jnir3iT
eAjgucCdHM+JP/1DZKmoN/d6QeaV2j+DZ1MgQm45zv9u9BkrvHI75P5bd2J5YIrU
fer3OlFMKwIgQ5MbqJVpk8BG3JBIwLtCVB8mx8sIGUZDzZ44kWML/hKfciZ8VhV6
wNIrG2YOO73gdIW9E5V2aZxPXgc3wogQfw7M634ARxR0Y4sK2srOGM5yjkoQMI+J
O3zGjGBcu3u33e+K/TCweWPvyAbjE//RtOzrudGpz+xPRr88B44t78QNtEQab1xJ
vqSlJ4j403RwFZGc6Twd/moLBRBi0KgT0kf/JwR0DBkPTLTQjcizuLEG4wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFIMCK6O8O962ymcFQeA5rL64TDWlMB8GA1UdIwQY
MBaAFI67DrGed3fXA4AA9sEtOd7RIEJCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvanJzT3NaNTNkOWNEZ0FEMndTMDUzdEVnUWtJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMi8zYjE1N2QtODE5Ni00ZTQwLWFiMzYt
MTUxNDFjNjY4NTRkLzEvZ3dJcm83dzczcmJLWndWQjREbXN2cmhNTmFVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMi8zYjE1N2QtODE5Ni00ZTQwLWFiMzYtMTUxNDFjNjY4NTRk
LzEvanJzT3NaNTNkOWNEZ0FEMndTMDUzdEVnUWtJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQBW8JCMA8E
AgACMAkDBwAgAQZ8CiwwDQYJKoZIhvcNAQELBQADggEBAKYCHvDehHnPxuJBjzIi
XigH1hb1RcoiM5swDzwgJz7ap3QFz4AxNBoRAVcnZ0lL7CqdzVB0VfyRV4mv61oY
6P35Jc/LeVcLywRnTVV7DkprV84bcW3TdkuEShc87q7CMIwHSCBEpEFPVQDWIb/T
GrJaH+CIxQEfbz3qq0xYOga+faIpUaG4z8lCWqTDLeI4VoCFEUXS6EAiQ0kGFaEr
nDM+HUWk4ZbJF5SXl5+bCfe8JJMXE+MJIO2PPAYOsGOZwZoVrcvzDz3JwBPJ9gWy
jI3F4kq2JWA6Wr56g2Xvio+BGYw6JGjl4H5w9+kSp4FsYWvRWConVpiLRQ1S4zE8
J78=
-----END CERTIFICATE-----
Generated at Thu Apr 17 02:40:49 2025 by rpki-client