Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/27/d3856f-029c-446a-ae7d-d7c5da7c1676/1/gtLtFv-FX2F3f-UOZGP7UXyzPck.roa
File: gtLtFv-FX2F3f-UOZGP7UXyzPck.roa (raw, json)
Hash identifier: kAFv0DS6V8SJ1o/ujtoluK9JP0BjRUCUGLA1kX/Libg=
Subject key identifier: 82:D2:ED:16:FF:85:5F:61:77:7F:E5:0E:64:63:FB:51:7C:B3:3D:C9
Certificate issuer: /CN=1c39d57936dd2d1521443e68dadd9d0949cde33f
Certificate serial: 3F1F55BC
Authority key identifier: 1C:39:D5:79:36:DD:2D:15:21:44:3E:68:DA:DD:9D:09:49:CD:E3:3F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HDnVeTbdLRUhRD5o2t2dCUnN4z8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/27/d3856f-029c-446a-ae7d-d7c5da7c1676/1/gtLtFv-FX2F3f-UOZGP7UXyzPck.roa
Signing time: Sat 01 Jan 2022 09:06:31 +0000
ROA not before: Sat 01 Jan 2022 09:06:31 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 55002
IP address blocks: 94.125.72.0/21 maxlen: 24
130.255.104.0/21 maxlen: 24
109.70.192.0/21 maxlen: 24
185.35.208.0/22 maxlen: 24
88.133.240.0/21 maxlen: 24
109.235.224.0/21 maxlen: 24
5.199.176.0/21 maxlen: 24
212.237.168.0/21 maxlen: 24
2a02:778::/32 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1059018172 (0x3f1f55bc)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1c39d57936dd2d1521443e68dadd9d0949cde33f
Validity
Not Before: Jan 1 09:06:31 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=82d2ed16ff855f61777fe50e6463fb517cb33dc9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:0c:ca:f4:3b:25:b3:24:07:93:e8:cb:69:31:
56:1d:f0:57:07:56:c6:86:e1:ab:34:d5:03:96:42:
23:24:5b:a5:2e:88:69:dc:ac:ba:82:a9:b7:65:f6:
2c:15:c0:c7:28:bd:68:07:4b:aa:c5:5f:74:39:a3:
63:42:83:7a:ed:0e:1e:02:af:42:d8:0c:7e:20:12:
a0:3d:74:af:5f:07:ea:b4:92:48:c3:c9:1a:bc:36:
0a:9d:1a:78:c4:a3:42:6f:3f:1b:2e:12:a0:ca:72:
3b:a2:c0:92:4b:91:65:cd:44:65:cc:be:97:1c:35:
92:cc:60:1c:d5:71:36:85:52:ed:dc:5d:2c:4a:31:
47:7d:a5:80:16:54:b7:c0:da:be:3c:3c:b2:76:ec:
d1:fc:6c:1d:9f:91:fb:51:87:75:ca:73:ed:0a:1d:
88:4b:a4:6c:77:6c:38:15:36:c5:1e:97:1d:75:89:
c1:ca:e7:fc:4c:e5:74:dd:3b:59:f4:0e:33:46:68:
2c:ea:c2:8a:88:7c:37:c1:0d:f5:73:84:ca:79:08:
41:1a:c6:6f:0f:c5:58:a9:b3:63:91:da:c1:82:0b:
2d:93:88:ff:0c:92:dd:48:ce:5e:ba:bd:6d:2f:13:
0d:74:77:82:aa:b8:07:6a:70:e8:e2:24:51:44:a2:
78:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
82:D2:ED:16:FF:85:5F:61:77:7F:E5:0E:64:63:FB:51:7C:B3:3D:C9
X509v3 Authority Key Identifier:
keyid:1C:39:D5:79:36:DD:2D:15:21:44:3E:68:DA:DD:9D:09:49:CD:E3:3F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HDnVeTbdLRUhRD5o2t2dCUnN4z8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/27/d3856f-029c-446a-ae7d-d7c5da7c1676/1/gtLtFv-FX2F3f-UOZGP7UXyzPck.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/27/d3856f-029c-446a-ae7d-d7c5da7c1676/1/HDnVeTbdLRUhRD5o2t2dCUnN4z8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.199.176.0/21
88.133.240.0/21
94.125.72.0/21
109.70.192.0/21
109.235.224.0/21
130.255.104.0/21
185.35.208.0/22
212.237.168.0/21
IPv6:
2a02:778::/32
Signature Algorithm: sha256WithRSAEncryption
57:5f:bf:b6:21:c0:8e:e5:d3:60:8b:b4:fa:8b:d9:69:6e:6f:
bf:d1:45:93:04:25:62:ab:58:34:b2:e4:e3:da:43:a6:d9:b8:
6a:c3:97:6f:00:9c:e7:b1:d0:0d:ea:97:bd:09:15:2e:47:6e:
38:ee:2c:8c:6b:53:39:ce:d9:34:f5:b4:2e:c3:95:26:bc:a8:
69:c8:35:72:18:4e:ca:d3:55:8b:48:e1:fb:6f:54:73:3d:8b:
34:56:74:58:2e:51:fe:01:d1:92:c7:72:9b:52:5b:e6:90:69:
da:f8:85:db:fc:b2:e4:49:98:a6:6d:75:45:42:12:4d:7e:d7:
09:80:de:a8:9d:48:7e:6a:e3:fc:86:ed:1d:4a:0c:36:62:7d:
03:7e:b3:f1:1c:ee:a7:91:a4:5a:4e:f9:0b:aa:10:18:06:d0:
5c:9b:92:5b:47:ac:28:76:47:ef:cb:b3:1b:cc:9a:b4:55:97:
01:4c:a9:e8:9e:60:2c:92:c1:f4:bb:79:b8:51:49:87:06:b6:
26:0b:1a:3b:89:86:6b:8b:a4:21:de:e0:82:fa:b2:8e:b8:87:
7f:f9:43:88:7d:be:0f:3a:9d:66:1b:45:5a:19:fe:71:ad:eb:
52:4a:89:16:9b:01:0e:ee:9a:d2:13:42:49:73:60:54:3a:6d:
d6:26:81:fe
-----BEGIN CERTIFICATE-----
MIIFKDCCBBCgAwIBAgIEPx9VvDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
YzM5ZDU3OTM2ZGQyZDE1MjE0NDNlNjhkYWRkOWQwOTQ5Y2RlMzNmMB4XDTIyMDEw
MTA5MDYzMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoODJkMmVkMTZmZjg1
NWY2MTc3N2ZlNTBlNjQ2M2ZiNTE3Y2IzM2RjOTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALgMyvQ7JbMkB5Poy2kxVh3wVwdWxobhqzTVA5ZCIyRbpS6I
adysuoKpt2X2LBXAxyi9aAdLqsVfdDmjY0KDeu0OHgKvQtgMfiASoD10r18H6rSS
SMPJGrw2Cp0aeMSjQm8/Gy4SoMpyO6LAkkuRZc1EZcy+lxw1ksxgHNVxNoVS7dxd
LEoxR32lgBZUt8Davjw8snbs0fxsHZ+R+1GHdcpz7QodiEukbHdsOBU2xR6XHXWJ
wcrn/EzldN07WfQOM0ZoLOrCioh8N8EN9XOEynkIQRrGbw/FWKmzY5HawYILLZOI
/wyS3UjOXrq9bS8TDXR3gqq4B2pw6OIkUUSieBcCAwEAAaOCAkIwggI+MB0GA1Ud
DgQWBBSC0u0W/4VfYXd/5Q5kY/tRfLM9yTAfBgNVHSMEGDAWgBQcOdV5Nt0tFSFE
Pmja3Z0JSc3jPzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0hEblZlVGJkTFJVaFJENW8ydDJkQ1VuTjR6OC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMjcvZDM4NTZmLTAyOWMtNDQ2YS1hZTdkLWQ3YzVkYTdjMTY3Ni8x
L2d0THRGdi1GWDJGM2YtVU9aR1A3VVh5elBjay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjcv
ZDM4NTZmLTAyOWMtNDQ2YS1hZTdkLWQ3YzVkYTdjMTY3Ni8xL0hEblZlVGJkTFJV
aFJENW8ydDJkQ1VuTjR6OC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBY
BggrBgEFBQcBBwEB/wRJMEcwNgQCAAEwMAMEAwXHsAMEA1iF8AMEA159SAMEA21G
wAMEA23r4AMEA4L/aAMEArkj0AMEA9TtqDANBAIAAjAHAwUAKgIHeDANBgkqhkiG
9w0BAQsFAAOCAQEAV1+/tiHAjuXTYIu0+ovZaW5vv9FFkwQlYqtYNLLk49pDptm4
asOXbwCc57HQDeqXvQkVLkduOO4sjGtTOc7ZNPW0LsOVJryoacg1chhOytNVi0jh
+29Ucz2LNFZ0WC5R/gHRksdym1Jb5pBp2viF2/yy5EmYpm11RUISTX7XCYDeqJ1I
fmrj/IbtHUoMNmJ9A36z8Rzup5GkWk75C6oQGAbQXJuSW0esKHZH78uzG8yatFWX
AUyp6J5gLJLB9Lt5uFFJhwa2JgsaO4mGa4ukId7ggvqyjriHf/lDiH2+DzqdZhtF
Whn+ca3rUkqJFpsBDu6a0hNCSXNgVDpt1iaB/g==
-----END CERTIFICATE-----
Generated at Thu Mar 13 20:45:27 2025 by rpki-client