Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/963170-58be-46bb-a5de-777373e6055e/1/gdrLZ3BgzUmG76Pnn9DayAIdFu4.roa
File: gdrLZ3BgzUmG76Pnn9DayAIdFu4.roa (raw, json)
Hash identifier: tk7NQjMmnZBebgvvpCQ0Iz2okLrcvNtVAgelpoCJNCE=
Subject key identifier: 81:DA:CB:67:70:60:CD:49:86:EF:A3:E7:9F:D0:DA:C8:02:1D:16:EE
Certificate issuer: /CN=7094a425595e923c4b53b9c000aa8f19ad923f20
Certificate serial: 018BA8BA7DF7A808D74136F0380537B4E465
Authority key identifier: 70:94:A4:25:59:5E:92:3C:4B:53:B9:C0:00:AA:8F:19:AD:92:3F:20
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cJSkJVlekjxLU7nAAKqPGa2SPyA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2a/963170-58be-46bb-a5de-777373e6055e/1/gdrLZ3BgzUmG76Pnn9DayAIdFu4.roa
Signing time: Tue 07 Nov 2023 07:41:16 +0000
ROA not before: Tue 07 Nov 2023 07:41:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 200738
IP address blocks: 45.129.20.0/24 maxlen: 24
45.129.21.0/24 maxlen: 24
188.215.8.0/22 maxlen: 22
77.83.124.0/22 maxlen: 22
176.100.224.0/24 maxlen: 24
176.100.225.0/24 maxlen: 24
176.100.224.0/20 maxlen: 20
134.255.215.0/24 maxlen: 24
185.159.252.0/22 maxlen: 22
185.97.168.0/22 maxlen: 22
193.26.148.0/22 maxlen: 22
92.114.56.0/22 maxlen: 22
193.35.14.0/23 maxlen: 23
193.35.26.0/23 maxlen: 23
176.100.212.0/22 maxlen: 22
176.100.208.0/22 maxlen: 22
93.114.240.0/22 maxlen: 22
109.230.216.0/23 maxlen: 23
109.230.222.0/24 maxlen: 24
193.31.36.0/22 maxlen: 22
185.170.147.0/24 maxlen: 24
2a06:6c0:24::/48 maxlen: 48
2a06:6c0:2::/48 maxlen: 48
2a06:6c0:22::/48 maxlen: 48
2a06:6c0:26::/48 maxlen: 48
2a06:6c0:1::/48 maxlen: 48
2a06:6c0:255::/48 maxlen: 48
2a06:6c0:3::/48 maxlen: 48
2a06:6c0:23::/48 maxlen: 48
2a06:6c0:254::/48 maxlen: 48
2a06:6c0:25::/48 maxlen: 48
2a06:6c0::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:a8:ba:7d:f7:a8:08:d7:41:36:f0:38:05:37:b4:e4:65
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7094a425595e923c4b53b9c000aa8f19ad923f20
Validity
Not Before: Nov 7 07:41:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=81dacb677060cd4986efa3e79fd0dac8021d16ee
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:18:c2:19:fe:44:4b:12:16:06:68:e2:42:a1:
bc:2d:04:ab:4c:73:48:98:d5:9a:e6:21:83:3a:33:
56:d1:37:e8:1d:7b:c8:90:e7:e9:62:12:ce:11:aa:
50:7d:28:a8:41:24:01:5c:e3:b5:3c:27:e4:67:69:
a0:fe:27:d0:d4:d0:0b:da:32:08:c7:16:73:4a:38:
c0:43:98:f6:50:18:a7:92:6d:e0:17:aa:c3:9a:82:
5c:61:bf:27:7b:7f:e9:01:de:78:76:40:c9:3c:b7:
79:51:5f:4c:2e:46:0d:08:93:32:42:c1:9f:6a:be:
d1:12:79:dd:e7:3e:d1:0d:64:71:37:a1:18:21:ca:
b0:c3:8e:ac:d4:05:d2:2c:6e:66:e3:14:54:1d:8b:
e4:d0:57:25:36:9c:c0:6e:81:13:0b:f9:0b:83:47:
c7:13:80:33:05:7a:b5:60:95:64:cb:87:43:d1:a7:
27:88:39:c0:22:95:94:95:9d:11:ce:86:7a:59:68:
d5:21:04:6d:99:e9:af:da:64:9e:59:e4:47:83:ed:
e0:b9:a8:f0:de:b0:4c:3e:99:84:bf:11:ed:d9:5b:
dc:b5:7d:3c:00:c8:b2:59:04:44:f4:bb:c3:5d:63:
1e:b8:6a:3f:22:98:42:1a:92:16:7f:74:c6:52:8d:
cc:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
81:DA:CB:67:70:60:CD:49:86:EF:A3:E7:9F:D0:DA:C8:02:1D:16:EE
X509v3 Authority Key Identifier:
keyid:70:94:A4:25:59:5E:92:3C:4B:53:B9:C0:00:AA:8F:19:AD:92:3F:20
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cJSkJVlekjxLU7nAAKqPGa2SPyA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/963170-58be-46bb-a5de-777373e6055e/1/gdrLZ3BgzUmG76Pnn9DayAIdFu4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/963170-58be-46bb-a5de-777373e6055e/1/cJSkJVlekjxLU7nAAKqPGa2SPyA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.129.20.0/23
77.83.124.0/22
92.114.56.0/22
93.114.240.0/22
109.230.216.0/23
109.230.222.0/24
134.255.215.0/24
176.100.208.0/21
176.100.224.0/20
185.97.168.0/22
185.159.252.0/22
185.170.147.0/24
188.215.8.0/22
193.26.148.0/22
193.31.36.0/22
193.35.14.0/23
193.35.26.0/23
IPv6:
2a06:6c0::/46
2a06:6c0:22::-2a06:6c0:26:ffff:ffff:ffff:ffff:ffff
2a06:6c0:254::/47
Signature Algorithm: sha256WithRSAEncryption
82:4e:13:e0:31:7a:06:82:38:25:de:80:1a:9e:ec:0f:1b:69:
44:ed:e2:a5:96:dc:b2:0b:30:1f:3a:58:3c:20:f3:e8:66:2d:
c2:09:b0:a2:01:94:38:58:cb:0f:8b:6a:4a:c2:22:38:2c:d3:
3a:ca:a3:a5:27:50:a1:b7:16:e5:c0:d5:ed:78:0e:26:58:3c:
f9:df:1f:f8:36:6f:ad:9e:78:98:e6:48:86:1b:d0:1b:df:db:
0a:eb:5c:a4:20:c2:63:5a:c9:a7:20:d0:84:45:6a:46:70:7b:
75:81:96:62:e3:45:d1:89:cd:53:c1:ea:68:5d:c0:35:15:aa:
98:52:f8:97:76:16:ef:31:1b:f7:b5:4e:d2:fb:67:cf:64:63:
51:ba:2e:30:98:22:2a:36:81:eb:00:57:71:20:c2:10:9e:61:
d4:7b:39:30:dc:02:00:b2:55:d2:21:cf:60:19:23:ce:f9:68:
52:de:00:21:95:f2:f4:dc:fc:37:9b:62:a5:6e:37:1e:01:b2:
86:05:1c:99:73:57:45:2e:4e:e1:f5:1d:c3:e9:ff:20:18:cd:
a2:9e:97:92:da:c8:38:67:df:82:27:30:6a:a6:37:27:13:bd:
bc:2b:28:ff:f6:b7:fb:e9:35:f1:5d:d1:e3:7b:72:62:34:d5:
cd:1c:e0:9e
-----BEGIN CERTIFICATE-----
MIIFjjCCBHagAwIBAgISAYuoun33qAjXQTbwOAU3tORlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcwOTRhNDI1NTk1ZTkyM2M0YjUzYjljMDAwYWE4ZjE5YWQ5
MjNmMjAwHhcNMjMxMTA3MDc0MTE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MWRhY2I2NzcwNjBjZDQ5ODZlZmEzZTc5ZmQwZGFjODAyMWQxNmVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuBjCGf5ESxIWBmjiQqG8LQSrTHNI
mNWa5iGDOjNW0TfoHXvIkOfpYhLOEapQfSioQSQBXOO1PCfkZ2mg/ifQ1NAL2jII
xxZzSjjAQ5j2UBinkm3gF6rDmoJcYb8ne3/pAd54dkDJPLd5UV9MLkYNCJMyQsGf
ar7REnnd5z7RDWRxN6EYIcqww46s1AXSLG5m4xRUHYvk0FclNpzAboETC/kLg0fH
E4AzBXq1YJVky4dD0acniDnAIpWUlZ0RzoZ6WWjVIQRtmemv2mSeWeRHg+3guajw
3rBMPpmEvxHt2VvctX08AMiyWQRE9LvDXWMeuGo/IphCGpIWf3TGUo3MeQIDAQAB
o4ICmjCCApYwHQYDVR0OBBYEFIHay2dwYM1Jhu+j55/Q2sgCHRbuMB8GA1UdIwQY
MBaAFHCUpCVZXpI8S1O5wACqjxmtkj8gMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY0pTa0pWbGVranhMVTduQUFLcVBHYTJTUHlBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYS85NjMxNzAtNThiZS00NmJiLWE1ZGUt
Nzc3MzczZTYwNTVlLzEvZ2RyTFozQmd6VW1HNzZQbm45RGF5QUlkRnU0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYS85NjMxNzAtNThiZS00NmJiLWE1ZGUtNzc3MzczZTYwNTVl
LzEvY0pTa0pWbGVranhMVTduQUFLcVBHYTJTUHlBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGvBggrBgEFBQcBBwEB/wSBnzCBnDBsBAIAATBmAwQBLYEU
AwQCTVN8AwQCXHI4AwQCXXLwAwQBbebYAwQAbebeAwQAhv/XAwQDsGTQAwQEsGTg
AwQCuWGoAwQCuZ/8AwQAuaqTAwQCvNcIAwQCwRqUAwQCwR8kAwQBwSMOAwQBwSMa
MCwEAgACMCYDBwIqBgbAAAAwEgMHASoGBsAAIgMHACoGBsAAJgMHASoGBsACVDAN
BgkqhkiG9w0BAQsFAAOCAQEAgk4T4DF6BoI4Jd6AGp7sDxtpRO3ipZbcsgswHzpY
PCDz6GYtwgmwogGUOFjLD4tqSsIiOCzTOsqjpSdQobcW5cDV7XgOJlg8+d8f+DZv
rZ54mOZIhhvQG9/bCutcpCDCY1rJpyDQhEVqRnB7dYGWYuNF0YnNU8HqaF3ANRWq
mFL4l3YW7zEb97VO0vtnz2RjUbouMJgiKjaB6wBXcSDCEJ5h1Hs5MNwCALJV0iHP
YBkjzvloUt4AIZXy9Nz8N5tipW43HgGyhgUcmXNXRS5O4fUdw+n/IBjNop6XktrI
OGffgicwaqY3JxO9vCso//a3++k18V3R43tyYjTVzRzgng==
-----END CERTIFICATE-----
Generated at Mon Apr 21 21:15:57 2025 by rpki-client