Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/31/93a768-2677-48d6-914c-d4dbf7066fd3/1/gVGR8tCc1enLAjwj01lEBGPKA3U.roa
File: gVGR8tCc1enLAjwj01lEBGPKA3U.roa (raw, json)
Hash identifier: +jz8cH1UCC0hppmmlyevrIJWv3IW1YO9uXx//1vgJO0=
Subject key identifier: 81:51:91:F2:D0:9C:D5:E9:CB:02:3C:23:D3:59:44:04:63:CA:03:75
Certificate issuer: /CN=89ac0acbfdb7a274ef36c16f5860ada2a2470697
Certificate serial: 018AD386956CC0971E5C5334FC6E3439B135
Authority key identifier: 89:AC:0A:CB:FD:B7:A2:74:EF:36:C1:6F:58:60:AD:A2:A2:47:06:97
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iawKy_23onTvNsFvWGCtoqJHBpc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/31/93a768-2677-48d6-914c-d4dbf7066fd3/1/gVGR8tCc1enLAjwj01lEBGPKA3U.roa
Signing time: Tue 26 Sep 2023 22:05:27 +0000
ROA not before: Tue 26 Sep 2023 22:05:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 12679
IP address blocks: 45.151.98.0/24 maxlen: 24
94.137.78.0/24 maxlen: 24
94.137.72.0/24 maxlen: 24
94.137.91.0/24 maxlen: 24
94.137.90.0/24 maxlen: 24
94.137.89.0/24 maxlen: 24
94.137.93.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:d3:86:95:6c:c0:97:1e:5c:53:34:fc:6e:34:39:b1:35
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=89ac0acbfdb7a274ef36c16f5860ada2a2470697
Validity
Not Before: Sep 26 22:05:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=815191f2d09cd5e9cb023c23d359440463ca0375
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:77:fb:f3:c7:42:19:54:e6:8a:6b:ab:e7:cd:
11:1f:a4:3a:45:11:a5:e7:70:84:92:fc:f8:f6:a0:
87:92:0e:e5:06:84:be:f2:3c:1c:23:80:98:ac:f7:
80:1f:b6:ef:cc:87:43:19:44:1d:8d:76:c7:ff:e4:
ed:0f:03:b3:56:64:9f:ff:e5:39:7c:e7:91:f5:a0:
3f:0b:2d:d6:35:e2:ae:8b:ec:cb:03:76:cb:b7:b9:
05:b8:c3:06:19:7a:0b:a9:ac:cf:1f:71:12:78:c1:
5b:06:35:cf:f5:ed:e0:ee:d0:d0:e2:12:6d:69:84:
3a:12:98:1a:04:d5:e8:dd:53:34:fd:3f:17:5c:34:
45:68:3b:b7:b4:ad:4b:a1:57:2b:0d:37:44:b8:10:
cc:be:6c:e1:ad:a7:aa:2e:fa:ea:64:fe:10:df:36:
1b:de:5e:b8:6f:69:a0:fd:56:fd:5b:76:ff:ba:46:
1c:dc:a9:d1:da:6b:3f:65:10:df:eb:85:0a:2e:41:
8d:60:0d:ec:05:6d:4c:79:1a:eb:61:ad:e3:57:65:
f3:24:dd:17:3d:13:a0:67:9a:e8:20:5a:fa:2e:0b:
57:60:fd:67:59:ed:ae:ea:b0:58:b9:b1:5b:25:60:
db:f6:a6:e2:be:6a:cc:d2:47:84:3b:c6:a5:d2:a5:
5d:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
81:51:91:F2:D0:9C:D5:E9:CB:02:3C:23:D3:59:44:04:63:CA:03:75
X509v3 Authority Key Identifier:
keyid:89:AC:0A:CB:FD:B7:A2:74:EF:36:C1:6F:58:60:AD:A2:A2:47:06:97
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iawKy_23onTvNsFvWGCtoqJHBpc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/31/93a768-2677-48d6-914c-d4dbf7066fd3/1/gVGR8tCc1enLAjwj01lEBGPKA3U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/31/93a768-2677-48d6-914c-d4dbf7066fd3/1/iawKy_23onTvNsFvWGCtoqJHBpc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.151.98.0/24
94.137.72.0/24
94.137.78.0/24
94.137.89.0-94.137.91.255
94.137.93.0/24
Signature Algorithm: sha256WithRSAEncryption
1d:65:38:c4:11:b5:7c:f1:59:3f:83:68:65:65:fc:c6:57:da:
54:40:56:7e:ee:63:55:88:26:d5:bf:10:41:99:ec:35:0b:13:
49:da:bf:0f:92:e9:2d:1e:49:79:87:12:47:0a:a5:07:52:4d:
94:3e:eb:cd:58:cb:14:13:a0:bf:5e:77:67:be:86:99:71:05:
7f:94:82:2b:d6:e6:a8:49:1f:a4:fd:40:40:ad:23:fc:d8:b0:
b5:74:8c:6d:87:52:e8:52:14:42:0c:93:eb:e0:a4:69:33:98:
35:30:a1:7e:60:6f:55:5a:fa:22:63:49:c5:ff:6f:a5:f7:bb:
b5:f6:23:93:1c:51:dc:9e:58:f3:be:51:d8:e7:e8:23:18:79:
e5:2a:c8:1a:b5:80:f2:d2:f4:0d:ee:74:2a:e5:78:10:68:cd:
bf:68:3c:32:3f:68:9a:69:c1:15:db:2b:0d:1a:df:c1:73:2c:
07:ff:8f:99:c0:fd:83:9d:08:4d:25:65:c9:ab:cf:43:b1:d6:
cb:19:4d:4a:e8:7f:6b:31:1b:d2:e4:af:62:2c:25:45:44:da:
2c:b0:93:43:65:8f:c1:ef:97:94:cf:9f:90:ac:76:21:69:2d:
ec:26:cb:8a:1e:52:68:77:68:17:22:d0:3a:10:48:14:2b:83:
4c:8c:80:3a
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAYrThpVswJceXFM0/G40ObE1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg5YWMwYWNiZmRiN2EyNzRlZjM2YzE2ZjU4NjBhZGEyYTI0
NzA2OTcwHhcNMjMwOTI2MjIwNTI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MTUxOTFmMmQwOWNkNWU5Y2IwMjNjMjNkMzU5NDQwNDYzY2EwMzc1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuXf788dCGVTmimur580RH6Q6RRGl
53CEkvz49qCHkg7lBoS+8jwcI4CYrPeAH7bvzIdDGUQdjXbH/+TtDwOzVmSf/+U5
fOeR9aA/Cy3WNeKui+zLA3bLt7kFuMMGGXoLqazPH3ESeMFbBjXP9e3g7tDQ4hJt
aYQ6EpgaBNXo3VM0/T8XXDRFaDu3tK1LoVcrDTdEuBDMvmzhraeqLvrqZP4Q3zYb
3l64b2mg/Vb9W3b/ukYc3KnR2ms/ZRDf64UKLkGNYA3sBW1MeRrrYa3jV2XzJN0X
PROgZ5roIFr6LgtXYP1nWe2u6rBYubFbJWDb9qbivmrM0keEO8al0qVdPQIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFIFRkfLQnNXpywI8I9NZRARjygN1MB8GA1UdIwQY
MBaAFImsCsv9t6J07zbBb1hgraKiRwaXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaWF3S3lfMjNvblR2TnNGdldHQ3RvcUpIQnBjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMS85M2E3NjgtMjY3Ny00OGQ2LTkxNGMt
ZDRkYmY3MDY2ZmQzLzEvZ1ZHUjh0Q2MxZW5MQWp3ajAxbEVCR1BLQTNVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMS85M2E3NjgtMjY3Ny00OGQ2LTkxNGMtZDRkYmY3MDY2ZmQz
LzEvaWF3S3lfMjNvblR2TnNGdldHQ3RvcUpIQnBjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAATAmAwQALZdiAwQA
XolIAwQAXolOMAwDBABeiVkDBAJeiVgDBABeiV0wDQYJKoZIhvcNAQELBQADggEB
AB1lOMQRtXzxWT+DaGVl/MZX2lRAVn7uY1WIJtW/EEGZ7DULE0navw+S6S0eSXmH
EkcKpQdSTZQ+681YyxQToL9ed2e+hplxBX+UgivW5qhJH6T9QECtI/zYsLV0jG2H
UuhSFEIMk+vgpGkzmDUwoX5gb1Va+iJjScX/b6X3u7X2I5McUdyeWPO+Udjn6CMY
eeUqyBq1gPLS9A3udCrleBBozb9oPDI/aJppwRXbKw0a38FzLAf/j5nA/YOdCE0l
Zcmrz0Ox1ssZTUrof2sxG9Lkr2IsJUVE2iywk0Nlj8Hvl5TPn5CsdiFpLewmy4oe
Umh3aBci0DoQSBQrg0yMgDo=
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:25:47 2025 by rpki-client