Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/391dd7-4b96-46a5-afb4-6b615b7dbfe0/1/gzFNQH5zIaqZk-39TrFUrlTasZQ.roa
File: gzFNQH5zIaqZk-39TrFUrlTasZQ.roa (raw, json)
Hash identifier: orUF6y4B1tztahBE9Vs98BOyRPwvEE2aFXR75DVc5h4=
Subject key identifier: 83:31:4D:40:7E:73:21:AA:99:93:ED:FD:4E:B1:54:AE:54:DA:B1:94
Certificate issuer: /CN=61340818a8633908cf37ea145d66d92452fb73aa
Certificate serial: 0184D1A7B97C222A89958DDA4D6CED713520
Authority key identifier: 61:34:08:18:A8:63:39:08:CF:37:EA:14:5D:66:D9:24:52:FB:73:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YTQIGKhjOQjPN-oUXWbZJFL7c6o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/391dd7-4b96-46a5-afb4-6b615b7dbfe0/1/gzFNQH5zIaqZk-39TrFUrlTasZQ.roa
Signing time: Fri 02 Dec 2022 07:05:40 +0000
ROA not before: Fri 02 Dec 2022 07:05:40 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 39194
IP address blocks: 83.146.192.0/18 maxlen: 18
185.143.60.0/22 maxlen: 22
85.209.100.0/22 maxlen: 22
2a00:7a20::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:d1:a7:b9:7c:22:2a:89:95:8d:da:4d:6c:ed:71:35:20
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=61340818a8633908cf37ea145d66d92452fb73aa
Validity
Not Before: Dec 2 07:05:40 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=83314d407e7321aa9993edfd4eb154ae54dab194
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:5c:1a:32:36:84:ce:21:41:8d:0a:da:fe:bf:
70:02:c0:13:00:28:6d:c7:46:fb:91:ab:ae:90:e7:
89:a5:dd:da:bd:ce:14:49:45:a0:eb:be:18:09:cc:
4e:b9:b0:8f:1d:4c:1f:fe:5a:32:fa:da:b1:94:07:
f1:f3:42:a8:3f:b6:f6:44:cb:b3:f0:af:55:46:16:
fc:13:56:ba:9e:5f:72:ec:d5:04:48:b6:13:a8:9c:
54:6e:93:f1:d8:8b:81:0b:59:5d:d6:d2:67:c6:f7:
5e:18:22:5c:9e:b0:87:c9:ec:fa:64:cb:c7:0e:cc:
4e:41:eb:15:51:c1:83:c0:e4:01:c5:06:54:58:d3:
4d:0b:4a:aa:ea:e7:71:9d:a7:6f:80:d6:0c:2c:12:
62:30:b7:66:8b:91:5a:a7:a8:6a:cd:88:40:8a:5d:
84:06:f7:2c:20:54:1a:f8:af:9f:0d:c5:0e:5c:95:
4b:5e:4c:7d:bd:e6:13:68:e8:75:2d:b4:7a:11:9b:
85:8f:1f:ed:fb:06:8f:93:53:3a:41:dd:4c:9b:ec:
56:d6:82:25:77:ef:4b:b7:4f:83:9d:10:9b:61:cf:
be:f9:1f:8a:e5:07:6d:f8:31:a9:3d:63:5e:de:07:
37:5e:51:4c:e9:79:de:72:95:c9:ac:c1:3d:33:e7:
ff:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
83:31:4D:40:7E:73:21:AA:99:93:ED:FD:4E:B1:54:AE:54:DA:B1:94
X509v3 Authority Key Identifier:
keyid:61:34:08:18:A8:63:39:08:CF:37:EA:14:5D:66:D9:24:52:FB:73:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YTQIGKhjOQjPN-oUXWbZJFL7c6o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/391dd7-4b96-46a5-afb4-6b615b7dbfe0/1/gzFNQH5zIaqZk-39TrFUrlTasZQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/391dd7-4b96-46a5-afb4-6b615b7dbfe0/1/YTQIGKhjOQjPN-oUXWbZJFL7c6o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.146.192.0/18
85.209.100.0/22
185.143.60.0/22
IPv6:
2a00:7a20::/32
Signature Algorithm: sha256WithRSAEncryption
8d:98:ff:38:6a:59:41:3b:bd:0a:b7:07:8a:8c:f4:d9:4d:b8:
7f:19:9a:e0:b2:10:e4:60:79:c4:a9:7d:35:89:1c:54:25:e7:
24:d0:e4:93:32:6d:00:55:38:a8:92:a1:85:27:3d:ff:13:e9:
72:24:a1:a7:23:8b:49:3a:a6:d4:61:b8:f2:a9:d8:a4:4d:0f:
48:5d:d6:8f:51:8e:6a:e4:af:d1:2d:11:85:f1:c1:09:78:03:
74:c4:04:90:04:75:91:99:8a:9a:c2:5e:4d:e7:d5:3e:1f:a6:
5c:6f:aa:7d:ec:82:38:b0:e2:31:e6:4f:fd:fc:fc:49:63:d7:
47:e5:c2:8e:04:da:1f:b9:10:d9:09:ce:c5:65:1c:ab:6f:3a:
3a:0f:d5:c5:eb:59:4e:e1:e1:5c:0f:de:1d:be:d2:36:6a:e4:
1b:0b:1a:f3:c9:d4:46:7b:8d:72:0d:97:66:4e:85:dd:a1:0b:
f3:14:4a:d8:3d:0b:da:36:8c:77:04:5f:73:95:34:81:8f:3c:
f4:e4:b4:68:5f:2a:d0:12:92:13:1b:2d:29:a8:07:f0:55:f4:
17:f4:8e:13:9d:ed:ae:68:f6:7d:84:6d:f4:59:c4:d6:b8:31:
7a:93:a5:f8:6e:42:29:42:e3:1b:f3:0b:d6:a2:e2:41:bc:31:
9d:aa:35:8f
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYTRp7l8IiqJlY3aTWztcTUgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYxMzQwODE4YTg2MzM5MDhjZjM3ZWExNDVkNjZkOTI0NTJm
YjczYWEwHhcNMjIxMjAyMDcwNTQwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MzMxNGQ0MDdlNzMyMWFhOTk5M2VkZmQ0ZWIxNTRhZTU0ZGFiMTk0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnFwaMjaEziFBjQra/r9wAsATACht
x0b7kauukOeJpd3avc4USUWg674YCcxOubCPHUwf/loy+tqxlAfx80KoP7b2RMuz
8K9VRhb8E1a6nl9y7NUESLYTqJxUbpPx2IuBC1ld1tJnxvdeGCJcnrCHyez6ZMvH
DsxOQesVUcGDwOQBxQZUWNNNC0qq6udxnadvgNYMLBJiMLdmi5Fap6hqzYhAil2E
BvcsIFQa+K+fDcUOXJVLXkx9veYTaOh1LbR6EZuFjx/t+waPk1M6Qd1Mm+xW1oIl
d+9Lt0+DnRCbYc+++R+K5Qdt+DGpPWNe3gc3XlFM6XnecpXJrME9M+f/XwIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFIMxTUB+cyGqmZPt/U6xVK5U2rGUMB8GA1UdIwQY
MBaAFGE0CBioYzkIzzfqFF1m2SRS+3OqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWVRRSUdLaGpPUWpQTi1vVVhXYlpKRkw3YzZvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi8zOTFkZDctNGI5Ni00NmE1LWFmYjQt
NmI2MTViN2RiZmUwLzEvZ3pGTlFINXpJYXFaay0zOVRyRlVybFRhc1pRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi8zOTFkZDctNGI5Ni00NmE1LWFmYjQtNmI2MTViN2RiZmUw
LzEvWVRRSUdLaGpPUWpQTi1vVVhXYlpKRkw3YzZvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQGU5LAAwQC
VdFkAwQCuY88MA0EAgACMAcDBQAqAHogMA0GCSqGSIb3DQEBCwUAA4IBAQCNmP84
allBO70KtweKjPTZTbh/GZrgshDkYHnEqX01iRxUJeck0OSTMm0AVTiokqGFJz3/
E+lyJKGnI4tJOqbUYbjyqdikTQ9IXdaPUY5q5K/RLRGF8cEJeAN0xASQBHWRmYqa
wl5N59U+H6Zcb6p97II4sOIx5k/9/PxJY9dH5cKOBNofuRDZCc7FZRyrbzo6D9XF
61lO4eFcD94dvtI2auQbCxrzydRGe41yDZdmToXdoQvzFErYPQvaNox3BF9zlTSB
jzz05LRoXyrQEpITGy0pqAfwVfQX9I4Tne2uaPZ9hG30WcTWuDF6k6X4bkIpQuMb
8wvWouJBvDGdqjWP
-----END CERTIFICATE-----
Generated at Wed Apr 23 02:17:08 2025 by rpki-client