Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/ac9c32-7dbc-4d6c-bc08-5d584fbc5d27/1/gvsPfSxjgLCp9drHaNBiDKlf84o.roa
File: gvsPfSxjgLCp9drHaNBiDKlf84o.roa (raw, json)
Hash identifier: YuAJ2QhesSHLIwHc73BZBl8ssZgKRWZRK0cqi5ls/f4=
Subject key identifier: 82:FB:0F:7D:2C:63:80:B0:A9:F5:DA:C7:68:D0:62:0C:A9:5F:F3:8A
Certificate issuer: /CN=ba9d30e6035be8b8386061f271481c707e04ce2b
Certificate serial: 0185735621E6D56FC52371E882D129195F9C
Authority key identifier: BA:9D:30:E6:03:5B:E8:B8:38:60:61:F2:71:48:1C:70:7E:04:CE:2B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/up0w5gNb6Lg4YGHycUgccH4Ezis.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/ac9c32-7dbc-4d6c-bc08-5d584fbc5d27/1/gvsPfSxjgLCp9drHaNBiDKlf84o.roa
Signing time: Mon 02 Jan 2023 16:35:02 +0000
ROA not before: Mon 02 Jan 2023 16:35:02 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 43391
IP address blocks: 92.45.72.0/24 maxlen: 24
92.45.58.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:73:56:21:e6:d5:6f:c5:23:71:e8:82:d1:29:19:5f:9c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ba9d30e6035be8b8386061f271481c707e04ce2b
Validity
Not Before: Jan 2 16:35:02 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=82fb0f7d2c6380b0a9f5dac768d0620ca95ff38a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:18:06:af:8e:89:f7:ff:89:5b:aa:8f:67:76:
29:b9:71:0a:3e:33:64:14:cf:d5:ec:ab:09:c1:70:
96:a9:cf:ac:00:72:c9:52:f6:10:55:86:7f:1c:6c:
81:91:d7:c9:7d:7f:41:21:d7:b7:9e:5c:1f:13:60:
a1:9d:40:30:64:2b:d7:e5:c7:ae:95:29:c7:fd:76:
b9:52:1b:5a:31:d9:ea:f3:5b:16:0a:40:a2:d4:a5:
95:e6:b4:b6:fd:88:83:8d:73:ef:8f:72:0d:17:1e:
e7:b0:57:ff:94:24:9a:b6:7d:61:cd:d8:eb:d9:04:
28:7c:91:5b:28:c5:cc:33:3f:de:79:40:63:df:32:
81:7c:34:e2:8e:1f:1c:79:9c:66:12:6a:3c:3c:8f:
bd:00:87:07:e7:dd:df:91:ac:86:20:af:a5:e4:5f:
2f:9e:18:9c:b2:06:94:31:89:62:56:6a:c4:2b:06:
bd:cb:1f:f5:a1:91:50:64:2a:40:5e:a7:84:15:ce:
34:8c:e9:12:4a:db:45:ed:c0:16:7f:1e:26:15:2c:
0d:57:1e:5d:86:3f:ac:4a:0c:74:86:47:51:fb:7d:
39:e4:72:97:79:db:bd:bf:55:29:39:bc:ac:06:b2:
f2:46:90:57:f3:37:4d:7b:70:60:48:55:ad:f4:5e:
2a:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
82:FB:0F:7D:2C:63:80:B0:A9:F5:DA:C7:68:D0:62:0C:A9:5F:F3:8A
X509v3 Authority Key Identifier:
keyid:BA:9D:30:E6:03:5B:E8:B8:38:60:61:F2:71:48:1C:70:7E:04:CE:2B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/up0w5gNb6Lg4YGHycUgccH4Ezis.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/ac9c32-7dbc-4d6c-bc08-5d584fbc5d27/1/gvsPfSxjgLCp9drHaNBiDKlf84o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/ac9c32-7dbc-4d6c-bc08-5d584fbc5d27/1/up0w5gNb6Lg4YGHycUgccH4Ezis.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
92.45.58.0/24
92.45.72.0/24
Signature Algorithm: sha256WithRSAEncryption
4d:8e:9c:b0:82:24:60:4c:70:d6:74:7e:b6:a2:58:64:34:e8:
bd:3a:60:1f:9f:3b:4c:9d:6d:77:9f:3f:1e:25:bf:ee:4e:f6:
16:0e:b6:de:d7:5d:fe:09:97:2c:ab:da:b9:68:f2:29:14:80:
e8:80:66:00:47:bb:71:9d:46:06:50:b0:80:d4:4e:c7:a6:f2:
fa:d4:e9:d0:5a:e8:64:02:1e:89:a9:c8:fe:1d:bd:81:cb:9f:
db:b4:03:da:bd:f5:23:d7:a0:d1:d3:1d:3a:20:e5:9e:73:f8:
8b:45:2d:ac:04:60:15:2c:4f:a4:b8:be:69:0e:d5:9c:9c:59:
7c:db:95:2d:89:7a:4b:9c:29:ce:67:44:4d:c7:83:b2:ab:7e:
4d:cc:af:4e:9f:4e:5b:d4:e1:8c:61:ba:d7:34:41:36:35:fb:
8f:5e:c3:75:73:02:ef:ba:a4:bc:2a:4c:4c:f6:8a:2d:18:e2:
fe:03:9f:ea:3c:6c:2d:48:d2:0b:61:be:26:d5:1d:f2:4b:23:
8c:b3:7d:13:26:f1:e8:01:35:a6:c0:a6:2e:97:7e:15:5a:eb:
7d:7a:14:95:37:56:7e:d8:17:80:3e:a5:6c:b0:60:c9:b3:db:
90:9a:da:1e:3c:27:54:67:68:87:c9:c7:e3:e1:13:b6:5a:08:
fe:a1:a0:a7
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVzViHm1W/FI3HogtEpGV+cMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJhOWQzMGU2MDM1YmU4YjgzODYwNjFmMjcxNDgxYzcwN2Uw
NGNlMmIwHhcNMjMwMTAyMTYzNTAyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MmZiMGY3ZDJjNjM4MGIwYTlmNWRhYzc2OGQwNjIwY2E5NWZmMzhhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjRgGr46J9/+JW6qPZ3YpuXEKPjNk
FM/V7KsJwXCWqc+sAHLJUvYQVYZ/HGyBkdfJfX9BIde3nlwfE2ChnUAwZCvX5ceu
lSnH/Xa5UhtaMdnq81sWCkCi1KWV5rS2/YiDjXPvj3INFx7nsFf/lCSatn1hzdjr
2QQofJFbKMXMMz/eeUBj3zKBfDTijh8ceZxmEmo8PI+9AIcH593fkayGIK+l5F8v
nhicsgaUMYliVmrEKwa9yx/1oZFQZCpAXqeEFc40jOkSSttF7cAWfx4mFSwNVx5d
hj+sSgx0hkdR+3055HKXedu9v1UpObysBrLyRpBX8zdNe3BgSFWt9F4qeQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFIL7D30sY4CwqfXax2jQYgypX/OKMB8GA1UdIwQY
MBaAFLqdMOYDW+i4OGBh8nFIHHB+BM4rMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdXAwdzVnTmI2TGc0WUdIeWNVZ2NjSDRFemlzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9hYzljMzItN2RiYy00ZDZjLWJjMDgt
NWQ1ODRmYmM1ZDI3LzEvZ3ZzUGZTeGpnTENwOWRySGFOQmlES2xmODRvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9hYzljMzItN2RiYy00ZDZjLWJjMDgtNWQ1ODRmYmM1ZDI3
LzEvdXAwdzVnTmI2TGc0WUdIeWNVZ2NjSDRFemlzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAXC06AwQA
XC1IMA0GCSqGSIb3DQEBCwUAA4IBAQBNjpywgiRgTHDWdH62olhkNOi9OmAfnztM
nW13nz8eJb/uTvYWDrbe113+CZcsq9q5aPIpFIDogGYAR7txnUYGULCA1E7HpvL6
1OnQWuhkAh6Jqcj+Hb2By5/btAPavfUj16DR0x06IOWec/iLRS2sBGAVLE+kuL5p
DtWcnFl825UtiXpLnCnOZ0RNx4Oyq35NzK9On05b1OGMYbrXNEE2NfuPXsN1cwLv
uqS8KkxM9ootGOL+A5/qPGwtSNILYb4m1R3ySyOMs30TJvHoATWmwKYul34VWut9
ehSVN1Z+2BeAPqVssGDJs9uQmtoePCdUZ2iHycfj4RO2Wgj+oaCn
-----END CERTIFICATE-----
Generated at Thu Apr 17 18:43:14 2025 by rpki-client