Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/4a0cdc-e7fe-450e-97ec-29095ad1cced/1/GA_rEDNTHqHmE_klkfStzH1PZ9o.roa
File: GA_rEDNTHqHmE_klkfStzH1PZ9o.roa (raw, json)
Hash identifier: oropHLYpwVgUHUyTdWHd5kQB6x7AbilkK9c2kKpRzao=
Subject key identifier: 18:0F:EB:10:33:53:1E:A1:E6:13:F9:25:91:F4:AD:CC:7D:4F:67:DA
Certificate issuer: /CN=4bd444c864e9e85d35376e0f68281799f6281f14
Certificate serial: 01856F8B79B8835D08F874B879C2D5D60F82
Authority key identifier: 4B:D4:44:C8:64:E9:E8:5D:35:37:6E:0F:68:28:17:99:F6:28:1F:14
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/S9REyGTp6F01N24PaCgXmfYoHxQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/4a0cdc-e7fe-450e-97ec-29095ad1cced/1/GA_rEDNTHqHmE_klkfStzH1PZ9o.roa
Signing time: Sun 01 Jan 2023 22:54:49 +0000
ROA not before: Sun 01 Jan 2023 22:54:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 60717
IP address blocks: 185.13.92.0/22 maxlen: 22
2a02:f480::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:8b:79:b8:83:5d:08:f8:74:b8:79:c2:d5:d6:0f:82
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4bd444c864e9e85d35376e0f68281799f6281f14
Validity
Not Before: Jan 1 22:54:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=180feb1033531ea1e613f92591f4adcc7d4f67da
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:cf:ba:c1:ce:44:32:02:37:10:0c:d6:d7:20:
b6:b6:ab:6d:41:a5:82:c2:4e:68:4d:60:b8:ce:2a:
76:84:ef:4e:21:66:5b:a3:ba:3c:84:d7:17:f6:b4:
01:37:70:4a:22:71:7b:c6:43:ed:b6:dd:5c:94:79:
5f:c3:63:29:a5:96:48:a2:fd:09:61:eb:c4:f0:17:
41:af:96:0d:7d:ec:97:f6:59:fb:0a:c4:d0:dc:f6:
f2:f3:f5:f2:05:df:8d:28:81:bf:ca:51:a4:85:49:
25:6e:ef:f1:6c:22:e5:03:d3:11:6c:62:ea:0d:60:
6c:9e:64:b2:25:fd:21:58:9a:fe:6d:97:2c:b4:84:
5e:68:f5:57:0d:22:90:7c:3e:87:8f:61:4b:15:23:
7b:ff:ff:72:5a:9c:90:2d:0a:f4:f4:6f:01:80:9a:
3b:18:6e:39:12:eb:8a:c7:f7:d5:dd:e4:d6:23:12:
fb:6b:76:e5:ec:d4:46:a7:b6:26:84:c2:6c:e4:bf:
c6:9b:1d:32:2c:6a:ad:93:63:cd:b4:00:75:c3:f9:
2a:de:10:c1:af:95:52:3b:93:06:9f:99:6e:d8:74:
74:87:4c:36:55:d0:3e:3c:22:b4:5d:91:4d:97:f0:
48:6a:7f:fc:3c:0e:2d:18:10:5d:58:72:71:1e:df:
91:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
18:0F:EB:10:33:53:1E:A1:E6:13:F9:25:91:F4:AD:CC:7D:4F:67:DA
X509v3 Authority Key Identifier:
keyid:4B:D4:44:C8:64:E9:E8:5D:35:37:6E:0F:68:28:17:99:F6:28:1F:14
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/S9REyGTp6F01N24PaCgXmfYoHxQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/4a0cdc-e7fe-450e-97ec-29095ad1cced/1/GA_rEDNTHqHmE_klkfStzH1PZ9o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/45/4a0cdc-e7fe-450e-97ec-29095ad1cced/1/S9REyGTp6F01N24PaCgXmfYoHxQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.13.92.0/22
IPv6:
2a02:f480::/29
Signature Algorithm: sha256WithRSAEncryption
9d:2b:c1:d7:2a:c5:da:3c:83:ac:dc:51:f7:2c:a2:c5:b3:21:
0d:61:07:33:b9:ff:e1:8e:16:fc:94:f7:03:9d:3d:5c:75:a7:
33:9d:30:53:c4:38:ef:c7:0d:af:10:2d:6a:c8:8f:31:54:8e:
4e:49:56:2a:d1:80:57:06:5f:b8:e2:c9:aa:36:4a:15:c0:24:
5d:4e:a0:67:37:56:99:a9:e1:c3:b1:b2:48:77:87:22:23:83:
34:aa:19:01:76:d7:ed:c7:bc:a1:83:c9:1d:b9:00:4e:73:5b:
2a:56:a5:f1:b8:7c:ad:04:59:5a:fa:c4:9d:3e:1f:d7:e4:c5:
f5:a7:de:f7:8a:e0:ac:f0:26:7a:29:a6:f9:bd:37:0e:a0:52:
d3:2d:69:12:42:62:ba:96:21:c3:f5:3c:69:61:2a:48:50:8e:
b5:25:fd:ae:3a:d3:47:40:1b:14:b0:89:42:d7:e5:97:94:53:
4c:5a:86:16:f5:3a:43:9a:ae:6a:ff:7d:d2:67:db:e2:73:e4:
58:56:74:ad:dd:3a:d5:df:4b:ca:ea:74:1d:52:ec:90:1f:a4:
ea:80:c4:48:06:56:ec:df:e0:6b:cd:13:43:22:97:4d:ab:ea:
e4:e9:e1:53:26:d2:ab:41:18:05:ff:ed:31:5a:f8:6d:de:7b:
4e:f6:a0:0e
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVvi3m4g10I+HS4ecLV1g+CMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRiZDQ0NGM4NjRlOWU4NWQzNTM3NmUwZjY4MjgxNzk5ZjYy
ODFmMTQwHhcNMjMwMTAxMjI1NDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxODBmZWIxMDMzNTMxZWExZTYxM2Y5MjU5MWY0YWRjYzdkNGY2N2RhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjc+6wc5EMgI3EAzW1yC2tqttQaWC
wk5oTWC4zip2hO9OIWZbo7o8hNcX9rQBN3BKInF7xkPttt1clHlfw2MppZZIov0J
YevE8BdBr5YNfeyX9ln7CsTQ3Pby8/XyBd+NKIG/ylGkhUklbu/xbCLlA9MRbGLq
DWBsnmSyJf0hWJr+bZcstIReaPVXDSKQfD6Hj2FLFSN7//9yWpyQLQr09G8BgJo7
GG45EuuKx/fV3eTWIxL7a3bl7NRGp7YmhMJs5L/Gmx0yLGqtk2PNtAB1w/kq3hDB
r5VSO5MGn5lu2HR0h0w2VdA+PCK0XZFNl/BIan/8PA4tGBBdWHJxHt+RIQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFBgP6xAzUx6h5hP5JZH0rcx9T2faMB8GA1UdIwQY
MBaAFEvURMhk6ehdNTduD2goF5n2KB8UMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUzlSRXlHVHA2RjAxTjI0UGFDZ1htZllvSHhRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS80YTBjZGMtZTdmZS00NTBlLTk3ZWMt
MjkwOTVhZDFjY2VkLzEvR0FfckVETlRIcUhtRV9rbGtmU3R6SDFQWjlvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS80YTBjZGMtZTdmZS00NTBlLTk3ZWMtMjkwOTVhZDFjY2Vk
LzEvUzlSRXlHVHA2RjAxTjI0UGFDZ1htZllvSHhRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuQ1cMA0E
AgACMAcDBQMqAvSAMA0GCSqGSIb3DQEBCwUAA4IBAQCdK8HXKsXaPIOs3FH3LKLF
syENYQczuf/hjhb8lPcDnT1cdacznTBTxDjvxw2vEC1qyI8xVI5OSVYq0YBXBl+4
4smqNkoVwCRdTqBnN1aZqeHDsbJId4ciI4M0qhkBdtftx7yhg8kduQBOc1sqVqXx
uHytBFla+sSdPh/X5MX1p973iuCs8CZ6Kab5vTcOoFLTLWkSQmK6liHD9TxpYSpI
UI61Jf2uOtNHQBsUsIlC1+WXlFNMWoYW9TpDmq5q/33SZ9vic+RYVnSt3TrV30vK
6nQdUuyQH6TqgMRIBlbs3+BrzRNDIpdNq+rk6eFTJtKrQRgF/+0xWvht3ntO9qAO
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:30:01 2025 by rpki-client