Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/47/a41898-da08-469d-be1a-8bbc226e6c45/1/GB5nHJ6h9fB3AFVLQVAksAAkEtA.roa
File: GB5nHJ6h9fB3AFVLQVAksAAkEtA.roa (raw, json)
Hash identifier: CpQbZmz6Ydw35b69zB/8l8i+/Vfg1UQEqlRrVmiouOo=
Subject key identifier: 18:1E:67:1C:9E:A1:F5:F0:77:00:55:4B:41:50:24:B0:00:24:12:D0
Certificate issuer: /CN=b3dd11d346b63bb1eb22a07c26cc1291a2a06895
Certificate serial: 018684E12CFEBE9E44F74A8571772AE2250C
Authority key identifier: B3:DD:11:D3:46:B6:3B:B1:EB:22:A0:7C:26:CC:12:91:A2:A0:68:95
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/s90R00a2O7HrIqB8JswSkaKgaJU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/47/a41898-da08-469d-be1a-8bbc226e6c45/1/GB5nHJ6h9fB3AFVLQVAksAAkEtA.roa
Signing time: Fri 24 Feb 2023 19:23:15 +0000
ROA not before: Fri 24 Feb 2023 19:23:15 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 185.63.35.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:84:e1:2c:fe:be:9e:44:f7:4a:85:71:77:2a:e2:25:0c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b3dd11d346b63bb1eb22a07c26cc1291a2a06895
Validity
Not Before: Feb 24 19:23:15 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=181e671c9ea1f5f07700554b415024b0002412d0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:0f:a5:d4:39:60:86:da:43:80:1d:b7:72:16:
15:a7:33:51:90:92:db:72:c1:55:b2:bd:b1:d2:bc:
06:1e:7b:5a:9d:0d:c8:c2:5e:1a:b5:8e:16:a8:1d:
fe:11:df:d7:24:2c:9a:22:61:43:c5:4e:30:61:32:
87:5c:05:37:85:0e:1a:49:cf:ef:5c:d8:2b:f7:8f:
8d:46:0e:9c:38:fc:00:06:d8:4b:87:57:ff:5e:a8:
b1:db:9c:1d:fc:a9:51:05:b7:e7:c0:a7:49:f5:ca:
b3:f5:e1:ab:73:32:dd:c5:03:a2:71:d0:2c:1d:0c:
28:4d:cc:8a:7a:a5:9f:17:13:2a:f9:46:38:d0:51:
0f:08:31:2c:21:63:c5:07:58:a8:cd:70:4a:53:0e:
26:f5:90:bd:a3:d2:6d:37:7a:60:98:04:8a:e0:d0:
20:60:52:cd:8f:fc:22:32:99:da:7d:3c:c2:ab:f6:
a2:51:9a:e0:a8:c7:55:f9:27:be:ac:e8:0b:57:21:
13:c2:32:65:b1:fb:77:e1:82:d0:6c:a3:09:19:36:
97:f8:0d:df:bc:32:0f:6e:4b:c6:b4:d4:b6:e0:7f:
13:17:c0:95:38:59:82:9c:40:2a:32:80:56:61:d5:
b8:7a:4e:07:85:cf:c6:a9:27:ea:5e:52:c8:c1:cc:
08:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
18:1E:67:1C:9E:A1:F5:F0:77:00:55:4B:41:50:24:B0:00:24:12:D0
X509v3 Authority Key Identifier:
keyid:B3:DD:11:D3:46:B6:3B:B1:EB:22:A0:7C:26:CC:12:91:A2:A0:68:95
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/s90R00a2O7HrIqB8JswSkaKgaJU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/47/a41898-da08-469d-be1a-8bbc226e6c45/1/GB5nHJ6h9fB3AFVLQVAksAAkEtA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/47/a41898-da08-469d-be1a-8bbc226e6c45/1/s90R00a2O7HrIqB8JswSkaKgaJU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.63.35.0/24
Signature Algorithm: sha256WithRSAEncryption
1c:6d:b3:bd:00:d0:27:37:a8:47:8e:83:db:60:e0:88:f5:93:
af:dc:47:57:09:bf:ad:e0:96:6a:f8:53:ad:9d:1b:f1:69:e0:
f4:66:20:ea:8e:5b:c2:22:42:21:1a:96:6c:56:ee:45:27:62:
d7:89:ac:ec:2d:2b:27:4a:c8:f4:5a:67:b8:64:1b:e0:db:7c:
3e:0f:95:7b:84:65:42:03:d6:45:fb:17:59:eb:dc:49:d4:1b:
94:4b:d9:55:e0:22:c0:80:e6:c7:8d:74:8a:cf:70:28:38:05:
07:78:d6:83:05:50:02:77:5c:e2:f2:00:b5:1c:a6:24:64:84:
f3:c3:36:16:3f:1a:f9:e9:f5:50:99:cb:f8:32:aa:55:12:08:
7c:1e:12:60:0b:ed:c4:c8:91:f2:18:e3:06:5d:44:11:84:72:
e2:34:1e:4e:7c:6b:dc:1a:a9:5c:52:14:93:bf:4e:c3:62:ed:
30:d6:4e:e6:46:f7:1f:2d:7c:93:86:51:d9:86:ec:d2:e9:cf:
e9:14:b2:e1:73:61:14:27:1b:6e:05:64:15:be:56:a8:48:2e:
61:8a:c4:e0:c0:49:e4:3c:4d:98:80:c3:77:c6:15:64:b1:68:
9c:24:fa:5b:6f:e8:df:f4:77:71:04:f6:b3:fe:94:74:37:43:
91:ee:00:10
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYaE4Sz+vp5E90qFcXcq4iUMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIzZGQxMWQzNDZiNjNiYjFlYjIyYTA3YzI2Y2MxMjkxYTJh
MDY4OTUwHhcNMjMwMjI0MTkyMzE1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxODFlNjcxYzllYTFmNWYwNzcwMDU1NGI0MTUwMjRiMDAwMjQxMmQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5Q+l1DlghtpDgB23chYVpzNRkJLb
csFVsr2x0rwGHntanQ3Iwl4atY4WqB3+Ed/XJCyaImFDxU4wYTKHXAU3hQ4aSc/v
XNgr94+NRg6cOPwABthLh1f/Xqix25wd/KlRBbfnwKdJ9cqz9eGrczLdxQOicdAs
HQwoTcyKeqWfFxMq+UY40FEPCDEsIWPFB1iozXBKUw4m9ZC9o9JtN3pgmASK4NAg
YFLNj/wiMpnafTzCq/aiUZrgqMdV+Se+rOgLVyETwjJlsft34YLQbKMJGTaX+A3f
vDIPbkvGtNS24H8TF8CVOFmCnEAqMoBWYdW4ek4Hhc/GqSfqXlLIwcwIkwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBgeZxyeofXwdwBVS0FQJLAAJBLQMB8GA1UdIwQY
MBaAFLPdEdNGtjux6yKgfCbMEpGioGiVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvczkwUjAwYTJPN0hySXFCOEpzd1NrYUtnYUpVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ny9hNDE4OTgtZGEwOC00NjlkLWJlMWEt
OGJiYzIyNmU2YzQ1LzEvR0I1bkhKNmg5ZkIzQUZWTFFWQWtzQUFrRXRBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ny9hNDE4OTgtZGEwOC00NjlkLWJlMWEtOGJiYzIyNmU2YzQ1
LzEvczkwUjAwYTJPN0hySXFCOEpzd1NrYUtnYUpVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuT8jMA0G
CSqGSIb3DQEBCwUAA4IBAQAcbbO9ANAnN6hHjoPbYOCI9ZOv3EdXCb+t4JZq+FOt
nRvxaeD0ZiDqjlvCIkIhGpZsVu5FJ2LXiazsLSsnSsj0Wme4ZBvg23w+D5V7hGVC
A9ZF+xdZ69xJ1BuUS9lV4CLAgObHjXSKz3AoOAUHeNaDBVACd1zi8gC1HKYkZITz
wzYWPxr56fVQmcv4MqpVEgh8HhJgC+3EyJHyGOMGXUQRhHLiNB5OfGvcGqlcUhST
v07DYu0w1k7mRvcfLXyThlHZhuzS6c/pFLLhc2EUJxtuBWQVvlaoSC5hisTgwEnk
PE2YgMN3xhVksWicJPpbb+jf9HdxBPaz/pR0N0OR7gAQ
-----END CERTIFICATE-----
Generated at Wed Apr 23 06:10:09 2025 by rpki-client