Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/49/4b77e7-347c-49fa-808b-6ed331f31e09/1/gnxKmT7wkUO940la_Nh7m2I-SmM.roa
File: gnxKmT7wkUO940la_Nh7m2I-SmM.roa (raw, json)
Hash identifier: V0zVBzaveQvny9a8cKWt32dqXJtrsvzdUJrJb9Z0h6o=
Subject key identifier: 82:7C:4A:99:3E:F0:91:43:BD:E3:49:5A:FC:D8:7B:9B:62:3E:4A:63
Certificate issuer: /CN=b05442c4ffe9c1d761e7c569360ead042438f903
Certificate serial: 0435BFC3
Authority key identifier: B0:54:42:C4:FF:E9:C1:D7:61:E7:C5:69:36:0E:AD:04:24:38:F9:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sFRCxP_pwddh58VpNg6tBCQ4-QM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/49/4b77e7-347c-49fa-808b-6ed331f31e09/1/gnxKmT7wkUO940la_Nh7m2I-SmM.roa
Signing time: Sat 01 Jan 2022 06:06:43 +0000
ROA not before: Sat 01 Jan 2022 06:06:43 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 50533
IP address blocks: 145.14.224.0/23 maxlen: 23
185.160.248.0/22 maxlen: 22
145.14.224.0/20 maxlen: 20
2a00:17f1::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 70631363 (0x435bfc3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b05442c4ffe9c1d761e7c569360ead042438f903
Validity
Not Before: Jan 1 06:06:43 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=827c4a993ef09143bde3495afcd87b9b623e4a63
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:e3:d1:e3:e9:17:dd:79:17:9f:f0:92:39:5f:
51:ef:36:a0:76:4b:f5:3e:b1:ed:69:a7:33:7d:6d:
85:14:0f:9d:71:6e:70:fe:5a:a7:e1:e7:58:e3:ce:
e9:5b:a3:31:5f:59:26:2d:54:04:87:6b:84:4e:16:
94:6e:2d:e8:be:1e:d4:96:b3:ec:28:c7:1d:0f:16:
6a:08:83:d9:74:65:6c:fd:94:e7:9d:d8:02:89:02:
d0:40:62:18:7a:11:43:f4:d9:a7:16:71:05:37:7d:
dd:46:25:91:8e:04:f4:b6:5e:20:7a:a5:67:72:44:
83:96:63:d5:be:25:e7:c6:60:25:3d:94:98:90:cf:
0f:04:66:0c:45:aa:37:1b:97:d5:cc:96:5d:e8:d6:
24:5c:ff:8e:51:a7:1c:81:dd:3d:44:74:5e:42:38:
23:3f:d7:81:6d:7e:c8:92:f8:47:6f:a1:ae:90:4a:
7d:49:b9:7b:fc:76:85:1e:64:b4:ba:33:dd:f3:d8:
f6:ef:f8:71:44:21:23:a8:ea:16:6c:d8:5b:aa:53:
7a:6f:43:87:5f:1c:3a:17:1a:30:4c:81:79:e7:c4:
ba:df:51:a6:ff:46:0b:10:44:7b:df:2e:8b:30:5f:
64:1c:df:c1:5f:3b:65:48:c7:a7:fc:6b:ef:b2:04:
86:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
82:7C:4A:99:3E:F0:91:43:BD:E3:49:5A:FC:D8:7B:9B:62:3E:4A:63
X509v3 Authority Key Identifier:
keyid:B0:54:42:C4:FF:E9:C1:D7:61:E7:C5:69:36:0E:AD:04:24:38:F9:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sFRCxP_pwddh58VpNg6tBCQ4-QM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/49/4b77e7-347c-49fa-808b-6ed331f31e09/1/gnxKmT7wkUO940la_Nh7m2I-SmM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/49/4b77e7-347c-49fa-808b-6ed331f31e09/1/sFRCxP_pwddh58VpNg6tBCQ4-QM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
145.14.224.0/20
185.160.248.0/22
IPv6:
2a00:17f1::/32
Signature Algorithm: sha256WithRSAEncryption
6c:12:98:4c:95:68:e8:04:84:4c:c4:62:05:53:57:27:54:58:
75:2c:97:59:6d:fd:57:ce:b2:ef:e2:f3:bb:52:be:cd:68:bc:
66:fc:a7:91:df:15:e0:44:2d:3f:30:25:e0:65:1e:5b:49:23:
6b:3f:ca:03:31:cc:6e:09:3a:d9:c8:a4:f6:cd:35:9a:8b:e3:
58:e8:90:22:f7:b9:62:f2:f7:aa:f0:db:a0:4f:34:62:55:1b:
5b:3e:a6:e9:90:50:f7:85:07:d7:08:b8:cd:97:30:99:d2:69:
59:dd:4d:68:f3:eb:c3:db:2b:d0:13:39:4b:6e:99:a2:3b:1f:
90:eb:9f:e9:a2:a7:f0:d9:87:03:a2:6b:8e:64:22:d3:b5:fb:
7d:1e:8e:1e:70:68:a8:22:6c:89:bc:8f:19:13:6b:20:01:51:
df:cb:d4:da:0c:7a:83:5c:94:c7:56:c6:98:a9:c0:18:92:ff:
29:b4:4f:cb:ee:c7:eb:65:2f:57:98:7b:d8:6c:58:15:a7:71:
eb:51:28:65:d4:e6:de:19:ba:03:ac:87:1b:71:6c:af:1b:ab:
a0:17:c6:56:34:92:c8:53:f7:04:57:de:29:df:9a:94:04:cb:
ce:ec:d0:3f:05:f6:8f:19:20:e0:03:f0:e5:f3:7f:71:c6:1c:
78:0e:64:de
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgIEBDW/wzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
MDU0NDJjNGZmZTljMWQ3NjFlN2M1NjkzNjBlYWQwNDI0MzhmOTAzMB4XDTIyMDEw
MTA2MDY0M1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoODI3YzRhOTkzZWYw
OTE0M2JkZTM0OTVhZmNkODdiOWI2MjNlNGE2MzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALTj0ePpF915F5/wkjlfUe82oHZL9T6x7WmnM31thRQPnXFu
cP5ap+HnWOPO6VujMV9ZJi1UBIdrhE4WlG4t6L4e1Jaz7CjHHQ8WagiD2XRlbP2U
553YAokC0EBiGHoRQ/TZpxZxBTd93UYlkY4E9LZeIHqlZ3JEg5Zj1b4l58ZgJT2U
mJDPDwRmDEWqNxuX1cyWXejWJFz/jlGnHIHdPUR0XkI4Iz/XgW1+yJL4R2+hrpBK
fUm5e/x2hR5ktLoz3fPY9u/4cUQhI6jqFmzYW6pTem9Dh18cOhcaMEyBeefEut9R
pv9GCxBEe98uizBfZBzfwV87ZUjHp/xr77IEhuUCAwEAAaOCAh4wggIaMB0GA1Ud
DgQWBBSCfEqZPvCRQ73jSVr82HubYj5KYzAfBgNVHSMEGDAWgBSwVELE/+nB12Hn
xWk2Dq0EJDj5AzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3NGUkN4UF9wd2RkaDU4VnBOZzZ0QkNRNC1RTS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNDkvNGI3N2U3LTM0N2MtNDlmYS04MDhiLTZlZDMzMWYzMWUwOS8x
L2dueEttVDd3a1VPOTQwbGFfTmg3bTJJLVNtTS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNDkv
NGI3N2U3LTM0N2MtNDlmYS04MDhiLTZlZDMzMWYzMWUwOS8xL3NGUkN4UF9wd2Rk
aDU4VnBOZzZ0QkNRNC1RTS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA0
BggrBgEFBQcBBwEB/wQlMCMwEgQCAAEwDAMEBJEO4AMEArmg+DANBAIAAjAHAwUA
KgAX8TANBgkqhkiG9w0BAQsFAAOCAQEAbBKYTJVo6ASETMRiBVNXJ1RYdSyXWW39
V86y7+Lzu1K+zWi8Zvynkd8V4EQtPzAl4GUeW0kjaz/KAzHMbgk62cik9s01movj
WOiQIve5YvL3qvDboE80YlUbWz6m6ZBQ94UH1wi4zZcwmdJpWd1NaPPrw9sr0BM5
S26ZojsfkOuf6aKn8NmHA6JrjmQi07X7fR6OHnBoqCJsibyPGRNrIAFR38vU2gx6
g1yUx1bGmKnAGJL/KbRPy+7H62UvV5h72GxYFadx61EoZdTm3hm6A6yHG3Fsrxur
oBfGVjSSyFP3BFfeKd+alATLzuzQPwX2jxkg4APw5fN/ccYceA5k3g==
-----END CERTIFICATE-----
Generated at Sun Apr 20 20:37:23 2025 by rpki-client