Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4a/8b1fac-5a21-4848-a66a-10bb4579d528/1/rpGoMC57RY0YjmfH1FwvaIPjYaY.roa
File: rpGoMC57RY0YjmfH1FwvaIPjYaY.roa (raw, json)
Hash identifier: H6NEACFsqWwvXPtQp4O8rgs/nEfcRP/j4dYGDQWbhFQ=
Subject key identifier: AE:91:A8:30:2E:7B:45:8D:18:8E:67:C7:D4:5C:2F:68:83:E3:61:A6
Certificate issuer: /CN=0a7327805df20fb5c1d6f4e89074743caeb24af7
Certificate serial: 01856F1DB75A3F7C7E52E4A644162F3AA22A
Authority key identifier: 0A:73:27:80:5D:F2:0F:B5:C1:D6:F4:E8:90:74:74:3C:AE:B2:4A:F7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CnMngF3yD7XB1vTokHR0PK6ySvc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4a/8b1fac-5a21-4848-a66a-10bb4579d528/1/rpGoMC57RY0YjmfH1FwvaIPjYaY.roa
Signing time: Sun 01 Jan 2023 20:54:56 +0000
ROA not before: Sun 01 Jan 2023 20:54:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 58289
IP address blocks: 185.162.234.0/24 maxlen: 24
193.43.251.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:1d:b7:5a:3f:7c:7e:52:e4:a6:44:16:2f:3a:a2:2a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0a7327805df20fb5c1d6f4e89074743caeb24af7
Validity
Not Before: Jan 1 20:54:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ae91a8302e7b458d188e67c7d45c2f6883e361a6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:11:9d:32:71:cd:87:17:b5:63:fb:95:24:01:
0f:ad:c6:04:67:c2:ae:42:42:b6:65:90:25:21:bb:
ab:7f:55:90:91:81:b0:93:dd:1e:cf:92:54:51:64:
a0:8c:d6:51:52:9e:79:06:03:d9:2d:c0:b3:ee:1f:
ff:b4:9d:e3:06:65:56:67:4e:b8:45:1b:ad:79:12:
b4:72:c5:38:39:c7:c1:49:2e:70:18:35:04:be:aa:
68:2f:69:8c:b7:a7:e2:4d:48:da:f4:74:7d:e0:31:
64:1b:ca:5a:60:06:6b:9f:62:db:5a:2e:23:37:1e:
e6:17:22:af:ba:6c:d8:5c:0e:36:6c:6c:b2:27:c4:
70:a7:11:ca:24:7f:c3:be:78:04:f7:46:88:ee:22:
26:57:1b:0f:0d:1f:52:43:5b:12:1c:b6:f6:5f:00:
9b:b9:bb:8e:73:ca:89:69:20:f2:d3:23:00:5d:6b:
81:99:61:05:ae:cc:a2:e1:09:24:20:85:28:62:f2:
14:39:11:2e:9d:06:61:64:c5:d1:9c:15:bb:c8:be:
b5:a7:db:04:7c:84:5a:e0:89:d8:ff:5d:75:88:f1:
99:80:ca:0a:c5:ca:22:fa:92:3f:da:0c:f4:2e:a2:
6c:15:62:3d:95:c0:99:6c:85:a8:7d:10:e0:35:29:
e4:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:91:A8:30:2E:7B:45:8D:18:8E:67:C7:D4:5C:2F:68:83:E3:61:A6
X509v3 Authority Key Identifier:
keyid:0A:73:27:80:5D:F2:0F:B5:C1:D6:F4:E8:90:74:74:3C:AE:B2:4A:F7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CnMngF3yD7XB1vTokHR0PK6ySvc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/8b1fac-5a21-4848-a66a-10bb4579d528/1/rpGoMC57RY0YjmfH1FwvaIPjYaY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/8b1fac-5a21-4848-a66a-10bb4579d528/1/CnMngF3yD7XB1vTokHR0PK6ySvc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.162.234.0/24
193.43.251.0/24
Signature Algorithm: sha256WithRSAEncryption
6e:6f:94:64:d1:0b:c7:e7:ce:b0:b0:22:2d:3b:78:c8:b9:89:
d8:19:0b:73:20:ad:4e:e2:9a:f3:7f:a5:1c:bb:22:d3:89:66:
11:0b:11:57:16:02:13:9c:85:8e:d9:aa:51:c9:0e:4e:16:7e:
72:d5:d0:8c:d0:96:75:44:8c:20:b2:78:a5:c5:ab:3a:c5:12:
03:a3:66:60:74:bf:7f:7c:7a:19:40:63:6d:b3:f9:4c:4e:ba:
34:38:9f:df:5f:42:02:55:e4:6e:79:b5:06:a0:20:2a:8e:81:
b7:94:dc:87:9a:ee:91:82:c2:3f:63:af:92:03:8a:02:06:11:
11:ed:63:e3:4c:43:ec:9e:7e:29:9a:f4:13:a4:36:91:d0:5c:
eb:f6:53:67:cf:77:df:2f:79:5a:cf:04:5f:65:bd:93:e6:cf:
64:95:61:c8:e3:51:25:c1:81:5f:6d:43:7a:2e:fc:48:d9:0a:
58:80:bc:5f:d0:cc:6c:d1:c9:2b:d2:cd:8b:5e:38:df:8e:8c:
87:7f:6a:2e:a6:71:f7:41:14:db:12:68:3b:4e:1a:88:f7:2a:
6e:eb:1b:20:bd:ce:21:46:84:d2:f7:36:21:a7:86:ac:32:3a:
be:35:d5:8c:6d:5a:f0:df:37:5d:8c:db:b8:84:93:a7:25:ee:
1e:43:e5:f6
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVvHbdaP3x+UuSmRBYvOqIqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBhNzMyNzgwNWRmMjBmYjVjMWQ2ZjRlODkwNzQ3NDNjYWVi
MjRhZjcwHhcNMjMwMTAxMjA1NDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZTkxYTgzMDJlN2I0NThkMTg4ZTY3YzdkNDVjMmY2ODgzZTM2MWE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnxGdMnHNhxe1Y/uVJAEPrcYEZ8Ku
QkK2ZZAlIburf1WQkYGwk90ez5JUUWSgjNZRUp55BgPZLcCz7h//tJ3jBmVWZ064
RRuteRK0csU4OcfBSS5wGDUEvqpoL2mMt6fiTUja9HR94DFkG8paYAZrn2LbWi4j
Nx7mFyKvumzYXA42bGyyJ8RwpxHKJH/DvngE90aI7iImVxsPDR9SQ1sSHLb2XwCb
ubuOc8qJaSDy0yMAXWuBmWEFrsyi4QkkIIUoYvIUOREunQZhZMXRnBW7yL61p9sE
fIRa4InY/111iPGZgMoKxcoi+pI/2gz0LqJsFWI9lcCZbIWofRDgNSnkHwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFK6RqDAue0WNGI5nx9RcL2iD42GmMB8GA1UdIwQY
MBaAFApzJ4Bd8g+1wdb06JB0dDyuskr3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ25NbmdGM3lEN1hCMXZUb2tIUjBQSzZ5U3ZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80YS84YjFmYWMtNWEyMS00ODQ4LWE2NmEt
MTBiYjQ1NzlkNTI4LzEvcnBHb01DNTdSWTBZam1mSDFGd3ZhSVBqWWFZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80YS84YjFmYWMtNWEyMS00ODQ4LWE2NmEtMTBiYjQ1NzlkNTI4
LzEvQ25NbmdGM3lEN1hCMXZUb2tIUjBQSzZ5U3ZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAuaLqAwQA
wSv7MA0GCSqGSIb3DQEBCwUAA4IBAQBub5Rk0QvH586wsCItO3jIuYnYGQtzIK1O
4przf6UcuyLTiWYRCxFXFgITnIWO2apRyQ5OFn5y1dCM0JZ1RIwgsnilxas6xRID
o2ZgdL9/fHoZQGNts/lMTro0OJ/fX0ICVeRuebUGoCAqjoG3lNyHmu6RgsI/Y6+S
A4oCBhER7WPjTEPsnn4pmvQTpDaR0Fzr9lNnz3ffL3lazwRfZb2T5s9klWHI41El
wYFfbUN6LvxI2QpYgLxf0Mxs0ckr0s2LXjjfjoyHf2oupnH3QRTbEmg7ThqI9ypu
6xsgvc4hRoTS9zYhp4asMjq+NdWMbVrw3zddjNu4hJOnJe4eQ+X2
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:38:06 2025 by rpki-client