Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4b/6444d1-5f00-4e50-8019-1b6f750cf9a2/1/gTNn32d_vhxo8RFxzXXT9pqraB4.roa
File: gTNn32d_vhxo8RFxzXXT9pqraB4.roa (raw, json)
Hash identifier: /pLutVoVwKGOOV0Zv4JyTCYhLB5n3XqmrX5ETD9zqH8=
Subject key identifier: 81:33:67:DF:67:7F:BE:1C:68:F1:11:71:CD:75:D3:F6:9A:AB:68:1E
Certificate issuer: /CN=a865bae25778beed8880c08df2d3f37fc37abc1e
Certificate serial: 018689BAA65F159B48F8EF500B8147A5A1E1
Authority key identifier: A8:65:BA:E2:57:78:BE:ED:88:80:C0:8D:F2:D3:F3:7F:C3:7A:BC:1E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qGW64ld4vu2IgMCN8tPzf8N6vB4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4b/6444d1-5f00-4e50-8019-1b6f750cf9a2/1/gTNn32d_vhxo8RFxzXXT9pqraB4.roa
Signing time: Sat 25 Feb 2023 17:59:16 +0000
ROA not before: Sat 25 Feb 2023 17:59:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 52180
IP address blocks: 185.126.253.0/24 maxlen: 24
212.79.123.0/24 maxlen: 24
212.79.124.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:89:ba:a6:5f:15:9b:48:f8:ef:50:0b:81:47:a5:a1:e1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a865bae25778beed8880c08df2d3f37fc37abc1e
Validity
Not Before: Feb 25 17:59:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=813367df677fbe1c68f11171cd75d3f69aab681e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:46:1b:6e:62:37:6a:b9:31:83:da:36:5c:9a:
a6:69:eb:51:67:ca:e3:4b:56:46:e2:89:f9:a9:b2:
09:49:93:b1:69:2c:3a:61:f7:ec:6f:9b:a1:fa:95:
ae:04:fb:5b:ae:fc:e0:ee:1f:d1:e4:ec:41:19:43:
79:f8:38:da:c1:89:bc:16:d5:7c:ce:bb:58:3f:2a:
f4:b2:ff:ec:5b:09:a4:b0:26:84:98:bf:ce:01:1e:
b0:f0:d0:94:59:22:00:31:3e:55:36:b7:02:9f:ff:
50:75:f9:ea:eb:a0:79:49:81:25:19:b9:9f:2f:f8:
9b:22:dd:b0:38:c2:8d:a1:7a:1b:76:0b:a7:72:a4:
e4:46:90:ee:05:ce:1d:9a:5e:08:13:9e:d9:27:26:
00:6c:48:d5:29:32:c1:3e:27:57:1f:cb:9d:12:8b:
52:c0:9a:c4:d6:c2:e4:9d:fb:fa:5b:18:00:b2:b2:
44:bb:c2:5b:7d:d0:a9:74:45:81:0b:60:4d:3c:f5:
8d:ea:0d:1b:bf:60:81:74:e0:6d:12:af:e5:50:bd:
7f:cf:02:72:9c:16:eb:b9:a6:04:51:ee:13:d3:93:
88:d6:07:a6:71:64:47:60:4a:3b:8b:98:81:b7:a4:
e4:c3:e0:a4:4e:09:0b:b4:26:a6:f1:14:db:fd:a3:
ee:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
81:33:67:DF:67:7F:BE:1C:68:F1:11:71:CD:75:D3:F6:9A:AB:68:1E
X509v3 Authority Key Identifier:
keyid:A8:65:BA:E2:57:78:BE:ED:88:80:C0:8D:F2:D3:F3:7F:C3:7A:BC:1E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qGW64ld4vu2IgMCN8tPzf8N6vB4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/6444d1-5f00-4e50-8019-1b6f750cf9a2/1/gTNn32d_vhxo8RFxzXXT9pqraB4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/6444d1-5f00-4e50-8019-1b6f750cf9a2/1/qGW64ld4vu2IgMCN8tPzf8N6vB4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.126.253.0/24
212.79.123.0-212.79.124.255
Signature Algorithm: sha256WithRSAEncryption
35:80:aa:71:63:02:b4:03:5d:e9:62:16:74:63:b4:dd:6d:b8:
94:2a:66:cd:6d:73:f9:fb:c9:d2:8e:af:10:a4:01:2e:1e:88:
65:02:f2:74:47:ce:97:52:b2:89:6b:77:cb:ec:ce:f4:5f:41:
58:1e:be:fe:9e:e4:77:7e:68:35:89:ca:04:bd:17:de:6e:32:
b3:8e:4e:52:7a:23:a6:27:65:86:15:02:66:0f:f0:f9:17:ea:
8f:eb:33:22:e7:77:0b:d7:93:14:bb:7f:d6:75:4b:c3:d8:cc:
d1:47:ad:06:c8:b8:28:d4:1b:a8:64:c6:ac:92:7a:e0:96:5c:
9f:3c:fb:2e:4b:27:10:93:8e:67:f5:8d:cd:ce:8c:fa:74:68:
dd:93:4e:d6:8a:88:30:ca:7a:c2:1a:db:79:9c:9f:cb:2f:b0:
18:73:ad:9e:e9:33:99:fa:1d:4b:69:db:8d:04:51:10:7d:ba:
7a:a4:ba:33:49:4e:78:48:52:cb:37:81:6a:3c:d6:e4:7e:8d:
3b:4a:c2:fd:d5:6e:51:83:24:27:96:4b:f6:98:14:6d:51:7e:
67:0e:63:44:f4:2e:44:40:33:b4:61:f2:64:e9:c6:a6:fe:a9:
17:83:25:c5:d0:dc:e3:cf:86:91:ab:f4:95:12:67:2b:5c:77:
1f:1a:74:dd
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYaJuqZfFZtI+O9QC4FHpaHhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE4NjViYWUyNTc3OGJlZWQ4ODgwYzA4ZGYyZDNmMzdmYzM3
YWJjMWUwHhcNMjMwMjI1MTc1OTE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MTMzNjdkZjY3N2ZiZTFjNjhmMTExNzFjZDc1ZDNmNjlhYWI2ODFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmEYbbmI3arkxg9o2XJqmaetRZ8rj
S1ZG4on5qbIJSZOxaSw6Yffsb5uh+pWuBPtbrvzg7h/R5OxBGUN5+DjawYm8FtV8
zrtYPyr0sv/sWwmksCaEmL/OAR6w8NCUWSIAMT5VNrcCn/9Qdfnq66B5SYElGbmf
L/ibIt2wOMKNoXobdguncqTkRpDuBc4dml4IE57ZJyYAbEjVKTLBPidXH8udEotS
wJrE1sLknfv6WxgAsrJEu8JbfdCpdEWBC2BNPPWN6g0bv2CBdOBtEq/lUL1/zwJy
nBbruaYEUe4T05OI1gemcWRHYEo7i5iBt6Tkw+CkTgkLtCam8RTb/aPuQwIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFIEzZ99nf74caPERcc110/aaq2geMB8GA1UdIwQY
MBaAFKhluuJXeL7tiIDAjfLT83/DerweMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcUdXNjRsZDR2dTJJZ01DTjh0UHpmOE42dkI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yi82NDQ0ZDEtNWYwMC00ZTUwLTgwMTkt
MWI2Zjc1MGNmOWEyLzEvZ1RObjMyZF92aHhvOFJGeHpYWFQ5cHFyYUI0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yi82NDQ0ZDEtNWYwMC00ZTUwLTgwMTktMWI2Zjc1MGNmOWEy
LzEvcUdXNjRsZDR2dTJJZ01DTjh0UHpmOE42dkI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUAwQAuX79MAwD
BADUT3sDBADUT3wwDQYJKoZIhvcNAQELBQADggEBADWAqnFjArQDXeliFnRjtN1t
uJQqZs1tc/n7ydKOrxCkAS4eiGUC8nRHzpdSsolrd8vszvRfQVgevv6e5Hd+aDWJ
ygS9F95uMrOOTlJ6I6YnZYYVAmYP8PkX6o/rMyLndwvXkxS7f9Z1S8PYzNFHrQbI
uCjUG6hkxqySeuCWXJ88+y5LJxCTjmf1jc3OjPp0aN2TTtaKiDDKesIa23mcn8sv
sBhzrZ7pM5n6HUtp240EURB9unqkujNJTnhIUss3gWo81uR+jTtKwv3VblGDJCeW
S/aYFG1RfmcOY0T0LkRAM7Rh8mTpxqb+qReDJcXQ3OPPhpGr9JUSZytcdx8adN0=
-----END CERTIFICATE-----
Generated at Tue Apr 8 00:27:29 2025 by rpki-client