Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4b/a78979-dd24-4be7-8194-1fc19ea73a2a/1/gCHUBTkSan-OUh0cDryhYBsCAGw.roa
File: gCHUBTkSan-OUh0cDryhYBsCAGw.roa (raw, json)
Hash identifier: HY+t8N4Kg4Rid8GPcAQYJXo169TNKfeUjZ4T8Rb73A0=
Subject key identifier: 80:21:D4:05:39:12:6A:7F:8E:52:1D:1C:0E:BC:A1:60:1B:02:00:6C
Certificate issuer: /CN=93e8f4ed5dd06301c423988e786dabf51c5f5674
Certificate serial: 0183C1909351EF8C12188B3346F6A869E74C
Authority key identifier: 93:E8:F4:ED:5D:D0:63:01:C4:23:98:8E:78:6D:AB:F5:1C:5F:56:74
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/k-j07V3QYwHEI5iOeG2r9RxfVnQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4b/a78979-dd24-4be7-8194-1fc19ea73a2a/1/gCHUBTkSan-OUh0cDryhYBsCAGw.roa
Signing time: Mon 10 Oct 2022 11:03:40 +0000
ROA not before: Mon 10 Oct 2022 11:03:40 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 39344
IP address blocks: 91.205.196.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:c1:90:93:51:ef:8c:12:18:8b:33:46:f6:a8:69:e7:4c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=93e8f4ed5dd06301c423988e786dabf51c5f5674
Validity
Not Before: Oct 10 11:03:40 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=8021d40539126a7f8e521d1c0ebca1601b02006c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:a3:ac:1a:cb:eb:40:9b:ae:d9:38:68:f4:ad:
12:f3:3f:ae:06:88:08:5f:eb:bd:7a:69:0a:49:dc:
ed:af:8e:33:99:77:42:27:b0:9e:cd:de:fe:02:a7:
93:93:c7:d8:2d:17:4b:c6:19:11:91:b9:3b:8e:9b:
83:20:e5:f3:d2:7d:72:15:c4:2e:14:c7:68:3f:5e:
5b:e3:e4:cc:6f:2d:23:e0:0c:ac:ac:63:f1:50:d2:
9a:70:9d:0c:9d:a7:3e:2d:f2:60:8d:b0:fc:aa:fd:
f5:40:26:cb:74:1a:2e:56:f2:f0:f0:8b:3d:6b:eb:
8d:21:c2:ef:86:3d:8e:f5:aa:30:52:24:64:5a:4e:
32:7e:87:45:33:83:9b:cb:14:0f:25:b7:80:3d:fb:
cb:82:77:0f:fb:6a:9f:b2:75:27:8b:a5:4c:81:26:
b3:05:08:2b:76:13:0b:8a:1d:2a:e3:a3:8f:7a:9d:
ce:74:6e:2f:8e:19:ec:ed:aa:54:b8:f7:d5:d6:a4:
a6:60:d6:dd:90:f2:e5:59:43:8f:dd:b9:60:eb:1c:
11:d7:8a:83:9e:6b:3a:21:aa:e3:f1:95:93:da:0f:
5e:96:11:41:0f:a3:aa:c6:c0:eb:75:28:73:44:2e:
90:78:9e:39:5e:d3:46:98:fa:d8:7c:4a:21:d8:50:
2d:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
80:21:D4:05:39:12:6A:7F:8E:52:1D:1C:0E:BC:A1:60:1B:02:00:6C
X509v3 Authority Key Identifier:
keyid:93:E8:F4:ED:5D:D0:63:01:C4:23:98:8E:78:6D:AB:F5:1C:5F:56:74
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/k-j07V3QYwHEI5iOeG2r9RxfVnQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/a78979-dd24-4be7-8194-1fc19ea73a2a/1/gCHUBTkSan-OUh0cDryhYBsCAGw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/a78979-dd24-4be7-8194-1fc19ea73a2a/1/k-j07V3QYwHEI5iOeG2r9RxfVnQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.205.196.0/23
Signature Algorithm: sha256WithRSAEncryption
ab:7e:ab:49:21:09:cb:08:c2:46:ed:e2:94:96:4a:21:e5:f0:
f6:b2:0c:4b:3f:b5:3d:6a:54:94:3e:0a:14:74:d1:a4:03:7b:
fc:ac:39:e0:fa:02:44:f2:4f:d5:cd:16:f3:d2:b5:83:24:d3:
6f:fb:2c:9f:8d:49:b3:79:b1:68:8b:d7:f4:d3:f3:f1:18:f3:
63:da:11:76:50:77:74:0d:71:b6:43:68:2f:3a:4d:64:50:05:
85:bf:5e:80:4e:cb:9d:1e:0a:39:ec:85:e7:6e:9c:8c:cc:24:
f4:78:45:82:66:27:58:c8:97:87:b8:3c:0b:63:5c:7f:45:d4:
9c:68:73:6e:d4:17:71:e1:c3:e2:21:38:92:8e:53:56:ea:58:
e1:ed:b8:4a:95:ea:7c:43:21:37:84:dd:bb:ac:11:e1:23:e6:
16:3b:f8:6e:de:be:fb:b3:f4:43:83:51:03:1d:1b:f7:59:11:
88:c9:da:cf:f1:8a:6e:ef:cc:7d:9c:6c:f0:16:91:04:93:3c:
49:58:6e:10:9a:42:36:54:9b:64:07:46:05:51:9d:c1:18:a8:
3f:28:7d:e1:b6:1d:6b:4d:93:c0:12:9d:e3:06:27:e5:df:45:
65:aa:53:84:78:65:04:b5:18:a8:9e:03:8b:aa:a3:bb:a2:24:
73:f9:35:b2
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYPBkJNR74wSGIszRvaoaedMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkzZThmNGVkNWRkMDYzMDFjNDIzOTg4ZTc4NmRhYmY1MWM1
ZjU2NzQwHhcNMjIxMDEwMTEwMzQwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MDIxZDQwNTM5MTI2YTdmOGU1MjFkMWMwZWJjYTE2MDFiMDIwMDZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApqOsGsvrQJuu2Tho9K0S8z+uBogI
X+u9emkKSdztr44zmXdCJ7Cezd7+AqeTk8fYLRdLxhkRkbk7jpuDIOXz0n1yFcQu
FMdoP15b4+TMby0j4AysrGPxUNKacJ0Mnac+LfJgjbD8qv31QCbLdBouVvLw8Is9
a+uNIcLvhj2O9aowUiRkWk4yfodFM4ObyxQPJbeAPfvLgncP+2qfsnUni6VMgSaz
BQgrdhMLih0q46OPep3OdG4vjhns7apUuPfV1qSmYNbdkPLlWUOP3blg6xwR14qD
nms6Iarj8ZWT2g9elhFBD6OqxsDrdShzRC6QeJ45XtNGmPrYfEoh2FAt5QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIAh1AU5Emp/jlIdHA68oWAbAgBsMB8GA1UdIwQY
MBaAFJPo9O1d0GMBxCOYjnhtq/UcX1Z0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvay1qMDdWM1FZd0hFSTVpT2VHMnI5UnhmVm5RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yi9hNzg5NzktZGQyNC00YmU3LTgxOTQt
MWZjMTllYTczYTJhLzEvZ0NIVUJUa1Nhbi1PVWgwY0RyeWhZQnNDQUd3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yi9hNzg5NzktZGQyNC00YmU3LTgxOTQtMWZjMTllYTczYTJh
LzEvay1qMDdWM1FZd0hFSTVpT2VHMnI5UnhmVm5RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBW83EMA0G
CSqGSIb3DQEBCwUAA4IBAQCrfqtJIQnLCMJG7eKUlkoh5fD2sgxLP7U9alSUPgoU
dNGkA3v8rDng+gJE8k/VzRbz0rWDJNNv+yyfjUmzebFoi9f00/PxGPNj2hF2UHd0
DXG2Q2gvOk1kUAWFv16ATsudHgo57IXnbpyMzCT0eEWCZidYyJeHuDwLY1x/RdSc
aHNu1Bdx4cPiITiSjlNW6ljh7bhKlep8QyE3hN27rBHhI+YWO/hu3r77s/RDg1ED
HRv3WRGIydrP8Ypu78x9nGzwFpEEkzxJWG4QmkI2VJtkB0YFUZ3BGKg/KH3hth1r
TZPAEp3jBifl30VlqlOEeGUEtRiongOLqqO7oiRz+TWy
-----END CERTIFICATE-----
Generated at Thu Apr 17 07:09:16 2025 by rpki-client