Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/ea27f3-db74-4963-a18c-035281289bb0/1/1-GPY7lF28_Bd1_HKjU-CetJIsg8.roa
File: 1-GPY7lF28_Bd1_HKjU-CetJIsg8.roa (raw, json)
Hash identifier: YOPsOle8EAmTExm61U+5856hkb1263x1NZ73KNCCTEo=
Subject key identifier: F8:63:D8:EE:51:76:F3:F0:5D:D7:F1:CA:8D:4F:82:7A:D2:48:B2:0F
Certificate issuer: /CN=597487472d37cbd726181f9f3a20386f039b3ba8
Certificate serial: 047BE98D
Authority key identifier: 59:74:87:47:2D:37:CB:D7:26:18:1F:9F:3A:20:38:6F:03:9B:3B:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WXSHRy03y9cmGB-fOiA4bwObO6g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/ea27f3-db74-4963-a18c-035281289bb0/1/1-GPY7lF28_Bd1_HKjU-CetJIsg8.roa
Signing time: Fri 14 Jan 2022 13:20:55 +0000
ROA not before: Fri 14 Jan 2022 13:20:55 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 41998
IP address blocks: 194.76.4.0/24 maxlen: 24
194.76.3.0/24 maxlen: 24
194.76.2.0/24 maxlen: 24
194.76.7.0/24 maxlen: 24
194.76.6.0/24 maxlen: 24
194.76.5.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 75229581 (0x47be98d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=597487472d37cbd726181f9f3a20386f039b3ba8
Validity
Not Before: Jan 14 13:20:55 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=f863d8ee5176f3f05dd7f1ca8d4f827ad248b20f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ec:70:71:d8:5d:f7:ce:ad:4c:90:65:89:13:5b:
4b:38:fe:f2:cb:19:1d:c3:c7:12:f1:0c:ae:98:be:
8a:d4:83:c3:df:b0:af:c1:47:fe:8b:d3:3d:f4:b1:
06:63:43:fa:bc:64:ad:76:65:83:19:c9:e8:97:d7:
e5:d3:97:26:4f:f8:bd:ba:5d:cf:be:8d:f1:59:d8:
99:53:61:81:95:99:61:f2:c5:77:1a:8d:f3:a8:42:
26:1f:f9:18:85:7c:e8:30:fd:04:bc:29:18:31:93:
a2:9d:ad:5e:3c:3f:72:9f:71:f1:61:b6:77:0e:16:
cc:b7:da:d3:4b:80:5d:0b:39:1e:0d:53:cd:5a:11:
e6:7e:f8:32:4e:13:c1:8f:3f:71:a1:19:77:41:b6:
a6:1f:d7:c3:05:9a:51:86:7c:94:14:8c:36:f5:46:
ef:97:96:ff:10:2e:e9:87:5a:db:95:bb:81:a8:0c:
6c:58:dd:3a:1d:85:5d:ef:dd:23:c3:da:16:75:8a:
a8:6e:28:17:c3:f1:74:6f:b8:4d:8b:32:24:b5:ed:
96:43:e2:68:09:3d:fc:42:d1:e8:ae:74:3a:12:5c:
34:b3:ed:c6:1d:74:b9:88:40:89:a4:c1:95:67:98:
d6:84:3c:a4:31:db:53:12:be:f5:17:62:93:ca:3d:
eb:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F8:63:D8:EE:51:76:F3:F0:5D:D7:F1:CA:8D:4F:82:7A:D2:48:B2:0F
X509v3 Authority Key Identifier:
keyid:59:74:87:47:2D:37:CB:D7:26:18:1F:9F:3A:20:38:6F:03:9B:3B:A8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WXSHRy03y9cmGB-fOiA4bwObO6g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/ea27f3-db74-4963-a18c-035281289bb0/1/1-GPY7lF28_Bd1_HKjU-CetJIsg8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/ea27f3-db74-4963-a18c-035281289bb0/1/WXSHRy03y9cmGB-fOiA4bwObO6g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.76.2.0-194.76.7.255
Signature Algorithm: sha256WithRSAEncryption
6e:c5:6c:cf:7a:4d:f8:3c:6a:11:c1:2d:9c:4d:3c:b3:be:ce:
42:bf:71:9a:35:1b:4b:92:41:d6:6d:e3:23:66:8a:0c:5d:15:
fb:0b:55:c7:dc:32:e4:f6:c7:23:53:02:1b:a7:f2:f5:c0:8a:
31:86:2d:51:ce:1d:0a:2c:f4:9b:c1:2a:8e:a8:b3:4d:8c:29:
32:08:7f:d9:d2:eb:0a:d0:16:13:c8:ca:ea:21:fe:6b:99:b0:
41:e8:3e:a9:f3:99:6b:b9:e3:a3:f4:71:1a:3d:8f:0e:27:0d:
60:18:6e:3f:04:7a:31:9a:cb:10:2b:95:97:38:40:cc:e0:2f:
4e:3a:78:f6:9d:81:70:c4:41:67:76:fb:c8:6e:3a:e6:76:de:
5d:2a:5e:6a:4d:2c:e8:b3:09:14:1f:33:e0:6a:29:f5:51:53:
bc:71:08:18:de:2c:a1:af:ad:05:37:22:20:3d:3e:07:47:ec:
9f:e8:50:b5:de:1a:0c:f7:2a:a2:c2:a4:a6:87:e8:8d:dd:c1:
45:0b:5b:7f:41:d6:20:d0:7d:ad:a2:5e:f9:25:76:e3:35:ee:
0d:48:d9:b3:42:2c:e8:9a:3c:f9:67:67:bd:64:03:3e:f1:9e:
87:a3:0a:7b:32:23:1d:e2:2c:17:7b:1f:e2:75:77:58:e8:88:
57:4d:e7:56
-----BEGIN CERTIFICATE-----
MIIE+DCCA+CgAwIBAgIEBHvpjTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg1
OTc0ODc0NzJkMzdjYmQ3MjYxODFmOWYzYTIwMzg2ZjAzOWIzYmE4MB4XDTIyMDEx
NDEzMjA1NVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZjg2M2Q4ZWU1MTc2
ZjNmMDVkZDdmMWNhOGQ0ZjgyN2FkMjQ4YjIwZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOxwcdhd986tTJBliRNbSzj+8ssZHcPHEvEMrpi+itSDw9+w
r8FH/ovTPfSxBmND+rxkrXZlgxnJ6JfX5dOXJk/4vbpdz76N8VnYmVNhgZWZYfLF
dxqN86hCJh/5GIV86DD9BLwpGDGTop2tXjw/cp9x8WG2dw4WzLfa00uAXQs5Hg1T
zVoR5n74Mk4TwY8/caEZd0G2ph/XwwWaUYZ8lBSMNvVG75eW/xAu6Yda25W7gagM
bFjdOh2FXe/dI8PaFnWKqG4oF8PxdG+4TYsyJLXtlkPiaAk9/ELR6K50OhJcNLPt
xh10uYhAiaTBlWeY1oQ8pDHbUxK+9Rdik8o967kCAwEAAaOCAhIwggIOMB0GA1Ud
DgQWBBT4Y9juUXbz8F3X8cqNT4J60kiyDzAfBgNVHSMEGDAWgBRZdIdHLTfL1yYY
H586IDhvA5s7qDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1dYU0hSeTAzeTljbUdCLWZPaUE0YndPYk82Zy5jZXIwgY4GCCsGAQUFBwELBIGB
MH8wfQYIKwYBBQUHMAuGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNTgvZWEyN2YzLWRiNzQtNDk2My1hMThjLTAzNTI4MTI4OWJiMC8x
LzEtR1BZN2xGMjhfQmQxX0hLalUtQ2V0SklzZzgucm9hMIGBBgNVHR8EejB4MHag
dKByhnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzU4
L2VhMjdmMy1kYjc0LTQ5NjMtYTE4Yy0wMzUyODEyODliYjAvMS9XWFNIUnkwM3k5
Y21HQi1mT2lBNGJ3T2JPNmcuY3JsMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIw
JwYIKwYBBQUHAQcBAf8EGDAWMBQEAgABMA4wDAMEAcJMAgMEA8JMADANBgkqhkiG
9w0BAQsFAAOCAQEAbsVsz3pN+DxqEcEtnE08s77OQr9xmjUbS5JB1m3jI2aKDF0V
+wtVx9wy5PbHI1MCG6fy9cCKMYYtUc4dCiz0m8EqjqizTYwpMgh/2dLrCtAWE8jK
6iH+a5mwQeg+qfOZa7njo/RxGj2PDicNYBhuPwR6MZrLECuVlzhAzOAvTjp49p2B
cMRBZ3b7yG465nbeXSpeak0s6LMJFB8z4Gop9VFTvHEIGN4soa+tBTciID0+B0fs
n+hQtd4aDPcqosKkpofojd3BRQtbf0HWINB9raJe+SV24zXuDUjZs0Is6Jo8+Wdn
vWQDPvGeh6MKezIjHeIsF3sf4nV3WOiIV03nVg==
-----END CERTIFICATE-----
Generated at Sat Apr 12 18:51:59 2025 by rpki-client