Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5d/59294c-0f24-40c5-b5c3-6eac62e60df7/1/gxpoX0yxO-l8cA2BBZFNdwMcUN8.roa
File: gxpoX0yxO-l8cA2BBZFNdwMcUN8.roa (raw, json)
Hash identifier: LR5v/4A/iyDVwHBiAHm0rtfG6SExhmW0Hnuxz3KeU8I=
Subject key identifier: 83:1A:68:5F:4C:B1:3B:E9:7C:70:0D:81:05:91:4D:77:03:1C:50:DF
Certificate issuer: /CN=21021b252222997bfe33b7e4b315ac8d5e067954
Certificate serial: 018ACBD6AD4632FC83633403CECF1B3A5335
Authority key identifier: 21:02:1B:25:22:22:99:7B:FE:33:B7:E4:B3:15:AC:8D:5E:06:79:54
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IQIbJSIimXv-M7fksxWsjV4GeVQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5d/59294c-0f24-40c5-b5c3-6eac62e60df7/1/gxpoX0yxO-l8cA2BBZFNdwMcUN8.roa
Signing time: Mon 25 Sep 2023 10:15:58 +0000
ROA not before: Mon 25 Sep 2023 10:15:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 209709
IP address blocks: 185.210.204.0/22 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:cb:d6:ad:46:32:fc:83:63:34:03:ce:cf:1b:3a:53:35
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=21021b252222997bfe33b7e4b315ac8d5e067954
Validity
Not Before: Sep 25 10:15:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=831a685f4cb13be97c700d8105914d77031c50df
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:51:44:1c:53:b3:8e:b4:4a:22:fe:08:1a:da:
63:db:5b:bf:6e:f8:3c:75:15:96:59:b1:43:dd:9d:
ca:30:e0:e2:31:99:55:7d:6f:66:45:14:b5:56:66:
15:21:1a:9a:8a:51:cf:5c:1f:d7:37:b9:ec:fc:0f:
3b:37:e1:6a:42:13:10:a3:1f:8e:c3:d2:12:3a:9a:
45:e0:b2:06:12:c8:dc:3e:e2:42:32:54:f7:d7:a5:
5f:08:75:c8:42:20:79:1a:14:f1:98:ae:98:bc:9a:
62:43:f9:d0:64:cf:1c:49:81:b7:47:4f:39:9b:40:
7d:01:e2:00:75:24:f7:bf:4d:80:a1:3b:b7:5b:7d:
98:23:18:0e:28:e9:48:d6:24:f5:5f:5e:4e:e7:07:
29:94:6a:d8:7c:e2:9a:d0:ce:2a:8f:9f:78:9d:fe:
b6:47:c5:41:43:7d:ae:8f:c6:f1:a8:17:d4:47:cc:
05:d0:4a:f7:9a:27:46:33:6a:2a:fa:f8:e0:39:6b:
0d:4b:62:b1:d9:65:25:52:c1:ba:4a:32:14:cc:e1:
3c:55:80:e8:5a:fb:20:7a:5f:79:85:99:c5:f6:2b:
1a:a1:87:90:c5:95:64:a4:d3:d4:45:ec:b6:c3:1d:
90:47:66:1a:b0:85:64:9d:9a:67:47:c9:2c:aa:12:
2c:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
83:1A:68:5F:4C:B1:3B:E9:7C:70:0D:81:05:91:4D:77:03:1C:50:DF
X509v3 Authority Key Identifier:
keyid:21:02:1B:25:22:22:99:7B:FE:33:B7:E4:B3:15:AC:8D:5E:06:79:54
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IQIbJSIimXv-M7fksxWsjV4GeVQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/59294c-0f24-40c5-b5c3-6eac62e60df7/1/gxpoX0yxO-l8cA2BBZFNdwMcUN8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/59294c-0f24-40c5-b5c3-6eac62e60df7/1/IQIbJSIimXv-M7fksxWsjV4GeVQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.210.204.0/22
Signature Algorithm: sha256WithRSAEncryption
3b:83:4f:ae:bb:0a:c7:bd:45:00:8f:58:89:30:1d:84:94:a5:
00:4e:0c:f4:a8:8d:e0:10:5e:eb:ad:5c:bc:7c:0d:80:fa:86:
34:c5:6d:ce:3e:67:37:89:07:3f:c9:5b:d4:fd:4b:8e:22:a7:
17:71:f2:fd:9b:8a:6c:a8:3f:1b:38:fe:d8:3e:1c:fa:cd:5a:
bb:2c:c8:ad:4a:98:3e:b1:ba:03:02:71:ab:2f:4d:b9:63:be:
f7:4b:f9:99:e6:ee:74:9e:59:d2:d4:e7:19:20:e7:e0:24:36:
76:bf:b0:59:39:1a:80:c3:02:d5:b8:70:76:08:3c:6e:3e:09:
2a:e6:3c:bf:fc:47:d2:37:79:e7:dc:66:fb:c5:57:59:70:e4:
ad:4b:28:0f:c3:ee:0e:8a:f3:f5:67:f5:07:a1:8c:e3:f2:fa:
17:f8:65:23:40:03:d4:d2:75:02:14:f6:c2:19:8c:39:c5:90:
d7:f8:db:3f:aa:f4:8b:2f:64:0c:01:78:40:45:0a:9c:0b:5f:
ce:c6:7b:83:b5:6b:12:35:6d:07:5b:72:92:9b:03:57:6c:3d:
9b:a1:66:6d:7f:71:f7:4e:3d:88:10:ff:85:ab:85:78:e3:2f:
dc:5e:03:25:e2:0c:1f:56:1e:d6:85:f4:e6:0e:ad:a2:5a:3f:
68:82:e7:0d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYrL1q1GMvyDYzQDzs8bOlM1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxMDIxYjI1MjIyMjk5N2JmZTMzYjdlNGIzMTVhYzhkNWUw
Njc5NTQwHhcNMjMwOTI1MTAxNTU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MzFhNjg1ZjRjYjEzYmU5N2M3MDBkODEwNTkxNGQ3NzAzMWM1MGRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkFFEHFOzjrRKIv4IGtpj21u/bvg8
dRWWWbFD3Z3KMODiMZlVfW9mRRS1VmYVIRqailHPXB/XN7ns/A87N+FqQhMQox+O
w9ISOppF4LIGEsjcPuJCMlT316VfCHXIQiB5GhTxmK6YvJpiQ/nQZM8cSYG3R085
m0B9AeIAdST3v02AoTu3W32YIxgOKOlI1iT1X15O5wcplGrYfOKa0M4qj594nf62
R8VBQ32uj8bxqBfUR8wF0Er3midGM2oq+vjgOWsNS2Kx2WUlUsG6SjIUzOE8VYDo
Wvsgel95hZnF9isaoYeQxZVkpNPURey2wx2QR2YasIVknZpnR8ksqhIscwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIMaaF9MsTvpfHANgQWRTXcDHFDfMB8GA1UdIwQY
MBaAFCECGyUiIpl7/jO35LMVrI1eBnlUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVFJYkpTSWltWHYtTTdma3N4V3NqVjRHZVZRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZC81OTI5NGMtMGYyNC00MGM1LWI1YzMt
NmVhYzYyZTYwZGY3LzEvZ3hwb1gweXhPLWw4Y0EyQkJaRk5kd01jVU44LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZC81OTI5NGMtMGYyNC00MGM1LWI1YzMtNmVhYzYyZTYwZGY3
LzEvSVFJYkpTSWltWHYtTTdma3N4V3NqVjRHZVZRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCudLMMA0G
CSqGSIb3DQEBCwUAA4IBAQA7g0+uuwrHvUUAj1iJMB2ElKUATgz0qI3gEF7rrVy8
fA2A+oY0xW3OPmc3iQc/yVvU/UuOIqcXcfL9m4psqD8bOP7YPhz6zVq7LMitSpg+
sboDAnGrL025Y773S/mZ5u50nlnS1OcZIOfgJDZ2v7BZORqAwwLVuHB2CDxuPgkq
5jy//EfSN3nn3Gb7xVdZcOStSygPw+4OivP1Z/UHoYzj8voX+GUjQAPU0nUCFPbC
GYw5xZDX+Ns/qvSLL2QMAXhARQqcC1/OxnuDtWsSNW0HW3KSmwNXbD2boWZtf3H3
Tj2IEP+Fq4V44y/cXgMl4gwfVh7WhfTmDq2iWj9ogucN
-----END CERTIFICATE-----
Generated at Thu Apr 17 20:07:50 2025 by rpki-client