Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/60/042a5d-ae0d-41c0-a2e8-f7c0c2f8a3c1/1/gVfcGDHIksrwkLH1xc3VqDl4Xyo.roa
File: gVfcGDHIksrwkLH1xc3VqDl4Xyo.roa (raw, json)
Hash identifier: IY/Ze0eiO0os4aq9bb99FGixwxsyGltvINcDB2R8tSA=
Subject key identifier: 81:57:DC:18:31:C8:92:CA:F0:90:B1:F5:C5:CD:D5:A8:39:78:5F:2A
Certificate issuer: /CN=7a06e30accdb17a255473bb6c224f1fc15458e8b
Certificate serial: 01856F66CEBB10639C055C67E8B2809867DB
Authority key identifier: 7A:06:E3:0A:CC:DB:17:A2:55:47:3B:B6:C2:24:F1:FC:15:45:8E:8B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/egbjCszbF6JVRzu2wiTx_BVFjos.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/60/042a5d-ae0d-41c0-a2e8-f7c0c2f8a3c1/1/gVfcGDHIksrwkLH1xc3VqDl4Xyo.roa
Signing time: Sun 01 Jan 2023 22:14:46 +0000
ROA not before: Sun 01 Jan 2023 22:14:46 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 62537
IP address blocks: 185.94.26.0/23 maxlen: 23
185.94.24.0/23 maxlen: 23
185.94.24.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:66:ce:bb:10:63:9c:05:5c:67:e8:b2:80:98:67:db
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7a06e30accdb17a255473bb6c224f1fc15458e8b
Validity
Not Before: Jan 1 22:14:46 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8157dc1831c892caf090b1f5c5cdd5a839785f2a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:5f:64:b4:3b:2f:f6:e1:2b:32:c8:90:23:71:
50:a9:8f:0e:25:8f:e1:9c:4c:1f:51:68:27:3f:26:
bc:68:41:c1:bd:1d:f9:8d:4f:16:67:85:ce:70:47:
04:23:a7:d1:3c:a7:70:72:0d:90:ea:f4:47:d1:50:
cf:6e:ab:a4:76:7c:84:1f:1d:28:42:23:56:2d:7a:
88:78:e7:a0:a3:4f:b9:14:9e:bb:02:16:40:50:50:
8e:6a:4a:6f:a3:68:9d:6d:ba:36:e4:a3:dc:d4:d9:
9c:14:4b:2a:17:d7:77:47:de:35:c7:c8:12:2c:ec:
48:60:f2:81:a2:e8:e5:54:53:12:44:12:32:77:57:
4d:9f:f5:14:99:12:11:62:bf:3a:78:9f:a0:22:1b:
ff:7c:ff:c6:40:9a:c2:00:c3:b2:65:55:16:7a:99:
7d:0e:eb:a2:19:a8:70:4a:2e:50:fd:94:98:83:1e:
f3:13:85:dc:49:83:38:2b:5a:6d:15:9f:f3:c4:d2:
8f:c8:89:f6:6a:2e:6c:a6:c1:e7:42:ba:7a:8f:d3:
6a:1e:4f:44:84:0c:11:9f:78:a0:7d:78:dc:24:6e:
7c:b4:ea:fe:8b:26:41:67:60:7c:96:65:2f:cb:f0:
cd:e7:49:38:3d:96:8e:f4:fa:62:23:a4:f9:68:46:
a9:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
81:57:DC:18:31:C8:92:CA:F0:90:B1:F5:C5:CD:D5:A8:39:78:5F:2A
X509v3 Authority Key Identifier:
keyid:7A:06:E3:0A:CC:DB:17:A2:55:47:3B:B6:C2:24:F1:FC:15:45:8E:8B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/egbjCszbF6JVRzu2wiTx_BVFjos.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/60/042a5d-ae0d-41c0-a2e8-f7c0c2f8a3c1/1/gVfcGDHIksrwkLH1xc3VqDl4Xyo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/60/042a5d-ae0d-41c0-a2e8-f7c0c2f8a3c1/1/egbjCszbF6JVRzu2wiTx_BVFjos.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.94.24.0/22
Signature Algorithm: sha256WithRSAEncryption
58:bb:a9:19:1e:31:91:bb:4f:e8:86:c7:2c:ac:2a:0b:cd:bb:
50:3c:bc:42:95:93:60:c2:03:ac:0d:7b:29:e7:f2:30:5a:ac:
27:9e:e1:63:d0:1e:8b:b1:a7:09:a0:3e:6e:0b:ef:89:e2:1b:
f0:97:c4:3a:dc:45:35:0a:a0:7b:f2:40:cb:0f:17:7d:77:66:
27:69:12:94:6b:ea:40:31:55:d6:c5:70:e1:7b:59:41:97:0b:
75:6b:c0:f0:cc:95:c4:97:c5:0d:9c:8d:54:f7:9d:34:9d:bf:
13:a5:24:6f:16:e1:21:56:47:15:4a:53:c9:5c:5c:51:b5:50:
84:66:79:9b:cb:27:06:f3:02:65:47:1a:ad:30:e5:a3:92:e5:
92:ed:73:5a:69:66:b0:ed:e8:82:c9:6d:1c:bb:b4:e0:46:21:
1c:fa:64:d9:83:e3:4f:eb:b8:d5:af:63:e2:92:a7:c4:8e:0e:
b5:ba:bc:68:14:de:26:2a:fa:37:f2:a5:d2:e4:58:25:9f:16:
a9:f7:0b:b2:27:c6:a1:cb:9d:d8:ed:fc:80:61:34:b0:31:6c:
a7:61:3d:84:f8:79:5c:ba:32:44:4d:00:04:24:05:0e:9a:37:
fd:fb:3a:2f:f2:13:6f:6b:05:0c:4d:2b:a2:14:86:3d:f8:7b:
2f:3a:54:3d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvZs67EGOcBVxn6LKAmGfbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdhMDZlMzBhY2NkYjE3YTI1NTQ3M2JiNmMyMjRmMWZjMTU0
NThlOGIwHhcNMjMwMTAxMjIxNDQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MTU3ZGMxODMxYzg5MmNhZjA5MGIxZjVjNWNkZDVhODM5Nzg1ZjJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj19ktDsv9uErMsiQI3FQqY8OJY/h
nEwfUWgnPya8aEHBvR35jU8WZ4XOcEcEI6fRPKdwcg2Q6vRH0VDPbqukdnyEHx0o
QiNWLXqIeOego0+5FJ67AhZAUFCOakpvo2idbbo25KPc1NmcFEsqF9d3R941x8gS
LOxIYPKBoujlVFMSRBIyd1dNn/UUmRIRYr86eJ+gIhv/fP/GQJrCAMOyZVUWepl9
DuuiGahwSi5Q/ZSYgx7zE4XcSYM4K1ptFZ/zxNKPyIn2ai5spsHnQrp6j9NqHk9E
hAwRn3igfXjcJG58tOr+iyZBZ2B8lmUvy/DN50k4PZaO9PpiI6T5aEap9wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIFX3BgxyJLK8JCx9cXN1ag5eF8qMB8GA1UdIwQY
MBaAFHoG4wrM2xeiVUc7tsIk8fwVRY6LMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZWdiakNzemJGNkpWUnp1MndpVHhfQlZGam9zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MC8wNDJhNWQtYWUwZC00MWMwLWEyZTgt
ZjdjMGMyZjhhM2MxLzEvZ1ZmY0dESElrc3J3a0xIMXhjM1ZxRGw0WHlvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MC8wNDJhNWQtYWUwZC00MWMwLWEyZTgtZjdjMGMyZjhhM2Mx
LzEvZWdiakNzemJGNkpWUnp1MndpVHhfQlZGam9zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuV4YMA0G
CSqGSIb3DQEBCwUAA4IBAQBYu6kZHjGRu0/ohscsrCoLzbtQPLxClZNgwgOsDXsp
5/IwWqwnnuFj0B6LsacJoD5uC++J4hvwl8Q63EU1CqB78kDLDxd9d2YnaRKUa+pA
MVXWxXDhe1lBlwt1a8DwzJXEl8UNnI1U9500nb8TpSRvFuEhVkcVSlPJXFxRtVCE
ZnmbyycG8wJlRxqtMOWjkuWS7XNaaWaw7eiCyW0cu7TgRiEc+mTZg+NP67jVr2Pi
kqfEjg61urxoFN4mKvo38qXS5Fglnxap9wuyJ8ahy53Y7fyAYTSwMWynYT2E+Hlc
ujJETQAEJAUOmjf9+zov8hNvawUMTSuiFIY9+HsvOlQ9
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:42:56 2025 by rpki-client