Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/9dd8ae-4afc-44c1-9bd0-c532195eef49/1/GyEn7IzmI9PamzRvPZMDw9oVgvI.roa
File: GyEn7IzmI9PamzRvPZMDw9oVgvI.roa (raw, json)
Hash identifier: oTby4poqiMPF7iD3zoiFxqYpId7M7yXlWDG6kA8rCEE=
Subject key identifier: 1B:21:27:EC:8C:E6:23:D3:DA:9B:34:6F:3D:93:03:C3:DA:15:82:F2
Certificate issuer: /CN=b4a7d05482b84d3bb604f099bcaf9e7ed346889a
Certificate serial: 0185711E3F967BC176FEF80F8E811573C338
Authority key identifier: B4:A7:D0:54:82:B8:4D:3B:B6:04:F0:99:BC:AF:9E:7E:D3:46:88:9A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tKfQVIK4TTu2BPCZvK-eftNGiJo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/64/9dd8ae-4afc-44c1-9bd0-c532195eef49/1/GyEn7IzmI9PamzRvPZMDw9oVgvI.roa
Signing time: Mon 02 Jan 2023 06:14:45 +0000
ROA not before: Mon 02 Jan 2023 06:14:45 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 48629
IP address blocks: 185.86.161.0/24 maxlen: 24
185.86.160.0/24 maxlen: 24
185.86.163.0/24 maxlen: 24
185.86.162.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:1e:3f:96:7b:c1:76:fe:f8:0f:8e:81:15:73:c3:38
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4a7d05482b84d3bb604f099bcaf9e7ed346889a
Validity
Not Before: Jan 2 06:14:45 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1b2127ec8ce623d3da9b346f3d9303c3da1582f2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:b2:e1:2f:68:21:63:31:a8:50:86:20:bc:8d:
0f:1e:da:c0:f3:02:bd:a6:bf:85:de:55:c6:95:34:
be:2a:5d:8d:52:15:bb:17:30:c2:ba:3f:f6:63:ca:
1b:52:03:66:88:a3:18:9f:2c:6b:01:a7:12:fb:f0:
e7:81:35:5c:bf:d4:e1:fd:a0:ce:2f:98:c1:ff:ae:
75:75:44:a7:7c:27:ef:85:c7:e5:9c:56:16:97:a7:
09:82:c7:81:9f:49:11:0e:81:3b:58:01:cd:ec:72:
21:57:67:1e:27:91:c0:88:1b:60:3f:a3:60:d1:c2:
25:d7:d3:86:59:37:59:59:11:e7:b6:9f:74:e4:9d:
1f:c1:a4:da:75:cc:8f:09:a2:9b:ff:62:b2:23:da:
a6:c8:e8:3b:46:97:f8:9a:c0:4a:93:09:1e:d1:06:
bb:37:35:c1:b8:7d:de:5d:83:ff:6b:e8:b3:fd:e4:
44:5a:f3:5e:4f:ad:c6:04:0a:ee:bd:f9:35:76:2b:
61:29:a8:70:f0:90:ab:70:af:d0:8d:ce:b0:8a:90:
cb:49:87:2e:e9:96:01:32:4d:e4:d3:88:76:d6:13:
78:3b:b9:b3:e7:2d:27:0e:a2:7e:f3:e8:26:86:97:
da:73:a2:f0:a7:63:d0:be:0b:9e:de:ae:7d:37:f6:
bd:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1B:21:27:EC:8C:E6:23:D3:DA:9B:34:6F:3D:93:03:C3:DA:15:82:F2
X509v3 Authority Key Identifier:
keyid:B4:A7:D0:54:82:B8:4D:3B:B6:04:F0:99:BC:AF:9E:7E:D3:46:88:9A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tKfQVIK4TTu2BPCZvK-eftNGiJo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/9dd8ae-4afc-44c1-9bd0-c532195eef49/1/GyEn7IzmI9PamzRvPZMDw9oVgvI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/64/9dd8ae-4afc-44c1-9bd0-c532195eef49/1/tKfQVIK4TTu2BPCZvK-eftNGiJo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.86.160.0/22
Signature Algorithm: sha256WithRSAEncryption
61:f3:ff:fa:d6:94:7e:70:c8:1d:4f:2f:0c:fa:69:fd:c3:8e:
34:0c:25:8a:eb:38:83:f8:b5:ae:bd:72:91:30:68:22:17:5f:
f2:04:ad:57:11:2d:4a:f9:e6:e3:10:d6:6d:90:53:3e:27:c1:
d4:06:39:bc:b0:49:2b:a3:4f:a7:a7:7d:e6:72:16:ff:3f:28:
09:87:32:4d:55:5b:6c:47:07:61:9f:d0:6d:cd:e1:45:04:22:
54:55:2c:c1:95:d4:ef:0b:e0:24:e0:38:b1:e4:42:d3:7d:c7:
9e:a5:ed:f1:07:30:df:0a:c1:89:47:32:ab:8e:30:1b:13:d5:
43:dc:f4:a9:07:48:3a:9a:8d:5f:ba:6e:89:99:aa:5f:50:1c:
95:5b:76:b5:70:87:d1:07:57:0a:4b:0c:10:82:51:44:20:be:
58:79:85:be:f6:1e:1c:6e:79:53:4d:53:52:c8:e2:6c:bb:55:
e1:4c:e6:f4:39:eb:ef:5e:73:69:e9:e9:77:07:47:87:b1:53:
eb:85:6d:d6:81:c6:a0:59:e4:6e:99:c7:8f:8d:e9:a7:cf:47:
a7:eb:2f:8a:31:24:f0:04:c8:3c:7d:bd:31:86:33:7a:91:ef:
9f:10:72:9f:98:de:97:15:74:1b:6f:b2:aa:f0:26:6c:25:10:
36:f4:66:15
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVxHj+We8F2/vgPjoEVc8M4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0YTdkMDU0ODJiODRkM2JiNjA0ZjA5OWJjYWY5ZTdlZDM0
Njg4OWEwHhcNMjMwMTAyMDYxNDQ1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYjIxMjdlYzhjZTYyM2QzZGE5YjM0NmYzZDkzMDNjM2RhMTU4MmYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmrLhL2ghYzGoUIYgvI0PHtrA8wK9
pr+F3lXGlTS+Kl2NUhW7FzDCuj/2Y8obUgNmiKMYnyxrAacS+/DngTVcv9Th/aDO
L5jB/651dUSnfCfvhcflnFYWl6cJgseBn0kRDoE7WAHN7HIhV2ceJ5HAiBtgP6Ng
0cIl19OGWTdZWRHntp905J0fwaTadcyPCaKb/2KyI9qmyOg7Rpf4msBKkwke0Qa7
NzXBuH3eXYP/a+iz/eREWvNeT63GBAruvfk1dithKahw8JCrcK/Qjc6wipDLSYcu
6ZYBMk3k04h21hN4O7mz5y0nDqJ+8+gmhpfac6Lwp2PQvgue3q59N/a9DQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBshJ+yM5iPT2ps0bz2TA8PaFYLyMB8GA1UdIwQY
MBaAFLSn0FSCuE07tgTwmbyvnn7TRoiaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdEtmUVZJSzRUVHUyQlBDWnZLLWVmdE5HaUpvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NC85ZGQ4YWUtNGFmYy00NGMxLTliZDAt
YzUzMjE5NWVlZjQ5LzEvR3lFbjdJem1JOVBhbXpSdlBaTUR3OW9WZ3ZJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NC85ZGQ4YWUtNGFmYy00NGMxLTliZDAtYzUzMjE5NWVlZjQ5
LzEvdEtmUVZJSzRUVHUyQlBDWnZLLWVmdE5HaUpvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuVagMA0G
CSqGSIb3DQEBCwUAA4IBAQBh8//61pR+cMgdTy8M+mn9w440DCWK6ziD+LWuvXKR
MGgiF1/yBK1XES1K+ebjENZtkFM+J8HUBjm8sEkro0+np33mchb/PygJhzJNVVts
Rwdhn9BtzeFFBCJUVSzBldTvC+Ak4Dix5ELTfceepe3xBzDfCsGJRzKrjjAbE9VD
3PSpB0g6mo1fum6JmapfUByVW3a1cIfRB1cKSwwQglFEIL5YeYW+9h4cbnlTTVNS
yOJsu1XhTOb0OevvXnNp6el3B0eHsVPrhW3WgcagWeRumcePjemnz0en6y+KMSTw
BMg8fb0xhjN6ke+fEHKfmN6XFXQbb7Kq8CZsJRA29GYV
-----END CERTIFICATE-----
Generated at Tue Apr 8 10:15:34 2025 by rpki-client