Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/4ee85e-22cb-42ed-9071-4651fd802737/1/GYWf4lCSqHXhV4fYLNlf3zXF4Qw.roa
File: GYWf4lCSqHXhV4fYLNlf3zXF4Qw.roa (raw, json)
Hash identifier: q5PPOfz+Ul1f+sMcgOn4vwiOPwIWZORFvXnhKQpKqCo=
Subject key identifier: 19:85:9F:E2:50:92:A8:75:E1:57:87:D8:2C:D9:5F:DF:35:C5:E1:0C
Certificate issuer: /CN=e215be4532e9588c40531a7f331eabfbf4770a5e
Certificate serial: 018709CEE6393358DA9AC6FBEB1A59015EC9
Authority key identifier: E2:15:BE:45:32:E9:58:8C:40:53:1A:7F:33:1E:AB:FB:F4:77:0A:5E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4hW-RTLpWIxAUxp_Mx6r-_R3Cl4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/4ee85e-22cb-42ed-9071-4651fd802737/1/GYWf4lCSqHXhV4fYLNlf3zXF4Qw.roa
Signing time: Wed 22 Mar 2023 14:52:46 +0000
ROA not before: Wed 22 Mar 2023 14:52:46 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 48737
IP address blocks: 185.56.239.0/24 maxlen: 24
185.56.236.0/24 maxlen: 24
185.56.237.0/24 maxlen: 24
185.56.238.0/24 maxlen: 24
185.59.73.0/24 maxlen: 24
185.59.74.0/24 maxlen: 24
185.59.75.0/24 maxlen: 24
185.59.72.0/24 maxlen: 24
81.22.97.0/24 maxlen: 24
81.22.98.0/24 maxlen: 24
81.22.96.0/24 maxlen: 24
81.22.104.0/24 maxlen: 24
81.22.105.0/24 maxlen: 24
81.22.101.0/24 maxlen: 24
81.22.102.0/24 maxlen: 24
81.22.103.0/24 maxlen: 24
81.22.99.0/24 maxlen: 24
81.22.100.0/24 maxlen: 24
81.22.111.0/24 maxlen: 24
81.22.108.0/24 maxlen: 24
81.22.109.0/24 maxlen: 24
81.22.110.0/24 maxlen: 24
81.22.106.0/24 maxlen: 24
81.22.107.0/24 maxlen: 24
95.128.58.0/24 maxlen: 24
95.128.56.0/24 maxlen: 24
95.128.57.0/24 maxlen: 24
95.128.62.0/24 maxlen: 24
95.128.63.0/24 maxlen: 24
95.128.59.0/24 maxlen: 24
95.128.60.0/24 maxlen: 24
95.128.61.0/24 maxlen: 24
46.20.144.0/24 maxlen: 24
46.20.145.0/24 maxlen: 24
46.20.150.0/24 maxlen: 24
46.20.151.0/24 maxlen: 24
46.20.152.0/24 maxlen: 24
46.20.147.0/24 maxlen: 24
46.20.148.0/24 maxlen: 24
46.20.149.0/24 maxlen: 24
46.20.146.0/24 maxlen: 24
46.20.157.0/24 maxlen: 24
46.20.158.0/24 maxlen: 24
46.20.159.0/24 maxlen: 24
46.20.154.0/24 maxlen: 24
46.20.155.0/24 maxlen: 24
46.20.156.0/24 maxlen: 24
46.20.153.0/24 maxlen: 24
37.58.16.0/24 maxlen: 24
37.58.17.0/24 maxlen: 24
37.58.23.0/24 maxlen: 24
37.58.19.0/24 maxlen: 24
37.58.20.0/24 maxlen: 24
37.58.21.0/24 maxlen: 24
37.58.22.0/24 maxlen: 24
37.58.18.0/24 maxlen: 24
2a02:dc40::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:09:ce:e6:39:33:58:da:9a:c6:fb:eb:1a:59:01:5e:c9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e215be4532e9588c40531a7f331eabfbf4770a5e
Validity
Not Before: Mar 22 14:52:46 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=19859fe25092a875e15787d82cd95fdf35c5e10c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:b1:9e:c8:a3:92:00:fb:70:d6:30:16:e9:77:
82:fd:a9:86:84:38:33:1d:9e:91:4f:eb:37:3c:3b:
03:33:af:22:92:cb:8f:5f:54:ec:c2:8b:25:29:3b:
52:f0:0f:fd:ad:24:db:fb:1c:18:f6:c9:82:8d:a3:
a7:19:7c:b5:63:aa:22:2b:4e:9f:59:51:b4:b8:5d:
64:af:c2:f0:4c:6f:d2:f2:23:d1:d6:61:14:58:fc:
19:16:87:50:24:2a:12:6e:70:d5:71:85:9d:a5:ba:
37:c0:c3:da:57:11:42:10:46:ed:73:65:2a:4c:e0:
5f:fe:a8:d6:2c:ab:f0:23:8a:6f:0b:d1:17:d6:28:
c2:cf:1f:f3:fd:d8:13:36:74:45:3c:a1:97:d7:d8:
30:72:dc:37:b6:4a:f8:8c:cc:0d:cc:71:3f:f5:dc:
7c:44:b1:ff:d9:86:36:99:db:c4:50:d9:42:d0:bf:
bb:f4:07:25:5a:52:ff:38:14:d3:c8:6b:ab:d3:e7:
bb:1d:d6:f7:96:c4:f2:cd:32:70:dc:3b:1a:fe:c2:
b8:21:00:fc:5b:6a:a0:b7:a3:27:4b:62:a6:4d:d5:
ce:c5:91:c0:e9:82:82:43:cb:4b:29:b2:90:26:9d:
24:de:70:4f:37:f2:8c:e8:90:af:69:7f:de:bf:9b:
51:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
19:85:9F:E2:50:92:A8:75:E1:57:87:D8:2C:D9:5F:DF:35:C5:E1:0C
X509v3 Authority Key Identifier:
keyid:E2:15:BE:45:32:E9:58:8C:40:53:1A:7F:33:1E:AB:FB:F4:77:0A:5E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4hW-RTLpWIxAUxp_Mx6r-_R3Cl4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/4ee85e-22cb-42ed-9071-4651fd802737/1/GYWf4lCSqHXhV4fYLNlf3zXF4Qw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/4ee85e-22cb-42ed-9071-4651fd802737/1/4hW-RTLpWIxAUxp_Mx6r-_R3Cl4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.58.16.0/21
46.20.144.0/20
81.22.96.0/20
95.128.56.0/21
185.56.236.0/22
185.59.72.0/22
IPv6:
2a02:dc40::/48
Signature Algorithm: sha256WithRSAEncryption
70:ce:ae:47:17:d1:f9:32:23:30:a2:52:db:73:2e:e0:b9:24:
e2:17:7c:74:b4:a3:af:0b:1c:02:16:8e:56:11:16:9d:41:67:
06:02:d8:74:b2:f2:bc:c2:4c:79:1b:78:37:48:ae:e8:55:c5:
d4:3e:a2:51:ba:32:5c:78:7f:15:f1:46:cc:2e:3e:9b:3b:32:
90:6f:ce:59:67:28:af:81:ca:ae:40:3f:7a:ed:bf:ff:59:96:
10:6c:f8:3a:a3:92:6e:a4:10:d6:c4:75:2d:65:ab:ed:da:b7:
1d:db:e0:42:dc:53:a4:84:88:f1:14:c0:d2:31:be:fd:d5:e8:
99:e2:3b:ae:b9:60:a0:d4:dc:4c:44:ba:c4:c7:22:8e:b2:b4:
fd:be:5a:23:ca:5a:a6:df:c8:8f:0d:d1:8f:97:92:6a:ff:5a:
99:1b:68:b2:c4:e5:a9:60:e2:86:45:81:74:0e:95:42:06:3c:
a9:a7:d3:2b:da:74:06:bc:a1:2b:83:dd:bb:c4:b4:a1:62:22:
65:1f:90:4b:e5:c0:0f:bb:c2:aa:0b:14:13:03:06:7f:56:8e:
78:e8:65:2e:48:86:31:60:59:cc:a2:c3:89:06:1d:04:e7:0f:
e5:67:5d:a4:13:3d:d4:f1:53:89:25:be:31:49:a4:2c:5a:cb:
a1:72:1a:28
-----BEGIN CERTIFICATE-----
MIIFLDCCBBSgAwIBAgISAYcJzuY5M1jamsb76xpZAV7JMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUyMTViZTQ1MzJlOTU4OGM0MDUzMWE3ZjMzMWVhYmZiZjQ3
NzBhNWUwHhcNMjMwMzIyMTQ1MjQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxOTg1OWZlMjUwOTJhODc1ZTE1Nzg3ZDgyY2Q5NWZkZjM1YzVlMTBjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqrGeyKOSAPtw1jAW6XeC/amGhDgz
HZ6RT+s3PDsDM68iksuPX1TswoslKTtS8A/9rSTb+xwY9smCjaOnGXy1Y6oiK06f
WVG0uF1kr8LwTG/S8iPR1mEUWPwZFodQJCoSbnDVcYWdpbo3wMPaVxFCEEbtc2Uq
TOBf/qjWLKvwI4pvC9EX1ijCzx/z/dgTNnRFPKGX19gwctw3tkr4jMwNzHE/9dx8
RLH/2YY2mdvEUNlC0L+79AclWlL/OBTTyGur0+e7Hdb3lsTyzTJw3Dsa/sK4IQD8
W2qgt6MnS2KmTdXOxZHA6YKCQ8tLKbKQJp0k3nBPN/KM6JCvaX/ev5tRnQIDAQAB
o4ICODCCAjQwHQYDVR0OBBYEFBmFn+JQkqh14VeH2CzZX981xeEMMB8GA1UdIwQY
MBaAFOIVvkUy6ViMQFMafzMeq/v0dwpeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNGhXLVJUTHBXSXhBVXhwX014NnItX1IzQ2w0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS80ZWU4NWUtMjJjYi00MmVkLTkwNzEt
NDY1MWZkODAyNzM3LzEvR1lXZjRsQ1NxSFhoVjRmWUxObGYzelhGNFF3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS80ZWU4NWUtMjJjYi00MmVkLTkwNzEtNDY1MWZkODAyNzM3
LzEvNGhXLVJUTHBXSXhBVXhwX014NnItX1IzQ2w0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME4GCCsGAQUFBwEHAQH/BD8wPTAqBAIAATAkAwQDJToQAwQE
LhSQAwQEURZgAwQDX4A4AwQCuTjsAwQCuTtIMA8EAgACMAkDBwAqAtxAAAAwDQYJ
KoZIhvcNAQELBQADggEBAHDOrkcX0fkyIzCiUttzLuC5JOIXfHS0o68LHAIWjlYR
Fp1BZwYC2HSy8rzCTHkbeDdIruhVxdQ+olG6Mlx4fxXxRswuPps7MpBvzllnKK+B
yq5AP3rtv/9ZlhBs+Dqjkm6kENbEdS1lq+3atx3b4ELcU6SEiPEUwNIxvv3V6Jni
O665YKDU3ExEusTHIo6ytP2+WiPKWqbfyI8N0Y+Xkmr/WpkbaLLE5alg4oZFgXQO
lUIGPKmn0yvadAa8oSuD3bvEtKFiImUfkEvlwA+7wqoLFBMDBn9WjnjoZS5IhjFg
Wcyiw4kGHQTnD+VnXaQTPdTxU4klvjFJpCxay6FyGig=
-----END CERTIFICATE-----
Generated at Wed Apr 16 19:06:11 2025 by rpki-client