Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/a8007b-08ce-4af4-a383-c4a52dcee23d/1/GX8021H69nK8rjL0O5POWLtceiU.roa
File: GX8021H69nK8rjL0O5POWLtceiU.roa (raw, json)
Hash identifier: Y5GVN+mOkL9l1bvFiIndQuCz4Gu86gLbHvk1EBTFPp8=
Subject key identifier: 19:7F:34:DB:51:FA:F6:72:BC:AE:32:F4:3B:93:CE:58:BB:5C:7A:25
Certificate issuer: /CN=df798581e73704ee38c9be15e72370f176c60311
Certificate serial: 31A34F
Authority key identifier: DF:79:85:81:E7:37:04:EE:38:C9:BE:15:E7:23:70:F1:76:C6:03:11
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/33mFgec3BO44yb4V5yNw8XbGAxE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/a8007b-08ce-4af4-a383-c4a52dcee23d/1/GX8021H69nK8rjL0O5POWLtceiU.roa
Signing time: Wed 25 May 2022 10:38:13 +0000
ROA not before: Wed 25 May 2022 10:38:13 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 24631
IP address blocks: 185.128.83.0/24 maxlen: 24
185.128.81.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3253071 (0x31a34f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=df798581e73704ee38c9be15e72370f176c60311
Validity
Not Before: May 25 10:38:13 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=197f34db51faf672bcae32f43b93ce58bb5c7a25
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:f6:fe:32:6e:9e:e4:3c:37:9c:9e:6e:c3:57:
93:fa:87:3c:06:ce:e3:9f:ff:a6:89:e0:1c:e9:d3:
6f:98:51:31:a2:bf:c6:b4:de:d3:f9:74:58:66:96:
51:f1:37:c3:bd:bd:b7:07:15:c8:a3:bf:0f:73:81:
66:cc:cf:4d:26:62:6f:57:d9:b3:cf:4c:85:37:e2:
01:e7:7c:8a:d7:89:94:ae:2d:7a:2b:be:93:46:5e:
75:12:db:62:35:62:7a:00:59:d3:a7:f5:b2:1c:11:
fc:51:1a:46:4b:6d:04:05:5c:4a:60:3f:60:59:32:
fb:9a:49:2d:93:7b:a3:55:4d:b5:4b:7a:06:2b:8a:
67:d9:0b:af:3d:64:cc:44:62:dd:4a:f9:a0:24:ca:
9c:12:94:e7:20:ee:3b:a6:50:76:96:76:d5:e1:56:
64:3e:d7:e8:26:70:74:a1:26:0c:ec:9f:40:1f:80:
ab:71:4d:86:3c:28:6c:6c:97:ee:0d:64:f5:7b:3d:
3c:f2:b5:2e:84:e0:13:05:12:86:65:55:ab:49:50:
97:13:ff:8b:03:4a:dc:1c:5f:71:4c:61:68:dd:af:
70:5a:48:11:42:3b:84:4c:aa:7a:db:73:da:ab:58:
c3:1c:3c:12:6a:88:53:1a:b3:69:b3:77:67:6a:41:
ae:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
19:7F:34:DB:51:FA:F6:72:BC:AE:32:F4:3B:93:CE:58:BB:5C:7A:25
X509v3 Authority Key Identifier:
keyid:DF:79:85:81:E7:37:04:EE:38:C9:BE:15:E7:23:70:F1:76:C6:03:11
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/33mFgec3BO44yb4V5yNw8XbGAxE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/a8007b-08ce-4af4-a383-c4a52dcee23d/1/GX8021H69nK8rjL0O5POWLtceiU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/a8007b-08ce-4af4-a383-c4a52dcee23d/1/33mFgec3BO44yb4V5yNw8XbGAxE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.128.81.0/24
185.128.83.0/24
Signature Algorithm: sha256WithRSAEncryption
49:25:08:ae:cb:85:73:7f:ee:7e:e3:f7:d9:d9:38:85:16:cc:
b7:19:44:b1:47:8c:ad:52:47:91:81:e9:5e:d6:c8:9f:84:30:
b3:78:05:e6:6e:9d:c2:0c:d7:3b:3f:3c:b0:9a:98:68:99:76:
61:a0:07:c0:a5:52:9d:5a:cb:ec:f1:03:51:a3:c5:8b:9e:29:
25:de:07:b7:da:93:7a:8a:5c:62:9c:67:9b:dc:90:ed:ae:70:
68:c7:c8:de:0f:21:8b:06:2f:64:da:bc:f5:49:e6:5e:55:c2:
73:56:93:b5:af:19:74:27:77:75:34:2d:b6:0b:0d:5f:51:6b:
22:ff:c6:51:e0:9e:b2:b4:08:14:5a:31:51:a1:65:71:b0:ad:
2b:26:3b:eb:82:19:e8:12:43:32:19:7c:18:e9:a8:89:6e:06:
b5:26:b1:a4:b1:21:3b:85:03:98:ea:3e:ad:c5:08:2a:a3:1f:
01:1e:b3:ed:d4:5d:fd:e6:8d:93:ba:13:c5:b1:81:02:3f:93:
5d:fe:02:03:b2:f5:2d:2a:ac:fd:73:f7:82:c2:36:62:69:cb:
3c:f7:b1:cc:7a:8c:9a:f6:0c:1b:89:6a:3a:3a:ce:42:5f:d4:
e6:41:63:2f:6f:38:0d:eb:4b:21:35:f1:44:e5:65:2a:90:76:
cd:cc:66:19
-----BEGIN CERTIFICATE-----
MIIE9DCCA9ygAwIBAgIDMaNPMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGRm
Nzk4NTgxZTczNzA0ZWUzOGM5YmUxNWU3MjM3MGYxNzZjNjAzMTEwHhcNMjIwNTI1
MTAzODEzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEygxOTdmMzRkYjUxZmFm
NjcyYmNhZTMyZjQzYjkzY2U1OGJiNWM3YTI1MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAsPb+Mm6e5Dw3nJ5uw1eT+oc8Bs7jn/+mieAc6dNvmFExor/G
tN7T+XRYZpZR8TfDvb23BxXIo78Pc4FmzM9NJmJvV9mzz0yFN+IB53yK14mUri16
K76TRl51EttiNWJ6AFnTp/WyHBH8URpGS20EBVxKYD9gWTL7mkktk3ujVU21S3oG
K4pn2QuvPWTMRGLdSvmgJMqcEpTnIO47plB2lnbV4VZkPtfoJnB0oSYM7J9AH4Cr
cU2GPChsbJfuDWT1ez088rUuhOATBRKGZVWrSVCXE/+LA0rcHF9xTGFo3a9wWkgR
QjuETKp623Paq1jDHDwSaohTGrNps3dnakGuTwIDAQABo4ICDzCCAgswHQYDVR0O
BBYEFBl/NNtR+vZyvK4y9DuTzli7XHolMB8GA1UdIwQYMBaAFN95hYHnNwTuOMm+
FecjcPF2xgMRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
MzNtRmdlYzNCTzQ0eWI0VjV5Tnc4WGJHQXhFLmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC82NS9hODAwN2ItMDhjZS00YWY0LWEzODMtYzRhNTJkY2VlMjNkLzEv
R1g4MDIxSDY5bks4cmpMME81UE9XTHRjZWlVLnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS9h
ODAwN2ItMDhjZS00YWY0LWEzODMtYzRhNTJkY2VlMjNkLzEvMzNtRmdlYzNCTzQ0
eWI0VjV5Tnc4WGJHQXhFLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCUG
CCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAuYBRAwQAuYBTMA0GCSqGSIb3DQEB
CwUAA4IBAQBJJQiuy4Vzf+5+4/fZ2TiFFsy3GUSxR4ytUkeRgele1sifhDCzeAXm
bp3CDNc7PzywmphomXZhoAfApVKdWsvs8QNRo8WLnikl3ge32pN6ilxinGeb3JDt
rnBox8jeDyGLBi9k2rz1SeZeVcJzVpO1rxl0J3d1NC22Cw1fUWsi/8ZR4J6ytAgU
WjFRoWVxsK0rJjvrghnoEkMyGXwY6aiJbga1JrGksSE7hQOY6j6txQgqox8BHrPt
1F395o2TuhPFsYECP5Nd/gIDsvUtKqz9c/eCwjZiacs897HMeoya9gwbiWo6Os5C
X9TmQWMvbzgN60shNfFE5WUqkHbNzGYZ
-----END CERTIFICATE-----
Generated at Tue Apr 8 10:18:52 2025 by rpki-client