Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/74/be92b5-5717-4046-ac1c-8222e251a91b/1/gz8hX1V3Ekj-tr9p4batoqA5Q6A.roa
File: gz8hX1V3Ekj-tr9p4batoqA5Q6A.roa (raw, json)
Hash identifier: +TGHWDhKQUFCCaY0xMc2sXM82XDsXBiGTfB2A+Eeako=
Subject key identifier: 83:3F:21:5F:55:77:12:48:FE:B6:BF:69:E1:B6:AD:A2:A0:39:43:A0
Certificate issuer: /CN=9b55a642379ce578f39ec0d10603dcfa83f6e34e
Certificate serial: 04548B9E
Authority key identifier: 9B:55:A6:42:37:9C:E5:78:F3:9E:C0:D1:06:03:DC:FA:83:F6:E3:4E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/m1WmQjec5XjznsDRBgPc-oP2404.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/74/be92b5-5717-4046-ac1c-8222e251a91b/1/gz8hX1V3Ekj-tr9p4batoqA5Q6A.roa
Signing time: Tue 14 Jun 2022 09:18:01 +0000
ROA not before: Tue 14 Jun 2022 09:18:01 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 59497
IP address blocks: 194.8.144.0/24 maxlen: 24
194.8.145.0/24 maxlen: 24
194.8.144.0/22 maxlen: 22
194.8.147.0/24 maxlen: 24
194.8.146.0/24 maxlen: 24
188.191.233.0/24 maxlen: 24
188.191.232.0/21 maxlen: 21
188.191.232.0/24 maxlen: 24
188.191.237.0/24 maxlen: 24
188.191.235.0/24 maxlen: 24
188.191.236.0/24 maxlen: 24
188.191.234.0/24 maxlen: 24
188.191.238.0/24 maxlen: 24
188.191.239.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 72649630 (0x4548b9e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9b55a642379ce578f39ec0d10603dcfa83f6e34e
Validity
Not Before: Jun 14 09:18:01 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=833f215f55771248feb6bf69e1b6ada2a03943a0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:f9:04:06:75:cf:c3:a0:17:a3:e2:f0:af:ff:
a7:32:5a:8a:6f:41:18:aa:44:e3:95:47:69:60:77:
4d:5a:46:78:00:91:13:d5:22:85:34:15:77:8d:6c:
57:45:21:e2:00:e5:d1:b2:c8:d8:da:01:d8:94:85:
d8:a4:3d:77:04:dd:4e:21:6e:98:47:15:11:9c:73:
53:51:fb:82:a0:30:7b:1a:46:e0:6b:41:10:f5:92:
9a:31:bc:4c:3b:e9:d4:3b:96:3a:98:7e:ac:90:55:
79:ee:48:37:25:e1:24:01:2c:36:2a:f8:3a:92:64:
ce:db:22:d2:4c:02:30:91:d9:3b:4b:08:d8:a8:bc:
fb:d8:1c:83:71:63:02:7f:42:01:bb:8e:93:cd:c4:
c2:bc:7d:f8:a3:73:9b:95:9b:bc:d5:2f:94:d6:45:
f1:6b:a3:c6:c7:38:e2:8b:71:f6:fb:00:5b:8d:02:
43:14:70:2a:2e:fc:5f:93:a8:2f:02:c1:81:8d:f7:
2c:3a:a6:66:3e:ff:8e:14:7d:74:eb:43:a0:04:6c:
c0:93:ad:54:97:52:52:b3:e9:7b:91:93:22:ff:05:
5d:06:87:2b:99:a3:25:49:bf:49:8b:49:0a:14:6d:
a3:0b:20:d4:55:1a:25:db:c0:bb:d3:62:95:26:dd:
e1:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
83:3F:21:5F:55:77:12:48:FE:B6:BF:69:E1:B6:AD:A2:A0:39:43:A0
X509v3 Authority Key Identifier:
keyid:9B:55:A6:42:37:9C:E5:78:F3:9E:C0:D1:06:03:DC:FA:83:F6:E3:4E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m1WmQjec5XjznsDRBgPc-oP2404.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/74/be92b5-5717-4046-ac1c-8222e251a91b/1/gz8hX1V3Ekj-tr9p4batoqA5Q6A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/74/be92b5-5717-4046-ac1c-8222e251a91b/1/m1WmQjec5XjznsDRBgPc-oP2404.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.191.232.0/21
194.8.144.0/22
Signature Algorithm: sha256WithRSAEncryption
2a:f4:10:30:b6:2b:33:4e:c1:1a:bb:8c:98:7c:36:bc:10:a0:
83:10:a5:3c:60:44:94:6b:31:f9:d1:2c:42:96:6f:39:5a:ee:
71:43:c2:52:48:04:4a:c2:2a:dc:52:7d:13:80:55:86:24:db:
e3:fc:4b:b9:60:ab:9b:46:86:9f:6e:94:f3:8f:6d:4f:0f:0d:
1e:44:59:39:75:cf:ce:e8:35:06:c8:ce:47:8d:51:ee:c9:d2:
21:81:56:33:ee:bf:de:ee:3a:35:cb:3c:9d:b8:6a:d3:e1:21:
83:02:b6:72:65:e4:0e:e8:71:80:d7:b3:30:84:ec:02:1f:00:
9b:e6:01:cf:fa:8a:a5:42:67:30:f9:d2:14:4d:1a:c9:07:bc:
cd:9e:dc:c1:3d:48:2d:2a:52:54:45:8b:04:6b:b8:58:c0:06:
9f:19:7f:68:b2:47:45:17:00:e0:42:43:31:e5:47:57:4c:1d:
71:88:a7:d6:8c:4a:97:14:ca:46:a8:e5:f8:f7:b4:5e:d7:4e:
9b:c0:9a:70:47:95:fa:5c:fc:d6:22:b8:ec:b3:b3:00:c9:60:
bf:82:c0:6a:c4:97:ed:46:0c:ef:db:1e:f6:6c:3d:09:b9:cb:
a4:c9:54:2e:b5:55:56:f4:e4:0f:80:5d:9f:96:db:88:6f:62:
84:12:1c:8c
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIEBFSLnjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
YjU1YTY0MjM3OWNlNTc4ZjM5ZWMwZDEwNjAzZGNmYTgzZjZlMzRlMB4XDTIyMDYx
NDA5MTgwMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoODMzZjIxNWY1NTc3
MTI0OGZlYjZiZjY5ZTFiNmFkYTJhMDM5NDNhMDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMb5BAZ1z8OgF6Pi8K//pzJaim9BGKpE45VHaWB3TVpGeACR
E9UihTQVd41sV0Uh4gDl0bLI2NoB2JSF2KQ9dwTdTiFumEcVEZxzU1H7gqAwexpG
4GtBEPWSmjG8TDvp1DuWOph+rJBVee5INyXhJAEsNir4OpJkztsi0kwCMJHZO0sI
2Ki8+9gcg3FjAn9CAbuOk83Ewrx9+KNzm5WbvNUvlNZF8Wujxsc44otx9vsAW40C
QxRwKi78X5OoLwLBgY33LDqmZj7/jhR9dOtDoARswJOtVJdSUrPpe5GTIv8FXQaH
K5mjJUm/SYtJChRtowsg1FUaJdvAu9NilSbd4TcCAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBSDPyFfVXcSSP62v2nhtq2ioDlDoDAfBgNVHSMEGDAWgBSbVaZCN5zlePOe
wNEGA9z6g/bjTjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L20xV21RamVjNVhqem5zRFJCZ1BjLW9QMjQwNC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNzQvYmU5MmI1LTU3MTctNDA0Ni1hYzFjLTgyMjJlMjUxYTkxYi8x
L2d6OGhYMVYzRWtqLXRyOXA0YmF0b3FBNVE2QS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzQv
YmU5MmI1LTU3MTctNDA0Ni1hYzFjLTgyMjJlMjUxYTkxYi8xL20xV21RamVjNVhq
em5zRFJCZ1BjLW9QMjQwNC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEA7y/6AMEAsIIkDANBgkqhkiG9w0B
AQsFAAOCAQEAKvQQMLYrM07BGruMmHw2vBCggxClPGBElGsx+dEsQpZvOVrucUPC
UkgESsIq3FJ9E4BVhiTb4/xLuWCrm0aGn26U849tTw8NHkRZOXXPzug1BsjOR41R
7snSIYFWM+6/3u46Ncs8nbhq0+EhgwK2cmXkDuhxgNezMITsAh8Am+YBz/qKpUJn
MPnSFE0ayQe8zZ7cwT1ILSpSVEWLBGu4WMAGnxl/aLJHRRcA4EJDMeVHV0wdcYin
1oxKlxTKRqjl+Pe0XtdOm8CacEeV+lz81iK47LOzAMlgv4LAasSX7UYM79se9mw9
CbnLpMlULrVVVvTkD4Bdn5bbiG9ihBIcjA==
-----END CERTIFICATE-----
Generated at Tue Apr 22 21:05:47 2025 by rpki-client