Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/79/e4d903-5baa-4341-9392-a3e481fb51b9/1/gKbX-qFINUkRRXDhFUM23lbz6KE.roa
File: gKbX-qFINUkRRXDhFUM23lbz6KE.roa (raw, json)
Hash identifier: R5hLInKnDjNIO85N1H0GOOoFkRS3uGU9TokWwhFMyCE=
Subject key identifier: 80:A6:D7:FA:A1:48:35:49:11:45:70:E1:15:43:36:DE:56:F3:E8:A1
Certificate issuer: /CN=b7f6c33bfb9d94bd0f74a738e7f16d0e9da0c3b9
Certificate serial: 01856E1D3F32E20C0CDC7D06DD388591BA09
Authority key identifier: B7:F6:C3:3B:FB:9D:94:BD:0F:74:A7:38:E7:F1:6D:0E:9D:A0:C3:B9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/t_bDO_udlL0PdKc45_FtDp2gw7k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/79/e4d903-5baa-4341-9392-a3e481fb51b9/1/gKbX-qFINUkRRXDhFUM23lbz6KE.roa
Signing time: Sun 01 Jan 2023 16:14:48 +0000
ROA not before: Sun 01 Jan 2023 16:14:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 202913
IP address blocks: 185.130.144.0/24 maxlen: 24
185.130.144.0/22 maxlen: 22
185.130.145.0/24 maxlen: 24
185.130.144.0/23 maxlen: 23
185.130.146.0/23 maxlen: 23
185.130.147.0/24 maxlen: 24
185.130.146.0/24 maxlen: 24
80.78.131.0/24 maxlen: 24
80.78.128.0/24 maxlen: 24
80.78.129.0/24 maxlen: 24
80.78.128.0/22 maxlen: 22
80.78.130.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:1d:3f:32:e2:0c:0c:dc:7d:06:dd:38:85:91:ba:09
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b7f6c33bfb9d94bd0f74a738e7f16d0e9da0c3b9
Validity
Not Before: Jan 1 16:14:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=80a6d7faa1483549114570e1154336de56f3e8a1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:da:f8:f3:6b:8f:13:d3:47:c8:1c:3c:dd:ac:
d2:d9:76:77:10:52:e8:35:ef:54:a4:a0:1c:d6:80:
cd:0d:a6:c5:10:6a:2f:de:d7:bc:67:46:f5:a2:91:
e1:40:8b:69:5a:82:57:e5:c9:0c:e1:88:92:19:04:
10:c0:7f:a8:f1:6e:34:cd:74:fb:55:52:68:36:e8:
d5:d7:16:a0:95:e8:cc:2a:21:24:3b:48:60:2a:ba:
58:43:0e:08:31:99:67:d1:8f:cb:95:67:b6:d5:18:
53:cc:50:5b:df:04:8f:e8:19:ab:bd:e2:65:8e:7d:
03:9f:18:9e:a6:79:0a:71:f2:05:55:69:e5:14:3a:
7f:60:b6:84:a5:a0:03:02:0e:a0:b7:8d:6e:d3:6f:
4e:a4:6b:7c:22:23:18:22:eb:ea:da:c2:52:4f:5c:
35:93:a9:4b:ec:4a:1c:cf:53:6e:1e:97:38:46:43:
ab:f8:e2:8b:bf:c1:df:21:d3:28:2e:52:bf:12:60:
2b:83:e7:bd:09:c2:0b:4f:3f:a9:80:25:fa:62:f5:
98:e3:1a:e3:a7:77:0b:04:4f:92:29:80:85:a7:ea:
d2:f8:7a:89:45:4e:98:70:9a:eb:ed:d9:ab:45:f4:
91:d2:23:a9:d9:30:4a:a1:bd:5e:48:aa:06:d1:a0:
1e:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
80:A6:D7:FA:A1:48:35:49:11:45:70:E1:15:43:36:DE:56:F3:E8:A1
X509v3 Authority Key Identifier:
keyid:B7:F6:C3:3B:FB:9D:94:BD:0F:74:A7:38:E7:F1:6D:0E:9D:A0:C3:B9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/t_bDO_udlL0PdKc45_FtDp2gw7k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/79/e4d903-5baa-4341-9392-a3e481fb51b9/1/gKbX-qFINUkRRXDhFUM23lbz6KE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/79/e4d903-5baa-4341-9392-a3e481fb51b9/1/t_bDO_udlL0PdKc45_FtDp2gw7k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.78.128.0/22
185.130.144.0/22
Signature Algorithm: sha256WithRSAEncryption
3d:71:e5:0c:fb:37:63:37:e0:94:01:2f:cc:44:88:76:0e:07:
3f:7f:d8:4b:a1:1b:2b:a7:a0:49:41:50:d0:04:bb:76:80:97:
de:90:b9:67:ec:1c:a9:26:8a:5c:a1:74:61:d5:d2:47:9a:11:
65:2f:c3:cf:c3:73:23:54:bd:46:8d:3b:38:54:d2:8d:a6:9f:
a8:a8:af:2f:c7:47:4a:79:30:ee:7d:f5:9c:fe:fa:cf:a5:5c:
6e:2d:db:44:48:85:13:b6:ea:3c:e4:75:8f:57:e8:de:03:23:
f1:c2:d0:ce:b1:9d:87:62:15:03:c3:12:4b:97:e1:93:cd:cc:
2d:d1:30:0e:74:44:41:d6:12:66:bd:bb:44:10:34:3f:d0:4f:
54:8c:5c:62:ec:f3:7b:8b:7d:81:57:38:5e:a0:c6:11:50:cb:
fb:9e:6c:91:36:6b:c3:23:15:70:bc:15:14:a9:84:41:1a:77:
b3:be:dd:51:33:9d:71:bd:11:84:73:fb:dc:52:b8:73:7c:07:
5d:56:0b:ed:5b:66:54:1d:de:02:51:bf:40:dc:0e:dc:53:b4:
8b:4c:58:d5:37:db:46:71:2e:ab:2b:34:1d:fc:3b:8f:27:c2:
76:ce:b1:5b:b0:56:7d:21:ba:47:5b:10:00:78:de:12:ad:9d:
42:19:72:98
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVuHT8y4gwM3H0G3TiFkboJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI3ZjZjMzNiZmI5ZDk0YmQwZjc0YTczOGU3ZjE2ZDBlOWRh
MGMzYjkwHhcNMjMwMTAxMTYxNDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MGE2ZDdmYWExNDgzNTQ5MTE0NTcwZTExNTQzMzZkZTU2ZjNlOGExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAidr482uPE9NHyBw83azS2XZ3EFLo
Ne9UpKAc1oDNDabFEGov3te8Z0b1opHhQItpWoJX5ckM4YiSGQQQwH+o8W40zXT7
VVJoNujV1xaglejMKiEkO0hgKrpYQw4IMZln0Y/LlWe21RhTzFBb3wSP6BmrveJl
jn0DnxiepnkKcfIFVWnlFDp/YLaEpaADAg6gt41u029OpGt8IiMYIuvq2sJST1w1
k6lL7Eocz1NuHpc4RkOr+OKLv8HfIdMoLlK/EmArg+e9CcILTz+pgCX6YvWY4xrj
p3cLBE+SKYCFp+rS+HqJRU6YcJrr7dmrRfSR0iOp2TBKob1eSKoG0aAeoQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFICm1/qhSDVJEUVw4RVDNt5W8+ihMB8GA1UdIwQY
MBaAFLf2wzv7nZS9D3SnOOfxbQ6doMO5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdF9iRE9fdWRsTDBQZEtjNDVfRnREcDJndzdrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OS9lNGQ5MDMtNWJhYS00MzQxLTkzOTIt
YTNlNDgxZmI1MWI5LzEvZ0tiWC1xRklOVWtSUlhEaEZVTTIzbGJ6NktFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OS9lNGQ5MDMtNWJhYS00MzQxLTkzOTItYTNlNDgxZmI1MWI5
LzEvdF9iRE9fdWRsTDBQZEtjNDVfRnREcDJndzdrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCUE6AAwQC
uYKQMA0GCSqGSIb3DQEBCwUAA4IBAQA9ceUM+zdjN+CUAS/MRIh2Dgc/f9hLoRsr
p6BJQVDQBLt2gJfekLln7BypJopcoXRh1dJHmhFlL8PPw3MjVL1GjTs4VNKNpp+o
qK8vx0dKeTDuffWc/vrPpVxuLdtESIUTtuo85HWPV+jeAyPxwtDOsZ2HYhUDwxJL
l+GTzcwt0TAOdERB1hJmvbtEEDQ/0E9UjFxi7PN7i32BVzheoMYRUMv7nmyRNmvD
IxVwvBUUqYRBGnezvt1RM51xvRGEc/vcUrhzfAddVgvtW2ZUHd4CUb9A3A7cU7SL
TFjVN9tGcS6rKzQd/DuPJ8J2zrFbsFZ9IbpHWxAAeN4SrZ1CGXKY
-----END CERTIFICATE-----
Generated at Mon Apr 14 19:41:39 2025 by rpki-client