Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7a/442e17-4198-435b-96f4-6467f44b43bf/1/1-gGvnVBzfCU3el-jTGDA6_gtNA8.roa
File: 1-gGvnVBzfCU3el-jTGDA6_gtNA8.roa (raw, json)
Hash identifier: lEECNC0lcKEHgUmYa8a/nypYvcmSs031Py6LXlVZ14c=
Subject key identifier: FA:01:AF:9D:50:73:7C:25:37:7A:5F:A3:4C:60:C0:EB:F8:2D:34:0F
Certificate issuer: /CN=df904155ee3acfe3fea8bbfee86e97c58c8991f4
Certificate serial: 018714C05164CB7AB11B647CBEF060D67EEB
Authority key identifier: DF:90:41:55:EE:3A:CF:E3:FE:A8:BB:FE:E8:6E:97:C5:8C:89:91:F4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/35BBVe46z-P-qLv-6G6XxYyJkfQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7a/442e17-4198-435b-96f4-6467f44b43bf/1/1-gGvnVBzfCU3el-jTGDA6_gtNA8.roa
Signing time: Fri 24 Mar 2023 17:52:40 +0000
ROA not before: Fri 24 Mar 2023 17:52:40 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 44356
IP address blocks: 79.99.192.0/21 maxlen: 29
31.13.152.0/21 maxlen: 24
2a00:1538::/32 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:14:c0:51:64:cb:7a:b1:1b:64:7c:be:f0:60:d6:7e:eb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=df904155ee3acfe3fea8bbfee86e97c58c8991f4
Validity
Not Before: Mar 24 17:52:40 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=fa01af9d50737c25377a5fa34c60c0ebf82d340f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:8e:9c:f4:02:4a:0e:fd:96:8c:51:73:35:90:
e6:e8:22:49:66:0b:e6:bf:bb:79:a3:70:07:0e:06:
4b:18:2a:d5:46:3e:82:25:0b:a1:98:c5:e6:d3:91:
3a:05:d2:3f:d0:28:d2:b9:61:01:b7:e3:81:ef:58:
0c:05:4d:0e:6e:7f:d4:3f:64:e2:46:3c:0c:62:de:
ce:e9:8c:8e:6e:17:46:9d:f0:2e:98:86:95:4a:09:
e1:90:f9:8b:45:bf:32:04:b7:f4:a7:77:45:b2:b6:
9b:de:4c:ff:0d:7f:c7:bc:d1:c8:30:4e:86:73:17:
1f:6b:4c:54:60:5d:75:f0:aa:d6:19:33:cb:56:fc:
23:97:1a:a9:7b:fc:9f:03:bb:00:c5:75:09:78:38:
4b:4b:49:4e:84:4a:ff:73:c6:56:cf:89:66:f8:87:
d0:06:4f:f1:54:ed:52:31:ba:e2:3d:fb:16:a2:fa:
13:d7:9e:c0:8d:6f:66:e5:93:c9:61:8f:1a:7d:2c:
16:2b:4b:46:7c:f1:7c:7e:b9:35:9b:8f:a7:41:24:
5a:da:6e:8c:8a:42:67:2a:4a:b1:bc:9f:80:12:73:
ba:05:c5:61:78:88:fb:c3:07:b2:33:7a:c0:6c:7d:
17:c2:9e:6d:72:83:46:26:9d:d6:81:38:c4:d7:6d:
22:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:01:AF:9D:50:73:7C:25:37:7A:5F:A3:4C:60:C0:EB:F8:2D:34:0F
X509v3 Authority Key Identifier:
keyid:DF:90:41:55:EE:3A:CF:E3:FE:A8:BB:FE:E8:6E:97:C5:8C:89:91:F4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/35BBVe46z-P-qLv-6G6XxYyJkfQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/442e17-4198-435b-96f4-6467f44b43bf/1/1-gGvnVBzfCU3el-jTGDA6_gtNA8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/442e17-4198-435b-96f4-6467f44b43bf/1/35BBVe46z-P-qLv-6G6XxYyJkfQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.13.152.0/21
79.99.192.0/21
IPv6:
2a00:1538::/32
Signature Algorithm: sha256WithRSAEncryption
29:11:35:85:df:1e:95:55:29:8f:ae:04:ee:5d:cc:05:0c:55:
d2:0e:6f:8f:ce:d8:86:7e:eb:46:a4:34:fc:4c:37:16:b7:4e:
99:cc:e7:96:fb:37:cd:aa:02:6e:1e:c1:af:17:c2:78:ef:b0:
c2:54:8e:7b:f3:fb:a1:80:f1:fe:b5:d5:fe:63:2d:c5:51:72:
c9:bd:2e:61:45:c5:7b:cb:1b:4f:57:e8:99:9a:48:35:d3:51:
29:1b:ca:0f:20:7a:52:11:38:a3:dc:40:63:f7:61:57:12:5c:
84:1c:a8:7a:33:fc:c3:e0:dc:b4:d4:68:79:d8:72:95:99:4a:
ad:bd:e3:8e:58:ce:0e:f3:49:39:f1:a6:e6:ee:ea:e4:ed:c0:
8e:7f:57:a0:c7:7f:2b:37:9a:0a:1a:48:34:64:6e:80:36:43:
c5:3c:d3:c9:5c:9b:8b:62:c9:47:f2:52:b2:0f:fe:d7:a1:54:
63:15:e4:f8:1d:b7:77:4b:f9:2b:66:38:eb:07:ec:ee:36:77:
b3:dc:c1:3f:f9:ea:df:b4:1a:14:59:bf:da:cb:ee:04:ff:2d:
8b:9e:fa:51:85:9b:18:60:9f:d2:53:6b:a0:22:e3:e2:38:7f:
e0:cc:fe:e8:44:81:4b:ce:d5:7b:f0:e7:60:cd:f0:6c:fa:a1:
40:07:73:6c
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAYcUwFFky3qxG2R8vvBg1n7rMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRmOTA0MTU1ZWUzYWNmZTNmZWE4YmJmZWU4NmU5N2M1OGM4
OTkxZjQwHhcNMjMwMzI0MTc1MjQwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYTAxYWY5ZDUwNzM3YzI1Mzc3YTVmYTM0YzYwYzBlYmY4MmQzNDBmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkY6c9AJKDv2WjFFzNZDm6CJJZgvm
v7t5o3AHDgZLGCrVRj6CJQuhmMXm05E6BdI/0CjSuWEBt+OB71gMBU0Obn/UP2Ti
RjwMYt7O6YyObhdGnfAumIaVSgnhkPmLRb8yBLf0p3dFsrab3kz/DX/HvNHIME6G
cxcfa0xUYF118KrWGTPLVvwjlxqpe/yfA7sAxXUJeDhLS0lOhEr/c8ZWz4lm+IfQ
Bk/xVO1SMbriPfsWovoT157AjW9m5ZPJYY8afSwWK0tGfPF8frk1m4+nQSRa2m6M
ikJnKkqxvJ+AEnO6BcVheIj7wweyM3rAbH0Xwp5tcoNGJp3WgTjE120i5QIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFPoBr51Qc3wlN3pfo0xgwOv4LTQPMB8GA1UdIwQY
MBaAFN+QQVXuOs/j/qi7/uhul8WMiZH0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMzVCQlZlNDZ6LVAtcUx2LTZHNlh4WXlKa2ZRLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83YS80NDJlMTctNDE5OC00MzViLTk2ZjQt
NjQ2N2Y0NGI0M2JmLzEvMS1nR3ZuVkJ6ZkNVM2VsLWpUR0RBNl9ndE5BOC5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvN2EvNDQyZTE3LTQxOTgtNDM1Yi05NmY0LTY0NjdmNDRiNDNi
Zi8xLzM1QkJWZTQ2ei1QLXFMdi02RzZYeFl5SmtmUS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjA0BggrBgEFBQcBBwEB/wQlMCMwEgQCAAEwDAMEAx8NmAME
A09jwDANBAIAAjAHAwUAKgAVODANBgkqhkiG9w0BAQsFAAOCAQEAKRE1hd8elVUp
j64E7l3MBQxV0g5vj87Yhn7rRqQ0/Ew3FrdOmcznlvs3zaoCbh7BrxfCeO+wwlSO
e/P7oYDx/rXV/mMtxVFyyb0uYUXFe8sbT1fomZpINdNRKRvKDyB6UhE4o9xAY/dh
VxJchByoejP8w+DctNRoedhylZlKrb3jjljODvNJOfGm5u7q5O3Ajn9XoMd/Kzea
ChpINGRugDZDxTzTyVybi2LJR/JSsg/+16FUYxXk+B23d0v5K2Y46wfs7jZ3s9zB
P/nq37QaFFm/2svuBP8ti576UYWbGGCf0lNroCLj4jh/4Mz+6ESBS87Ve/DnYM3w
bPqhQAdzbA==
-----END CERTIFICATE-----
Generated at Thu Jun 12 17:55:26 2025 by rpki-client