Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/729fda-d852-4aca-9aff-6d1fa42d0b80/1/gs8FMJ3TYDKThiEsCBBlXX0PqwM.roa
File: gs8FMJ3TYDKThiEsCBBlXX0PqwM.roa (raw, json)
Hash identifier: 4i4XxxN9d4aqGluiBx6sjeMXY0+SgOc5oQO0DSsBnJw=
Subject key identifier: 82:CF:05:30:9D:D3:60:32:93:86:21:2C:08:10:65:5D:7D:0F:AB:03
Certificate issuer: /CN=5c29cba2dacf0ef9fa22090032bb159a109140f0
Certificate serial: 01856DAF554E6E80377B5204926DBC802140
Authority key identifier: 5C:29:CB:A2:DA:CF:0E:F9:FA:22:09:00:32:BB:15:9A:10:91:40:F0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XCnLotrPDvn6IgkAMrsVmhCRQPA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/729fda-d852-4aca-9aff-6d1fa42d0b80/1/gs8FMJ3TYDKThiEsCBBlXX0PqwM.roa
Signing time: Sun 01 Jan 2023 14:14:45 +0000
ROA not before: Sun 01 Jan 2023 14:14:45 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 57292
IP address blocks: 185.130.79.0/24 maxlen: 24
185.130.77.0/24 maxlen: 24
185.130.78.0/24 maxlen: 24
185.130.76.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:af:55:4e:6e:80:37:7b:52:04:92:6d:bc:80:21:40
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5c29cba2dacf0ef9fa22090032bb159a109140f0
Validity
Not Before: Jan 1 14:14:45 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=82cf05309dd360329386212c0810655d7d0fab03
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e8:9a:7d:8e:d5:f1:82:d5:ad:cc:5f:fa:de:b0:
50:35:5c:91:cb:7c:f1:ef:eb:83:ca:bb:42:c7:f1:
43:22:63:f5:3b:c5:08:8f:7e:a2:7a:5a:e5:03:d8:
0e:da:04:4b:08:ec:cb:23:36:5b:9f:54:2f:e5:0d:
29:e7:20:30:8e:6f:5e:5f:4e:09:b6:45:3f:e0:0a:
e2:61:18:75:cd:33:02:14:7f:76:72:79:3e:8e:57:
fb:d0:63:bb:6a:fd:22:28:84:32:84:1a:2d:04:a4:
72:29:d2:c1:1f:76:d8:b7:7b:0d:52:d9:cb:34:89:
35:7e:b9:f7:aa:f7:32:31:68:46:8c:fa:ee:2d:6f:
2f:65:b1:9a:1e:d5:4a:f7:fc:7a:be:3b:c3:43:5b:
16:af:d0:e4:94:69:c4:b7:ba:24:87:a4:9e:0e:fd:
48:fc:20:84:78:57:2b:24:14:e1:e1:a4:85:cf:c0:
7e:eb:5d:51:aa:c2:90:e2:1e:5a:da:fa:9d:60:24:
af:f7:1d:64:b3:23:51:01:a2:05:12:22:90:8d:11:
d1:d7:fa:92:3f:5f:1c:cc:2f:7c:64:7b:c9:56:81:
26:47:42:23:65:f8:ea:63:0a:93:73:21:83:1f:18:
45:0b:7c:16:0b:7c:9e:1e:ec:05:a6:b6:ad:fc:20:
e0:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
82:CF:05:30:9D:D3:60:32:93:86:21:2C:08:10:65:5D:7D:0F:AB:03
X509v3 Authority Key Identifier:
keyid:5C:29:CB:A2:DA:CF:0E:F9:FA:22:09:00:32:BB:15:9A:10:91:40:F0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XCnLotrPDvn6IgkAMrsVmhCRQPA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/729fda-d852-4aca-9aff-6d1fa42d0b80/1/gs8FMJ3TYDKThiEsCBBlXX0PqwM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/729fda-d852-4aca-9aff-6d1fa42d0b80/1/XCnLotrPDvn6IgkAMrsVmhCRQPA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.130.76.0/22
Signature Algorithm: sha256WithRSAEncryption
1c:16:8f:c7:c0:be:7b:88:d1:4b:5e:18:9c:70:98:c8:7c:77:
f2:04:2a:83:51:76:e3:7f:35:97:4c:1b:f6:98:ef:5a:4b:b6:
e5:22:1c:ed:4b:c9:85:b7:cc:e0:4d:ee:2d:57:04:56:30:ea:
02:01:9d:1c:a1:f9:83:45:f6:71:9a:97:cd:e3:4a:33:ce:7a:
86:a2:f4:0a:6f:c0:b5:9e:f3:c7:1c:13:c7:57:ce:b1:df:9b:
86:c0:45:80:ac:32:c0:6d:c5:f3:36:8d:e0:ae:e0:b7:c5:04:
b7:d3:6d:94:65:08:a2:01:6f:8b:e8:84:53:c2:ee:87:aa:a4:
c0:a5:cd:23:b3:ad:29:42:61:f7:6e:77:75:71:98:81:de:6d:
04:90:16:7e:30:c9:4f:9d:35:11:7b:9f:7d:ce:c7:98:18:cd:
9b:75:5e:8c:18:2c:45:57:a3:fa:13:59:35:c5:0f:33:d6:d7:
e3:ea:f6:05:86:fb:67:91:07:2a:4c:fd:11:bc:96:21:b9:0c:
bd:d3:d1:db:11:e2:61:a2:11:20:cd:5c:dc:5b:2d:6b:46:d4:
cc:2c:a5:c4:1b:32:6d:8b:a6:df:7e:21:10:ce:55:46:af:6b:
58:26:43:fe:9d:f8:42:dc:a5:e8:c7:82:d3:19:a5:36:c9:58:
5a:bc:48:ea
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVtr1VOboA3e1IEkm28gCFAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVjMjljYmEyZGFjZjBlZjlmYTIyMDkwMDMyYmIxNTlhMTA5
MTQwZjAwHhcNMjMwMTAxMTQxNDQ1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MmNmMDUzMDlkZDM2MDMyOTM4NjIxMmMwODEwNjU1ZDdkMGZhYjAzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6Jp9jtXxgtWtzF/63rBQNVyRy3zx
7+uDyrtCx/FDImP1O8UIj36ielrlA9gO2gRLCOzLIzZbn1Qv5Q0p5yAwjm9eX04J
tkU/4AriYRh1zTMCFH92cnk+jlf70GO7av0iKIQyhBotBKRyKdLBH3bYt3sNUtnL
NIk1frn3qvcyMWhGjPruLW8vZbGaHtVK9/x6vjvDQ1sWr9DklGnEt7okh6SeDv1I
/CCEeFcrJBTh4aSFz8B+611RqsKQ4h5a2vqdYCSv9x1ksyNRAaIFEiKQjRHR1/qS
P18czC98ZHvJVoEmR0IjZfjqYwqTcyGDHxhFC3wWC3yeHuwFprat/CDg7wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFILPBTCd02Ayk4YhLAgQZV19D6sDMB8GA1UdIwQY
MBaAFFwpy6Lazw75+iIJADK7FZoQkUDwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWENuTG90clBEdm42SWdrQU1yc1ZtaENSUVBBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC83MjlmZGEtZDg1Mi00YWNhLTlhZmYt
NmQxZmE0MmQwYjgwLzEvZ3M4Rk1KM1RZREtUaGlFc0NCQmxYWDBQcXdNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC83MjlmZGEtZDg1Mi00YWNhLTlhZmYtNmQxZmE0MmQwYjgw
LzEvWENuTG90clBEdm42SWdrQU1yc1ZtaENSUVBBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuYJMMA0G
CSqGSIb3DQEBCwUAA4IBAQAcFo/HwL57iNFLXhiccJjIfHfyBCqDUXbjfzWXTBv2
mO9aS7blIhztS8mFt8zgTe4tVwRWMOoCAZ0cofmDRfZxmpfN40ozznqGovQKb8C1
nvPHHBPHV86x35uGwEWArDLAbcXzNo3gruC3xQS3022UZQiiAW+L6IRTwu6HqqTA
pc0js60pQmH3bnd1cZiB3m0EkBZ+MMlPnTURe599zseYGM2bdV6MGCxFV6P6E1k1
xQ8z1tfj6vYFhvtnkQcqTP0RvJYhuQy909HbEeJhohEgzVzcWy1rRtTMLKXEGzJt
i6bffiEQzlVGr2tYJkP+nfhC3KXox4LTGaU2yVhavEjq
-----END CERTIFICATE-----
Generated at Sat Apr 19 01:20:35 2025 by rpki-client