Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/gSRKQJHL7CqXU28W693TnZcrA4I.roa
File: gSRKQJHL7CqXU28W693TnZcrA4I.roa (raw, json)
Hash identifier: AmWQYsFrIAGUHm1OUyu/sOmIVifQ4CDCpuYO6sAxUBg=
Subject key identifier: 81:24:4A:40:91:CB:EC:2A:97:53:6F:16:EB:DD:D3:9D:97:2B:03:82
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 018C91B8D4752B74AA5FD3E949185514F581
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/gSRKQJHL7CqXU28W693TnZcrA4I.roa
Signing time: Fri 22 Dec 2023 13:30:58 +0000
ROA not before: Fri 22 Dec 2023 13:30:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 185.49.126.0/23 maxlen: 24
89.213.180.0/24 maxlen: 24
82.153.136.0/22 maxlen: 22
81.168.119.0/24 maxlen: 24
81.168.126.0/24 maxlen: 24
89.213.152.0/22 maxlen: 24
89.213.148.0/22 maxlen: 24
89.213.156.0/22 maxlen: 24
213.152.42.0/24 maxlen: 24
89.213.172.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:91:b8:d4:75:2b:74:aa:5f:d3:e9:49:18:55:14:f5:81
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Dec 22 13:30:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=81244a4091cbec2a97536f16ebddd39d972b0382
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:53:77:0a:1b:fe:1e:bd:1b:db:10:0b:5d:5f:
d0:c4:68:d1:0d:5b:a3:0e:6b:26:b0:2f:83:ef:b4:
57:ed:17:4c:37:66:07:93:97:4c:7e:28:a9:1f:f6:
2a:72:05:4d:cd:92:30:f1:b0:56:f8:57:de:11:86:
8a:3e:74:15:7e:03:19:28:43:cd:52:60:cc:f3:be:
3b:c6:79:2d:89:dd:ca:a6:86:cd:ad:d6:c8:b9:bc:
50:8c:a3:79:44:ca:18:95:80:fb:c3:4b:55:e9:79:
bc:d8:02:e5:46:b5:ce:f6:d0:33:1e:52:01:b6:50:
d0:ad:95:78:3b:cc:41:7f:9b:a2:43:fb:7f:54:3a:
43:9b:64:13:9c:94:62:d0:9a:24:15:38:70:9e:e4:
2f:e2:5f:84:82:d1:c4:3d:5c:f7:f6:c6:cf:69:b0:
99:fc:3a:91:9d:d2:1b:84:c5:0e:8a:a8:cb:e9:3c:
04:78:23:fd:7b:8d:7f:90:d1:09:b8:cf:5d:86:c2:
3b:20:79:4f:07:3b:07:68:35:b1:b2:72:f5:cf:6b:
c8:14:bf:13:36:d2:86:8e:34:21:56:df:33:09:eb:
80:ec:eb:f3:7a:a5:34:14:d2:55:e3:99:83:62:f3:
b1:75:48:85:0c:bd:f8:c4:29:6f:d4:8b:3b:c4:ea:
ff:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
81:24:4A:40:91:CB:EC:2A:97:53:6F:16:EB:DD:D3:9D:97:2B:03:82
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/gSRKQJHL7CqXU28W693TnZcrA4I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.168.119.0/24
81.168.126.0/24
82.153.136.0/22
89.213.148.0-89.213.159.255
89.213.172.0/22
89.213.180.0/24
185.49.126.0/23
213.152.42.0/24
Signature Algorithm: sha256WithRSAEncryption
1d:59:a1:8c:6f:51:91:9b:4d:73:8b:df:4f:15:2f:3f:04:a0:
56:a6:54:36:97:ab:3f:39:46:b7:31:3e:77:8c:ea:28:5b:38:
e0:97:d3:74:d1:4e:1f:a4:91:83:52:07:13:45:f6:02:c9:c4:
32:ca:ae:a8:f2:b4:98:67:98:c1:55:b1:55:ed:3a:73:88:2f:
85:7a:bc:4e:76:b5:14:e8:f4:4d:18:73:19:25:85:5e:80:75:
de:44:19:9e:53:9e:30:49:0a:7a:40:d7:e5:5e:8b:87:37:29:
f1:d3:b2:d6:93:6f:5e:67:26:1a:86:5f:95:ff:a6:ed:5c:ac:
bc:96:d1:0e:1a:38:68:e3:d9:42:11:5c:62:85:e8:61:b4:6d:
90:aa:6a:54:bb:50:67:15:8f:9d:9d:65:2e:bb:e3:d2:9e:1c:
d9:29:11:e5:99:93:1c:ab:ff:f0:3d:d2:f8:1f:94:c3:27:13:
28:5b:ce:ff:3d:a8:f7:57:0a:fa:be:4b:a0:f0:6b:d4:71:d2:
ec:26:fd:2c:42:6f:b8:e1:8a:72:3d:f8:9f:30:84:c0:47:18:
f2:d6:30:35:bd:f0:53:6f:e6:fa:37:81:1d:a5:3c:2f:ef:97:
d6:85:79:9e:72:21:9a:4d:77:89:40:d3:03:0e:85:27:b2:72:
ec:5c:72:f5
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgISAYyRuNR1K3SqX9PpSRhVFPWBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjMxMjIyMTMzMDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MTI0NGE0MDkxY2JlYzJhOTc1MzZmMTZlYmRkZDM5ZDk3MmIwMzgyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh1N3Chv+Hr0b2xALXV/QxGjRDVuj
DmsmsC+D77RX7RdMN2YHk5dMfiipH/YqcgVNzZIw8bBW+FfeEYaKPnQVfgMZKEPN
UmDM8747xnktid3KpobNrdbIubxQjKN5RMoYlYD7w0tV6Xm82ALlRrXO9tAzHlIB
tlDQrZV4O8xBf5uiQ/t/VDpDm2QTnJRi0JokFThwnuQv4l+EgtHEPVz39sbPabCZ
/DqRndIbhMUOiqjL6TwEeCP9e41/kNEJuM9dhsI7IHlPBzsHaDWxsnL1z2vIFL8T
NtKGjjQhVt8zCeuA7OvzeqU0FNJV45mDYvOxdUiFDL34xClv1Is7xOr/fwIDAQAB
o4ICOzCCAjcwHQYDVR0OBBYEFIEkSkCRy+wql1NvFuvd052XKwOCMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvZ1NSS1FKSEw3Q3FYVTI4VzY5M1RuWmNyQTRJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFEGCCsGAQUFBwEHAQH/BEIwQDA+BAIAATA4AwQAUah3AwQA
Uah+AwQCUpmIMAwDBAJZ1ZQDBAVZ1YADBAJZ1awDBABZ1bQDBAG5MX4DBADVmCow
DQYJKoZIhvcNAQELBQADggEBAB1ZoYxvUZGbTXOL308VLz8EoFamVDaXqz85Rrcx
PneM6ihbOOCX03TRTh+kkYNSBxNF9gLJxDLKrqjytJhnmMFVsVXtOnOIL4V6vE52
tRTo9E0YcxklhV6Add5EGZ5TnjBJCnpA1+Vei4c3KfHTstaTb15nJhqGX5X/pu1c
rLyW0Q4aOGjj2UIRXGKF6GG0bZCqalS7UGcVj52dZS6749KeHNkpEeWZkxyr//A9
0vgflMMnEyhbzv89qPdXCvq+S6Dwa9Rx0uwm/SxCb7jhinI9+J8whMBHGPLWMDW9
8FNv5vo3gR2lPC/vl9aFeZ5yIZpNd4lA0wMOhSeycuxccvU=
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:32:08 2025 by rpki-client