Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/61083c-4b3d-46d8-82aa-b2997bc61474/1/GYKgnRSqZ_XT1ZRb2GJNQkdGPHo.roa
File: GYKgnRSqZ_XT1ZRb2GJNQkdGPHo.roa (raw, json)
Hash identifier: ItN96KUaU17530w41gwxKoC56Cby2Au877M4K6+cmaM=
Subject key identifier: 19:82:A0:9D:14:AA:67:F5:D3:D5:94:5B:D8:62:4D:42:47:46:3C:7A
Certificate issuer: /CN=63427c535873e4c4ead8042d67bbf3f1f47b26b1
Certificate serial: 018573839A6236F12EE3424F79AB32F58FE5
Authority key identifier: 63:42:7C:53:58:73:E4:C4:EA:D8:04:2D:67:BB:F3:F1:F4:7B:26:B1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y0J8U1hz5MTq2AQtZ7vz8fR7JrE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a0/61083c-4b3d-46d8-82aa-b2997bc61474/1/GYKgnRSqZ_XT1ZRb2GJNQkdGPHo.roa
Signing time: Mon 02 Jan 2023 17:24:42 +0000
ROA not before: Mon 02 Jan 2023 17:24:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 15600
IP address blocks: 185.206.244.0/22 maxlen: 22
91.138.64.0/18 maxlen: 18
2a0a:d1c0::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:73:83:9a:62:36:f1:2e:e3:42:4f:79:ab:32:f5:8f:e5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63427c535873e4c4ead8042d67bbf3f1f47b26b1
Validity
Not Before: Jan 2 17:24:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1982a09d14aa67f5d3d5945bd8624d4247463c7a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:12:a2:5a:63:6d:97:2f:1b:47:de:fd:51:14:
14:4b:da:63:ef:36:86:f6:bc:17:55:2d:ae:23:d5:
05:92:03:52:12:86:e4:63:96:52:3f:e7:4a:b5:eb:
20:ca:ee:0b:6c:7e:2d:9e:86:58:30:56:54:a2:6a:
e4:e4:e0:bd:12:bd:90:a5:5d:1d:5d:cc:35:bf:71:
f3:0b:22:2c:4f:34:36:47:76:df:62:f1:b3:bc:36:
57:b3:07:a9:93:98:6d:ec:fa:11:26:24:d9:5f:c4:
99:95:53:8a:21:cf:71:39:f1:1a:98:07:81:6f:57:
6b:06:a4:99:7c:9d:39:87:1a:a2:69:7b:e3:17:69:
6d:38:25:05:b1:39:8c:73:45:6a:0b:ec:91:79:e9:
d2:86:55:d9:40:bc:ea:e3:14:6e:22:05:13:5d:6c:
6a:d4:92:5b:d9:6e:c9:1b:89:df:93:29:ed:92:2b:
53:b9:60:4f:78:5a:eb:54:97:98:eb:93:42:8b:d7:
fb:2c:ed:d5:9c:b1:12:a0:1e:0f:26:08:91:be:61:
51:60:18:8a:e2:d6:74:b5:5f:e0:06:8a:49:ae:f9:
c8:22:6b:08:d8:84:db:a6:af:93:ee:31:3c:29:4a:
8c:f3:e8:42:2e:42:95:74:eb:3c:9c:0f:2e:6d:bc:
57:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
19:82:A0:9D:14:AA:67:F5:D3:D5:94:5B:D8:62:4D:42:47:46:3C:7A
X509v3 Authority Key Identifier:
keyid:63:42:7C:53:58:73:E4:C4:EA:D8:04:2D:67:BB:F3:F1:F4:7B:26:B1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y0J8U1hz5MTq2AQtZ7vz8fR7JrE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/61083c-4b3d-46d8-82aa-b2997bc61474/1/GYKgnRSqZ_XT1ZRb2GJNQkdGPHo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/61083c-4b3d-46d8-82aa-b2997bc61474/1/Y0J8U1hz5MTq2AQtZ7vz8fR7JrE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.138.64.0/18
185.206.244.0/22
IPv6:
2a0a:d1c0::/29
Signature Algorithm: sha256WithRSAEncryption
09:6d:68:f3:1b:a6:36:f5:08:f2:04:81:02:46:31:f8:91:69:
f7:3d:89:65:35:96:77:05:2e:28:4e:8f:d8:fe:0f:ed:a1:9d:
68:96:5a:c1:ec:38:ed:2f:61:c3:57:3e:24:5e:95:1f:5d:6c:
71:3d:ea:e1:03:ed:f1:2f:67:ff:ac:60:2c:65:dd:ad:f0:89:
2c:1a:61:95:12:67:df:5c:9a:b7:87:0a:c5:22:12:b1:bc:62:
cb:9e:e0:3a:9d:0d:b9:cb:1c:87:96:b4:ed:61:ae:ac:8a:ae:
c9:00:e1:0d:1d:f8:50:63:3c:a9:a6:e0:c7:8b:5b:a0:0f:8d:
94:e3:18:36:4c:68:52:16:9f:2f:49:5c:4d:2a:19:f9:99:1b:
a7:cb:c0:cc:ce:99:24:fe:b0:7c:da:33:ad:ac:66:3a:08:5d:
41:a7:16:88:c9:e0:5a:cb:50:99:d1:c4:e2:33:a5:be:a2:41:
df:97:ea:b2:38:d2:c1:b9:11:93:57:79:29:ee:4f:d5:9d:98:
04:72:3e:5a:31:5f:f6:c9:d9:76:43:43:1d:1c:fd:d0:33:8a:
00:eb:00:a1:ca:d8:be:1b:14:f7:d3:3b:58:25:bc:a4:dc:e1:
3f:08:0d:a1:54:f2:af:19:9a:17:b2:ae:96:1f:14:a0:ba:47:
9f:61:de:c4
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYVzg5piNvEu40JPeasy9Y/lMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzNDI3YzUzNTg3M2U0YzRlYWQ4MDQyZDY3YmJmM2YxZjQ3
YjI2YjEwHhcNMjMwMTAyMTcyNDQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxOTgyYTA5ZDE0YWE2N2Y1ZDNkNTk0NWJkODYyNGQ0MjQ3NDYzYzdhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtRKiWmNtly8bR979URQUS9pj7zaG
9rwXVS2uI9UFkgNSEobkY5ZSP+dKtesgyu4LbH4tnoZYMFZUomrk5OC9Er2QpV0d
Xcw1v3HzCyIsTzQ2R3bfYvGzvDZXswepk5ht7PoRJiTZX8SZlVOKIc9xOfEamAeB
b1drBqSZfJ05hxqiaXvjF2ltOCUFsTmMc0VqC+yReenShlXZQLzq4xRuIgUTXWxq
1JJb2W7JG4nfkyntkitTuWBPeFrrVJeY65NCi9f7LO3VnLESoB4PJgiRvmFRYBiK
4tZ0tV/gBopJrvnIImsI2ITbpq+T7jE8KUqM8+hCLkKVdOs8nA8ubbxX+QIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFBmCoJ0Uqmf109WUW9hiTUJHRjx6MB8GA1UdIwQY
MBaAFGNCfFNYc+TE6tgELWe78/H0eyaxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWTBKOFUxaHo1TVRxMkFRdFo3dno4ZlI3SnJFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC82MTA4M2MtNGIzZC00NmQ4LTgyYWEt
YjI5OTdiYzYxNDc0LzEvR1lLZ25SU3FaX1hUMVpSYjJHSk5Ra2RHUEhvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC82MTA4M2MtNGIzZC00NmQ4LTgyYWEtYjI5OTdiYzYxNDc0
LzEvWTBKOFUxaHo1TVRxMkFRdFo3dno4ZlI3SnJFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQGW4pAAwQC
uc70MA0EAgACMAcDBQMqCtHAMA0GCSqGSIb3DQEBCwUAA4IBAQAJbWjzG6Y29Qjy
BIECRjH4kWn3PYllNZZ3BS4oTo/Y/g/toZ1ollrB7DjtL2HDVz4kXpUfXWxxPerh
A+3xL2f/rGAsZd2t8IksGmGVEmffXJq3hwrFIhKxvGLLnuA6nQ25yxyHlrTtYa6s
iq7JAOENHfhQYzyppuDHi1ugD42U4xg2TGhSFp8vSVxNKhn5mRuny8DMzpkk/rB8
2jOtrGY6CF1BpxaIyeBay1CZ0cTiM6W+okHfl+qyONLBuRGTV3kp7k/VnZgEcj5a
MV/2ydl2Q0MdHP3QM4oA6wChyti+GxT30ztYJbyk3OE/CA2hVPKvGZoXsq6WHxSg
ukefYd7E
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:25:30 2025 by rpki-client