Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a8/9fa83d-b2a3-45e4-8499-f525816402bd/1/4GYJIThsxYmmWQIQVYzPCXi4D_Q.roa
File: 4GYJIThsxYmmWQIQVYzPCXi4D_Q.roa (raw, json)
Hash identifier: x5MUgBw9bVOStVpOv3DnDFPYwrwzmiXcck9YUtSX1xw=
Subject key identifier: E0:66:09:21:38:6C:C5:89:A6:59:02:10:55:8C:CF:09:78:B8:0F:F4
Certificate issuer: /CN=ff82309a6814678ad72e3f31a4fe0272f40bd986
Certificate serial: 08336A75
Authority key identifier: FF:82:30:9A:68:14:67:8A:D7:2E:3F:31:A4:FE:02:72:F4:0B:D9:86
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_4IwmmgUZ4rXLj8xpP4CcvQL2YY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a8/9fa83d-b2a3-45e4-8499-f525816402bd/1/4GYJIThsxYmmWQIQVYzPCXi4D_Q.roa
Signing time: Sat 01 Jan 2022 04:58:53 +0000
ROA not before: Sat 01 Jan 2022 04:58:53 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 42423
IP address blocks: 193.168.184.0/23 maxlen: 24
193.168.187.0/24 maxlen: 24
194.1.167.0/24 maxlen: 24
2a09:1400::/30 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 137587317 (0x8336a75)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ff82309a6814678ad72e3f31a4fe0272f40bd986
Validity
Not Before: Jan 1 04:58:53 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=e0660921386cc589a6590210558ccf0978b80ff4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:fa:bd:e7:a4:e7:c5:0e:44:68:14:33:ff:c2:
b0:c0:aa:1c:de:fd:0e:87:b8:00:96:b0:68:04:79:
80:22:8b:bf:1b:f9:17:ef:8d:ad:8c:44:be:cf:4c:
65:47:d8:51:bc:89:6e:19:7a:ae:7a:7a:c0:52:2b:
50:71:2b:89:27:5e:a0:aa:df:e7:59:d6:61:9f:62:
ce:78:67:7d:b9:0e:0d:3b:04:72:b1:79:1f:d9:13:
e5:bc:73:9e:83:63:af:95:2f:05:6d:49:11:74:46:
62:12:13:a5:37:31:4a:92:8a:fb:df:e9:03:8f:b1:
5b:6a:5a:92:a8:3f:d1:5e:04:13:bd:24:f3:59:14:
70:21:f8:da:bc:26:3a:ae:dc:9a:9b:54:b2:7b:be:
15:9f:8a:7d:d6:6a:20:60:54:5a:34:fb:7b:de:89:
39:33:10:00:a3:ba:c2:9b:34:dc:b6:81:af:38:3f:
5d:9e:e3:ef:16:71:3d:c7:13:df:9b:c1:43:d2:12:
3b:14:37:db:70:0a:e2:2e:f1:6f:9f:05:24:c0:3a:
7e:56:48:84:8c:7d:83:74:ce:b3:15:48:c5:f5:aa:
d5:3c:be:a2:5a:0a:12:a2:20:b3:a4:ba:ed:18:f5:
85:d3:c5:4a:bf:a7:f3:71:de:76:f8:9a:4f:89:14:
9b:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:66:09:21:38:6C:C5:89:A6:59:02:10:55:8C:CF:09:78:B8:0F:F4
X509v3 Authority Key Identifier:
keyid:FF:82:30:9A:68:14:67:8A:D7:2E:3F:31:A4:FE:02:72:F4:0B:D9:86
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_4IwmmgUZ4rXLj8xpP4CcvQL2YY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/9fa83d-b2a3-45e4-8499-f525816402bd/1/4GYJIThsxYmmWQIQVYzPCXi4D_Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/9fa83d-b2a3-45e4-8499-f525816402bd/1/_4IwmmgUZ4rXLj8xpP4CcvQL2YY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.168.184.0/23
193.168.187.0/24
194.1.167.0/24
IPv6:
2a09:1400::/30
Signature Algorithm: sha256WithRSAEncryption
3d:f2:60:4b:08:aa:cd:9f:87:b9:f4:ee:36:28:a7:54:48:f8:
a3:30:37:50:36:ec:4c:e6:b5:c1:a1:4f:80:49:bc:ce:50:36:
bd:c8:2a:d4:95:cb:de:e9:c6:07:9b:ba:73:19:21:0d:9c:e4:
f7:cf:44:6e:98:31:4c:0d:be:63:2f:21:cd:c1:ef:14:63:e8:
71:96:a2:0c:1e:32:e2:a8:52:86:c7:25:14:a9:68:85:f6:52:
61:de:63:f7:ba:e8:c2:51:82:8c:aa:b9:6b:5b:a9:f7:6b:a8:
18:e2:01:8f:67:b5:af:ad:8d:fd:f4:4d:a1:ac:0a:79:dd:49:
40:f2:a7:0d:38:cf:c4:25:97:a4:78:0a:c4:c1:ec:e4:d7:08:
f0:7b:1b:35:81:77:5a:77:6f:5a:f5:30:96:e8:f2:ec:0c:79:
69:01:45:f1:6f:98:ae:c5:16:d7:7e:ba:ac:69:75:f3:7b:84:
bd:20:6b:a7:2a:e4:46:77:cb:fe:d4:cb:c3:eb:6c:40:71:bb:
1b:c3:5e:b6:9d:bd:e3:0b:f9:2d:7d:6a:47:30:b0:a7:13:22:
dc:e3:99:e6:38:bb:1c:53:84:db:5f:95:81:cb:13:60:d3:44:
c7:d6:f2:12:42:31:af:25:e6:85:98:03:2a:42:6c:88:08:b1:
f8:f9:d7:40
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgIECDNqdTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
ZjgyMzA5YTY4MTQ2NzhhZDcyZTNmMzFhNGZlMDI3MmY0MGJkOTg2MB4XDTIyMDEw
MTA0NTg1M1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZTA2NjA5MjEzODZj
YzU4OWE2NTkwMjEwNTU4Y2NmMDk3OGI4MGZmNDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANP6veek58UORGgUM//CsMCqHN79Doe4AJawaAR5gCKLvxv5
F++NrYxEvs9MZUfYUbyJbhl6rnp6wFIrUHEriSdeoKrf51nWYZ9iznhnfbkODTsE
crF5H9kT5bxznoNjr5UvBW1JEXRGYhITpTcxSpKK+9/pA4+xW2pakqg/0V4EE70k
81kUcCH42rwmOq7cmptUsnu+FZ+KfdZqIGBUWjT7e96JOTMQAKO6wps03LaBrzg/
XZ7j7xZxPccT35vBQ9ISOxQ323AK4i7xb58FJMA6flZIhIx9g3TOsxVIxfWq1Ty+
oloKEqIgs6S67Rj1hdPFSr+n83HedviaT4kUm98CAwEAAaOCAiQwggIgMB0GA1Ud
DgQWBBTgZgkhOGzFiaZZAhBVjM8JeLgP9DAfBgNVHSMEGDAWgBT/gjCaaBRnitcu
PzGk/gJy9AvZhjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L180SXdtbWdVWjRyWExqOHhwUDRDY3ZRTDJZWS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYTgvOWZhODNkLWIyYTMtNDVlNC04NDk5LWY1MjU4MTY0MDJiZC8x
LzRHWUpJVGhzeFltbVdRSVFWWXpQQ1hpNERfUS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYTgv
OWZhODNkLWIyYTMtNDVlNC04NDk5LWY1MjU4MTY0MDJiZC8xL180SXdtbWdVWjRy
WExqOHhwUDRDY3ZRTDJZWS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA6
BggrBgEFBQcBBwEB/wQrMCkwGAQCAAEwEgMEAcGouAMEAMGouwMEAMIBpzANBAIA
AjAHAwUCKgkUADANBgkqhkiG9w0BAQsFAAOCAQEAPfJgSwiqzZ+HufTuNiinVEj4
ozA3UDbsTOa1waFPgEm8zlA2vcgq1JXL3unGB5u6cxkhDZzk989EbpgxTA2+Yy8h
zcHvFGPocZaiDB4y4qhShsclFKlohfZSYd5j97rowlGCjKq5a1up92uoGOIBj2e1
r62N/fRNoawKed1JQPKnDTjPxCWXpHgKxMHs5NcI8HsbNYF3WndvWvUwlujy7Ax5
aQFF8W+YrsUW1366rGl183uEvSBrpyrkRnfL/tTLw+tsQHG7G8Netp294wv5LX1q
RzCwpxMi3OOZ5ji7HFOE21+VgcsTYNNEx9byEkIxryXmhZgDKkJsiAix+PnXQA==
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:39:14 2025 by rpki-client