Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/aa/942022-4fb3-461d-b456-1526cb9abf9b/1/gxrabVXxrflsOXaeH73g5R2CmJE.roa
File: gxrabVXxrflsOXaeH73g5R2CmJE.roa (raw, json)
Hash identifier: RJ3lFVx5rSvz865XlZ96FWXQI0N0wZcnVhBjYbwBwDo=
Subject key identifier: 83:1A:DA:6D:55:F1:AD:F9:6C:39:76:9E:1F:BD:E0:E5:1D:82:98:91
Certificate issuer: /CN=300777c3b44144fd3056bf4b845450cb7fab9c2d
Certificate serial: 027FC370
Authority key identifier: 30:07:77:C3:B4:41:44:FD:30:56:BF:4B:84:54:50:CB:7F:AB:9C:2D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MAd3w7RBRP0wVr9LhFRQy3-rnC0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/aa/942022-4fb3-461d-b456-1526cb9abf9b/1/gxrabVXxrflsOXaeH73g5R2CmJE.roa
Signing time: Sat 01 Jan 2022 10:01:15 +0000
ROA not before: Sat 01 Jan 2022 10:01:15 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 211721
IP address blocks: 194.153.135.0/24 maxlen: 24
2a10:9f42::/31 maxlen: 31
2a10:9f46::/31 maxlen: 31
2a10:9f40::/31 maxlen: 31
2a10:9f44::/31 maxlen: 31
2a10:9f40::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 41927536 (0x27fc370)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=300777c3b44144fd3056bf4b845450cb7fab9c2d
Validity
Not Before: Jan 1 10:01:15 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=831ada6d55f1adf96c39769e1fbde0e51d829891
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:df:2c:8a:8c:28:59:0b:78:7a:df:f6:a8:c5:
5a:6b:37:be:f7:e9:6e:1d:8e:9b:15:5b:a9:2d:04:
a6:2a:17:f1:b1:af:81:21:83:fb:f3:d4:e9:a9:5e:
e4:b4:ec:d3:45:20:d7:ce:79:1f:fc:97:85:c9:d9:
d3:a6:5a:95:96:63:c1:16:bd:fc:da:d4:66:63:5a:
cf:bf:7b:3d:66:4f:e3:96:d0:8f:97:fb:5a:11:e5:
a2:ee:7d:37:d9:56:96:1d:7e:2f:18:4e:16:5c:61:
d6:9f:5d:ae:a9:7f:ad:2f:9c:82:dc:b6:6d:b1:10:
ae:b6:58:0f:da:de:37:f4:26:0c:51:e4:9f:c9:7a:
c5:dc:c8:b4:52:ba:ac:c9:a7:e9:5c:82:d7:c1:80:
f4:09:63:0d:88:e1:7f:18:40:1b:ed:d4:e9:06:c3:
58:ce:e8:05:57:4d:12:dd:3c:40:80:16:f7:39:82:
fe:5b:63:88:a0:77:36:ea:47:8e:f6:e0:00:53:ce:
c7:6f:d3:1b:4e:3a:df:58:a4:a2:85:d2:61:99:0c:
8d:21:d2:72:19:2d:31:61:78:69:0e:2b:b1:74:28:
d5:bf:77:59:3f:eb:e1:d4:39:31:19:d9:a7:19:89:
7f:c7:9e:e3:da:9b:9f:17:6a:65:4c:08:8b:95:04:
ab:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
83:1A:DA:6D:55:F1:AD:F9:6C:39:76:9E:1F:BD:E0:E5:1D:82:98:91
X509v3 Authority Key Identifier:
keyid:30:07:77:C3:B4:41:44:FD:30:56:BF:4B:84:54:50:CB:7F:AB:9C:2D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MAd3w7RBRP0wVr9LhFRQy3-rnC0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/942022-4fb3-461d-b456-1526cb9abf9b/1/gxrabVXxrflsOXaeH73g5R2CmJE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/942022-4fb3-461d-b456-1526cb9abf9b/1/MAd3w7RBRP0wVr9LhFRQy3-rnC0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.153.135.0/24
IPv6:
2a10:9f40::/29
Signature Algorithm: sha256WithRSAEncryption
79:83:c1:5f:54:b9:0b:b7:4c:6c:26:99:39:c4:00:16:f8:ac:
5e:f9:a3:9c:ef:6f:59:90:12:34:de:11:e4:00:4a:aa:f9:c6:
a6:5e:90:ab:ae:32:c1:83:07:2f:9c:5e:11:27:bb:e3:02:4d:
27:02:bb:c5:00:99:b6:a1:0c:8e:69:ac:7d:9b:a5:76:b9:fc:
91:de:17:5f:dc:7c:7b:0e:0f:15:d0:41:a4:d8:6f:31:3f:38:
25:ce:99:40:a5:b6:49:f2:47:b0:ed:cc:b2:9b:f6:49:21:db:
f3:09:cd:eb:91:b5:74:74:e9:bd:4a:bc:51:5c:8d:aa:25:c0:
dc:cf:8f:57:d9:b6:a4:90:56:af:06:3d:f1:4b:f3:24:2d:89:
e3:98:e1:36:2f:10:69:e9:33:8d:2c:9d:0a:b4:cb:10:62:05:
d3:b1:8f:23:ba:c0:8f:2f:35:05:ea:1c:30:12:a5:af:27:7b:
88:f7:ce:5a:f8:8a:b2:6b:91:9e:31:07:e8:cb:65:3f:35:0a:
20:05:fc:1d:50:ee:c0:e9:53:08:d4:2f:58:28:7c:9b:8d:0b:
4f:5c:0d:05:f0:14:95:6c:8b:03:7f:20:71:56:e7:5f:85:66:
46:79:44:a3:5b:2d:bc:1b:d7:e0:94:8c:30:ec:89:86:a3:9e:
f9:d3:b8:53
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIEAn/DcDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
MDA3NzdjM2I0NDE0NGZkMzA1NmJmNGI4NDU0NTBjYjdmYWI5YzJkMB4XDTIyMDEw
MTEwMDExNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoODMxYWRhNmQ1NWYx
YWRmOTZjMzk3NjllMWZiZGUwZTUxZDgyOTg5MTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJvfLIqMKFkLeHrf9qjFWms3vvfpbh2OmxVbqS0EpioX8bGv
gSGD+/PU6ale5LTs00Ug1855H/yXhcnZ06ZalZZjwRa9/NrUZmNaz797PWZP45bQ
j5f7WhHlou59N9lWlh1+LxhOFlxh1p9drql/rS+cgty2bbEQrrZYD9reN/QmDFHk
n8l6xdzItFK6rMmn6VyC18GA9AljDYjhfxhAG+3U6QbDWM7oBVdNEt08QIAW9zmC
/ltjiKB3NupHjvbgAFPOx2/TG04631ikooXSYZkMjSHSchktMWF4aQ4rsXQo1b93
WT/r4dQ5MRnZpxmJf8ee49qbnxdqZUwIi5UEq4cCAwEAAaOCAhgwggIUMB0GA1Ud
DgQWBBSDGtptVfGt+Ww5dp4fveDlHYKYkTAfBgNVHSMEGDAWgBQwB3fDtEFE/TBW
v0uEVFDLf6ucLTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L01BZDN3N1JCUlAwd1ZyOUxoRlJReTMtcm5DMC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYWEvOTQyMDIyLTRmYjMtNDYxZC1iNDU2LTE1MjZjYjlhYmY5Yi8x
L2d4cmFiVlh4cmZsc09YYWVINzNnNVIyQ21KRS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYWEv
OTQyMDIyLTRmYjMtNDYxZC1iNDU2LTE1MjZjYjlhYmY5Yi8xL01BZDN3N1JCUlAw
d1ZyOUxoRlJReTMtcm5DMC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAu
BggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEAMKZhzANBAIAAjAHAwUDKhCfQDAN
BgkqhkiG9w0BAQsFAAOCAQEAeYPBX1S5C7dMbCaZOcQAFvisXvmjnO9vWZASNN4R
5ABKqvnGpl6Qq64ywYMHL5xeESe74wJNJwK7xQCZtqEMjmmsfZuldrn8kd4XX9x8
ew4PFdBBpNhvMT84Jc6ZQKW2SfJHsO3Mspv2SSHb8wnN65G1dHTpvUq8UVyNqiXA
3M+PV9m2pJBWrwY98UvzJC2J45jhNi8QaekzjSydCrTLEGIF07GPI7rAjy81Beoc
MBKlryd7iPfOWviKsmuRnjEH6MtlPzUKIAX8HVDuwOlTCNQvWCh8m40LT1wNBfAU
lWyLA38gcVbnX4VmRnlEo1stvBvX4JSMMOyJhqOe+dO4Uw==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:58:43 2025 by rpki-client