Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b4/19d313-777b-4044-a238-8b8f3f8d7303/1/ga2Dax4mfI4Kwgm4IgqOPZyfwZI.roa
File: ga2Dax4mfI4Kwgm4IgqOPZyfwZI.roa (raw, json)
Hash identifier: lApSWNkbWm0G3RqxBFp+Zd331ToIkFAwUsfpZ/7Rk4M=
Subject key identifier: 81:AD:83:6B:1E:26:7C:8E:0A:C2:09:B8:22:0A:8E:3D:9C:9F:C1:92
Certificate issuer: /CN=4f99e4eae48a01c781faad11f6d81a91ea33bdff
Certificate serial: 0186DB8863BB33BF259A40C987335048A8CC
Authority key identifier: 4F:99:E4:EA:E4:8A:01:C7:81:FA:AD:11:F6:D8:1A:91:EA:33:BD:FF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T5nk6uSKAceB-q0R9tgakeozvf8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b4/19d313-777b-4044-a238-8b8f3f8d7303/1/ga2Dax4mfI4Kwgm4IgqOPZyfwZI.roa
Signing time: Mon 13 Mar 2023 15:13:14 +0000
ROA not before: Mon 13 Mar 2023 15:13:14 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 57752
IP address blocks: 185.54.36.0/22 maxlen: 22
185.17.56.0/24 maxlen: 24
185.17.56.0/22 maxlen: 22
185.17.57.0/24 maxlen: 24
45.130.238.0/24 maxlen: 24
45.130.237.0/24 maxlen: 24
45.130.236.0/22 maxlen: 22
45.130.236.0/24 maxlen: 24
45.130.239.0/24 maxlen: 24
109.205.64.0/21 maxlen: 21
2a03:dc00::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:db:88:63:bb:33:bf:25:9a:40:c9:87:33:50:48:a8:cc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f99e4eae48a01c781faad11f6d81a91ea33bdff
Validity
Not Before: Mar 13 15:13:14 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=81ad836b1e267c8e0ac209b8220a8e3d9c9fc192
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:cb:39:6b:52:8b:47:9b:88:5c:cc:bc:2a:1d:
e2:fe:91:70:e2:5b:c8:5f:26:a6:3f:bc:d6:88:6c:
9c:5e:06:cb:cc:55:a3:c8:3f:0b:9a:90:70:5c:1e:
9e:fc:a2:cd:a6:2c:ba:29:94:ee:83:42:a6:b1:c6:
d8:81:c4:ab:24:ed:a4:af:89:32:a9:59:44:fa:5c:
05:5c:1d:be:52:fd:1c:f1:e6:e7:83:db:d6:90:4a:
bc:fb:9e:13:01:2e:04:c0:b9:5e:1d:99:58:b2:ca:
5d:fd:ca:f8:d9:91:1c:aa:8d:90:f8:1b:ff:8b:52:
c4:f4:c5:df:d5:19:fa:9f:94:f8:15:7c:7a:18:b6:
78:48:17:01:14:5e:dd:8c:d2:2d:d9:53:86:c8:fd:
eb:17:71:b5:90:06:87:5a:e6:7c:64:e5:f5:56:2a:
5f:1f:75:c5:fe:7a:90:da:e6:99:e9:37:57:8c:bb:
d5:b9:26:ba:be:b0:e6:5f:4d:47:de:a0:f7:94:5b:
53:09:b4:c6:9f:11:52:16:e2:2d:69:6f:61:3a:ac:
bd:14:44:3a:d0:dc:b1:2a:00:57:ee:3a:60:20:63:
b0:9e:6a:d8:dd:0c:7e:8f:11:8e:eb:3f:7c:5a:3e:
8d:8b:d6:e0:a5:82:80:73:2b:bf:19:6c:83:10:89:
45:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
81:AD:83:6B:1E:26:7C:8E:0A:C2:09:B8:22:0A:8E:3D:9C:9F:C1:92
X509v3 Authority Key Identifier:
keyid:4F:99:E4:EA:E4:8A:01:C7:81:FA:AD:11:F6:D8:1A:91:EA:33:BD:FF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T5nk6uSKAceB-q0R9tgakeozvf8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/19d313-777b-4044-a238-8b8f3f8d7303/1/ga2Dax4mfI4Kwgm4IgqOPZyfwZI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/19d313-777b-4044-a238-8b8f3f8d7303/1/T5nk6uSKAceB-q0R9tgakeozvf8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.130.236.0/22
109.205.64.0/21
185.17.56.0/22
185.54.36.0/22
IPv6:
2a03:dc00::/32
Signature Algorithm: sha256WithRSAEncryption
3c:8f:a8:e9:8a:09:0d:34:7f:d4:73:8b:25:a3:85:03:f1:07:
b5:52:0a:1c:35:d1:d8:a5:16:94:63:92:4c:33:77:33:ab:eb:
87:ef:fa:38:05:cd:ae:89:32:51:99:36:5d:61:b5:27:5b:05:
1b:50:5b:ac:ea:30:07:e9:0a:a2:9b:cd:63:40:ea:d7:5c:7a:
0b:b2:57:07:ce:df:3c:57:d1:b6:d8:8f:ee:92:f7:e2:e2:1b:
a1:42:75:5d:2d:42:34:54:52:7a:4c:ec:2d:4d:75:7a:f7:ae:
9a:6e:98:bd:6b:da:22:b1:1e:58:d0:38:d6:bf:eb:8b:59:d4:
73:fc:6c:16:5f:e5:d4:01:07:12:29:f5:fe:fb:b8:83:f7:ef:
02:78:a0:81:b2:6d:75:30:6c:70:79:27:90:5d:12:8c:0b:47:
69:43:9a:09:75:9c:58:32:09:0e:de:a3:7e:0a:df:77:da:b4:
52:17:32:88:6d:f8:df:b5:df:ad:04:52:52:08:14:94:74:25:
ba:57:30:a9:ce:1b:f6:a7:bb:88:18:cf:f4:56:7c:8d:b9:80:
68:81:a5:37:e1:0c:ee:d6:57:fd:34:80:76:96:55:79:a9:2d:
bc:e7:c7:3c:0a:da:39:93:80:6f:3b:b7:e1:fa:93:9e:d9:79:
d1:21:ee:0b
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYbbiGO7M78lmkDJhzNQSKjMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmOTllNGVhZTQ4YTAxYzc4MWZhYWQxMWY2ZDgxYTkxZWEz
M2JkZmYwHhcNMjMwMzEzMTUxMzE0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MWFkODM2YjFlMjY3YzhlMGFjMjA5YjgyMjBhOGUzZDljOWZjMTkyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo8s5a1KLR5uIXMy8Kh3i/pFw4lvI
XyamP7zWiGycXgbLzFWjyD8LmpBwXB6e/KLNpiy6KZTug0KmscbYgcSrJO2kr4ky
qVlE+lwFXB2+Uv0c8ebng9vWkEq8+54TAS4EwLleHZlYsspd/cr42ZEcqo2Q+Bv/
i1LE9MXf1Rn6n5T4FXx6GLZ4SBcBFF7djNIt2VOGyP3rF3G1kAaHWuZ8ZOX1Vipf
H3XF/nqQ2uaZ6TdXjLvVuSa6vrDmX01H3qD3lFtTCbTGnxFSFuItaW9hOqy9FEQ6
0NyxKgBX7jpgIGOwnmrY3Qx+jxGO6z98Wj6Ni9bgpYKAcyu/GWyDEIlFUwIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFIGtg2seJnyOCsIJuCIKjj2cn8GSMB8GA1UdIwQY
MBaAFE+Z5OrkigHHgfqtEfbYGpHqM73/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDVuazZ1U0tBY2VCLXEwUjl0Z2FrZW96dmY4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNC8xOWQzMTMtNzc3Yi00MDQ0LWEyMzgt
OGI4ZjNmOGQ3MzAzLzEvZ2EyRGF4NG1mSTRLd2dtNElncU9QWnlmd1pJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNC8xOWQzMTMtNzc3Yi00MDQ0LWEyMzgtOGI4ZjNmOGQ3MzAz
LzEvVDVuazZ1U0tBY2VCLXEwUjl0Z2FrZW96dmY4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQCLYLsAwQD
bc1AAwQCuRE4AwQCuTYkMA0EAgACMAcDBQAqA9wAMA0GCSqGSIb3DQEBCwUAA4IB
AQA8j6jpigkNNH/Uc4slo4UD8Qe1UgocNdHYpRaUY5JMM3czq+uH7/o4Bc2uiTJR
mTZdYbUnWwUbUFus6jAH6Qqim81jQOrXXHoLslcHzt88V9G22I/ukvfi4huhQnVd
LUI0VFJ6TOwtTXV6966abpi9a9oisR5Y0DjWv+uLWdRz/GwWX+XUAQcSKfX++7iD
9+8CeKCBsm11MGxweSeQXRKMC0dpQ5oJdZxYMgkO3qN+Ct932rRSFzKIbfjftd+t
BFJSCBSUdCW6VzCpzhv2p7uIGM/0VnyNuYBogaU34Qzu1lf9NIB2llV5qS2858c8
Cto5k4BvO7fh+pOe2XnRIe4L
-----END CERTIFICATE-----
Generated at Sat Apr 19 07:15:24 2025 by rpki-client