Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b7/557414-d993-4cbf-8181-48671fb7d380/1/gRM7fxr9AxhMUSdz93B9-gzXGD0.roa
File: gRM7fxr9AxhMUSdz93B9-gzXGD0.roa (raw, json)
Hash identifier: Mig1CYYqeFWQgUf50YDHIWQMR8kMl5tKrqvZIdeq1Og=
Subject key identifier: 81:13:3B:7F:1A:FD:03:18:4C:51:27:73:F7:70:7D:FA:0C:D7:18:3D
Certificate issuer: /CN=1ddc53d1de7a2ef7eb2b90c80915544140042488
Certificate serial: 1809B2D1
Authority key identifier: 1D:DC:53:D1:DE:7A:2E:F7:EB:2B:90:C8:09:15:54:41:40:04:24:88
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HdxT0d56LvfrK5DICRVUQUAEJIg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b7/557414-d993-4cbf-8181-48671fb7d380/1/gRM7fxr9AxhMUSdz93B9-gzXGD0.roa
Signing time: Sat 01 Jan 2022 07:00:35 +0000
ROA not before: Sat 01 Jan 2022 07:00:35 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 205305
IP address blocks: 95.181.197.0/24 maxlen: 24
95.181.196.0/24 maxlen: 24
2a01:ba80:f::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 403288785 (0x1809b2d1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1ddc53d1de7a2ef7eb2b90c80915544140042488
Validity
Not Before: Jan 1 07:00:35 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=81133b7f1afd03184c512773f7707dfa0cd7183d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:a9:c3:24:56:53:e1:f9:6a:df:49:5a:f0:60:
ec:6f:94:5c:56:25:a7:de:b4:ef:16:73:21:62:64:
8f:0c:2c:2e:d9:71:90:03:38:b2:17:0b:eb:4d:bc:
61:b6:ba:84:76:48:82:47:b6:e4:4c:2e:5a:18:19:
33:f8:32:6a:72:61:ce:9e:d6:98:1a:f3:cc:78:b0:
9b:1e:e1:30:59:9b:f5:ee:c8:88:78:94:ef:35:8d:
fe:f8:d8:57:43:21:8c:e4:21:dc:0c:64:86:aa:52:
e0:33:79:f5:37:6a:6a:ab:18:66:c1:be:a2:33:a3:
a6:e9:95:d4:e1:78:c8:15:df:78:d2:74:d1:c7:75:
b1:1f:1b:82:a6:5d:ef:2f:34:f9:db:5f:ec:3d:8a:
2d:e6:57:e5:4f:05:64:6d:05:bb:21:52:e9:42:86:
5d:96:17:5a:4a:f2:6d:19:1d:af:de:3d:e9:96:bf:
1c:f5:87:86:ad:a9:10:df:0b:e2:01:01:92:c0:4f:
94:1b:86:14:89:d3:5a:93:e8:26:0c:f6:37:a5:5c:
8e:d3:cb:93:08:01:51:60:65:4e:62:9f:f1:dd:77:
86:db:0f:c3:e8:d6:85:e5:a7:92:5b:ac:e6:11:12:
db:d3:09:12:49:24:62:69:84:1f:5a:61:fc:e0:5b:
f6:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
81:13:3B:7F:1A:FD:03:18:4C:51:27:73:F7:70:7D:FA:0C:D7:18:3D
X509v3 Authority Key Identifier:
keyid:1D:DC:53:D1:DE:7A:2E:F7:EB:2B:90:C8:09:15:54:41:40:04:24:88
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HdxT0d56LvfrK5DICRVUQUAEJIg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/557414-d993-4cbf-8181-48671fb7d380/1/gRM7fxr9AxhMUSdz93B9-gzXGD0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/557414-d993-4cbf-8181-48671fb7d380/1/HdxT0d56LvfrK5DICRVUQUAEJIg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.181.196.0/23
IPv6:
2a01:ba80:f::/48
Signature Algorithm: sha256WithRSAEncryption
b7:45:d2:62:bf:04:08:47:26:38:18:20:fc:90:d2:8d:82:39:
ef:a7:74:5b:0a:66:88:84:df:ed:75:96:aa:31:63:68:b8:14:
f6:55:f3:2a:ed:ee:0c:73:20:29:89:27:ee:eb:16:07:8d:c9:
d9:d4:67:af:ec:44:4f:99:20:9d:52:2c:1d:b7:4a:1f:b8:db:
a3:bf:55:99:18:3a:ec:65:05:9a:b2:a0:1f:a2:59:d1:7d:47:
36:45:9b:e9:a2:d8:09:91:3b:c2:be:f5:bd:93:46:e2:fb:6b:
14:18:9d:3c:0d:9f:22:77:90:42:9f:23:28:bd:28:6d:d1:d0:
9f:6a:f2:82:95:c5:98:6a:05:e1:df:30:1c:7a:84:f1:74:f2:
06:df:33:3d:66:59:01:69:a8:38:6c:64:cf:fd:9b:69:a8:7e:
ce:88:b5:7e:c6:63:40:ea:88:0c:a9:f9:1b:1c:d2:cb:1f:80:
e3:ba:1a:2c:89:11:51:b1:6f:fc:17:a5:22:20:b4:29:09:8e:
7a:a6:e7:9b:6a:0f:b7:7a:28:c6:70:71:dd:c2:4e:24:9c:98:
c8:fe:3a:a9:ed:d6:56:b4:b1:4a:af:d4:f9:c5:fe:e2:95:18:
9b:15:21:84:50:4b:ef:16:a1:a6:8a:44:78:f6:a1:f1:33:49:
e7:eb:be:f1
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIEGAmy0TANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
ZGRjNTNkMWRlN2EyZWY3ZWIyYjkwYzgwOTE1NTQ0MTQwMDQyNDg4MB4XDTIyMDEw
MTA3MDAzNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoODExMzNiN2YxYWZk
MDMxODRjNTEyNzczZjc3MDdkZmEwY2Q3MTgzZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKOpwyRWU+H5at9JWvBg7G+UXFYlp9607xZzIWJkjwwsLtlx
kAM4shcL6028Yba6hHZIgke25EwuWhgZM/gyanJhzp7WmBrzzHiwmx7hMFmb9e7I
iHiU7zWN/vjYV0MhjOQh3AxkhqpS4DN59TdqaqsYZsG+ojOjpumV1OF4yBXfeNJ0
0cd1sR8bgqZd7y80+dtf7D2KLeZX5U8FZG0FuyFS6UKGXZYXWkrybRkdr9496Za/
HPWHhq2pEN8L4gEBksBPlBuGFInTWpPoJgz2N6VcjtPLkwgBUWBlTmKf8d13htsP
w+jWheWnklus5hES29MJEkkkYmmEH1ph/OBb9icCAwEAAaOCAhowggIWMB0GA1Ud
DgQWBBSBEzt/Gv0DGExRJ3P3cH36DNcYPTAfBgNVHSMEGDAWgBQd3FPR3nou9+sr
kMgJFVRBQAQkiDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0hkeFQwZDU2THZmcks1RElDUlZVUVVBRUpJZy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYjcvNTU3NDE0LWQ5OTMtNGNiZi04MTgxLTQ4NjcxZmI3ZDM4MC8x
L2dSTTdmeHI5QXhoTVVTZHo5M0I5LWd6WEdEMC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjcv
NTU3NDE0LWQ5OTMtNGNiZi04MTgxLTQ4NjcxZmI3ZDM4MC8xL0hkeFQwZDU2THZm
cks1RElDUlZVUVVBRUpJZy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAw
BggrBgEFBQcBBwEB/wQhMB8wDAQCAAEwBgMEAV+1xDAPBAIAAjAJAwcAKgG6gAAP
MA0GCSqGSIb3DQEBCwUAA4IBAQC3RdJivwQIRyY4GCD8kNKNgjnvp3RbCmaIhN/t
dZaqMWNouBT2VfMq7e4McyApiSfu6xYHjcnZ1Gev7ERPmSCdUiwdt0ofuNujv1WZ
GDrsZQWasqAfolnRfUc2RZvpotgJkTvCvvW9k0bi+2sUGJ08DZ8id5BCnyMovSht
0dCfavKClcWYagXh3zAceoTxdPIG3zM9ZlkBaag4bGTP/ZtpqH7OiLV+xmNA6ogM
qfkbHNLLH4DjuhosiRFRsW/8F6UiILQpCY56puebag+3eijGcHHdwk4knJjI/jqp
7dZWtLFKr9T5xf7ilRibFSGEUEvvFqGmikR49qHxM0nn677x
-----END CERTIFICATE-----
Generated at Sat Apr 12 21:31:13 2025 by rpki-client