Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/c14115-8cf8-40c8-87c8-ce82ebe11ac8/1/GWx4cZFZosgAo_nmza_SUn6HeK4.roa
File: GWx4cZFZosgAo_nmza_SUn6HeK4.roa (raw, json)
Hash identifier: rFhgnD7xtNOS4X8+XwdxqhDPpsvKDXhIltAAwiYys54=
Subject key identifier: 19:6C:78:71:91:59:A2:C8:00:A3:F9:E6:CD:AF:D2:52:7E:87:78:AE
Certificate issuer: /CN=1e9a92daf08c20b4691b925cf032e5491fe0acc0
Certificate serial: 01877DFD2366BD67BEB83A842C1D669C70A2
Authority key identifier: 1E:9A:92:DA:F0:8C:20:B4:69:1B:92:5C:F0:32:E5:49:1F:E0:AC:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HpqS2vCMILRpG5Jc8DLlSR_grMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b8/c14115-8cf8-40c8-87c8-ce82ebe11ac8/1/GWx4cZFZosgAo_nmza_SUn6HeK4.roa
Signing time: Fri 14 Apr 2023 04:19:14 +0000
ROA not before: Fri 14 Apr 2023 04:19:14 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 39785
IP address blocks: 185.26.216.0/23 maxlen: 23
89.105.158.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:7d:fd:23:66:bd:67:be:b8:3a:84:2c:1d:66:9c:70:a2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1e9a92daf08c20b4691b925cf032e5491fe0acc0
Validity
Not Before: Apr 14 04:19:14 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=196c78719159a2c800a3f9e6cdafd2527e8778ae
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:02:c1:0c:cb:38:7c:c7:25:de:e8:78:3c:4a:
c5:e2:35:0e:0b:29:b8:80:73:4b:11:c2:d5:77:96:
38:cb:3e:25:52:c6:6c:33:07:58:5f:9a:d8:18:3a:
c5:52:1a:a0:7a:54:8c:34:9f:50:b4:df:52:f4:2f:
94:99:a3:f8:28:29:0f:42:a1:3d:41:45:5f:3f:47:
a1:23:71:6a:8f:c9:93:bf:65:c1:06:fa:0f:aa:8b:
2a:ec:d0:81:75:3e:7b:dd:1e:b8:7b:a1:d5:30:46:
da:66:bb:a3:aa:b8:da:78:2c:74:f4:e0:ee:9b:22:
9d:56:26:b0:7c:a8:84:e3:33:c7:8f:d1:a9:71:3c:
43:fb:ba:cd:6e:6c:5b:08:b6:03:62:96:22:9d:11:
fd:c0:03:34:66:01:c0:ea:6f:9e:c6:4c:bc:32:39:
88:e4:61:d2:47:45:f1:8b:60:d6:34:77:97:57:cd:
42:72:89:d4:4b:f9:7b:ec:5a:76:91:c6:9c:c0:d0:
55:a5:47:ee:b6:e6:be:66:04:fe:60:91:1a:ef:00:
0a:af:e1:4c:94:45:87:0e:16:69:f8:ba:02:34:81:
46:f9:b8:76:e4:ae:31:bf:70:6f:c8:a5:1c:7f:54:
e8:43:73:a7:be:eb:6f:74:b2:08:db:6b:a3:e0:c5:
26:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
19:6C:78:71:91:59:A2:C8:00:A3:F9:E6:CD:AF:D2:52:7E:87:78:AE
X509v3 Authority Key Identifier:
keyid:1E:9A:92:DA:F0:8C:20:B4:69:1B:92:5C:F0:32:E5:49:1F:E0:AC:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HpqS2vCMILRpG5Jc8DLlSR_grMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/c14115-8cf8-40c8-87c8-ce82ebe11ac8/1/GWx4cZFZosgAo_nmza_SUn6HeK4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/c14115-8cf8-40c8-87c8-ce82ebe11ac8/1/HpqS2vCMILRpG5Jc8DLlSR_grMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.105.158.0/24
185.26.216.0/23
Signature Algorithm: sha256WithRSAEncryption
bd:ae:57:a1:ba:e5:96:85:29:ca:5d:3f:17:a7:3e:d4:27:36:
fc:db:8d:86:08:71:94:a0:4f:87:2b:69:35:22:85:83:f4:8b:
77:63:1e:cd:20:d5:62:85:05:fa:a7:4f:8e:27:13:02:3c:51:
d5:2c:9a:c3:6d:0d:3f:87:51:ba:7c:57:d5:d4:cd:80:62:82:
3d:65:ea:27:5c:91:05:87:59:6e:bd:5f:4c:9b:7e:48:56:4a:
02:69:90:72:bc:68:d4:10:59:aa:5b:56:15:1f:10:e7:7d:26:
b8:62:82:0e:d4:b4:4a:11:9d:e7:09:27:a6:eb:3a:12:79:b2:
8f:ad:84:8b:17:e6:68:7d:57:60:25:3e:e6:b8:a4:74:53:4b:
82:11:cc:65:fe:6a:3e:7a:28:75:73:62:57:0f:af:65:7a:72:
0a:66:3a:47:0f:61:ee:15:d7:3c:97:9e:76:dc:47:4f:f2:76:
2b:a9:57:46:a6:79:e7:bd:1c:d4:22:eb:14:e2:ee:94:86:a6:
52:3b:fe:c1:b5:83:f0:14:04:ea:26:d6:9a:94:9c:2d:b3:5b:
d4:ad:10:ca:34:2b:ab:95:59:61:8a:50:d2:4f:aa:d2:d2:50:
60:f6:44:ed:1b:a1:8f:77:f5:fe:7b:86:28:55:32:31:0d:e8:
b5:6b:34:27
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYd9/SNmvWe+uDqELB1mnHCiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFlOWE5MmRhZjA4YzIwYjQ2OTFiOTI1Y2YwMzJlNTQ5MWZl
MGFjYzAwHhcNMjMwNDE0MDQxOTE0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxOTZjNzg3MTkxNTlhMmM4MDBhM2Y5ZTZjZGFmZDI1MjdlODc3OGFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmwLBDMs4fMcl3uh4PErF4jUOCym4
gHNLEcLVd5Y4yz4lUsZsMwdYX5rYGDrFUhqgelSMNJ9QtN9S9C+UmaP4KCkPQqE9
QUVfP0ehI3Fqj8mTv2XBBvoPqosq7NCBdT573R64e6HVMEbaZrujqrjaeCx09ODu
myKdViawfKiE4zPHj9GpcTxD+7rNbmxbCLYDYpYinRH9wAM0ZgHA6m+exky8MjmI
5GHSR0Xxi2DWNHeXV81CconUS/l77Fp2kcacwNBVpUfutua+ZgT+YJEa7wAKr+FM
lEWHDhZp+LoCNIFG+bh25K4xv3BvyKUcf1ToQ3OnvutvdLII22uj4MUmfQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFBlseHGRWaLIAKP55s2v0lJ+h3iuMB8GA1UdIwQY
MBaAFB6aktrwjCC0aRuSXPAy5Ukf4KzAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSHBxUzJ2Q01JTFJwRzVKYzhETGxTUl9nck1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOC9jMTQxMTUtOGNmOC00MGM4LTg3Yzgt
Y2U4MmViZTExYWM4LzEvR1d4NGNaRlpvc2dBb19ubXphX1NVbjZIZUs0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOC9jMTQxMTUtOGNmOC00MGM4LTg3YzgtY2U4MmViZTExYWM4
LzEvSHBxUzJ2Q01JTFJwRzVKYzhETGxTUl9nck1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAWWmeAwQB
uRrYMA0GCSqGSIb3DQEBCwUAA4IBAQC9rlehuuWWhSnKXT8Xpz7UJzb8242GCHGU
oE+HK2k1IoWD9It3Yx7NINVihQX6p0+OJxMCPFHVLJrDbQ0/h1G6fFfV1M2AYoI9
ZeonXJEFh1luvV9Mm35IVkoCaZByvGjUEFmqW1YVHxDnfSa4YoIO1LRKEZ3nCSem
6zoSebKPrYSLF+ZofVdgJT7muKR0U0uCEcxl/mo+eih1c2JXD69lenIKZjpHD2Hu
Fdc8l5523EdP8nYrqVdGpnnnvRzUIusU4u6UhqZSO/7BtYPwFATqJtaalJwts1vU
rRDKNCurlVlhilDST6rS0lBg9kTtG6GPd/X+e4YoVTIxDei1azQn
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:54:03 2025 by rpki-client