Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c1/d0c17a-19b7-4142-b941-ffd646d05f67/1/rg4M_gquUAPY-Tl5Klp58DI685I.roa
File: rg4M_gquUAPY-Tl5Klp58DI685I.roa (raw, json)
Hash identifier: NYDuGkAFW4rxYfY7fFP/I6aU55toZDFczNWPVIIhVcc=
Subject key identifier: AE:0E:0C:FE:0A:AE:50:03:D8:F9:39:79:2A:5A:79:F0:32:3A:F3:92
Certificate issuer: /CN=c1acf260d23263a7c6bb6c59c19eebc6759b60be
Certificate serial: 018586DFB16D69C97529F73EDF5EEE6BB192
Authority key identifier: C1:AC:F2:60:D2:32:63:A7:C6:BB:6C:59:C1:9E:EB:C6:75:9B:60:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wazyYNIyY6fGu2xZwZ7rxnWbYL4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c1/d0c17a-19b7-4142-b941-ffd646d05f67/1/rg4M_gquUAPY-Tl5Klp58DI685I.roa
Signing time: Fri 06 Jan 2023 11:38:04 +0000
ROA not before: Fri 06 Jan 2023 11:38:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 5466
IP address blocks: 213.191.224.0/21 maxlen: 21
185.61.0.0/22 maxlen: 22
95.83.240.0/21 maxlen: 21
89.204.208.0/20 maxlen: 20
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:86:df:b1:6d:69:c9:75:29:f7:3e:df:5e:ee:6b:b1:92
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c1acf260d23263a7c6bb6c59c19eebc6759b60be
Validity
Not Before: Jan 6 11:38:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ae0e0cfe0aae5003d8f939792a5a79f0323af392
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:52:6f:50:a1:98:f6:54:fd:90:95:1d:91:e2:
a0:55:ee:ea:9a:04:cd:f0:c1:9b:88:78:cc:fa:be:
9b:4e:22:a5:38:1a:f3:bf:d7:d4:5c:f4:e9:15:7f:
c3:d7:5d:3f:8e:bb:b2:b1:ac:68:92:b8:db:43:16:
b8:85:c8:e7:a9:38:4d:ef:43:f8:dc:88:e0:15:9b:
9b:61:83:ff:ca:6e:56:b5:84:78:04:3f:e9:e4:2b:
c4:b2:1a:fe:d9:94:a7:fa:3c:c5:a1:01:9e:1b:c7:
1c:11:74:cb:a7:38:f6:23:3d:9f:5e:33:86:5d:8e:
08:d2:d6:ad:21:32:49:f0:a5:84:76:e3:0d:1e:a8:
42:8d:15:43:12:ad:30:9a:4a:df:d2:13:9d:79:a3:
40:3a:43:df:b1:95:57:6f:b4:4e:b6:e8:e6:69:d5:
a9:fd:ed:67:d8:da:9c:49:cd:af:c0:53:f1:e7:a6:
e4:7d:ca:a4:fc:a0:ac:87:f8:d9:25:6c:49:d4:7b:
1c:b2:78:6c:de:70:58:25:57:a2:f4:51:a7:5b:8b:
f3:fe:a8:1e:1a:49:38:da:99:5e:dd:18:ea:b8:fe:
17:a5:a3:7e:ce:65:c2:79:fd:e1:48:34:2e:01:8e:
ec:34:45:01:99:13:78:54:07:73:49:09:9f:0b:3e:
f6:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:0E:0C:FE:0A:AE:50:03:D8:F9:39:79:2A:5A:79:F0:32:3A:F3:92
X509v3 Authority Key Identifier:
keyid:C1:AC:F2:60:D2:32:63:A7:C6:BB:6C:59:C1:9E:EB:C6:75:9B:60:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wazyYNIyY6fGu2xZwZ7rxnWbYL4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/d0c17a-19b7-4142-b941-ffd646d05f67/1/rg4M_gquUAPY-Tl5Klp58DI685I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/d0c17a-19b7-4142-b941-ffd646d05f67/1/wazyYNIyY6fGu2xZwZ7rxnWbYL4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.204.208.0/20
95.83.240.0/21
185.61.0.0/22
213.191.224.0/21
Signature Algorithm: sha256WithRSAEncryption
55:b2:bc:06:dd:2c:36:13:d5:1a:f3:65:14:d9:7f:47:89:d9:
aa:af:5b:95:95:e0:7f:d4:16:cf:22:9e:d9:28:f4:89:71:e5:
ba:0a:e9:df:db:b2:7d:a4:3f:9f:72:bd:c2:80:4a:39:ee:9b:
bd:00:e3:8f:57:b8:81:f0:f7:cc:7c:61:08:6c:42:d4:e7:9d:
8b:79:ae:5d:98:17:be:32:6d:5c:c6:f0:68:13:0c:70:4c:51:
9b:c3:4b:a8:6c:cd:60:63:b5:f0:33:ae:a2:30:82:f6:04:82:
b2:e0:ff:87:6d:1b:d7:36:f9:0e:8f:94:da:47:62:62:af:5b:
d4:a1:69:d5:00:aa:d2:37:2b:50:77:2f:0b:2d:98:3a:a3:5a:
b7:4e:fd:e3:83:99:85:a3:99:ce:18:e3:e0:78:fc:dc:93:28:
ad:0a:45:62:06:5e:75:90:38:f1:ce:d0:c6:62:0b:fc:0c:dd:
b8:06:66:4e:a1:9a:d3:86:26:f9:dc:54:47:36:54:04:d8:13:
5c:26:6d:59:2f:41:83:a5:71:f4:42:63:83:f0:4e:fe:4f:63:
b0:57:25:b7:ad:58:36:74:37:ca:8f:70:23:fe:ef:40:40:e5:
14:54:d5:10:7f:a4:7c:d9:3a:2c:eb:bb:84:43:46:1f:b5:c3:
18:bb:2f:a3
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYWG37Ftacl1Kfc+317ua7GSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMxYWNmMjYwZDIzMjYzYTdjNmJiNmM1OWMxOWVlYmM2NzU5
YjYwYmUwHhcNMjMwMTA2MTEzODA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZTBlMGNmZTBhYWU1MDAzZDhmOTM5NzkyYTVhNzlmMDMyM2FmMzkyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApFJvUKGY9lT9kJUdkeKgVe7qmgTN
8MGbiHjM+r6bTiKlOBrzv9fUXPTpFX/D110/jruysaxokrjbQxa4hcjnqThN70P4
3IjgFZubYYP/ym5WtYR4BD/p5CvEshr+2ZSn+jzFoQGeG8ccEXTLpzj2Iz2fXjOG
XY4I0tatITJJ8KWEduMNHqhCjRVDEq0wmkrf0hOdeaNAOkPfsZVXb7ROtujmadWp
/e1n2NqcSc2vwFPx56bkfcqk/KCsh/jZJWxJ1Hscsnhs3nBYJVei9FGnW4vz/qge
Gkk42ple3RjquP4XpaN+zmXCef3hSDQuAY7sNEUBmRN4VAdzSQmfCz72FQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFK4ODP4KrlAD2Pk5eSpaefAyOvOSMB8GA1UdIwQY
MBaAFMGs8mDSMmOnxrtsWcGe68Z1m2C+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd2F6eVlOSXlZNmZHdTJ4WndaN3J4bldiWUw0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMS9kMGMxN2EtMTliNy00MTQyLWI5NDEt
ZmZkNjQ2ZDA1ZjY3LzEvcmc0TV9ncXVVQVBZLVRsNUtscDU4REk2ODVJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMS9kMGMxN2EtMTliNy00MTQyLWI5NDEtZmZkNjQ2ZDA1ZjY3
LzEvd2F6eVlOSXlZNmZHdTJ4WndaN3J4bldiWUw0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQEWczQAwQD
X1PwAwQCuT0AAwQD1b/gMA0GCSqGSIb3DQEBCwUAA4IBAQBVsrwG3Sw2E9Ua82UU
2X9Hidmqr1uVleB/1BbPIp7ZKPSJceW6Cunf27J9pD+fcr3CgEo57pu9AOOPV7iB
8PfMfGEIbELU552Lea5dmBe+Mm1cxvBoEwxwTFGbw0uobM1gY7XwM66iMIL2BIKy
4P+HbRvXNvkOj5TaR2Jir1vUoWnVAKrSNytQdy8LLZg6o1q3Tv3jg5mFo5nOGOPg
ePzckyitCkViBl51kDjxztDGYgv8DN24BmZOoZrThib53FRHNlQE2BNcJm1ZL0GD
pXH0QmOD8E7+T2OwVyW3rVg2dDfKj3Aj/u9AQOUUVNUQf6R82Tos67uEQ0YftcMY
uy+j
-----END CERTIFICATE-----
Generated at Mon Apr 14 16:47:36 2025 by rpki-client