Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/bba973-7c9f-4b11-b611-ad575522b365/1/gH9kO2dLTmzRyyMTwjKIOUG0GA4.roa
File: gH9kO2dLTmzRyyMTwjKIOUG0GA4.roa (raw, json)
Hash identifier: FuEMDVsEGDdpHkMX7Lzd/YCdlFbvjCcMmiNgrNTRdvM=
Subject key identifier: 80:7F:64:3B:67:4B:4E:6C:D1:CB:23:13:C2:32:88:39:41:B4:18:0E
Certificate issuer: /CN=b05d28d16626bc5dcabf2e915435782b96e14071
Certificate serial: 018571D7C266D1BB460C20BA98E2CB1A187D
Authority key identifier: B0:5D:28:D1:66:26:BC:5D:CA:BF:2E:91:54:35:78:2B:96:E1:40:71
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sF0o0WYmvF3Kvy6RVDV4K5bhQHE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/bba973-7c9f-4b11-b611-ad575522b365/1/gH9kO2dLTmzRyyMTwjKIOUG0GA4.roa
Signing time: Mon 02 Jan 2023 09:37:23 +0000
ROA not before: Mon 02 Jan 2023 09:37:23 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 62003
IP address blocks: 185.52.4.0/22 maxlen: 24
2a04:9a00:1010::/44 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:d7:c2:66:d1:bb:46:0c:20:ba:98:e2:cb:1a:18:7d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b05d28d16626bc5dcabf2e915435782b96e14071
Validity
Not Before: Jan 2 09:37:23 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=807f643b674b4e6cd1cb2313c232883941b4180e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:3e:c9:78:4d:00:37:0a:3e:c3:8b:6c:59:83:
8b:aa:2b:37:16:f1:3b:52:54:ff:b8:db:d4:76:3d:
d8:fd:67:88:60:9e:e8:c5:56:45:47:44:3e:5a:2f:
10:be:eb:ad:13:91:3f:59:79:79:a5:ed:5c:87:10:
8e:87:dc:51:7b:87:7e:33:6f:d1:02:3f:18:d6:12:
f6:ad:b9:e5:fd:ff:14:0f:e6:6d:08:f9:0c:09:d9:
5c:81:d6:e9:cb:c4:d2:8b:eb:64:8a:a2:78:c7:96:
38:34:df:14:d8:9c:50:51:f6:4e:8d:0f:26:e7:d2:
f8:23:49:81:26:28:39:e4:30:dc:cb:f1:7a:e3:59:
3f:e4:19:60:27:3c:dd:55:ab:98:22:3c:ab:a0:2a:
a3:84:5e:24:77:40:f3:ac:c0:ba:6b:b6:69:5c:9a:
2b:1c:e4:85:37:e0:76:e9:4b:31:07:9c:84:ed:52:
0e:12:92:59:fb:33:31:c8:80:5d:09:b7:67:8e:1b:
f8:21:57:76:1e:9b:1e:53:82:c6:9f:1c:1e:19:e9:
a0:87:a1:9a:01:80:83:5e:d4:2b:10:d5:1f:5d:7f:
c0:1f:84:ff:d4:e2:3c:40:16:0b:bc:ff:c9:7a:7c:
6a:34:e7:e5:ef:96:a8:3f:36:85:a5:96:cb:ea:f7:
90:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
80:7F:64:3B:67:4B:4E:6C:D1:CB:23:13:C2:32:88:39:41:B4:18:0E
X509v3 Authority Key Identifier:
keyid:B0:5D:28:D1:66:26:BC:5D:CA:BF:2E:91:54:35:78:2B:96:E1:40:71
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sF0o0WYmvF3Kvy6RVDV4K5bhQHE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/bba973-7c9f-4b11-b611-ad575522b365/1/gH9kO2dLTmzRyyMTwjKIOUG0GA4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/bba973-7c9f-4b11-b611-ad575522b365/1/sF0o0WYmvF3Kvy6RVDV4K5bhQHE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.52.4.0/22
IPv6:
2a04:9a00:1010::/44
Signature Algorithm: sha256WithRSAEncryption
46:ce:34:1a:87:d6:fe:d4:03:aa:88:76:44:d9:e8:ca:c5:69:
0a:fc:7b:ff:d6:28:47:ef:12:ce:9a:6c:35:90:de:d3:f8:00:
75:06:55:56:72:16:54:4e:ec:6d:b2:86:bd:41:34:d3:4d:f9:
25:f5:9d:0a:67:4c:a9:2b:90:5f:b7:1d:e2:a4:7b:07:d4:9a:
60:b1:6c:4c:22:6f:89:18:b4:95:45:7c:b1:a9:72:0d:09:b5:
c8:e2:ef:3c:84:29:45:c2:b4:c1:50:c6:47:0e:2b:d0:f3:77:
94:e4:0f:91:2a:01:af:ee:78:53:1c:fb:f4:6a:28:03:6d:b6:
44:2d:40:4d:0e:e0:95:f7:f2:ea:2d:c7:50:68:24:57:00:e1:
90:97:dd:c8:42:4d:2e:fd:55:19:43:72:36:85:4d:fd:c9:b0:
87:0f:fe:48:e0:a1:8f:10:90:72:64:61:8a:21:bb:e5:3d:70:
1b:92:8d:8d:63:1c:dc:7f:02:5c:63:26:01:f9:e0:da:be:bd:
e4:c5:43:09:d2:d9:1e:64:35:13:a9:78:3b:92:17:5e:6a:10:
a5:b7:f1:79:b9:1d:fd:aa:3a:4f:66:ef:bc:5c:13:74:0c:9f:
8b:f8:53:60:c3:07:1e:56:c9:cd:0c:50:ff:16:a7:66:b3:7f:
cd:60:08:0d
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYVx18Jm0btGDCC6mOLLGhh9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIwNWQyOGQxNjYyNmJjNWRjYWJmMmU5MTU0MzU3ODJiOTZl
MTQwNzEwHhcNMjMwMTAyMDkzNzIzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MDdmNjQzYjY3NGI0ZTZjZDFjYjIzMTNjMjMyODgzOTQxYjQxODBlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkj7JeE0ANwo+w4tsWYOLqis3FvE7
UlT/uNvUdj3Y/WeIYJ7oxVZFR0Q+Wi8QvuutE5E/WXl5pe1chxCOh9xRe4d+M2/R
Aj8Y1hL2rbnl/f8UD+ZtCPkMCdlcgdbpy8TSi+tkiqJ4x5Y4NN8U2JxQUfZOjQ8m
59L4I0mBJig55DDcy/F641k/5BlgJzzdVauYIjyroCqjhF4kd0DzrMC6a7ZpXJor
HOSFN+B26UsxB5yE7VIOEpJZ+zMxyIBdCbdnjhv4IVd2HpseU4LGnxweGemgh6Ga
AYCDXtQrENUfXX/AH4T/1OI8QBYLvP/JenxqNOfl75aoPzaFpZbL6veQsQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFIB/ZDtnS05s0csjE8IyiDlBtBgOMB8GA1UdIwQY
MBaAFLBdKNFmJrxdyr8ukVQ1eCuW4UBxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc0YwbzBXWW12RjNLdnk2UlZEVjRLNWJoUUhFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy9iYmE5NzMtN2M5Zi00YjExLWI2MTEt
YWQ1NzU1MjJiMzY1LzEvZ0g5a08yZExUbXpSeXlNVHdqS0lPVUcwR0E0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy9iYmE5NzMtN2M5Zi00YjExLWI2MTEtYWQ1NzU1MjJiMzY1
LzEvc0YwbzBXWW12RjNLdnk2UlZEVjRLNWJoUUhFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQCuTQEMA8E
AgACMAkDBwQqBJoAEBAwDQYJKoZIhvcNAQELBQADggEBAEbONBqH1v7UA6qIdkTZ
6MrFaQr8e//WKEfvEs6abDWQ3tP4AHUGVVZyFlRO7G2yhr1BNNNN+SX1nQpnTKkr
kF+3HeKkewfUmmCxbEwib4kYtJVFfLGpcg0Jtcji7zyEKUXCtMFQxkcOK9Dzd5Tk
D5EqAa/ueFMc+/RqKANttkQtQE0O4JX38uotx1BoJFcA4ZCX3chCTS79VRlDcjaF
Tf3JsIcP/kjgoY8QkHJkYYohu+U9cBuSjY1jHNx/AlxjJgH54Nq+veTFQwnS2R5k
NROpeDuSF15qEKW38Xm5Hf2qOk9m77xcE3QMn4v4U2DDBx5Wyc0MUP8Wp2azf81g
CA0=
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:40:06 2025 by rpki-client