Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/gvqT5lrdYiG5hSpi2kySWoIpD-A.roa
File: gvqT5lrdYiG5hSpi2kySWoIpD-A.roa (raw, json)
Hash identifier: 1lmLbR6XDGQLIUiZWhx5ZjHh9uF1xObKPO1eqSt4l0I=
Subject key identifier: 82:FA:93:E6:5A:DD:62:21:B9:85:2A:62:DA:4C:92:5A:82:29:0F:E0
Certificate issuer: /CN=92d7c2a1072d73507adbf6507de68aaac01785c0
Certificate serial: 018506171E746FF7E2A7CD508D9CDB4C7FFE
Authority key identifier: 92:D7:C2:A1:07:2D:73:50:7A:DB:F6:50:7D:E6:8A:AA:C0:17:85:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ktfCoQctc1B62_ZQfeaKqsAXhcA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/gvqT5lrdYiG5hSpi2kySWoIpD-A.roa
Signing time: Mon 12 Dec 2022 11:27:36 +0000
ROA not before: Mon 12 Dec 2022 11:27:36 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 47395
IP address blocks: 109.188.0.0/17 maxlen: 17
94.25.128.0/18 maxlen: 18
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:06:17:1e:74:6f:f7:e2:a7:cd:50:8d:9c:db:4c:7f:fe
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=92d7c2a1072d73507adbf6507de68aaac01785c0
Validity
Not Before: Dec 12 11:27:36 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=82fa93e65add6221b9852a62da4c925a82290fe0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:fc:ce:02:4d:5f:8c:f1:26:a8:f1:af:48:32:
7c:f4:7a:56:6b:d4:8f:22:b0:51:f8:c9:7d:04:c5:
42:c1:92:c0:62:d9:55:af:f8:70:e2:c8:52:16:e1:
25:9e:d1:e4:43:da:59:cd:28:29:fa:37:be:44:e3:
fa:c5:55:59:96:be:e4:b2:da:b8:1f:47:52:01:46:
87:6a:a2:9b:9f:ec:91:47:32:ae:bc:53:b5:6e:aa:
50:3a:29:90:55:ea:0a:62:e8:25:b5:12:8c:7a:ea:
7e:23:f2:4a:6f:b7:4a:72:51:cd:e5:27:bd:da:40:
c8:e2:db:f6:b4:92:e9:57:6c:a6:b2:25:00:cc:89:
b8:58:2c:11:2e:d0:0b:4b:e4:cf:d1:da:dc:a6:6d:
dc:5e:dc:2c:f5:7a:5e:ad:fc:99:bb:5b:e9:b0:80:
8c:e5:c3:2e:1e:b9:cf:47:95:ea:c9:de:8f:6d:39:
a2:76:dc:45:1a:11:93:a6:d0:03:11:71:81:70:1c:
d9:4a:5e:df:0d:a7:e3:1e:79:98:dd:b5:47:af:b5:
80:b4:96:5d:44:d8:94:e9:d1:2d:d2:da:f8:60:ff:
ba:ca:ce:22:59:21:66:90:c2:49:e8:e5:90:b6:e8:
e4:d8:e1:a5:b3:2f:6e:7a:95:af:4f:d3:42:f9:b6:
25:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
82:FA:93:E6:5A:DD:62:21:B9:85:2A:62:DA:4C:92:5A:82:29:0F:E0
X509v3 Authority Key Identifier:
keyid:92:D7:C2:A1:07:2D:73:50:7A:DB:F6:50:7D:E6:8A:AA:C0:17:85:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ktfCoQctc1B62_ZQfeaKqsAXhcA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/gvqT5lrdYiG5hSpi2kySWoIpD-A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/ktfCoQctc1B62_ZQfeaKqsAXhcA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.25.128.0/18
109.188.0.0/17
Signature Algorithm: sha256WithRSAEncryption
74:6e:20:31:67:4a:b1:5b:08:aa:b5:9f:f8:ae:15:c9:8b:50:
bf:97:54:f5:93:6b:7c:6c:a3:0a:59:b9:f4:0e:d0:ea:1e:46:
cf:b1:1e:d8:b4:fe:aa:e8:34:f7:57:64:49:e5:98:a1:d6:05:
6e:7e:c1:25:8e:eb:8e:5f:e4:9d:2f:e6:7f:50:47:b5:aa:b3:
90:e0:cd:02:e4:10:83:e2:d9:04:fe:c6:1a:cf:62:8c:58:5f:
46:06:c3:34:9d:aa:71:58:45:41:cd:58:4f:28:31:2f:27:77:
d3:80:72:f1:46:a8:3e:7e:2f:12:d5:96:7a:41:bc:24:4d:2a:
aa:31:51:9d:09:f6:bd:40:22:f8:6b:e5:96:dc:94:5b:17:af:
e8:77:39:5f:67:96:bd:d9:a2:9b:ae:35:65:85:01:d8:a1:ef:
d4:f8:cd:01:7b:55:4c:ee:c8:f0:d2:d3:f9:62:c2:2e:6e:0e:
b9:1c:69:eb:85:42:53:25:ee:89:8c:f0:22:41:01:55:6b:6b:
8b:4d:9c:3d:aa:16:b7:d0:3f:ba:71:ce:cd:b3:ad:5f:0c:7f:
16:51:c1:47:f1:ef:ee:ef:50:e5:20:e7:2f:3f:e0:fe:a3:82:
cb:4b:f3:ba:67:c9:66:4f:76:7f:bc:7e:c3:4c:a2:e3:c6:49:
43:76:4c:23
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYUGFx50b/fip81QjZzbTH/+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyZDdjMmExMDcyZDczNTA3YWRiZjY1MDdkZTY4YWFhYzAx
Nzg1YzAwHhcNMjIxMjEyMTEyNzM2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MmZhOTNlNjVhZGQ2MjIxYjk4NTJhNjJkYTRjOTI1YTgyMjkwZmUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiPzOAk1fjPEmqPGvSDJ89HpWa9SP
IrBR+Ml9BMVCwZLAYtlVr/hw4shSFuElntHkQ9pZzSgp+je+ROP6xVVZlr7kstq4
H0dSAUaHaqKbn+yRRzKuvFO1bqpQOimQVeoKYugltRKMeup+I/JKb7dKclHN5Se9
2kDI4tv2tJLpV2ymsiUAzIm4WCwRLtALS+TP0drcpm3cXtws9XperfyZu1vpsICM
5cMuHrnPR5Xqyd6PbTmidtxFGhGTptADEXGBcBzZSl7fDafjHnmY3bVHr7WAtJZd
RNiU6dEt0tr4YP+6ys4iWSFmkMJJ6OWQtujk2OGlsy9uepWvT9NC+bYltwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFIL6k+Za3WIhuYUqYtpMklqCKQ/gMB8GA1UdIwQY
MBaAFJLXwqEHLXNQetv2UH3miqrAF4XAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva3RmQ29RY3RjMUI2Ml9aUWZlYUtxc0FYaGNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy85Y2ZmN2MtZjA1YS00ZTAyLWJlYTct
ODllNTZjODBkMWQwLzEvZ3ZxVDVscmRZaUc1aFNwaTJreVNXb0lwRC1BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy85Y2ZmN2MtZjA1YS00ZTAyLWJlYTctODllNTZjODBkMWQw
LzEva3RmQ29RY3RjMUI2Ml9aUWZlYUtxc0FYaGNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQGXhmAAwQH
bbwAMA0GCSqGSIb3DQEBCwUAA4IBAQB0biAxZ0qxWwiqtZ/4rhXJi1C/l1T1k2t8
bKMKWbn0DtDqHkbPsR7YtP6q6DT3V2RJ5Zih1gVufsEljuuOX+SdL+Z/UEe1qrOQ
4M0C5BCD4tkE/sYaz2KMWF9GBsM0napxWEVBzVhPKDEvJ3fTgHLxRqg+fi8S1ZZ6
QbwkTSqqMVGdCfa9QCL4a+WW3JRbF6/odzlfZ5a92aKbrjVlhQHYoe/U+M0Be1VM
7sjw0tP5YsIubg65HGnrhUJTJe6JjPAiQQFVa2uLTZw9qha30D+6cc7Ns61fDH8W
UcFH8e/u71DlIOcvP+D+o4LLS/O6Z8lmT3Z/vH7DTKLjxklDdkwj
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:30:00 2025 by rpki-client