Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/8605e6-d9f4-4c32-b4d1-1a12cc0b0406/1/gyY9hIcPAWXiY7L6keLWo8bHyTg.roa
File: gyY9hIcPAWXiY7L6keLWo8bHyTg.roa (raw, json)
Hash identifier: vmCEw5bIpjh/fYG1BvpGUdeIMbz68TT4Un4k8aajIlQ=
Subject key identifier: 83:26:3D:84:87:0F:01:65:E2:63:B2:FA:91:E2:D6:A3:C6:C7:C9:38
Certificate issuer: /CN=908a7ea712801e4c8feb85b3f078d05ba101aae1
Certificate serial: 076DAAC8
Authority key identifier: 90:8A:7E:A7:12:80:1E:4C:8F:EB:85:B3:F0:78:D0:5B:A1:01:AA:E1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kIp-pxKAHkyP64Wz8HjQW6EBquE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/8605e6-d9f4-4c32-b4d1-1a12cc0b0406/1/gyY9hIcPAWXiY7L6keLWo8bHyTg.roa
Signing time: Wed 19 Jan 2022 20:56:12 +0000
ROA not before: Wed 19 Jan 2022 20:56:12 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 41820
IP address blocks: 194.39.224.0/22 maxlen: 22
194.39.224.0/24 maxlen: 24
194.39.225.0/24 maxlen: 24
194.39.226.0/24 maxlen: 24
194.39.227.0/24 maxlen: 24
31.41.88.0/24 maxlen: 24
31.41.90.0/24 maxlen: 24
31.41.91.0/24 maxlen: 24
31.41.88.0/21 maxlen: 21
31.41.89.0/24 maxlen: 24
31.41.94.0/24 maxlen: 24
31.41.95.0/24 maxlen: 24
31.41.92.0/24 maxlen: 24
31.41.93.0/24 maxlen: 24
193.34.172.0/23 maxlen: 23
193.34.172.0/24 maxlen: 24
193.34.173.0/24 maxlen: 24
176.118.41.0/24 maxlen: 24
176.118.42.0/24 maxlen: 24
176.118.40.0/21 maxlen: 21
176.118.40.0/24 maxlen: 24
176.118.43.0/24 maxlen: 24
176.118.44.0/24 maxlen: 24
176.118.45.0/24 maxlen: 24
176.118.46.0/24 maxlen: 24
176.118.47.0/24 maxlen: 24
91.195.172.0/23 maxlen: 23
91.195.172.0/24 maxlen: 24
91.195.173.0/24 maxlen: 24
2a0f:6680::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 124627656 (0x76daac8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=908a7ea712801e4c8feb85b3f078d05ba101aae1
Validity
Not Before: Jan 19 20:56:12 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=83263d84870f0165e263b2fa91e2d6a3c6c7c938
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:79:89:47:23:fa:d8:dc:b5:0e:d6:c2:95:3e:
3a:5f:43:cc:60:77:3c:c1:f7:d7:87:07:94:f5:57:
83:75:ee:1b:e2:e7:67:50:39:b7:c8:01:08:80:b2:
4d:1a:1c:25:c3:66:9c:38:25:6c:74:06:00:cb:be:
89:10:26:93:3e:63:81:29:1b:dc:a9:29:d1:38:13:
9a:67:61:b2:2f:66:1c:e5:b1:03:b3:c5:c4:77:43:
3b:a7:c9:87:21:73:e1:a3:30:9c:e3:93:f8:41:24:
b0:d0:c4:2c:78:09:01:67:cd:94:74:f0:32:2a:48:
2a:9f:1e:6f:58:32:c1:91:99:21:ef:5f:90:53:51:
d4:c2:ce:f7:d7:21:98:57:89:75:2b:87:6a:13:6e:
19:a4:a5:04:3d:a3:00:5b:fd:66:14:59:4d:d3:42:
b4:53:6e:1a:cb:89:b8:a1:04:cf:10:cb:2f:4e:fc:
5f:10:13:22:80:85:3b:a2:8a:68:f9:e9:55:e8:57:
f8:6e:92:3e:23:51:cc:00:92:81:cc:d8:3f:00:16:
57:75:1a:92:21:a5:76:64:17:d9:03:ca:6d:f6:6e:
ea:e0:6d:64:50:ce:21:9f:c9:8c:19:f8:81:74:eb:
34:af:f3:36:f9:a1:f5:b4:44:73:eb:9d:d4:0e:d4:
c9:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
83:26:3D:84:87:0F:01:65:E2:63:B2:FA:91:E2:D6:A3:C6:C7:C9:38
X509v3 Authority Key Identifier:
keyid:90:8A:7E:A7:12:80:1E:4C:8F:EB:85:B3:F0:78:D0:5B:A1:01:AA:E1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kIp-pxKAHkyP64Wz8HjQW6EBquE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/8605e6-d9f4-4c32-b4d1-1a12cc0b0406/1/gyY9hIcPAWXiY7L6keLWo8bHyTg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/8605e6-d9f4-4c32-b4d1-1a12cc0b0406/1/kIp-pxKAHkyP64Wz8HjQW6EBquE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.41.88.0/21
91.195.172.0/23
176.118.40.0/21
193.34.172.0/23
194.39.224.0/22
IPv6:
2a0f:6680::/29
Signature Algorithm: sha256WithRSAEncryption
6a:e9:7d:4c:01:d8:cf:cc:4f:b4:2d:f4:44:c2:95:7b:f3:fc:
11:e1:3b:45:ca:9f:a5:ce:d2:e4:25:7b:47:c9:ea:67:52:2f:
b3:a3:d2:4d:e9:6a:58:cf:fc:65:80:62:56:04:f2:c6:d1:37:
1e:21:72:57:85:59:5c:07:2b:a0:79:49:0f:b3:ab:cc:ea:3b:
0a:eb:b0:cc:3b:61:07:ec:16:de:37:75:1a:8d:2b:24:59:e1:
4d:5b:51:38:da:4c:55:c9:6d:cf:83:3b:57:00:11:20:37:9b:
a5:5c:92:8b:b6:c7:8b:40:5e:4a:a4:c4:f8:ea:a4:68:67:77:
6f:d6:59:8c:58:df:4a:84:a8:d6:1c:f5:2a:22:9c:ef:5a:f6:
47:0f:09:5b:41:74:6c:34:c5:d0:80:c9:50:bb:f9:3e:a4:0a:
cf:2b:53:bd:d0:f0:24:f7:9b:b8:2a:c9:14:3e:20:3e:6a:99:
7d:70:f5:66:75:a1:5f:d7:96:66:ee:02:17:6e:1d:21:ab:79:
cf:5a:1e:7c:15:0a:54:52:73:14:82:1b:bb:7f:cc:77:9e:fa:
61:f3:58:d2:fb:21:a0:ce:15:25:f6:d3:3d:51:57:53:60:0f:
51:b6:3a:49:fc:9f:5a:fd:92:6d:37:39:cf:77:8b:72:1e:21:
b1:03:70:12
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgIEB22qyDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
MDhhN2VhNzEyODAxZTRjOGZlYjg1YjNmMDc4ZDA1YmExMDFhYWUxMB4XDTIyMDEx
OTIwNTYxMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoODMyNjNkODQ4NzBm
MDE2NWUyNjNiMmZhOTFlMmQ2YTNjNmM3YzkzODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJh5iUcj+tjctQ7WwpU+Ol9DzGB3PMH314cHlPVXg3XuG+Ln
Z1A5t8gBCICyTRocJcNmnDglbHQGAMu+iRAmkz5jgSkb3Kkp0TgTmmdhsi9mHOWx
A7PFxHdDO6fJhyFz4aMwnOOT+EEksNDELHgJAWfNlHTwMipIKp8eb1gywZGZIe9f
kFNR1MLO99chmFeJdSuHahNuGaSlBD2jAFv9ZhRZTdNCtFNuGsuJuKEEzxDLL078
XxATIoCFO6KKaPnpVehX+G6SPiNRzACSgczYPwAWV3UakiGldmQX2QPKbfZu6uBt
ZFDOIZ/JjBn4gXTrNK/zNvmh9bREc+ud1A7UyY0CAwEAAaOCAjAwggIsMB0GA1Ud
DgQWBBSDJj2Ehw8BZeJjsvqR4tajxsfJODAfBgNVHSMEGDAWgBSQin6nEoAeTI/r
hbPweNBboQGq4TAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2tJcC1weEtBSGt5UDY0V3o4SGpRVzZFQnF1RS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYzgvODYwNWU2LWQ5ZjQtNGMzMi1iNGQxLTFhMTJjYzBiMDQwNi8x
L2d5WTloSWNQQVdYaVk3TDZrZUxXbzhiSHlUZy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYzgv
ODYwNWU2LWQ5ZjQtNGMzMi1iNGQxLTFhMTJjYzBiMDQwNi8xL2tJcC1weEtBSGt5
UDY0V3o4SGpRVzZFQnF1RS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBG
BggrBgEFBQcBBwEB/wQ3MDUwJAQCAAEwHgMEAx8pWAMEAVvDrAMEA7B2KAMEAcEi
rAMEAsIn4DANBAIAAjAHAwUDKg9mgDANBgkqhkiG9w0BAQsFAAOCAQEAaul9TAHY
z8xPtC30RMKVe/P8EeE7Rcqfpc7S5CV7R8nqZ1Ivs6PSTelqWM/8ZYBiVgTyxtE3
HiFyV4VZXAcroHlJD7OrzOo7CuuwzDthB+wW3jd1Go0rJFnhTVtRONpMVcltz4M7
VwARIDebpVySi7bHi0BeSqTE+OqkaGd3b9ZZjFjfSoSo1hz1KiKc71r2Rw8JW0F0
bDTF0IDJULv5PqQKzytTvdDwJPebuCrJFD4gPmqZfXD1ZnWhX9eWZu4CF24dIat5
z1oefBUKVFJzFIIbu3/Md576YfNY0vshoM4VJfbTPVFXU2APUbY6SfyfWv2SbTc5
z3eLch4hsQNwEg==
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:03:23 2025 by rpki-client