Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cb/e4b00c-a929-48d4-b7d8-7688731bed9d/1/gGYFUSQ28suxgh1UOOZhvuHD2V8.roa
File: gGYFUSQ28suxgh1UOOZhvuHD2V8.roa (raw, json)
Hash identifier: qhicO5nMZ6X5LHqyUhzTBr+X1P//eM+G2mGDk4LQ1u0=
Subject key identifier: 80:66:05:51:24:36:F2:CB:B1:82:1D:54:38:E6:61:BE:E1:C3:D9:5F
Certificate issuer: /CN=36482f2efefb927a3caffea1d91f2417f3d2e7d7
Certificate serial: 0189540DB7CCA3B1D8B81482EB67442623DA
Authority key identifier: 36:48:2F:2E:FE:FB:92:7A:3C:AF:FE:A1:D9:1F:24:17:F3:D2:E7:D7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NkgvLv77kno8r_6h2R8kF_PS59c.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cb/e4b00c-a929-48d4-b7d8-7688731bed9d/1/gGYFUSQ28suxgh1UOOZhvuHD2V8.roa
Signing time: Fri 14 Jul 2023 10:58:52 +0000
ROA not before: Fri 14 Jul 2023 10:58:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 51871
IP address blocks: 193.34.29.0/24 maxlen: 24
193.34.28.0/22 maxlen: 22
193.34.28.0/24 maxlen: 24
193.34.31.0/24 maxlen: 24
193.34.30.0/24 maxlen: 24
2001:67c:21b0::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:54:0d:b7:cc:a3:b1:d8:b8:14:82:eb:67:44:26:23:da
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36482f2efefb927a3caffea1d91f2417f3d2e7d7
Validity
Not Before: Jul 14 10:58:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=806605512436f2cbb1821d5438e661bee1c3d95f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:f9:0f:3c:ee:7c:f5:98:21:c1:d8:6c:87:f5:
4c:ae:11:2b:fa:3c:32:6c:9a:cb:8c:51:9a:31:30:
1e:d8:25:d9:4d:f1:aa:68:67:b1:ef:17:bb:bf:cf:
0e:46:12:a5:a9:ee:30:01:18:3a:58:37:5a:82:bb:
32:40:3f:1f:1d:b1:6d:b3:b2:6b:55:9e:a9:ee:4e:
aa:1b:6d:54:68:28:a4:18:63:c1:25:89:fe:68:f0:
65:40:36:ac:4a:b3:9c:58:06:2b:b6:27:19:5c:83:
dd:61:45:72:84:da:fb:36:79:0d:81:88:dd:ce:07:
ca:cd:41:30:ec:5d:cd:53:fe:22:b6:5f:42:1f:57:
c9:28:34:c4:41:ee:23:36:9a:d6:43:46:d8:06:57:
f7:1b:57:8f:51:85:54:52:e8:d4:b6:f1:5b:79:85:
a2:ba:4c:c1:4d:93:e2:fb:ce:57:ed:e5:e7:cf:5e:
1d:dd:f5:f4:1c:06:85:14:5c:6e:3a:0a:0c:c4:de:
7a:78:90:06:e4:50:e1:4d:33:ff:05:4d:21:65:cb:
f5:14:e0:10:c3:18:d4:2f:25:31:cc:4c:ec:44:03:
da:81:f8:8e:ff:91:15:2a:a2:c4:c7:31:67:f7:7d:
ef:c1:bf:c1:fe:7c:6d:e1:47:35:00:fb:52:38:e1:
e1:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
80:66:05:51:24:36:F2:CB:B1:82:1D:54:38:E6:61:BE:E1:C3:D9:5F
X509v3 Authority Key Identifier:
keyid:36:48:2F:2E:FE:FB:92:7A:3C:AF:FE:A1:D9:1F:24:17:F3:D2:E7:D7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NkgvLv77kno8r_6h2R8kF_PS59c.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/e4b00c-a929-48d4-b7d8-7688731bed9d/1/gGYFUSQ28suxgh1UOOZhvuHD2V8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/e4b00c-a929-48d4-b7d8-7688731bed9d/1/NkgvLv77kno8r_6h2R8kF_PS59c.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.34.28.0/22
IPv6:
2001:67c:21b0::/48
Signature Algorithm: sha256WithRSAEncryption
ac:cb:a1:27:b7:b7:ac:81:41:3f:96:99:36:92:d1:16:8a:a0:
a8:bc:b5:62:39:aa:a3:29:b1:09:4a:e7:e1:27:fa:17:ce:06:
af:80:ec:3f:46:33:9b:83:38:b6:d2:ec:cf:26:77:35:9c:b1:
7c:ac:18:7e:03:9b:d9:34:ad:15:5f:55:dc:a7:f8:7e:70:9e:
3e:fb:a6:d4:ca:28:4e:f5:b7:d3:55:7e:0b:56:f6:8b:6e:51:
7d:61:4d:e6:e9:e5:64:14:8d:99:2c:10:1f:c7:f4:8b:77:5c:
4b:34:c8:a1:04:7d:e8:cb:32:7a:a3:cb:3e:75:7a:c1:0c:cf:
fe:e6:d6:1b:a4:42:0e:ab:ca:74:55:03:94:40:1a:38:46:2f:
89:79:ca:e6:91:9c:51:d8:b2:48:04:43:64:cb:46:e6:5a:ff:
49:21:56:4d:b6:25:58:d6:5b:f6:b0:6e:b8:29:40:1f:8a:80:
8e:ae:c8:ac:15:02:5b:4a:fe:6f:90:5a:84:a6:c8:a6:f6:14:
0f:a8:f2:35:45:fe:ac:cc:bc:d3:41:48:30:fc:5e:3e:f8:29:
2a:0e:af:c0:89:25:5e:f3:94:b3:df:bf:f3:74:a4:38:01:89:
18:fc:bb:ad:6e:d5:6d:b7:cf:b6:8d:8c:7c:f0:5d:f2:c6:61:
ef:a7:8c:80
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYlUDbfMo7HYuBSC62dEJiPaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2NDgyZjJlZmVmYjkyN2EzY2FmZmVhMWQ5MWYyNDE3ZjNk
MmU3ZDcwHhcNMjMwNzE0MTA1ODUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MDY2MDU1MTI0MzZmMmNiYjE4MjFkNTQzOGU2NjFiZWUxYzNkOTVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhfkPPO589Zghwdhsh/VMrhEr+jwy
bJrLjFGaMTAe2CXZTfGqaGex7xe7v88ORhKlqe4wARg6WDdagrsyQD8fHbFts7Jr
VZ6p7k6qG21UaCikGGPBJYn+aPBlQDasSrOcWAYrticZXIPdYUVyhNr7NnkNgYjd
zgfKzUEw7F3NU/4itl9CH1fJKDTEQe4jNprWQ0bYBlf3G1ePUYVUUujUtvFbeYWi
ukzBTZPi+85X7eXnz14d3fX0HAaFFFxuOgoMxN56eJAG5FDhTTP/BU0hZcv1FOAQ
wxjULyUxzEzsRAPagfiO/5EVKqLExzFn933vwb/B/nxt4Uc1APtSOOHhdQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFIBmBVEkNvLLsYIdVDjmYb7hw9lfMB8GA1UdIwQY
MBaAFDZILy7++5J6PK/+odkfJBfz0ufXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTmtndkx2Nzdrbm84cl82aDJSOGtGX1BTNTljLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYi9lNGIwMGMtYTkyOS00OGQ0LWI3ZDgt
NzY4ODczMWJlZDlkLzEvZ0dZRlVTUTI4c3V4Z2gxVU9PWmh2dUhEMlY4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYi9lNGIwMGMtYTkyOS00OGQ0LWI3ZDgtNzY4ODczMWJlZDlk
LzEvTmtndkx2Nzdrbm84cl82aDJSOGtGX1BTNTljLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQCwSIcMA8E
AgACMAkDBwAgAQZ8IbAwDQYJKoZIhvcNAQELBQADggEBAKzLoSe3t6yBQT+WmTaS
0RaKoKi8tWI5qqMpsQlK5+En+hfOBq+A7D9GM5uDOLbS7M8mdzWcsXysGH4Dm9k0
rRVfVdyn+H5wnj77ptTKKE71t9NVfgtW9otuUX1hTebp5WQUjZksEB/H9It3XEs0
yKEEfejLMnqjyz51esEMz/7m1hukQg6rynRVA5RAGjhGL4l5yuaRnFHYskgEQ2TL
RuZa/0khVk22JVjWW/awbrgpQB+KgI6uyKwVAltK/m+QWoSmyKb2FA+o8jVF/qzM
vNNBSDD8Xj74KSoOr8CJJV7zlLPfv/N0pDgBiRj8u61u1W23z7aNjHzwXfLGYe+n
jIA=
-----END CERTIFICATE-----
Generated at Sat Apr 19 18:37:18 2025 by rpki-client