Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d5/cf79a3-f3cc-4d5a-9672-e8f7fd3a4078/1/gRgEgcqx9haJTxEPnVMa_0N7s0E.roa
File: gRgEgcqx9haJTxEPnVMa_0N7s0E.roa (raw, json)
Hash identifier: EKaw+AnPIb0bZdktghyQUgddsfkLLtS4dib0mzgsBoM=
Subject key identifier: 81:18:04:81:CA:B1:F6:16:89:4F:11:0F:9D:53:1A:FF:43:7B:B3:41
Certificate issuer: /CN=d1ca1a706abcfbe1b85865238d8435ee33e75820
Certificate serial: 0182E9CF5DE0F90A286E7450DF4D8B1DAF24
Authority key identifier: D1:CA:1A:70:6A:BC:FB:E1:B8:58:65:23:8D:84:35:EE:33:E7:58:20
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0coacGq8--G4WGUjjYQ17jPnWCA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d5/cf79a3-f3cc-4d5a-9672-e8f7fd3a4078/1/gRgEgcqx9haJTxEPnVMa_0N7s0E.roa
Signing time: Mon 29 Aug 2022 13:34:17 +0000
ROA not before: Mon 29 Aug 2022 13:34:17 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 42926
IP address blocks: 89.252.182.0/24 maxlen: 24
89.252.186.0/24 maxlen: 24
89.252.185.0/24 maxlen: 24
89.252.184.0/24 maxlen: 24
89.252.183.0/24 maxlen: 24
89.252.187.0/24 maxlen: 24
45.84.189.0/24 maxlen: 24
2a0f:e80::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:e9:cf:5d:e0:f9:0a:28:6e:74:50:df:4d:8b:1d:af:24
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d1ca1a706abcfbe1b85865238d8435ee33e75820
Validity
Not Before: Aug 29 13:34:17 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=81180481cab1f616894f110f9d531aff437bb341
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:d0:4d:7b:a0:13:53:c2:9a:3e:12:ce:81:cf:
ea:b1:86:40:5b:8e:f3:55:c8:0c:e1:b5:80:2b:2f:
6c:7a:8b:f4:dc:d6:7d:7f:d9:12:34:c5:66:a6:18:
cc:3c:42:1b:91:df:d6:1c:12:43:b9:48:ab:99:64:
db:ce:ea:d8:2d:ff:18:f0:3c:5d:bf:e5:52:6c:07:
0e:d6:21:1b:32:53:d4:f1:5f:c2:4d:98:ad:1c:e1:
05:9d:a3:b8:d0:c9:a1:46:f6:9c:73:be:37:34:7e:
1b:cd:77:40:e7:6e:fd:f2:01:c8:32:aa:1d:35:c0:
8c:a2:8b:fc:3c:6d:15:a8:dd:7a:ce:75:c1:9e:21:
cf:c2:f1:d6:d5:ae:d3:f7:1f:8b:d6:af:54:f3:c5:
57:32:53:c5:29:6e:79:4a:d8:98:8a:9b:91:c3:33:
4b:2f:97:53:a9:4a:a0:1e:de:32:ef:2e:e9:f2:ef:
6e:6f:c0:72:7a:fb:45:96:95:67:bf:8b:58:7f:84:
ca:57:90:71:0a:ec:4a:18:07:10:80:1c:79:47:c6:
41:23:22:b3:c9:6f:c1:0b:e9:5c:1b:0c:6f:4d:88:
42:19:c1:1d:db:2e:63:0d:b9:e8:3a:8b:02:a9:34:
d7:20:b3:55:7b:fa:1a:32:5a:35:e1:81:5d:40:5c:
94:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
81:18:04:81:CA:B1:F6:16:89:4F:11:0F:9D:53:1A:FF:43:7B:B3:41
X509v3 Authority Key Identifier:
keyid:D1:CA:1A:70:6A:BC:FB:E1:B8:58:65:23:8D:84:35:EE:33:E7:58:20
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0coacGq8--G4WGUjjYQ17jPnWCA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/cf79a3-f3cc-4d5a-9672-e8f7fd3a4078/1/gRgEgcqx9haJTxEPnVMa_0N7s0E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/cf79a3-f3cc-4d5a-9672-e8f7fd3a4078/1/0coacGq8--G4WGUjjYQ17jPnWCA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.84.189.0/24
89.252.182.0-89.252.187.255
IPv6:
2a0f:e80::/29
Signature Algorithm: sha256WithRSAEncryption
83:ae:43:a1:23:dc:d6:16:b7:25:a6:57:e2:22:95:99:3f:1d:
c7:89:55:5e:aa:c2:ed:9d:dc:78:6b:49:50:e5:a8:a2:0d:35:
1a:de:2f:77:22:19:16:7a:ec:03:aa:d9:c9:63:bf:11:27:f7:
b4:d7:38:e2:99:81:84:fd:b4:49:5d:45:78:31:75:49:4d:bc:
70:5f:71:74:82:94:7d:3d:dd:3b:b6:97:1a:4f:36:48:b1:7c:
eb:a7:8b:f6:cc:eb:ed:ee:55:0f:b1:f6:09:ed:84:9e:78:19:
b5:15:b2:13:15:6b:f1:43:a8:4a:8d:b1:7f:f0:a2:ed:05:c9:
2d:9f:30:56:fd:35:3a:dc:25:eb:fc:1a:12:86:a3:ef:cc:a3:
0f:2d:d8:12:11:c2:0e:e5:d1:a0:03:29:43:9e:b8:11:37:82:
53:8c:e5:96:64:1c:c2:db:8b:2d:c7:1f:6e:0e:f7:ab:e0:60:
da:af:8d:01:ba:c6:95:dc:8a:01:f6:82:9f:4e:b8:eb:3a:5b:
b2:93:0c:54:85:26:a1:ef:1b:a1:87:a9:24:d0:75:9f:ec:28:
ac:bb:0a:c0:3f:44:7a:a9:2e:07:82:e4:74:19:69:e2:6a:d8:
b7:12:59:64:b9:c5:b8:96:52:e0:67:a5:f6:81:67:78:08:31:
d5:a0:a0:00
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAYLpz13g+QoobnRQ302LHa8kMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQxY2ExYTcwNmFiY2ZiZTFiODU4NjUyMzhkODQzNWVlMzNl
NzU4MjAwHhcNMjIwODI5MTMzNDE3WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MTE4MDQ4MWNhYjFmNjE2ODk0ZjExMGY5ZDUzMWFmZjQzN2JiMzQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtdBNe6ATU8KaPhLOgc/qsYZAW47z
VcgM4bWAKy9seov03NZ9f9kSNMVmphjMPEIbkd/WHBJDuUirmWTbzurYLf8Y8Dxd
v+VSbAcO1iEbMlPU8V/CTZitHOEFnaO40MmhRvacc743NH4bzXdA52798gHIMqod
NcCMoov8PG0VqN16znXBniHPwvHW1a7T9x+L1q9U88VXMlPFKW55StiYipuRwzNL
L5dTqUqgHt4y7y7p8u9ub8ByevtFlpVnv4tYf4TKV5BxCuxKGAcQgBx5R8ZBIyKz
yW/BC+lcGwxvTYhCGcEd2y5jDbnoOosCqTTXILNVe/oaMlo14YFdQFyUWwIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFIEYBIHKsfYWiU8RD51TGv9De7NBMB8GA1UdIwQY
MBaAFNHKGnBqvPvhuFhlI42ENe4z51ggMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMGNvYWNHcTgtLUc0V0dVampZUTE3alBuV0NBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNS9jZjc5YTMtZjNjYy00ZDVhLTk2NzIt
ZThmN2ZkM2E0MDc4LzEvZ1JnRWdjcXg5aGFKVHhFUG5WTWFfME43czBFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNS9jZjc5YTMtZjNjYy00ZDVhLTk2NzItZThmN2ZkM2E0MDc4
LzEvMGNvYWNHcTgtLUc0V0dVampZUTE3alBuV0NBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzAaBAIAATAUAwQALVS9MAwD
BAFZ/LYDBAJZ/LgwDQQCAAIwBwMFAyoPDoAwDQYJKoZIhvcNAQELBQADggEBAIOu
Q6Ej3NYWtyWmV+IilZk/HceJVV6qwu2d3HhrSVDlqKINNRreL3ciGRZ67AOq2clj
vxEn97TXOOKZgYT9tEldRXgxdUlNvHBfcXSClH093Tu2lxpPNkixfOuni/bM6+3u
VQ+x9gnthJ54GbUVshMVa/FDqEqNsX/wou0FyS2fMFb9NTrcJev8GhKGo+/Mow8t
2BIRwg7l0aADKUOeuBE3glOM5ZZkHMLbiy3HH24O96vgYNqvjQG6xpXcigH2gp9O
uOs6W7KTDFSFJqHvG6GHqSTQdZ/sKKy7CsA/RHqpLgeC5HQZaeJq2LcSWWS5xbiW
UuBnpfaBZ3gIMdWgoAA=
-----END CERTIFICATE-----
Generated at Mon Apr 21 19:17:41 2025 by rpki-client