Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d6/4116b6-f1c9-49ad-8b0f-ad2497f284f5/1/gjjcP3jXTxnybSRYMIuLgWciPQg.roa
File: gjjcP3jXTxnybSRYMIuLgWciPQg.roa (raw, json)
Hash identifier: 1DrkyBtfA9T25oOVd+EjDTsJk/hFZqypVEo1WhmlaKI=
Subject key identifier: 82:38:DC:3F:78:D7:4F:19:F2:6D:24:58:30:8B:8B:81:67:22:3D:08
Certificate issuer: /CN=33e8550bcc9fb3b140260c29d69f789978dcc09a
Certificate serial: 01856FC27337C64543FD2CD477F69FEE8EF4
Authority key identifier: 33:E8:55:0B:CC:9F:B3:B1:40:26:0C:29:D6:9F:78:99:78:DC:C0:9A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/M-hVC8yfs7FAJgwp1p94mXjcwJo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d6/4116b6-f1c9-49ad-8b0f-ad2497f284f5/1/gjjcP3jXTxnybSRYMIuLgWciPQg.roa
Signing time: Sun 01 Jan 2023 23:54:52 +0000
ROA not before: Sun 01 Jan 2023 23:54:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49265
IP address blocks: 185.91.189.0/24 maxlen: 24
185.91.188.0/23 maxlen: 23
185.91.188.0/22 maxlen: 22
185.91.190.0/24 maxlen: 24
185.91.190.0/23 maxlen: 23
185.91.191.0/24 maxlen: 24
185.91.188.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:c2:73:37:c6:45:43:fd:2c:d4:77:f6:9f:ee:8e:f4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=33e8550bcc9fb3b140260c29d69f789978dcc09a
Validity
Not Before: Jan 1 23:54:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8238dc3f78d74f19f26d2458308b8b8167223d08
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:e8:3f:fe:de:47:27:f1:e3:37:44:85:e2:38:
c2:a7:0f:bf:22:58:00:f5:69:0d:09:62:3d:6d:3a:
3e:a0:50:64:9b:cb:9a:0a:70:e6:04:4a:0e:47:bc:
a8:44:7f:ea:15:4a:16:57:f3:95:bb:71:89:63:ae:
c4:b1:ec:9a:df:d4:3d:87:63:a8:81:82:3c:d2:39:
76:20:24:7f:d0:e0:ee:07:cd:a5:dc:18:85:9b:19:
8b:8e:7e:ef:09:aa:0f:e5:79:6d:56:a2:05:c0:61:
0a:07:52:85:39:e2:37:6f:a6:a8:71:4a:23:03:5b:
dc:48:51:48:dd:3c:17:ab:44:8c:8d:83:74:60:97:
d4:f9:e6:11:3f:ef:39:b1:84:c1:8f:bf:55:1f:33:
6d:53:5b:9e:d4:cf:fd:e8:be:86:46:49:b7:59:6a:
65:97:73:f5:61:81:02:ba:27:92:bd:5f:b8:86:3c:
15:8f:1e:76:a9:5b:08:ef:ad:bb:bc:32:db:60:63:
d9:7c:06:32:b1:81:05:f0:83:2d:f2:b2:cb:d0:d2:
fe:8c:a3:fd:e2:2a:f4:c6:79:12:d1:3f:a0:b5:e7:
fa:54:bb:5a:ef:23:01:19:17:87:13:f8:24:7b:b9:
40:9c:ef:3b:7c:be:c8:5e:47:6f:cd:d8:46:dd:b8:
7f:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
82:38:DC:3F:78:D7:4F:19:F2:6D:24:58:30:8B:8B:81:67:22:3D:08
X509v3 Authority Key Identifier:
keyid:33:E8:55:0B:CC:9F:B3:B1:40:26:0C:29:D6:9F:78:99:78:DC:C0:9A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/M-hVC8yfs7FAJgwp1p94mXjcwJo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d6/4116b6-f1c9-49ad-8b0f-ad2497f284f5/1/gjjcP3jXTxnybSRYMIuLgWciPQg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d6/4116b6-f1c9-49ad-8b0f-ad2497f284f5/1/M-hVC8yfs7FAJgwp1p94mXjcwJo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.91.188.0/22
Signature Algorithm: sha256WithRSAEncryption
6b:4b:ed:6a:0e:3a:27:36:06:b9:b9:22:06:06:ca:af:9f:92:
27:6c:76:8c:d2:06:2d:1a:4a:bc:37:c0:60:d9:68:2b:e4:c7:
ab:cf:d3:ce:e8:34:20:e6:a1:97:17:b3:d3:54:07:de:ea:98:
b6:89:2a:5e:c6:4e:43:05:2b:59:fe:9c:b8:04:35:86:b2:c6:
60:80:8e:ab:b0:78:73:f6:7e:6c:f0:48:f6:ba:0d:0d:f4:ee:
2d:56:dc:9a:87:21:62:af:e2:93:fe:03:8e:4b:e0:5f:ff:09:
60:16:f8:41:90:0d:ec:fd:48:75:9d:be:13:17:01:d6:9d:8c:
63:07:d7:93:8d:9c:47:92:d0:26:ed:96:49:e5:fa:3d:12:f1:
72:42:a6:10:6f:ef:0e:37:e2:3d:8d:db:60:12:3a:0e:7c:ca:
4c:1a:c6:dd:2b:14:3b:87:5c:56:d1:67:d8:34:8a:90:94:cc:
75:a8:c7:26:99:b5:5b:e5:c6:92:71:54:89:2b:c1:ef:f0:d4:
b0:75:35:ff:f3:cd:7f:c7:a6:08:36:69:63:ca:61:46:79:d5:
3c:52:e3:64:54:22:30:81:b2:dc:d1:a1:3e:8c:21:66:69:f8:
cb:2d:3b:18:9e:19:b9:03:c7:af:83:a1:a3:6a:b6:24:7c:b3:
a5:25:15:25
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvwnM3xkVD/SzUd/af7o70MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMzZTg1NTBiY2M5ZmIzYjE0MDI2MGMyOWQ2OWY3ODk5Nzhk
Y2MwOWEwHhcNMjMwMTAxMjM1NDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MjM4ZGMzZjc4ZDc0ZjE5ZjI2ZDI0NTgzMDhiOGI4MTY3MjIzZDA4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAreg//t5HJ/HjN0SF4jjCpw+/IlgA
9WkNCWI9bTo+oFBkm8uaCnDmBEoOR7yoRH/qFUoWV/OVu3GJY67Eseya39Q9h2Oo
gYI80jl2ICR/0ODuB82l3BiFmxmLjn7vCaoP5XltVqIFwGEKB1KFOeI3b6aocUoj
A1vcSFFI3TwXq0SMjYN0YJfU+eYRP+85sYTBj79VHzNtU1ue1M/96L6GRkm3WWpl
l3P1YYECuieSvV+4hjwVjx52qVsI7627vDLbYGPZfAYysYEF8IMt8rLL0NL+jKP9
4ir0xnkS0T+gtef6VLta7yMBGReHE/gke7lAnO87fL7IXkdvzdhG3bh/MQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFII43D94108Z8m0kWDCLi4FnIj0IMB8GA1UdIwQY
MBaAFDPoVQvMn7OxQCYMKdafeJl43MCaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTS1oVkM4eWZzN0ZBSmd3cDFwOTRtWGpjd0pvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNi80MTE2YjYtZjFjOS00OWFkLThiMGYt
YWQyNDk3ZjI4NGY1LzEvZ2pqY1AzalhUeG55YlNSWU1JdUxnV2NpUFFnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNi80MTE2YjYtZjFjOS00OWFkLThiMGYtYWQyNDk3ZjI4NGY1
LzEvTS1oVkM4eWZzN0ZBSmd3cDFwOTRtWGpjd0pvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuVu8MA0G
CSqGSIb3DQEBCwUAA4IBAQBrS+1qDjonNga5uSIGBsqvn5InbHaM0gYtGkq8N8Bg
2Wgr5Merz9PO6DQg5qGXF7PTVAfe6pi2iSpexk5DBStZ/py4BDWGssZggI6rsHhz
9n5s8Ej2ug0N9O4tVtyahyFir+KT/gOOS+Bf/wlgFvhBkA3s/Uh1nb4TFwHWnYxj
B9eTjZxHktAm7ZZJ5fo9EvFyQqYQb+8ON+I9jdtgEjoOfMpMGsbdKxQ7h1xW0WfY
NIqQlMx1qMcmmbVb5caScVSJK8Hv8NSwdTX/881/x6YINmljymFGedU8UuNkVCIw
gbLc0aE+jCFmafjLLTsYnhm5A8evg6GjarYkfLOlJRUl
-----END CERTIFICATE-----
Generated at Sat Apr 19 12:44:14 2025 by rpki-client