Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/05d8ba-9433-4a2e-bfe6-37b21bab3b00/1/jgaCZt2hKfTcfclIqHT656YVRio.roa
File: jgaCZt2hKfTcfclIqHT656YVRio.roa (raw, json)
Hash identifier: aLOsg6fXbXKxUpPnyWsisNEsi+GkCc0PtXr07Q2JHiw=
Subject key identifier: 8E:06:82:66:DD:A1:29:F4:DC:7D:C9:48:A8:74:FA:E7:A6:15:46:2A
Certificate issuer: /CN=82d7fe7312efb42bd8d1ecd82ac76191ea26c356
Certificate serial: 01857295CFE55892682B47E2BC3B114725C5
Authority key identifier: 82:D7:FE:73:12:EF:B4:2B:D8:D1:EC:D8:2A:C7:61:91:EA:26:C3:56
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gtf-cxLvtCvY0ezYKsdhkeomw1Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/db/05d8ba-9433-4a2e-bfe6-37b21bab3b00/1/jgaCZt2hKfTcfclIqHT656YVRio.roa
Signing time: Mon 02 Jan 2023 13:04:58 +0000
ROA not before: Mon 02 Jan 2023 13:04:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 6453
IP address blocks: 92.43.168.0/24 maxlen: 24
92.43.168.0/23 maxlen: 23
92.43.169.0/24 maxlen: 24
92.43.172.0/24 maxlen: 24
92.43.171.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:95:cf:e5:58:92:68:2b:47:e2:bc:3b:11:47:25:c5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=82d7fe7312efb42bd8d1ecd82ac76191ea26c356
Validity
Not Before: Jan 2 13:04:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8e068266dda129f4dc7dc948a874fae7a615462a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:9a:91:42:27:aa:96:77:40:a3:3d:84:3b:71:
09:2a:85:db:e5:6a:90:34:e3:47:0c:5d:f1:72:e9:
09:c9:e5:e3:b8:34:94:1a:fc:b6:86:cd:0a:31:b4:
98:78:36:14:af:6a:ce:92:c7:e8:ac:f3:64:41:7d:
e7:9c:4c:50:3e:29:2f:48:e9:3c:8f:5d:a5:10:86:
59:89:95:36:93:6d:37:42:6e:29:8d:22:33:0a:00:
c7:e5:58:50:15:b7:62:66:95:51:80:e2:90:07:a1:
5a:03:0e:db:f0:10:32:17:ae:9f:8a:bf:b6:88:ee:
16:41:d5:69:11:4a:17:f5:47:22:5c:eb:d9:9b:55:
1e:f9:46:d1:4c:98:53:8e:b4:58:ef:fe:b1:1e:b7:
0c:53:12:94:99:d7:37:1f:77:43:09:31:74:da:8c:
7d:d8:0d:85:0d:99:bd:76:68:08:85:99:ac:5e:23:
aa:43:be:99:f0:ea:fb:df:b4:f3:d6:47:35:f7:e5:
c1:02:ca:73:1b:93:39:a3:dc:c0:80:3c:e1:88:2f:
85:f8:0f:99:94:5b:bb:11:33:a2:1f:2b:f4:eb:25:
82:5f:ef:20:d2:22:a3:f7:9c:89:45:62:61:4f:07:
ce:a7:03:c5:5d:7e:a2:e6:fe:73:c8:a9:7e:e8:f5:
5a:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8E:06:82:66:DD:A1:29:F4:DC:7D:C9:48:A8:74:FA:E7:A6:15:46:2A
X509v3 Authority Key Identifier:
keyid:82:D7:FE:73:12:EF:B4:2B:D8:D1:EC:D8:2A:C7:61:91:EA:26:C3:56
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gtf-cxLvtCvY0ezYKsdhkeomw1Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/05d8ba-9433-4a2e-bfe6-37b21bab3b00/1/jgaCZt2hKfTcfclIqHT656YVRio.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/db/05d8ba-9433-4a2e-bfe6-37b21bab3b00/1/gtf-cxLvtCvY0ezYKsdhkeomw1Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
92.43.168.0/23
92.43.171.0-92.43.172.255
Signature Algorithm: sha256WithRSAEncryption
43:8d:ec:51:68:da:d5:4b:bf:8b:eb:f7:cd:bd:81:f0:d9:ea:
b0:e4:1a:0e:6a:a4:1e:bf:e5:c6:b2:28:6e:66:eb:b9:b8:b1:
ea:6e:bd:46:a8:ac:f8:2f:b1:57:1f:43:3c:7a:e7:02:db:c2:
ef:b6:e3:a7:9b:cd:8c:f2:d7:fb:bb:60:14:49:c2:18:03:a5:
92:1c:09:d8:9d:be:9c:31:b2:dc:12:d1:3a:fd:cc:99:cb:9b:
c9:d6:73:6e:ed:c3:e7:84:69:d3:c7:e9:16:fd:62:3a:55:4a:
2f:f3:70:9f:18:d4:f1:0c:e1:30:f5:d4:7f:26:72:49:c9:0e:
92:ee:a7:f0:7a:8e:e8:38:8b:98:96:32:5f:11:d2:55:f8:3a:
23:df:91:99:b4:7e:47:21:ce:16:03:f2:e1:61:13:0f:78:61:
44:52:ea:90:40:cc:3c:cc:11:c8:55:c4:21:4a:9f:9d:d7:20:
03:ee:48:2e:d7:35:4a:20:bd:eb:14:bf:01:c7:79:b0:fe:1b:
13:41:d2:4c:b5:2b:2d:11:3a:95:a8:b4:f6:71:a2:96:1a:7b:
b4:43:b1:de:da:be:e6:74:15:22:63:67:1b:20:f8:e7:e3:3d:
d2:cf:c0:ee:6d:21:94:e1:62:ad:2f:87:28:cd:ab:be:20:ad:
47:77:5d:d5
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYVylc/lWJJoK0fivDsRRyXFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgyZDdmZTczMTJlZmI0MmJkOGQxZWNkODJhYzc2MTkxZWEy
NmMzNTYwHhcNMjMwMTAyMTMwNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZTA2ODI2NmRkYTEyOWY0ZGM3ZGM5NDhhODc0ZmFlN2E2MTU0NjJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoZqRQieqlndAoz2EO3EJKoXb5WqQ
NONHDF3xcukJyeXjuDSUGvy2hs0KMbSYeDYUr2rOksforPNkQX3nnExQPikvSOk8
j12lEIZZiZU2k203Qm4pjSIzCgDH5VhQFbdiZpVRgOKQB6FaAw7b8BAyF66fir+2
iO4WQdVpEUoX9UciXOvZm1Ue+UbRTJhTjrRY7/6xHrcMUxKUmdc3H3dDCTF02ox9
2A2FDZm9dmgIhZmsXiOqQ76Z8Or737Tz1kc19+XBAspzG5M5o9zAgDzhiC+F+A+Z
lFu7ETOiHyv06yWCX+8g0iKj95yJRWJhTwfOpwPFXX6i5v5zyKl+6PVaOwIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFI4GgmbdoSn03H3JSKh0+uemFUYqMB8GA1UdIwQY
MBaAFILX/nMS77Qr2NHs2CrHYZHqJsNWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ3RmLWN4THZ0Q3ZZMGV6WUtzZGhrZW9tdzFZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi8wNWQ4YmEtOTQzMy00YTJlLWJmZTYt
MzdiMjFiYWIzYjAwLzEvamdhQ1p0MmhLZlRjZmNsSXFIVDY1NllWUmlvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYi8wNWQ4YmEtOTQzMy00YTJlLWJmZTYtMzdiMjFiYWIzYjAw
LzEvZ3RmLWN4THZ0Q3ZZMGV6WUtzZGhrZW9tdzFZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUAwQBXCuoMAwD
BABcK6sDBABcK6wwDQYJKoZIhvcNAQELBQADggEBAEON7FFo2tVLv4vr9829gfDZ
6rDkGg5qpB6/5cayKG5m67m4sepuvUaorPgvsVcfQzx65wLbwu+246ebzYzy1/u7
YBRJwhgDpZIcCdidvpwxstwS0Tr9zJnLm8nWc27tw+eEadPH6Rb9YjpVSi/zcJ8Y
1PEM4TD11H8mcknJDpLup/B6jug4i5iWMl8R0lX4OiPfkZm0fkchzhYD8uFhEw94
YURS6pBAzDzMEchVxCFKn53XIAPuSC7XNUogvesUvwHHebD+GxNB0ky1Ky0ROpWo
tPZxopYae7RDsd7avuZ0FSJjZxsg+OfjPdLPwO5tIZThYq0vhyjNq74grUd3XdU=
-----END CERTIFICATE-----
Generated at Thu Mar 13 20:02:32 2025 by rpki-client