Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e0/b1a75d-b791-40b4-bda7-e9ddbe3efbe3/1/gyaNN6F_FwaKZ_TfgZKxoN5W8a0.roa
File: gyaNN6F_FwaKZ_TfgZKxoN5W8a0.roa (raw, json)
Hash identifier: pjT9Ea1jV+Mc3T3aejhW4DBKIUAarPQ9n7GqQl3pN8s=
Subject key identifier: 83:26:8D:37:A1:7F:17:06:8A:67:F4:DF:81:92:B1:A0:DE:56:F1:AD
Certificate issuer: /CN=b1241f129dbfc4a1651fecdba03108fcd2cc1df2
Certificate serial: 018614C43AD45AAF8201D937964007E2277A
Authority key identifier: B1:24:1F:12:9D:BF:C4:A1:65:1F:EC:DB:A0:31:08:FC:D2:CC:1D:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sSQfEp2_xKFlH-zboDEI_NLMHfI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e0/b1a75d-b791-40b4-bda7-e9ddbe3efbe3/1/gyaNN6F_FwaKZ_TfgZKxoN5W8a0.roa
Signing time: Fri 03 Feb 2023 00:54:09 +0000
ROA not before: Fri 03 Feb 2023 00:54:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 42742
IP address blocks: 92.118.140.0/22 maxlen: 22
194.79.4.0/22 maxlen: 22
195.211.64.0/22 maxlen: 22
91.189.232.0/21 maxlen: 21
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:14:c4:3a:d4:5a:af:82:01:d9:37:96:40:07:e2:27:7a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b1241f129dbfc4a1651fecdba03108fcd2cc1df2
Validity
Not Before: Feb 3 00:54:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=83268d37a17f17068a67f4df8192b1a0de56f1ad
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:29:ae:9d:8e:32:50:a5:2c:20:46:20:8b:61:
f1:76:0f:3d:5f:79:fd:eb:bb:79:94:65:d0:d1:61:
12:30:b5:82:4b:c7:16:90:5f:9b:75:de:08:e8:d1:
94:94:b6:06:d0:46:55:e4:48:74:76:a9:17:0e:7a:
eb:e6:4e:a9:d5:34:bc:07:b2:ff:3d:7f:17:47:8f:
28:4c:f4:d0:5d:0c:17:aa:bd:11:69:1a:9b:83:e0:
a9:08:f2:cc:35:4a:ae:b5:3f:95:d9:6d:66:aa:b9:
94:98:e1:3c:27:d2:51:fc:ec:ce:b7:2c:51:e0:3a:
33:6c:c9:7f:e7:93:4e:c3:b0:41:0f:8d:82:5c:0b:
b7:68:23:9d:84:b0:01:2b:90:48:1f:69:4b:1e:fe:
3f:03:fc:c0:75:fa:41:7a:c7:da:4b:2d:d4:4a:e5:
27:c6:de:68:67:cd:c5:7c:43:73:7c:57:1b:82:90:
80:56:67:cb:cd:65:78:60:20:05:d2:6e:4d:25:fe:
e1:b3:9d:d3:94:80:42:97:df:13:08:ed:02:a4:ba:
7c:e1:ae:f2:2c:f5:62:e0:d7:5d:39:41:ce:82:f9:
4e:3e:e6:55:ce:41:a5:3c:8e:78:67:2d:a0:03:ee:
6b:73:ea:e9:e2:86:20:8f:a3:a5:cd:d7:b3:39:40:
57:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
83:26:8D:37:A1:7F:17:06:8A:67:F4:DF:81:92:B1:A0:DE:56:F1:AD
X509v3 Authority Key Identifier:
keyid:B1:24:1F:12:9D:BF:C4:A1:65:1F:EC:DB:A0:31:08:FC:D2:CC:1D:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sSQfEp2_xKFlH-zboDEI_NLMHfI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/b1a75d-b791-40b4-bda7-e9ddbe3efbe3/1/gyaNN6F_FwaKZ_TfgZKxoN5W8a0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/b1a75d-b791-40b4-bda7-e9ddbe3efbe3/1/sSQfEp2_xKFlH-zboDEI_NLMHfI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.189.232.0/21
92.118.140.0/22
194.79.4.0/22
195.211.64.0/22
Signature Algorithm: sha256WithRSAEncryption
4f:5a:15:dc:1e:2d:08:51:9f:9c:5d:0e:c0:0c:e4:34:d2:0c:
d4:21:11:2f:b6:57:73:8f:0e:38:93:95:f0:04:e9:0e:9e:5e:
da:b8:09:03:ff:96:a6:27:32:9c:c0:0c:4f:52:2f:3d:7e:5e:
71:82:9e:b0:b9:67:51:5d:f1:e2:aa:f3:ca:ef:05:83:b7:61:
3e:72:79:a6:4f:33:07:cc:fb:ec:95:d9:25:b6:f2:a4:49:f3:
86:67:24:81:39:bd:e8:3d:e8:28:a5:ab:1b:5f:35:c3:36:78:
46:a6:10:fd:6b:93:49:57:0f:5d:86:f1:e5:b2:ff:de:85:f1:
3e:8a:d0:64:b0:a9:dd:63:41:29:ef:7c:d2:c4:78:2a:34:e5:
26:f2:ef:49:8c:ed:03:c3:f7:d7:09:61:73:ae:d3:f6:21:66:
cf:61:26:10:9b:b4:62:74:21:ce:bd:65:0b:8c:a5:5a:82:56:
2b:4b:67:f5:14:1b:0a:b8:0e:8f:c7:33:e4:f9:14:ff:cd:75:
ea:f2:e4:9b:d2:b2:69:9b:dc:29:7c:f9:84:ba:fb:c6:63:a7:
7d:af:d3:bf:86:9e:dc:d8:72:5a:c5:12:cb:c5:c6:f2:80:ff:
cc:4f:8f:83:f5:b2:7f:25:03:75:4b:98:de:09:3b:fb:b3:aa:
ba:9a:2e:ef
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYYUxDrUWq+CAdk3lkAH4id6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxMjQxZjEyOWRiZmM0YTE2NTFmZWNkYmEwMzEwOGZjZDJj
YzFkZjIwHhcNMjMwMjAzMDA1NDA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MzI2OGQzN2ExN2YxNzA2OGE2N2Y0ZGY4MTkyYjFhMGRlNTZmMWFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnymunY4yUKUsIEYgi2Hxdg89X3n9
67t5lGXQ0WESMLWCS8cWkF+bdd4I6NGUlLYG0EZV5Eh0dqkXDnrr5k6p1TS8B7L/
PX8XR48oTPTQXQwXqr0RaRqbg+CpCPLMNUqutT+V2W1mqrmUmOE8J9JR/OzOtyxR
4DozbMl/55NOw7BBD42CXAu3aCOdhLABK5BIH2lLHv4/A/zAdfpBesfaSy3USuUn
xt5oZ83FfENzfFcbgpCAVmfLzWV4YCAF0m5NJf7hs53TlIBCl98TCO0CpLp84a7y
LPVi4NddOUHOgvlOPuZVzkGlPI54Zy2gA+5rc+rp4oYgj6OlzdezOUBXRQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFIMmjTehfxcGimf034GSsaDeVvGtMB8GA1UdIwQY
MBaAFLEkHxKdv8ShZR/s26AxCPzSzB3yMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc1NRZkVwMl94S0ZsSC16Ym9ERUlfTkxNSGZJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMC9iMWE3NWQtYjc5MS00MGI0LWJkYTct
ZTlkZGJlM2VmYmUzLzEvZ3lhTk42Rl9Gd2FLWl9UZmdaS3hvTjVXOGEwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMC9iMWE3NWQtYjc5MS00MGI0LWJkYTctZTlkZGJlM2VmYmUz
LzEvc1NRZkVwMl94S0ZsSC16Ym9ERUlfTkxNSGZJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQDW73oAwQC
XHaMAwQCwk8EAwQCw9NAMA0GCSqGSIb3DQEBCwUAA4IBAQBPWhXcHi0IUZ+cXQ7A
DOQ00gzUIREvtldzjw44k5XwBOkOnl7auAkD/5amJzKcwAxPUi89fl5xgp6wuWdR
XfHiqvPK7wWDt2E+cnmmTzMHzPvsldkltvKkSfOGZySBOb3oPegopasbXzXDNnhG
phD9a5NJVw9dhvHlsv/ehfE+itBksKndY0Ep73zSxHgqNOUm8u9JjO0Dw/fXCWFz
rtP2IWbPYSYQm7RidCHOvWULjKVaglYrS2f1FBsKuA6PxzPk+RT/zXXq8uSb0rJp
m9wpfPmEuvvGY6d9r9O/hp7c2HJaxRLLxcbygP/MT4+D9bJ/JQN1S5jeCTv7s6q6
mi7v
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:46:14 2025 by rpki-client