Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e5/eb70a3-17e1-4d86-8b9e-6080952f0e04/1/GSFblsH1cMwaZx91XJVP0TofMxQ.roa
File: GSFblsH1cMwaZx91XJVP0TofMxQ.roa (raw, json)
Hash identifier: S0caZ7pobNFNKWF4uD+OGAWowTqnuqLjyegGLFmyBcQ=
Subject key identifier: 19:21:5B:96:C1:F5:70:CC:1A:67:1F:75:5C:95:4F:D1:3A:1F:33:14
Certificate issuer: /CN=4f8aea2f025f495beacee7ce5a8820519dda1370
Certificate serial: 0185C5A017115721087C53EBE89534F51BE9
Authority key identifier: 4F:8A:EA:2F:02:5F:49:5B:EA:CE:E7:CE:5A:88:20:51:9D:DA:13:70
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T4rqLwJfSVvqzufOWoggUZ3aE3A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e5/eb70a3-17e1-4d86-8b9e-6080952f0e04/1/GSFblsH1cMwaZx91XJVP0TofMxQ.roa
Signing time: Wed 18 Jan 2023 16:04:41 +0000
ROA not before: Wed 18 Jan 2023 16:04:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 58212
IP address blocks: 185.236.8.0/24 maxlen: 24
185.236.11.0/24 maxlen: 24
185.255.112.0/24 maxlen: 24
85.117.243.0/24 maxlen: 24
192.144.34.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:c5:a0:17:11:57:21:08:7c:53:eb:e8:95:34:f5:1b:e9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f8aea2f025f495beacee7ce5a8820519dda1370
Validity
Not Before: Jan 18 16:04:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=19215b96c1f570cc1a671f755c954fd13a1f3314
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:43:e8:3b:e3:82:92:5b:9e:1f:20:c2:50:1e:
c2:af:40:f6:a5:7c:c3:38:ae:03:c3:e4:80:39:d3:
ef:ca:b5:35:05:4d:a7:3c:0b:13:0c:cf:70:e8:8f:
5f:d5:b7:db:4c:fa:83:56:ea:8d:91:bf:a3:64:a6:
f8:d1:26:81:39:ff:ed:fd:33:3f:eb:9e:8f:00:08:
0a:f1:79:b0:d6:e7:3a:ab:9d:9a:87:37:4b:31:3c:
58:dc:51:d8:59:fb:d0:d0:7d:df:82:f5:3b:81:7e:
94:a4:0f:a4:75:97:93:a9:38:28:67:c1:75:8c:59:
7b:57:f4:dd:e7:5f:51:45:7e:c9:cc:1b:b8:45:6c:
c8:3c:33:4e:4c:16:28:3f:be:cd:30:31:ed:4e:63:
06:69:d0:1b:2d:20:18:a3:7b:5f:74:4c:b4:70:32:
bc:4f:c7:53:85:25:ec:ff:1f:fe:fe:04:bf:a4:31:
43:8d:8e:bf:3f:75:17:e3:c8:8c:8c:ef:8e:b3:ed:
bb:89:1e:75:1a:53:d1:b4:84:05:8a:63:40:24:84:
1e:6d:8d:f3:d8:43:8e:8c:66:e7:a5:16:1a:35:ec:
03:c4:95:4f:b1:c3:05:06:6c:d0:e7:60:23:e7:12:
34:1b:cb:c7:7e:e6:44:93:ca:b8:cb:4d:48:08:bf:
eb:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
19:21:5B:96:C1:F5:70:CC:1A:67:1F:75:5C:95:4F:D1:3A:1F:33:14
X509v3 Authority Key Identifier:
keyid:4F:8A:EA:2F:02:5F:49:5B:EA:CE:E7:CE:5A:88:20:51:9D:DA:13:70
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T4rqLwJfSVvqzufOWoggUZ3aE3A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/eb70a3-17e1-4d86-8b9e-6080952f0e04/1/GSFblsH1cMwaZx91XJVP0TofMxQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/eb70a3-17e1-4d86-8b9e-6080952f0e04/1/T4rqLwJfSVvqzufOWoggUZ3aE3A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.117.243.0/24
185.236.8.0/24
185.236.11.0/24
185.255.112.0/24
192.144.34.0/24
Signature Algorithm: sha256WithRSAEncryption
67:b0:6e:83:87:71:d0:b2:2a:dd:f2:32:d9:d5:61:e6:6a:de:
c1:60:98:b5:61:48:da:fa:63:5f:32:cf:96:4f:2f:42:e4:ea:
bb:34:8d:8c:64:07:f2:d0:9a:ba:1b:e7:c8:3d:df:28:a3:8c:
7a:f9:a3:4e:e4:e2:b1:9e:0b:2a:71:f0:20:9a:42:4d:06:e0:
21:36:8c:6c:06:22:1d:bc:ff:20:d6:4e:ee:72:d4:88:88:90:
9a:5d:77:53:79:61:93:d3:3c:dc:fd:0d:62:01:c5:b5:58:9f:
00:57:1d:95:e8:df:42:a7:08:10:2a:ab:ce:b8:82:da:22:c3:
70:4c:5e:a9:30:f7:33:af:48:db:09:d0:1e:11:c3:bb:e4:cb:
e7:ab:c7:d2:b8:66:a3:74:05:ad:5c:c4:01:ba:46:cd:1d:6b:
73:10:5e:65:79:ee:01:1d:bc:00:5a:71:24:82:e0:e2:21:c4:
52:ac:6e:68:90:fe:7e:d5:3f:7c:ba:c5:e7:a2:0c:d5:98:54:
a4:92:6e:fc:40:bd:40:61:ef:6e:c9:cb:f4:1b:6f:82:1b:c1:
52:37:ac:48:06:96:dc:8e:19:cc:51:88:a8:a3:7c:52:ff:59:
e5:6c:a2:c9:a4:b5:a3:24:30:08:3e:74:4e:22:d1:07:7f:96:
89:c5:8d:17
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYXFoBcRVyEIfFPr6JU09RvpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmOGFlYTJmMDI1ZjQ5NWJlYWNlZTdjZTVhODgyMDUxOWRk
YTEzNzAwHhcNMjMwMTE4MTYwNDQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxOTIxNWI5NmMxZjU3MGNjMWE2NzFmNzU1Yzk1NGZkMTNhMWYzMzE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgkPoO+OCklueHyDCUB7Cr0D2pXzD
OK4Dw+SAOdPvyrU1BU2nPAsTDM9w6I9f1bfbTPqDVuqNkb+jZKb40SaBOf/t/TM/
656PAAgK8Xmw1uc6q52ahzdLMTxY3FHYWfvQ0H3fgvU7gX6UpA+kdZeTqTgoZ8F1
jFl7V/Td519RRX7JzBu4RWzIPDNOTBYoP77NMDHtTmMGadAbLSAYo3tfdEy0cDK8
T8dThSXs/x/+/gS/pDFDjY6/P3UX48iMjO+Os+27iR51GlPRtIQFimNAJIQebY3z
2EOOjGbnpRYaNewDxJVPscMFBmzQ52Aj5xI0G8vHfuZEk8q4y01ICL/r2wIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFBkhW5bB9XDMGmcfdVyVT9E6HzMUMB8GA1UdIwQY
MBaAFE+K6i8CX0lb6s7nzlqIIFGd2hNwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDRycUx3SmZTVnZxenVmT1dvZ2dVWjNhRTNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNS9lYjcwYTMtMTdlMS00ZDg2LThiOWUt
NjA4MDk1MmYwZTA0LzEvR1NGYmxzSDFjTXdhWng5MVhKVlAwVG9mTXhRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNS9lYjcwYTMtMTdlMS00ZDg2LThiOWUtNjA4MDk1MmYwZTA0
LzEvVDRycUx3SmZTVnZxenVmT1dvZ2dVWjNhRTNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAVXXzAwQA
uewIAwQAuewLAwQAuf9wAwQAwJAiMA0GCSqGSIb3DQEBCwUAA4IBAQBnsG6Dh3HQ
sird8jLZ1WHmat7BYJi1YUja+mNfMs+WTy9C5Oq7NI2MZAfy0Jq6G+fIPd8oo4x6
+aNO5OKxngsqcfAgmkJNBuAhNoxsBiIdvP8g1k7uctSIiJCaXXdTeWGT0zzc/Q1i
AcW1WJ8AVx2V6N9CpwgQKqvOuILaIsNwTF6pMPczr0jbCdAeEcO75Mvnq8fSuGaj
dAWtXMQBukbNHWtzEF5lee4BHbwAWnEkguDiIcRSrG5okP5+1T98usXnogzVmFSk
km78QL1AYe9uycv0G2+CG8FSN6xIBpbcjhnMUYioo3xS/1nlbKLJpLWjJDAIPnRO
ItEHf5aJxY0X
-----END CERTIFICATE-----
Generated at Thu Apr 10 23:54:20 2025 by rpki-client