Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/95d7dc-0c8b-4941-b9c1-d4710d022336/1/GcqNMKz_IHkgz1tH-YWQ4XY5clw.roa
File: GcqNMKz_IHkgz1tH-YWQ4XY5clw.roa (raw, json)
Hash identifier: 4CvQBK2apq8sbRt7uv8OkV3yJALgK2eHnVJOFBYxoIY=
Subject key identifier: 19:CA:8D:30:AC:FF:20:79:20:CF:5B:47:F9:85:90:E1:76:39:72:5C
Certificate issuer: /CN=606857c43ca1df04cb69a4a0aac8629bdf32756b
Certificate serial: 01856F428EFC63D82EEC427FEBAFCFFF7A27
Authority key identifier: 60:68:57:C4:3C:A1:DF:04:CB:69:A4:A0:AA:C8:62:9B:DF:32:75:6B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGhXxDyh3wTLaaSgqshim98ydWs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/eb/95d7dc-0c8b-4941-b9c1-d4710d022336/1/GcqNMKz_IHkgz1tH-YWQ4XY5clw.roa
Signing time: Sun 01 Jan 2023 21:35:11 +0000
ROA not before: Sun 01 Jan 2023 21:35:11 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 209924
IP address blocks: 193.104.91.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:42:8e:fc:63:d8:2e:ec:42:7f:eb:af:cf:ff:7a:27
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606857c43ca1df04cb69a4a0aac8629bdf32756b
Validity
Not Before: Jan 1 21:35:11 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=19ca8d30acff207920cf5b47f98590e17639725c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:99:3a:f3:ae:d0:f5:13:f1:15:ca:ac:ba:f9:
c3:e1:3d:03:f2:1b:1a:4e:ab:15:3d:4a:b9:22:41:
6d:80:a6:a0:2d:bc:0b:81:70:17:76:9a:a8:ad:a0:
20:5a:89:c9:42:25:ec:5e:19:56:ba:bc:ad:38:9c:
4a:33:7e:a6:37:64:10:f8:23:45:09:d6:38:3d:8b:
e6:1d:59:4a:80:f5:27:35:4a:02:80:09:13:8e:54:
36:2d:5a:e0:b0:6e:97:d5:90:98:b7:1c:1d:fb:59:
1f:72:71:f4:88:f7:8b:91:c8:b3:bb:69:c1:e0:78:
03:c9:2e:f2:ad:5f:e6:94:98:3f:fe:fd:34:37:d6:
c7:55:9f:4f:d7:88:50:0c:4a:d5:a1:d1:46:1b:c4:
0c:da:e1:c6:56:27:b9:f6:2d:32:5b:05:6b:da:b6:
8e:58:b0:ba:17:be:fb:c7:da:7d:a8:2f:53:71:8c:
cf:42:ac:d4:1f:97:59:37:0f:e4:e3:c1:7f:a9:a0:
3f:19:85:6e:f8:80:b5:b4:89:02:63:dd:f4:af:1d:
c6:c9:07:6c:38:5f:a7:56:6e:b9:f7:f6:fe:cf:25:
3b:ae:a0:8e:84:ff:f4:0e:12:d4:df:d7:51:75:9f:
bf:5e:01:18:41:74:4c:bf:e9:64:8b:bb:8c:61:7a:
77:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
19:CA:8D:30:AC:FF:20:79:20:CF:5B:47:F9:85:90:E1:76:39:72:5C
X509v3 Authority Key Identifier:
keyid:60:68:57:C4:3C:A1:DF:04:CB:69:A4:A0:AA:C8:62:9B:DF:32:75:6B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGhXxDyh3wTLaaSgqshim98ydWs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/95d7dc-0c8b-4941-b9c1-d4710d022336/1/GcqNMKz_IHkgz1tH-YWQ4XY5clw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/95d7dc-0c8b-4941-b9c1-d4710d022336/1/YGhXxDyh3wTLaaSgqshim98ydWs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.104.91.0/24
Signature Algorithm: sha256WithRSAEncryption
21:f7:e0:9c:17:97:00:87:b2:58:2b:a0:1c:14:5b:e5:d8:b4:
02:80:d7:72:3d:82:7c:46:7d:d3:79:1a:c3:a6:32:74:67:79:
6b:e5:a0:ee:47:58:6d:38:d5:2b:70:b6:5d:8b:17:5d:87:80:
a2:7d:97:bc:b2:69:41:ca:10:89:2f:44:04:ca:f6:fe:35:cb:
92:7d:35:02:29:d5:eb:0e:cf:59:16:ad:9c:c5:72:6f:65:a0:
e6:35:79:1f:f2:b0:16:84:1f:34:2b:48:ab:e8:73:dd:47:aa:
51:dc:5b:8f:84:f3:66:f5:a8:52:35:27:11:4a:04:93:0b:90:
bc:cd:4f:cf:16:e0:64:9d:f5:30:dc:d7:b7:1c:72:a8:cf:88:
05:d4:3f:16:fa:62:3d:d6:76:31:a9:c4:39:30:39:8e:2b:21:
bb:ce:a4:e1:c3:eb:c0:b6:d1:b5:1b:db:1f:3e:ab:7a:17:cd:
cb:2f:bb:ea:be:14:8a:ad:59:f9:cf:e7:d8:13:d1:cb:af:2f:
5f:32:0a:bc:2f:ad:b7:a7:5d:9a:41:9a:66:59:3b:38:98:cb:
34:5a:e5:9a:70:d6:f5:1f:d4:36:51:da:20:45:68:cc:10:e8:
4e:5c:57:8d:16:5d:89:c4:b1:f4:f9:f5:f2:d1:91:4e:95:af:
07:06:d7:f1
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvQo78Y9gu7EJ/66/P/3onMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjg1N2M0M2NhMWRmMDRjYjY5YTRhMGFhYzg2MjliZGYz
Mjc1NmIwHhcNMjMwMTAxMjEzNTExWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxOWNhOGQzMGFjZmYyMDc5MjBjZjViNDdmOTg1OTBlMTc2Mzk3MjVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAopk6867Q9RPxFcqsuvnD4T0D8hsa
TqsVPUq5IkFtgKagLbwLgXAXdpqoraAgWonJQiXsXhlWurytOJxKM36mN2QQ+CNF
CdY4PYvmHVlKgPUnNUoCgAkTjlQ2LVrgsG6X1ZCYtxwd+1kfcnH0iPeLkcizu2nB
4HgDyS7yrV/mlJg//v00N9bHVZ9P14hQDErVodFGG8QM2uHGVie59i0yWwVr2raO
WLC6F777x9p9qC9TcYzPQqzUH5dZNw/k48F/qaA/GYVu+IC1tIkCY930rx3GyQds
OF+nVm659/b+zyU7rqCOhP/0DhLU39dRdZ+/XgEYQXRMv+lki7uMYXp33QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBnKjTCs/yB5IM9bR/mFkOF2OXJcMB8GA1UdIwQY
MBaAFGBoV8Q8od8Ey2mkoKrIYpvfMnVrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdoWHhEeWgzd1RMYWFTZ3FzaGltOTh5ZFdzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYi85NWQ3ZGMtMGM4Yi00OTQxLWI5YzEt
ZDQ3MTBkMDIyMzM2LzEvR2NxTk1Lel9JSGtnejF0SC1ZV1E0WFk1Y2x3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYi85NWQ3ZGMtMGM4Yi00OTQxLWI5YzEtZDQ3MTBkMDIyMzM2
LzEvWUdoWHhEeWgzd1RMYWFTZ3FzaGltOTh5ZFdzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwWhbMA0G
CSqGSIb3DQEBCwUAA4IBAQAh9+CcF5cAh7JYK6AcFFvl2LQCgNdyPYJ8Rn3TeRrD
pjJ0Z3lr5aDuR1htONUrcLZdixddh4CifZe8smlByhCJL0QEyvb+NcuSfTUCKdXr
Ds9ZFq2cxXJvZaDmNXkf8rAWhB80K0ir6HPdR6pR3FuPhPNm9ahSNScRSgSTC5C8
zU/PFuBknfUw3Ne3HHKoz4gF1D8W+mI91nYxqcQ5MDmOKyG7zqThw+vAttG1G9sf
Pqt6F83LL7vqvhSKrVn5z+fYE9HLry9fMgq8L623p12aQZpmWTs4mMs0WuWacNb1
H9Q2UdogRWjMEOhOXFeNFl2JxLH0+fXy0ZFOla8HBtfx
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:22:40 2025 by rpki-client