Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/8d3c82-e403-4da6-b315-8790206f0d74/1/gGl0nCTZuP5vB3Xyw4VlTUWrPzc.roa
File: gGl0nCTZuP5vB3Xyw4VlTUWrPzc.roa (raw, json)
Hash identifier: 9s3MHtFfYqkuH4Vt76iGBAXIiD+pKgaYQb6KKjSjkWc=
Subject key identifier: 80:69:74:9C:24:D9:B8:FE:6F:07:75:F2:C3:85:65:4D:45:AB:3F:37
Certificate issuer: /CN=41f5a10e4fd2655adbbb40ede18b2615ac558ea9
Certificate serial: 358A1EAD
Authority key identifier: 41:F5:A1:0E:4F:D2:65:5A:DB:BB:40:ED:E1:8B:26:15:AC:55:8E:A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QfWhDk_SZVrbu0Dt4YsmFaxVjqk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/8d3c82-e403-4da6-b315-8790206f0d74/1/gGl0nCTZuP5vB3Xyw4VlTUWrPzc.roa
Signing time: Sat 01 Jan 2022 14:55:30 +0000
ROA not before: Sat 01 Jan 2022 14:55:30 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 42831
IP address blocks: 192.109.139.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 898244269 (0x358a1ead)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=41f5a10e4fd2655adbbb40ede18b2615ac558ea9
Validity
Not Before: Jan 1 14:55:30 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=8069749c24d9b8fe6f0775f2c385654d45ab3f37
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:76:29:6a:94:00:88:97:86:07:70:48:9f:c9:
05:79:bf:86:55:5c:88:3f:dd:39:cf:49:84:12:b5:
03:40:38:56:8e:ef:65:b8:a2:ab:73:aa:74:8d:07:
d6:85:a2:4d:6e:13:43:44:08:75:45:b1:19:3a:38:
b8:f7:3d:ed:ae:fe:e5:bb:75:cc:9e:70:d8:72:a9:
84:d1:c5:11:8f:80:c8:44:50:28:3a:a5:ac:c6:9f:
10:e7:a3:f9:94:ba:df:39:56:0e:7b:fd:3d:47:0f:
63:42:0b:2d:34:de:06:ee:46:3c:38:e1:28:98:f8:
7c:1a:ef:7f:25:57:e8:55:6f:c0:4e:1e:63:49:b7:
93:22:57:06:e2:5c:8a:f6:56:04:1a:55:ae:cc:4f:
9e:cf:71:2b:c1:e1:ee:6c:5a:e9:89:f6:8e:50:8e:
c5:97:41:c3:46:60:50:2d:81:c1:a6:7c:0d:93:7b:
f6:7f:57:a5:b1:ea:3a:3c:65:1a:98:f7:5a:ef:52:
fd:1d:c2:7e:d0:8b:b0:f8:ee:15:0c:84:c8:e0:66:
09:4e:e3:3a:61:62:5f:02:3b:0c:61:9b:79:35:ad:
c9:0a:ea:f8:b8:8a:68:08:72:c7:a0:b2:59:45:fe:
ab:25:75:cb:f7:9e:22:39:f7:a2:be:72:2f:04:93:
2b:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
80:69:74:9C:24:D9:B8:FE:6F:07:75:F2:C3:85:65:4D:45:AB:3F:37
X509v3 Authority Key Identifier:
keyid:41:F5:A1:0E:4F:D2:65:5A:DB:BB:40:ED:E1:8B:26:15:AC:55:8E:A9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QfWhDk_SZVrbu0Dt4YsmFaxVjqk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8d3c82-e403-4da6-b315-8790206f0d74/1/gGl0nCTZuP5vB3Xyw4VlTUWrPzc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8d3c82-e403-4da6-b315-8790206f0d74/1/QfWhDk_SZVrbu0Dt4YsmFaxVjqk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.109.139.0/24
Signature Algorithm: sha256WithRSAEncryption
71:56:2d:33:8e:c3:03:50:92:ee:f4:26:7c:06:08:33:c8:fe:
0f:45:0d:23:eb:8a:63:11:61:38:cd:35:1f:86:66:9c:44:92:
59:c6:c2:5b:d8:b2:bf:52:34:ac:b9:71:99:76:14:5b:8f:10:
a5:e4:ad:8d:d8:3e:9a:bf:aa:11:79:ec:33:44:00:f4:2b:98:
66:93:94:fb:ec:05:6e:0d:1e:54:f3:60:79:c4:09:7d:75:11:
72:9e:93:6b:74:e4:5c:3e:91:47:98:e9:3e:20:13:d1:e8:4c:
ff:10:c3:1e:ed:25:33:37:d3:ad:86:0f:ee:1a:10:1d:d7:12:
4c:19:d4:6d:c3:7d:83:10:66:a9:9d:85:38:d5:cd:ac:11:28:
d3:79:41:53:6b:f9:53:36:36:87:41:05:f1:1e:75:7d:a6:c5:
3a:e9:4e:b7:ee:bb:d6:41:bd:0e:8b:23:74:95:19:01:d0:5d:
80:69:d2:06:85:99:05:99:21:ea:33:39:27:6b:bb:30:f2:a5:
a9:42:fe:36:da:fb:2c:3a:bb:af:a7:13:63:b1:5a:e6:6e:ef:
a9:2e:73:ed:73:30:f4:f3:da:d8:b1:6d:c8:a3:8c:ed:f2:96:
85:1f:74:82:39:b9:1d:ec:2a:b1:76:95:19:d3:e4:fe:b1:30:
12:23:fd:5e
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIENYoerTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0
MWY1YTEwZTRmZDI2NTVhZGJiYjQwZWRlMThiMjYxNWFjNTU4ZWE5MB4XDTIyMDEw
MTE0NTUzMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoODA2OTc0OWMyNGQ5
YjhmZTZmMDc3NWYyYzM4NTY1NGQ0NWFiM2YzNzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKp2KWqUAIiXhgdwSJ/JBXm/hlVciD/dOc9JhBK1A0A4Vo7v
Zbiiq3OqdI0H1oWiTW4TQ0QIdUWxGTo4uPc97a7+5bt1zJ5w2HKphNHFEY+AyERQ
KDqlrMafEOej+ZS63zlWDnv9PUcPY0ILLTTeBu5GPDjhKJj4fBrvfyVX6FVvwE4e
Y0m3kyJXBuJcivZWBBpVrsxPns9xK8Hh7mxa6Yn2jlCOxZdBw0ZgUC2BwaZ8DZN7
9n9XpbHqOjxlGpj3Wu9S/R3CftCLsPjuFQyEyOBmCU7jOmFiXwI7DGGbeTWtyQrq
+LiKaAhyx6CyWUX+qyV1y/eeIjn3or5yLwSTK4cCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSAaXScJNm4/m8HdfLDhWVNRas/NzAfBgNVHSMEGDAWgBRB9aEOT9JlWtu7
QO3hiyYVrFWOqTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1FmV2hEa19TWlZyYnUwRHQ0WXNtRmF4Vmpxay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZjYvOGQzYzgyLWU0MDMtNGRhNi1iMzE1LTg3OTAyMDZmMGQ3NC8x
L2dHbDBuQ1RadVA1dkIzWHl3NFZsVFVXclB6Yy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZjYv
OGQzYzgyLWU0MDMtNGRhNi1iMzE1LTg3OTAyMDZmMGQ3NC8xL1FmV2hEa19TWlZy
YnUwRHQ0WXNtRmF4Vmpxay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMBtizANBgkqhkiG9w0BAQsFAAOC
AQEAcVYtM47DA1CS7vQmfAYIM8j+D0UNI+uKYxFhOM01H4ZmnESSWcbCW9iyv1I0
rLlxmXYUW48QpeStjdg+mr+qEXnsM0QA9CuYZpOU++wFbg0eVPNgecQJfXURcp6T
a3TkXD6RR5jpPiAT0ehM/xDDHu0lMzfTrYYP7hoQHdcSTBnUbcN9gxBmqZ2FONXN
rBEo03lBU2v5UzY2h0EF8R51fabFOulOt+671kG9DosjdJUZAdBdgGnSBoWZBZkh
6jM5J2u7MPKlqUL+Ntr7LDq7r6cTY7Fa5m7vqS5z7XMw9PPa2LFtyKOM7fKWhR90
gjm5HewqsXaVGdPk/rEwEiP9Xg==
-----END CERTIFICATE-----
Generated at Thu Mar 13 20:38:25 2025 by rpki-client