Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3b/f39a49-59ea-4c4f-98fc-53aab42f476e/1/gGUjxfDSfIqPcY7VEUqRAZQW0Fg.roa
File: gGUjxfDSfIqPcY7VEUqRAZQW0Fg.roa (raw, json)
Hash identifier: oWJj7HGNd3kOsfki+nd0Wy1d0jSqQ//vwNjaIgZPn7c=
Subject key identifier: 80:65:23:C5:F0:D2:7C:8A:8F:71:8E:D5:11:4A:91:01:94:16:D0:58
Certificate issuer: /CN=8a3fe0b9c630a33e171a0a5c793f340b43446932
Certificate serial: 01857102FCCD2B9FDDA68D36F4513F211F1E
Authority key identifier: 8A:3F:E0:B9:C6:30:A3:3E:17:1A:0A:5C:79:3F:34:0B:43:44:69:32
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ij_gucYwoz4XGgpceT80C0NEaTI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3b/f39a49-59ea-4c4f-98fc-53aab42f476e/1/gGUjxfDSfIqPcY7VEUqRAZQW0Fg.roa
Signing time: Mon 02 Jan 2023 05:44:59 +0000
ROA not before: Mon 02 Jan 2023 05:44:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207198
IP address blocks: 213.194.192.0/20 maxlen: 20
185.163.40.0/22 maxlen: 22
213.194.208.0/22 maxlen: 22
2a0a:a800::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:02:fc:cd:2b:9f:dd:a6:8d:36:f4:51:3f:21:1f:1e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8a3fe0b9c630a33e171a0a5c793f340b43446932
Validity
Not Before: Jan 2 05:44:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=806523c5f0d27c8a8f718ed5114a91019416d058
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:f8:b0:2d:ac:3e:f5:a6:bc:87:bd:40:d6:63:
4f:99:fa:75:3e:2d:97:4b:b5:d3:be:5e:bd:21:13:
5b:7c:6a:fc:89:8a:db:aa:2c:f0:5a:65:2b:f8:4e:
15:f6:c5:4f:7a:61:ec:2a:6e:b8:6b:51:5f:5f:a8:
ef:ed:36:f3:c6:96:e1:95:f0:5c:9a:a2:bb:fc:77:
74:5a:b9:74:5c:21:99:ee:8f:42:fd:53:8a:62:9b:
9c:47:8a:49:b3:35:5f:25:6a:fa:2d:06:0c:0b:de:
aa:60:84:01:d8:b5:11:30:cc:c8:87:5d:fd:3b:31:
5e:65:d6:b1:9a:dd:43:2b:aa:85:6c:f4:4d:2d:87:
ba:84:18:0f:63:11:b5:a4:45:69:2f:db:ac:f4:53:
10:a1:52:c9:f3:e9:79:e8:80:af:57:a9:eb:b6:ae:
04:40:48:1a:2d:81:45:d8:81:70:8a:fb:db:ca:1b:
13:b5:97:ea:71:18:2d:6b:c2:d2:0a:e5:08:f2:69:
c7:98:94:7d:7b:cc:14:60:94:e1:be:4d:96:8d:7a:
c7:b2:41:43:25:b7:97:02:c2:40:47:3a:80:c9:d0:
b7:35:a6:c2:d6:c0:77:69:68:ab:93:50:d4:63:0f:
fd:c2:dc:3a:5c:a3:26:da:62:e6:c3:85:c6:25:8b:
08:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
80:65:23:C5:F0:D2:7C:8A:8F:71:8E:D5:11:4A:91:01:94:16:D0:58
X509v3 Authority Key Identifier:
keyid:8A:3F:E0:B9:C6:30:A3:3E:17:1A:0A:5C:79:3F:34:0B:43:44:69:32
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ij_gucYwoz4XGgpceT80C0NEaTI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/f39a49-59ea-4c4f-98fc-53aab42f476e/1/gGUjxfDSfIqPcY7VEUqRAZQW0Fg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/f39a49-59ea-4c4f-98fc-53aab42f476e/1/ij_gucYwoz4XGgpceT80C0NEaTI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.163.40.0/22
213.194.192.0-213.194.211.255
IPv6:
2a0a:a800::/29
Signature Algorithm: sha256WithRSAEncryption
6f:aa:9d:cd:2e:6c:34:1f:81:9f:d0:6d:6b:31:03:8b:8a:67:
1d:bf:c0:4e:c5:08:4d:1b:90:95:01:73:a7:56:ce:64:a5:e3:
68:64:16:a5:73:39:6d:97:4d:5e:da:96:b2:91:5c:85:b7:84:
26:ef:45:00:eb:31:75:4e:f4:35:3d:6d:42:15:62:1c:4a:45:
c9:cf:1b:ee:f3:98:6d:93:ba:a8:39:42:06:fb:2e:d2:02:8a:
19:ae:1e:09:a2:61:3b:fd:fc:4a:af:17:f7:29:30:35:18:6a:
9d:d9:78:44:ed:f5:31:aa:db:d9:8d:c6:0b:3f:b9:6e:42:f1:
60:0c:6f:44:cf:b6:49:f8:e8:42:2c:34:0e:ee:1f:ad:e1:c7:
85:df:ea:47:f1:e1:3d:23:36:74:8b:5c:18:d9:a7:b8:ac:bd:
ed:07:c9:dc:4c:96:9a:22:84:4a:a2:c4:40:1e:c5:04:60:85:
ff:a6:c7:84:d5:af:c5:a0:e5:6b:c6:53:48:24:ff:6e:33:9a:
c6:6e:6d:4f:61:c3:26:65:a6:d3:03:3e:03:92:2e:ec:44:02:
41:30:7b:02:45:b9:4a:f2:0d:fd:2e:52:1d:23:5f:53:b4:a2:
8d:91:8e:0a:cc:9e:7d:d2:2f:12:ac:f6:c0:32:47:02:49:09:
c0:8a:17:7c
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAYVxAvzNK5/dpo029FE/IR8eMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhhM2ZlMGI5YzYzMGEzM2UxNzFhMGE1Yzc5M2YzNDBiNDM0
NDY5MzIwHhcNMjMwMTAyMDU0NDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MDY1MjNjNWYwZDI3YzhhOGY3MThlZDUxMTRhOTEwMTk0MTZkMDU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvfiwLaw+9aa8h71A1mNPmfp1Pi2X
S7XTvl69IRNbfGr8iYrbqizwWmUr+E4V9sVPemHsKm64a1FfX6jv7TbzxpbhlfBc
mqK7/Hd0Wrl0XCGZ7o9C/VOKYpucR4pJszVfJWr6LQYMC96qYIQB2LURMMzIh139
OzFeZdaxmt1DK6qFbPRNLYe6hBgPYxG1pEVpL9us9FMQoVLJ8+l56ICvV6nrtq4E
QEgaLYFF2IFwivvbyhsTtZfqcRgta8LSCuUI8mnHmJR9e8wUYJThvk2WjXrHskFD
JbeXAsJARzqAydC3NabC1sB3aWirk1DUYw/9wtw6XKMm2mLmw4XGJYsIEwIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFIBlI8Xw0nyKj3GO1RFKkQGUFtBYMB8GA1UdIwQY
MBaAFIo/4LnGMKM+FxoKXHk/NAtDRGkyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaWpfZ3VjWXdvejRYR2dwY2VUODBDME5FYVRJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYi9mMzlhNDktNTllYS00YzRmLTk4ZmMt
NTNhYWI0MmY0NzZlLzEvZ0dVanhmRFNmSXFQY1k3VkVVcVJBWlFXMEZnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYi9mMzlhNDktNTllYS00YzRmLTk4ZmMtNTNhYWI0MmY0NzZl
LzEvaWpfZ3VjWXdvejRYR2dwY2VUODBDME5FYVRJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzAaBAIAATAUAwQCuaMoMAwD
BAbVwsADBALVwtAwDQQCAAIwBwMFAyoKqAAwDQYJKoZIhvcNAQELBQADggEBAG+q
nc0ubDQfgZ/QbWsxA4uKZx2/wE7FCE0bkJUBc6dWzmSl42hkFqVzOW2XTV7alrKR
XIW3hCbvRQDrMXVO9DU9bUIVYhxKRcnPG+7zmG2Tuqg5Qgb7LtICihmuHgmiYTv9
/EqvF/cpMDUYap3ZeETt9TGq29mNxgs/uW5C8WAMb0TPtkn46EIsNA7uH63hx4Xf
6kfx4T0jNnSLXBjZp7isve0HydxMlpoihEqixEAexQRghf+mx4TVr8Wg5WvGU0gk
/24zmsZubU9hwyZlptMDPgOSLuxEAkEwewJFuUryDf0uUh0jX1O0oo2RjgrMnn3S
LxKs9sAyRwJJCcCKF3w=
-----END CERTIFICATE-----
Generated at Tue May 13 01:48:15 2025 by rpki-client