Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/GRYo9Fpn1c4csiB4kY1dW39bblc.roa
File: GRYo9Fpn1c4csiB4kY1dW39bblc.roa (raw, json)
Hash identifier: R+Kgq8rRsGOt6Vm0+Eqmwb2hlqkcaOVpYXAYKDPW8C4=
Subject key identifier: 19:16:28:F4:5A:67:D5:CE:1C:B2:20:78:91:8D:5D:5B:7F:5B:6E:57
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 0188E50825969B51E4AE9B093EE55345CCB5
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/GRYo9Fpn1c4csiB4kY1dW39bblc.roa
Signing time: Thu 22 Jun 2023 21:34:56 +0000
ROA not before: Thu 22 Jun 2023 21:34:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 61138
IP address blocks: 185.209.38.0/24 maxlen: 24
185.218.103.0/24 maxlen: 24
185.209.39.0/24 maxlen: 24
185.226.106.0/24 maxlen: 24
185.214.103.0/24 maxlen: 24
185.214.100.0/24 maxlen: 24
185.214.101.0/24 maxlen: 24
185.214.102.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:e5:08:25:96:9b:51:e4:ae:9b:09:3e:e5:53:45:cc:b5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: Jun 22 21:34:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=191628f45a67d5ce1cb22078918d5d5b7f5b6e57
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:70:c0:19:a3:51:d4:e8:71:3d:e9:4a:9f:f4:
4c:30:11:6b:19:d5:ef:fb:51:16:73:e0:8a:2c:af:
27:de:be:ef:75:02:90:14:cc:75:29:7b:c7:f2:b3:
87:4c:b9:47:65:b8:e3:ca:a6:de:13:a9:24:e5:aa:
5b:98:e7:d7:6a:32:f1:39:21:97:46:cb:51:c3:3a:
26:11:46:f0:d0:56:b9:a7:1c:3e:44:1f:f1:ad:4a:
39:fe:be:13:70:c1:34:ee:43:54:1f:67:0e:e9:79:
8c:57:29:d5:fc:79:a6:86:b0:e6:21:15:a6:66:16:
d3:2c:48:a0:85:95:28:e1:ec:a3:a4:5c:9b:c3:bf:
76:bf:3d:8b:10:d4:21:ea:5d:4f:21:93:fa:ce:40:
40:b9:c7:b1:5f:a1:68:ed:72:60:64:64:10:c7:6d:
2c:7e:8a:6b:02:3b:f8:8e:73:20:7e:e0:cc:18:6b:
0d:97:93:36:ea:30:20:71:ed:12:ee:11:b2:ac:9b:
da:92:f5:3e:89:1a:ff:53:ce:d8:6f:01:74:8a:77:
36:d5:1e:6e:2f:08:20:25:28:87:27:69:4d:26:4f:
74:85:19:2b:c5:ac:2a:1e:54:db:ab:94:c6:45:60:
b4:f9:4a:ee:55:46:91:ae:85:f6:cc:7a:a7:3f:0f:
6b:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
19:16:28:F4:5A:67:D5:CE:1C:B2:20:78:91:8D:5D:5B:7F:5B:6E:57
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/GRYo9Fpn1c4csiB4kY1dW39bblc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.209.38.0/23
185.214.100.0/22
185.218.103.0/24
185.226.106.0/24
Signature Algorithm: sha256WithRSAEncryption
96:22:43:62:f2:aa:2f:04:e6:d8:5e:fd:23:4d:0e:90:dc:a0:
61:34:da:2f:d5:c7:53:33:ae:0d:93:1c:cd:60:a8:45:7a:48:
62:37:d0:ba:c3:40:eb:6b:e6:19:32:da:8d:d4:58:6d:86:36:
bd:9c:47:e7:73:e0:92:39:e0:ea:39:cb:be:7d:ae:14:55:80:
81:49:d3:03:a3:05:bf:b7:94:b3:00:a4:3f:7d:ff:d2:f2:62:
d3:12:1c:6f:f6:5f:bd:8c:93:6a:6f:35:99:3b:d8:d1:3c:e6:
1a:41:9c:f1:7e:96:15:00:10:1c:a9:59:2b:ab:6f:d5:20:d6:
d6:be:b8:fd:5c:f1:e0:41:fe:ff:4b:9c:15:68:82:d7:c1:05:
53:d5:ce:f3:3c:2e:95:10:d5:e0:85:5a:00:b5:14:64:19:73:
11:57:d2:81:aa:21:d3:31:fc:34:30:50:0b:fd:e0:bd:70:04:
fa:36:6a:b0:8d:36:47:18:63:b9:d8:1a:cb:fe:2c:55:11:92:
9f:32:ef:91:c1:d9:e4:50:b4:09:fc:3c:8b:b3:33:4e:03:94:
85:92:19:c4:f5:3b:2d:bd:b1:4f:e5:66:5a:04:74:5e:49:59:
ec:ce:29:f9:dc:fd:b2:8c:6e:e5:3b:be:a4:64:0e:8b:e6:9f:
78:2b:ac:cd
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYjlCCWWm1HkrpsJPuVTRcy1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjMwNjIyMjEzNDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxOTE2MjhmNDVhNjdkNWNlMWNiMjIwNzg5MThkNWQ1YjdmNWI2ZTU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnXDAGaNR1OhxPelKn/RMMBFrGdXv
+1EWc+CKLK8n3r7vdQKQFMx1KXvH8rOHTLlHZbjjyqbeE6kk5apbmOfXajLxOSGX
RstRwzomEUbw0Fa5pxw+RB/xrUo5/r4TcME07kNUH2cO6XmMVynV/HmmhrDmIRWm
ZhbTLEighZUo4eyjpFybw792vz2LENQh6l1PIZP6zkBAucexX6Fo7XJgZGQQx20s
foprAjv4jnMgfuDMGGsNl5M26jAgce0S7hGyrJvakvU+iRr/U87YbwF0inc21R5u
LwggJSiHJ2lNJk90hRkrxawqHlTbq5TGRWC0+UruVUaRroX2zHqnPw9rlQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFBkWKPRaZ9XOHLIgeJGNXVt/W25XMB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvR1JZbzlGcG4xYzRjc2lCNGtZMWRXMzliYmxjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQBudEmAwQC
udZkAwQAudpnAwQAueJqMA0GCSqGSIb3DQEBCwUAA4IBAQCWIkNi8qovBObYXv0j
TQ6Q3KBhNNov1cdTM64NkxzNYKhFekhiN9C6w0Dra+YZMtqN1Fhthja9nEfnc+CS
OeDqOcu+fa4UVYCBSdMDowW/t5SzAKQ/ff/S8mLTEhxv9l+9jJNqbzWZO9jRPOYa
QZzxfpYVABAcqVkrq2/VINbWvrj9XPHgQf7/S5wVaILXwQVT1c7zPC6VENXghVoA
tRRkGXMRV9KBqiHTMfw0MFAL/eC9cAT6NmqwjTZHGGO52BrL/ixVEZKfMu+Rwdnk
ULQJ/DyLszNOA5SFkhnE9TstvbFP5WZaBHReSVnszin53P2yjG7lO76kZA6L5p94
K6zN
-----END CERTIFICATE-----
Generated at Thu May 8 15:24:19 2025 by rpki-client