Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d1/b113c4-7cf1-411c-873b-2883f88a86ec/1/hGQ1Vjw8xuoPL9lXx9guyAE2Cuk.roa
File: hGQ1Vjw8xuoPL9lXx9guyAE2Cuk.roa (raw, json)
Hash identifier: 06F18Te9zsXTQdwhWl0i6Vo689sP/3aVnkIF/akRsIw=
Subject key identifier: 84:64:35:56:3C:3C:C6:EA:0F:2F:D9:57:C7:D8:2E:C8:01:36:0A:E9
Certificate issuer: /CN=d7061ee87f5b55f1903a2b3704eba0944ab0c5ac
Certificate serial: 01856C4130B2DD608D83CD44376D01D4E303
Authority key identifier: D7:06:1E:E8:7F:5B:55:F1:90:3A:2B:37:04:EB:A0:94:4A:B0:C5:AC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1wYe6H9bVfGQOis3BOuglEqwxaw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d1/b113c4-7cf1-411c-873b-2883f88a86ec/1/hGQ1Vjw8xuoPL9lXx9guyAE2Cuk.roa
Signing time: Sun 01 Jan 2023 07:34:49 +0000
ROA not before: Sun 01 Jan 2023 07:34:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 57201
IP address blocks: 188.0.48.0/20 maxlen: 20
2001:67c:23d4::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:41:30:b2:dd:60:8d:83:cd:44:37:6d:01:d4:e3:03
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d7061ee87f5b55f1903a2b3704eba0944ab0c5ac
Validity
Not Before: Jan 1 07:34:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=846435563c3cc6ea0f2fd957c7d82ec801360ae9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:76:3a:5e:fd:77:aa:b7:1b:20:af:3e:4c:04:
a0:02:28:ef:98:c0:62:a8:9f:2f:41:6b:18:2b:1c:
c2:3d:9c:ff:f4:a6:4d:d1:48:9f:90:16:b7:7d:8c:
fb:d3:6a:67:0a:81:75:d1:ea:a0:f2:39:aa:b4:01:
20:53:c2:5f:bb:e2:af:6a:53:2f:11:66:71:7b:7e:
5a:65:4f:a4:18:1e:84:98:b7:f7:b4:24:82:46:6f:
51:76:5c:3d:25:f4:bf:5b:a6:dd:50:f1:ae:f0:18:
e3:93:a9:4e:f6:dc:72:b5:85:35:b2:bd:ca:61:ce:
42:76:6d:39:5b:af:16:e5:ef:ec:65:83:38:f2:31:
7b:4f:af:53:2b:96:34:4e:7b:1a:47:93:4e:fa:c5:
1b:a0:b4:eb:8e:8e:cc:84:7e:2c:f3:18:b7:0b:26:
73:33:86:7c:a9:f2:d5:c0:7f:d5:b9:3d:c6:94:01:
d7:85:c7:22:20:b0:13:c6:2e:5a:2c:61:eb:0c:50:
7e:24:20:77:49:13:e9:52:51:2c:52:60:4b:da:16:
76:38:b7:b6:8d:48:0f:33:ec:4c:68:69:2a:de:7d:
0c:d9:ea:0a:84:5d:8b:6e:f7:9b:ba:88:5f:f3:13:
c9:cd:d7:08:66:98:cd:99:32:c7:86:17:e9:02:cf:
3d:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:64:35:56:3C:3C:C6:EA:0F:2F:D9:57:C7:D8:2E:C8:01:36:0A:E9
X509v3 Authority Key Identifier:
keyid:D7:06:1E:E8:7F:5B:55:F1:90:3A:2B:37:04:EB:A0:94:4A:B0:C5:AC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1wYe6H9bVfGQOis3BOuglEqwxaw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/b113c4-7cf1-411c-873b-2883f88a86ec/1/hGQ1Vjw8xuoPL9lXx9guyAE2Cuk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/b113c4-7cf1-411c-873b-2883f88a86ec/1/1wYe6H9bVfGQOis3BOuglEqwxaw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.0.48.0/20
IPv6:
2001:67c:23d4::/48
Signature Algorithm: sha256WithRSAEncryption
88:f3:5b:5f:c7:26:b0:8b:1f:b7:6d:fe:68:ab:13:aa:7d:8b:
77:b2:d0:aa:6d:be:98:a0:dc:f5:49:b0:a3:5b:42:24:c1:fb:
17:0e:b0:6f:f4:3e:e7:55:4f:9d:b1:10:65:a6:75:0c:c9:6d:
d0:7c:cc:cd:18:e5:04:f8:3e:70:46:49:fd:68:21:ad:ff:e5:
d5:af:28:f9:08:59:57:56:30:62:86:44:97:53:b1:9b:0f:2e:
36:83:72:a5:81:25:9c:ce:92:25:c5:f3:05:c8:d1:9a:96:8b:
37:c3:00:03:a2:17:64:46:02:ba:7f:d7:ff:dc:91:08:62:14:
64:d2:83:6f:89:b1:1a:eb:e1:f4:4b:c5:f6:a4:4a:3c:95:d7:
d3:f7:c9:38:6e:46:79:f4:3a:01:de:4a:51:2e:48:6a:50:0a:
b2:df:c5:7a:b1:79:d3:b0:46:6e:3e:6b:9a:cd:be:49:a5:43:
30:26:3f:b9:e9:13:de:ac:b9:a6:9e:91:9a:86:a0:21:3c:4e:
dc:c4:e6:5e:11:9c:90:b8:1f:cb:77:5a:be:ce:b0:16:d2:36:
cd:ae:a6:96:6d:0b:0c:8c:42:06:9a:a7:62:82:42:33:4f:82:
1a:51:b3:c5:a4:8e:77:9b:93:49:ba:ef:b6:07:1b:27:6f:fe:
0b:33:2f:b8
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYVsQTCy3WCNg81EN20B1OMDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ3MDYxZWU4N2Y1YjU1ZjE5MDNhMmIzNzA0ZWJhMDk0NGFi
MGM1YWMwHhcNMjMwMTAxMDczNDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NDY0MzU1NjNjM2NjNmVhMGYyZmQ5NTdjN2Q4MmVjODAxMzYwYWU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiXY6Xv13qrcbIK8+TASgAijvmMBi
qJ8vQWsYKxzCPZz/9KZN0UifkBa3fYz702pnCoF10eqg8jmqtAEgU8Jfu+KvalMv
EWZxe35aZU+kGB6EmLf3tCSCRm9Rdlw9JfS/W6bdUPGu8Bjjk6lO9txytYU1sr3K
Yc5Cdm05W68W5e/sZYM48jF7T69TK5Y0TnsaR5NO+sUboLTrjo7MhH4s8xi3CyZz
M4Z8qfLVwH/VuT3GlAHXhcciILATxi5aLGHrDFB+JCB3SRPpUlEsUmBL2hZ2OLe2
jUgPM+xMaGkq3n0M2eoKhF2Lbvebuohf8xPJzdcIZpjNmTLHhhfpAs89tQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFIRkNVY8PMbqDy/ZV8fYLsgBNgrpMB8GA1UdIwQY
MBaAFNcGHuh/W1XxkDorNwTroJRKsMWsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMXdZZTZIOWJWZkdRT2lzM0JPdWdsRXF3eGF3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMS9iMTEzYzQtN2NmMS00MTFjLTg3M2It
Mjg4M2Y4OGE4NmVjLzEvaEdRMVZqdzh4dW9QTDlsWHg5Z3V5QUUyQ3VrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMS9iMTEzYzQtN2NmMS00MTFjLTg3M2ItMjg4M2Y4OGE4NmVj
LzEvMXdZZTZIOWJWZkdRT2lzM0JPdWdsRXF3eGF3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQEvAAwMA8E
AgACMAkDBwAgAQZ8I9QwDQYJKoZIhvcNAQELBQADggEBAIjzW1/HJrCLH7dt/mir
E6p9i3ey0Kptvpig3PVJsKNbQiTB+xcOsG/0PudVT52xEGWmdQzJbdB8zM0Y5QT4
PnBGSf1oIa3/5dWvKPkIWVdWMGKGRJdTsZsPLjaDcqWBJZzOkiXF8wXI0ZqWizfD
AAOiF2RGArp/1//ckQhiFGTSg2+JsRrr4fRLxfakSjyV19P3yThuRnn0OgHeSlEu
SGpQCrLfxXqxedOwRm4+a5rNvkmlQzAmP7npE96suaaekZqGoCE8TtzE5l4RnJC4
H8t3Wr7OsBbSNs2uppZtCwyMQgaap2KCQjNPghpRs8Wkjnebk0m677YHGydv/gsz
L7g=
-----END CERTIFICATE-----
Generated at Wed May 14 22:02:58 2025 by rpki-client