Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d4/431105-67a2-49cb-b7e0-83ffc80073b2/1/1-GaGlIJzmmuKVmypwuOpBnKjF2w.roa
File: 1-GaGlIJzmmuKVmypwuOpBnKjF2w.roa (raw, json)
Hash identifier: al8G5AMIYDjxCsgjFLYM5W8EzwVzjD+OoYSZsf5Y2ws=
Subject key identifier: F8:66:86:94:82:73:9A:6B:8A:56:6C:A9:C2:E3:A9:06:72:A3:17:6C
Certificate issuer: /CN=ecbbf2ba5b32e42e8b6c03b836d764f975b5898f
Certificate serial: 018570C2CB9F67220CB3ED0A64BC92B31B36
Authority key identifier: EC:BB:F2:BA:5B:32:E4:2E:8B:6C:03:B8:36:D7:64:F9:75:B5:89:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7Lvyulsy5C6LbAO4Ntdk-XW1iY8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d4/431105-67a2-49cb-b7e0-83ffc80073b2/1/1-GaGlIJzmmuKVmypwuOpBnKjF2w.roa
Signing time: Mon 02 Jan 2023 04:34:52 +0000
ROA not before: Mon 02 Jan 2023 04:34:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 59456
IP address blocks: 185.71.136.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:c2:cb:9f:67:22:0c:b3:ed:0a:64:bc:92:b3:1b:36
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ecbbf2ba5b32e42e8b6c03b836d764f975b5898f
Validity
Not Before: Jan 2 04:34:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f866869482739a6b8a566ca9c2e3a90672a3176c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:ec:10:b9:6c:21:0f:7c:8d:40:f5:51:69:12:
38:61:8c:5a:92:e8:5f:26:e3:ab:6c:eb:e1:36:1e:
13:62:ad:dc:0f:39:91:44:58:cb:99:af:68:87:97:
c4:c5:9e:f6:b9:f6:d4:94:ec:7c:3a:c0:5c:9b:eb:
d1:bc:65:ab:80:9e:bf:31:8f:d1:84:6b:b3:43:06:
d4:54:99:cd:bf:b7:8c:e3:13:ab:3c:ff:27:c5:1e:
68:ea:2a:6b:10:fb:33:1d:e9:3f:64:33:8f:51:00:
c5:6e:b4:81:7c:3f:9f:82:66:60:66:c2:5b:98:58:
84:4d:99:1a:cf:ac:89:7d:84:5b:96:59:15:22:f6:
80:85:a0:24:3a:27:7b:7b:a6:2b:f3:16:35:80:0b:
31:94:ba:41:45:c4:fc:0a:06:1a:eb:aa:6e:43:e1:
59:28:95:e4:f7:17:53:56:f3:9f:ff:f8:7c:35:51:
ae:2d:ef:43:50:b0:7b:ca:95:29:42:a2:9f:76:03:
76:3b:e7:cc:8f:32:27:b2:c7:30:32:8a:90:dd:1c:
87:86:25:7e:3f:bd:9a:6b:38:8e:e7:59:96:17:88:
42:c1:e5:0d:39:fd:e0:c5:73:33:b8:75:5f:9e:c8:
e4:b8:c7:fa:83:3d:f9:f2:9c:29:77:61:ce:59:16:
49:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F8:66:86:94:82:73:9A:6B:8A:56:6C:A9:C2:E3:A9:06:72:A3:17:6C
X509v3 Authority Key Identifier:
keyid:EC:BB:F2:BA:5B:32:E4:2E:8B:6C:03:B8:36:D7:64:F9:75:B5:89:8F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7Lvyulsy5C6LbAO4Ntdk-XW1iY8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/431105-67a2-49cb-b7e0-83ffc80073b2/1/1-GaGlIJzmmuKVmypwuOpBnKjF2w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/431105-67a2-49cb-b7e0-83ffc80073b2/1/7Lvyulsy5C6LbAO4Ntdk-XW1iY8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.71.136.0/24
Signature Algorithm: sha256WithRSAEncryption
34:77:e7:cc:ea:ca:53:18:ee:e9:88:69:de:67:21:b3:33:5c:
bb:ad:3c:e0:e7:72:84:93:e1:36:5c:81:d7:f7:7b:12:4d:db:
5f:1b:f3:e7:ad:84:fe:5f:de:29:86:0e:78:4c:56:d1:6c:32:
06:7e:42:d6:3d:d4:08:be:bc:0d:5d:23:dc:7e:d2:5f:f8:83:
2f:93:b8:78:0a:66:b0:4c:af:77:ef:25:dc:89:f2:6e:ac:ee:
ac:65:c2:cf:9f:1a:af:3f:f4:a8:60:b8:14:46:5f:16:6b:05:
c2:13:21:44:c8:55:b1:88:f1:00:08:5e:08:74:54:79:b5:5a:
00:5a:ab:47:21:0d:be:76:91:6f:f2:80:9c:c2:50:9e:3a:00:
9a:bb:3d:81:fe:5b:b2:e3:22:e5:0e:b5:34:a6:23:bc:17:a9:
73:29:98:e3:fc:be:57:49:f8:ed:b3:72:b3:99:31:55:df:38:
3b:0d:8e:7f:62:ce:93:eb:06:b7:20:cc:23:18:ae:31:86:95:
4c:b8:e6:d4:de:97:da:3c:a8:e2:e0:b3:34:be:41:6d:93:f2:
69:d2:46:42:82:7f:b3:9a:55:2c:83:ff:18:1c:0f:2a:63:0a:
03:cf:41:f6:4d:d8:ca:a2:2c:1c:cf:2d:ca:14:a1:6c:0a:28:
aa:82:05:95
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYVwwsufZyIMs+0KZLySsxs2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVjYmJmMmJhNWIzMmU0MmU4YjZjMDNiODM2ZDc2NGY5NzVi
NTg5OGYwHhcNMjMwMTAyMDQzNDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmODY2ODY5NDgyNzM5YTZiOGE1NjZjYTljMmUzYTkwNjcyYTMxNzZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi+wQuWwhD3yNQPVRaRI4YYxakuhf
JuOrbOvhNh4TYq3cDzmRRFjLma9oh5fExZ72ufbUlOx8OsBcm+vRvGWrgJ6/MY/R
hGuzQwbUVJnNv7eM4xOrPP8nxR5o6iprEPszHek/ZDOPUQDFbrSBfD+fgmZgZsJb
mFiETZkaz6yJfYRbllkVIvaAhaAkOid7e6Yr8xY1gAsxlLpBRcT8CgYa66puQ+FZ
KJXk9xdTVvOf//h8NVGuLe9DULB7ypUpQqKfdgN2O+fMjzInsscwMoqQ3RyHhiV+
P72aaziO51mWF4hCweUNOf3gxXMzuHVfnsjkuMf6gz358pwpd2HOWRZJwwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFPhmhpSCc5prilZsqcLjqQZyoxdsMB8GA1UdIwQY
MBaAFOy78rpbMuQui2wDuDbXZPl1tYmPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN0x2eXVsc3k1QzZMYkFPNE50ZGstWFcxaVk4LmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNC80MzExMDUtNjdhMi00OWNiLWI3ZTAt
ODNmZmM4MDA3M2IyLzEvMS1HYUdsSUp6bW11S1ZteXB3dU9wQm5LakYydy5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvZDQvNDMxMTA1LTY3YTItNDljYi1iN2UwLTgzZmZjODAwNzNi
Mi8xLzdMdnl1bHN5NUM2TGJBTzROdGRrLVhXMWlZOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEALlHiDAN
BgkqhkiG9w0BAQsFAAOCAQEANHfnzOrKUxju6Yhp3mchszNcu6084OdyhJPhNlyB
1/d7Ek3bXxvz562E/l/eKYYOeExW0WwyBn5C1j3UCL68DV0j3H7SX/iDL5O4eApm
sEyvd+8l3InybqzurGXCz58arz/0qGC4FEZfFmsFwhMhRMhVsYjxAAheCHRUebVa
AFqrRyENvnaRb/KAnMJQnjoAmrs9gf5bsuMi5Q61NKYjvBepcymY4/y+V0n47bNy
s5kxVd84Ow2Of2LOk+sGtyDMIxiuMYaVTLjm1N6X2jyo4uCzNL5BbZPyadJGQoJ/
s5pVLIP/GBwPKmMKA89B9k3YyqIsHM8tyhShbAooqoIFlQ==
-----END CERTIFICATE-----
Generated at Fri May 16 05:06:41 2025 by rpki-client