Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/bb9947-172c-48b1-be8e-4c905adbf076/1/giNaFxkLbTDGR6vqWs9Xx6ylaA0.roa
File: giNaFxkLbTDGR6vqWs9Xx6ylaA0.roa (raw, json)
Hash identifier: INuHw96zsGYmQm733oPRdsyjcpJQQBRY9Kw5794sj44=
Subject key identifier: 82:23:5A:17:19:0B:6D:30:C6:47:AB:EA:5A:CF:57:C7:AC:A5:68:0D
Certificate issuer: /CN=4345d0773c7ade08d44819e3b611bd297a3989d3
Certificate serial: 03B352E9
Authority key identifier: 43:45:D0:77:3C:7A:DE:08:D4:48:19:E3:B6:11:BD:29:7A:39:89:D3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Q0XQdzx63gjUSBnjthG9KXo5idM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/bb9947-172c-48b1-be8e-4c905adbf076/1/giNaFxkLbTDGR6vqWs9Xx6ylaA0.roa
Signing time: Sat 01 Jan 2022 03:02:45 +0000
ROA not before: Sat 01 Jan 2022 03:02:45 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 61430
IP address blocks: 185.237.210.0/24 maxlen: 24
185.237.208.0/23 maxlen: 23
185.126.101.0/24 maxlen: 24
185.126.100.0/22 maxlen: 22
185.126.100.0/24 maxlen: 24
185.126.103.0/24 maxlen: 24
185.126.102.0/24 maxlen: 24
91.213.252.0/24 maxlen: 24
91.228.191.0/24 maxlen: 24
91.228.190.0/23 maxlen: 23
91.228.190.0/24 maxlen: 24
2a06:c040::/32 maxlen: 32
2a06:c041::/32 maxlen: 32
2001:67c:1944::/48 maxlen: 48
2001:67c:2ad4::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 62083817 (0x3b352e9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4345d0773c7ade08d44819e3b611bd297a3989d3
Validity
Not Before: Jan 1 03:02:45 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=82235a17190b6d30c647abea5acf57c7aca5680d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:dd:9a:7d:a6:6d:37:72:36:f1:b5:49:6f:b5:
10:d2:ee:f6:8b:ee:c8:0d:67:95:7c:e7:a3:3d:4d:
29:81:ce:11:29:f5:7f:38:d8:3f:cf:e3:16:93:d7:
2f:13:23:ca:11:45:16:5f:02:56:f7:03:25:3c:8f:
b9:5b:45:5e:ea:d1:c1:06:44:f6:31:66:75:77:18:
67:ea:4f:5f:a6:af:fd:1f:e4:56:2d:a5:a5:08:4e:
b2:1b:ae:02:df:6e:b4:c6:22:c6:35:4a:4a:ea:eb:
7f:41:f2:b9:48:a9:f8:62:ad:f5:ee:db:1d:2d:fc:
0b:85:92:99:b3:21:7d:6a:08:ff:2a:6b:b0:76:7a:
b6:20:ed:c5:e5:2a:49:be:6f:e0:55:f4:04:9c:75:
c5:0f:80:e1:e1:9d:30:4d:56:dd:f9:c8:d0:a0:66:
10:e4:00:ac:e7:bb:59:c6:fc:fe:02:89:de:56:d5:
8b:40:96:46:c5:f7:de:f9:1c:c6:47:5c:27:0f:68:
9c:8c:de:94:6a:47:04:41:19:ed:a2:b1:88:14:90:
3c:4d:96:c4:70:fe:e0:c9:13:76:d2:e4:17:ad:6d:
be:48:48:03:95:29:30:b7:fe:2f:ba:c8:a5:c9:74:
2c:fa:ab:0f:82:7a:fc:44:2b:cb:ea:33:df:22:4b:
95:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
82:23:5A:17:19:0B:6D:30:C6:47:AB:EA:5A:CF:57:C7:AC:A5:68:0D
X509v3 Authority Key Identifier:
keyid:43:45:D0:77:3C:7A:DE:08:D4:48:19:E3:B6:11:BD:29:7A:39:89:D3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Q0XQdzx63gjUSBnjthG9KXo5idM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/bb9947-172c-48b1-be8e-4c905adbf076/1/giNaFxkLbTDGR6vqWs9Xx6ylaA0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/bb9947-172c-48b1-be8e-4c905adbf076/1/Q0XQdzx63gjUSBnjthG9KXo5idM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.213.252.0/24
91.228.190.0/23
185.126.100.0/22
185.237.208.0-185.237.210.255
IPv6:
2001:67c:1944::/48
2001:67c:2ad4::/48
2a06:c040::/31
Signature Algorithm: sha256WithRSAEncryption
7e:9d:88:a2:80:03:aa:f0:87:50:6a:01:20:f1:ca:38:ee:d3:
ce:62:68:04:29:51:0a:9c:01:26:d3:32:e4:4d:18:bb:bb:da:
29:42:ea:f5:44:c1:d4:17:5c:3f:77:0a:f8:e6:d6:94:84:3c:
23:11:e2:3b:47:68:28:51:57:ac:4e:69:b3:d3:4d:a2:24:ef:
ed:61:ae:c5:ef:0b:ba:a9:cc:ca:3f:71:5e:ed:bf:ae:2c:5d:
72:84:da:f3:a1:70:02:e2:26:de:65:12:31:00:68:0f:9e:68:
23:6d:3a:bb:a3:fd:a8:ec:d0:bc:01:ff:29:59:de:b2:ff:05:
0a:bb:ce:5a:f8:6f:35:cb:ce:bd:93:54:13:40:35:f6:14:2d:
df:12:32:1d:2c:dd:fa:d8:b7:9f:2e:51:e1:22:7c:42:48:9a:
07:7a:ba:c5:f2:75:b7:06:e2:0c:f7:81:f3:42:2c:9c:7d:57:
29:db:db:2a:8f:b7:3c:e1:99:1f:f1:8a:4a:3a:62:9b:95:7b:
54:97:18:b3:55:cd:2b:7d:a9:b3:0e:bc:ed:d8:1e:de:59:aa:
94:dd:32:5c:96:0c:d2:78:c5:11:82:db:e6:ba:12:04:19:b6:
e1:7d:6a:4f:53:2b:8d:e4:37:0b:16:3e:6c:20:f9:f9:77:5a:
51:37:27:42
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgIEA7NS6TANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0
MzQ1ZDA3NzNjN2FkZTA4ZDQ0ODE5ZTNiNjExYmQyOTdhMzk4OWQzMB4XDTIyMDEw
MTAzMDI0NVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoODIyMzVhMTcxOTBi
NmQzMGM2NDdhYmVhNWFjZjU3YzdhY2E1NjgwZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAIzdmn2mbTdyNvG1SW+1ENLu9ovuyA1nlXznoz1NKYHOESn1
fzjYP8/jFpPXLxMjyhFFFl8CVvcDJTyPuVtFXurRwQZE9jFmdXcYZ+pPX6av/R/k
Vi2lpQhOshuuAt9utMYixjVKSurrf0HyuUip+GKt9e7bHS38C4WSmbMhfWoI/ypr
sHZ6tiDtxeUqSb5v4FX0BJx1xQ+A4eGdME1W3fnI0KBmEOQArOe7Wcb8/gKJ3lbV
i0CWRsX33vkcxkdcJw9onIzelGpHBEEZ7aKxiBSQPE2WxHD+4MkTdtLkF61tvkhI
A5UpMLf+L7rIpcl0LPqrD4J6/EQry+oz3yJLlf8CAwEAAaOCAkQwggJAMB0GA1Ud
DgQWBBSCI1oXGQttMMZHq+paz1fHrKVoDTAfBgNVHSMEGDAWgBRDRdB3PHreCNRI
GeO2Eb0pejmJ0zAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1EwWFFkeng2M2dqVVNCbmp0aEc5S1hvNWlkTS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvODAvYmI5OTQ3LTE3MmMtNDhiMS1iZThlLTRjOTA1YWRiZjA3Ni8x
L2dpTmFGeGtMYlRER1I2dnFXczlYeDZ5bGFBMC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvODAv
YmI5OTQ3LTE3MmMtNDhiMS1iZThlLTRjOTA1YWRiZjA3Ni8xL1EwWFFkeng2M2dq
VVNCbmp0aEc5S1hvNWlkTS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBa
BggrBgEFBQcBBwEB/wRLMEkwJgQCAAEwIAMEAFvV/AMEAVvkvgMEArl+ZDAMAwQE
ue3QAwQAue3SMB8EAgACMBkDBwAgAQZ8GUQDBwAgAQZ8KtQDBQEqBsBAMA0GCSqG
SIb3DQEBCwUAA4IBAQB+nYiigAOq8IdQagEg8co47tPOYmgEKVEKnAEm0zLkTRi7
u9opQur1RMHUF1w/dwr45taUhDwjEeI7R2goUVesTmmz002iJO/tYa7F7wu6qczK
P3Fe7b+uLF1yhNrzoXAC4ibeZRIxAGgPnmgjbTq7o/2o7NC8Af8pWd6y/wUKu85a
+G81y869k1QTQDX2FC3fEjIdLN362LefLlHhInxCSJoHerrF8nW3BuIM94HzQiyc
fVcp29sqj7c84Zkf8YpKOmKblXtUlxizVc0rfamzDrzt2B7eWaqU3TJclgzSeMUR
gtvmuhIEGbbhfWpPUyuN5DcLFj5sIPn5d1pRNydC
-----END CERTIFICATE-----
Generated at Sun Apr 27 22:05:59 2025 by rpki-client