Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/02c568-91ee-485d-99a2-59bce319c1cb/1/gCz4TkfbDYmD4BfeWCcE841CKT0.roa
File: gCz4TkfbDYmD4BfeWCcE841CKT0.roa (raw, json)
Hash identifier: EasRqI/mw1t76oHdvtHMWg+1OiSiBcNWLOR6wUnzHY8=
Subject key identifier: 80:2C:F8:4E:47:DB:0D:89:83:E0:17:DE:58:27:04:F3:8D:42:29:3D
Certificate issuer: /CN=522107ed07b5ac0d8269d7229d9fd2ca0e32658b
Certificate serial: 03EB1EF9
Authority key identifier: 52:21:07:ED:07:B5:AC:0D:82:69:D7:22:9D:9F:D2:CA:0E:32:65:8B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UiEH7Qe1rA2CadcinZ_Syg4yZYs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/02c568-91ee-485d-99a2-59bce319c1cb/1/gCz4TkfbDYmD4BfeWCcE841CKT0.roa
Signing time: Sat 01 Jan 2022 09:55:51 +0000
ROA not before: Sat 01 Jan 2022 09:55:51 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 200645
IP address blocks: 185.177.156.0/22 maxlen: 22
185.100.44.0/22 maxlen: 22
185.174.200.0/22 maxlen: 22
185.117.136.0/22 maxlen: 22
185.179.220.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 65740537 (0x3eb1ef9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=522107ed07b5ac0d8269d7229d9fd2ca0e32658b
Validity
Not Before: Jan 1 09:55:51 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=802cf84e47db0d8983e017de582704f38d42293d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:85:bc:f1:59:a3:0f:0a:2e:8c:ab:e0:b8:49:
71:d1:37:12:d1:c1:9e:b7:cb:93:0b:50:1f:76:55:
58:55:0c:47:45:17:06:c5:4a:18:7d:62:85:47:67:
23:f1:74:33:36:7a:21:91:86:28:c3:88:52:d6:37:
93:ab:8d:0e:d2:54:a7:47:ca:40:05:f3:9c:56:ed:
01:1f:5d:f2:c0:04:ac:4a:c4:4b:f0:ce:02:bf:cf:
c0:dc:75:53:48:d9:f3:bc:1b:1f:24:09:84:10:2d:
4c:34:12:22:09:a1:75:9d:46:fc:27:b9:1a:66:4c:
88:8e:12:1f:42:41:a6:9a:eb:39:8f:a0:f5:4a:ed:
f2:d6:15:1c:f7:ce:42:8f:fc:7a:ed:ac:24:53:3f:
e8:c7:b1:c1:eb:d8:74:83:ef:45:6f:47:ee:74:76:
94:2a:7a:bf:75:63:d7:3b:e5:c9:bf:b6:c7:54:c7:
05:15:22:7d:5d:18:e2:ec:20:3b:f2:98:a6:a4:0d:
2c:a1:84:56:b7:4a:e7:e0:7f:15:ce:62:05:19:2c:
40:98:0a:a9:28:03:80:e3:72:ff:1c:a8:c1:2f:d6:
95:e1:e1:0b:3c:73:7f:79:ad:e3:4c:0d:22:25:d3:
2e:99:37:3d:34:98:24:c3:3a:09:f7:fa:e9:2c:10:
a9:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
80:2C:F8:4E:47:DB:0D:89:83:E0:17:DE:58:27:04:F3:8D:42:29:3D
X509v3 Authority Key Identifier:
keyid:52:21:07:ED:07:B5:AC:0D:82:69:D7:22:9D:9F:D2:CA:0E:32:65:8B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UiEH7Qe1rA2CadcinZ_Syg4yZYs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/02c568-91ee-485d-99a2-59bce319c1cb/1/gCz4TkfbDYmD4BfeWCcE841CKT0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/02c568-91ee-485d-99a2-59bce319c1cb/1/UiEH7Qe1rA2CadcinZ_Syg4yZYs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.100.44.0/22
185.117.136.0/22
185.174.200.0/22
185.177.156.0/22
185.179.220.0/22
Signature Algorithm: sha256WithRSAEncryption
1e:14:00:e4:01:b5:a6:16:09:28:fa:8d:75:50:f0:4d:17:f5:
17:75:e4:9d:ac:4d:a3:e4:32:82:82:ce:66:c5:79:51:b1:1e:
33:ad:f8:2c:4f:23:ed:4c:5e:0c:f3:6d:61:76:d4:03:1e:ed:
cc:35:5f:24:46:7a:a0:26:f0:5e:cc:4f:14:cf:dd:70:13:05:
36:01:31:49:b3:8e:e1:be:2f:da:02:ba:a4:e5:27:81:fb:08:
6c:22:8b:91:06:1f:ac:c9:9f:92:0e:e0:5b:1b:a6:8e:c0:7b:
1b:0f:e5:90:0b:04:61:30:c6:e4:82:fe:f1:65:d6:b2:ca:8a:
5a:dd:4a:2c:3c:c4:98:ee:ba:80:b3:a8:3f:45:f8:4d:c6:87:
57:fd:9b:8a:c7:9e:57:00:52:7e:c7:43:96:ba:2b:83:a2:95:
e4:6a:1a:d5:ef:8f:30:df:5d:7a:fb:ed:11:e2:47:e2:a7:62:
b7:03:bc:98:d9:f3:2a:47:62:a2:44:82:0f:d5:6b:ea:49:81:
bc:56:cc:b8:cb:7e:2d:78:5b:9c:44:f6:cb:7b:0e:de:86:e3:
f7:ab:68:99:22:a6:65:12:ab:74:de:b7:e4:a4:34:a5:be:13:
fe:9d:ee:6a:ab:1d:ed:7b:10:af:40:7b:56:62:48:7c:35:c8:
cf:19:bf:13
-----BEGIN CERTIFICATE-----
MIIFBzCCA++gAwIBAgIEA+se+TANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg1
MjIxMDdlZDA3YjVhYzBkODI2OWQ3MjI5ZDlmZDJjYTBlMzI2NThiMB4XDTIyMDEw
MTA5NTU1MVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoODAyY2Y4NGU0N2Ri
MGQ4OTgzZTAxN2RlNTgyNzA0ZjM4ZDQyMjkzZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAN2FvPFZow8KLoyr4LhJcdE3EtHBnrfLkwtQH3ZVWFUMR0UX
BsVKGH1ihUdnI/F0MzZ6IZGGKMOIUtY3k6uNDtJUp0fKQAXznFbtAR9d8sAErErE
S/DOAr/PwNx1U0jZ87wbHyQJhBAtTDQSIgmhdZ1G/Ce5GmZMiI4SH0JBpprrOY+g
9Urt8tYVHPfOQo/8eu2sJFM/6MexwevYdIPvRW9H7nR2lCp6v3Vj1zvlyb+2x1TH
BRUifV0Y4uwgO/KYpqQNLKGEVrdK5+B/Fc5iBRksQJgKqSgDgONy/xyowS/WleHh
Czxzf3mt40wNIiXTLpk3PTSYJMM6Cff66SwQqQMCAwEAAaOCAiEwggIdMB0GA1Ud
DgQWBBSALPhOR9sNiYPgF95YJwTzjUIpPTAfBgNVHSMEGDAWgBRSIQftB7WsDYJp
1yKdn9LKDjJlizAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1VpRUg3UWUxckEyQ2FkY2luWl9TeWc0eVpZcy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMmIvMDJjNTY4LTkxZWUtNDg1ZC05OWEyLTU5YmNlMzE5YzFjYi8x
L2dDejRUa2ZiRFltRDRCZmVXQ2NFODQxQ0tUMC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMmIv
MDJjNTY4LTkxZWUtNDg1ZC05OWEyLTU5YmNlMzE5YzFjYi8xL1VpRUg3UWUxckEy
Q2FkY2luWl9TeWc0eVpZcy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA3
BggrBgEFBQcBBwEB/wQoMCYwJAQCAAEwHgMEArlkLAMEArl1iAMEArmuyAMEArmx
nAMEArmz3DANBgkqhkiG9w0BAQsFAAOCAQEAHhQA5AG1phYJKPqNdVDwTRf1F3Xk
naxNo+QygoLOZsV5UbEeM634LE8j7UxeDPNtYXbUAx7tzDVfJEZ6oCbwXsxPFM/d
cBMFNgExSbOO4b4v2gK6pOUngfsIbCKLkQYfrMmfkg7gWxumjsB7Gw/lkAsEYTDG
5IL+8WXWssqKWt1KLDzEmO66gLOoP0X4TcaHV/2biseeVwBSfsdDlrorg6KV5Goa
1e+PMN9devvtEeJH4qditwO8mNnzKkdiokSCD9Vr6kmBvFbMuMt+LXhbnET2y3sO
3obj96tomSKmZRKrdN635KQ0pb4T/p3uaqsd7XsQr0B7VmJIfDXIzxm/Ew==
-----END CERTIFICATE-----
Generated at Sun Apr 20 18:54:27 2025 by rpki-client