Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/7e4ba7-f592-4eec-bcae-095d0bd2555f/1/GTwD5_3FlJNj72TAoGVVwg-xwQI.roa
File: GTwD5_3FlJNj72TAoGVVwg-xwQI.roa (raw, json)
Hash identifier: 9vf4d5aHNJDBnQpkZScrVYJAnlvnlXSZJpsAGYkPyOA=
Subject key identifier: 19:3C:03:E7:FD:C5:94:93:63:EF:64:C0:A0:65:55:C2:0F:B1:C1:02
Certificate issuer: /CN=6f20c1aae03c274f029428eea0a4424208d4f3ed
Certificate serial: 018B19EF013DB97CAAD9A9CE430C31EA20C6
Authority key identifier: 6F:20:C1:AA:E0:3C:27:4F:02:94:28:EE:A0:A4:42:42:08:D4:F3:ED
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/byDBquA8J08ClCjuoKRCQgjU8-0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/7e4ba7-f592-4eec-bcae-095d0bd2555f/1/GTwD5_3FlJNj72TAoGVVwg-xwQI.roa
Signing time: Tue 10 Oct 2023 14:12:55 +0000
ROA not before: Tue 10 Oct 2023 14:12:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 206602
IP address blocks: 185.245.144.0/24 maxlen: 24
185.245.145.0/24 maxlen: 24
185.245.144.0/22 maxlen: 22
185.245.146.0/24 maxlen: 24
185.245.147.0/24 maxlen: 24
2a12:bcc0:101::/48 maxlen: 48
2a12:bcc0:1::/48 maxlen: 48
2a12:bcc0::/29 maxlen: 29
2a12:bcc0:2::/48 maxlen: 48
2a12:bcc0:102::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:19:ef:01:3d:b9:7c:aa:d9:a9:ce:43:0c:31:ea:20:c6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6f20c1aae03c274f029428eea0a4424208d4f3ed
Validity
Not Before: Oct 10 14:12:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=193c03e7fdc5949363ef64c0a06555c20fb1c102
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:64:75:99:3d:d2:39:56:58:ef:c8:4f:22:40:
98:dd:9e:38:73:9e:2e:2b:45:d6:3b:a0:1a:1a:d9:
e5:59:54:57:ff:dd:d9:92:52:81:00:86:a7:da:4d:
62:c4:c4:2d:ed:00:ac:00:f5:de:f2:0b:01:85:c5:
ca:b1:b9:de:de:3e:8f:58:8c:eb:0e:12:dc:98:19:
cd:3e:6a:18:dc:b0:1e:9a:d5:4a:1c:30:13:ff:28:
9c:e1:d3:00:da:74:ba:ac:33:fe:f4:a0:06:eb:26:
c0:58:86:d7:ff:dd:0a:31:5a:1c:7b:d3:51:ac:57:
81:a2:99:6a:85:74:57:24:73:0c:d3:ec:60:a7:4d:
f2:d9:5e:d7:14:96:8e:89:a5:57:97:db:1d:b6:0b:
7b:82:d3:52:15:fb:20:65:4c:2e:19:5a:00:38:0f:
01:ec:3d:d4:fd:04:86:cb:0e:bd:c4:4c:69:32:db:
7e:8a:25:1c:2c:04:70:c4:3d:1e:87:ed:b8:e8:76:
48:49:36:2e:db:ae:40:aa:be:21:f2:3e:66:b9:a7:
57:83:55:7f:f3:fe:41:56:69:3b:b8:ed:d0:69:b0:
39:e1:63:f1:14:7f:b6:8d:31:f5:a5:8c:00:db:2e:
17:47:4a:a2:e2:bf:31:1f:c1:cf:58:e9:e9:81:60:
c2:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
19:3C:03:E7:FD:C5:94:93:63:EF:64:C0:A0:65:55:C2:0F:B1:C1:02
X509v3 Authority Key Identifier:
keyid:6F:20:C1:AA:E0:3C:27:4F:02:94:28:EE:A0:A4:42:42:08:D4:F3:ED
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/byDBquA8J08ClCjuoKRCQgjU8-0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/7e4ba7-f592-4eec-bcae-095d0bd2555f/1/GTwD5_3FlJNj72TAoGVVwg-xwQI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/7e4ba7-f592-4eec-bcae-095d0bd2555f/1/byDBquA8J08ClCjuoKRCQgjU8-0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.245.144.0/22
IPv6:
2a12:bcc0::/29
Signature Algorithm: sha256WithRSAEncryption
63:14:e0:c8:22:4f:76:bd:b5:2c:ac:ae:5b:41:43:66:01:3d:
36:12:dc:7b:b2:36:69:a8:fc:4e:b9:c2:42:0b:a8:e6:89:a9:
af:f0:d5:5b:c4:50:ce:05:23:ab:8e:fe:a5:d6:5c:4c:81:64:
19:56:28:02:24:78:41:a4:01:f0:f8:92:67:df:ed:23:34:ca:
58:31:50:76:7b:6c:59:2b:89:d5:42:a3:23:94:1d:c3:af:a3:
43:e6:00:40:9b:3c:f2:02:fa:61:31:39:96:b6:71:03:1f:3d:
e9:4b:bd:74:17:93:bf:aa:90:52:2d:8f:8f:59:8f:15:df:d4:
e9:0a:19:0f:c0:6b:21:95:c4:b2:86:2f:45:7a:e2:3f:40:28:
e8:9b:8d:95:d7:01:8e:a7:ba:32:f8:f5:a4:fa:2d:e4:f1:9f:
9c:c6:22:90:ed:e8:22:e5:0b:72:61:fb:59:fe:3f:ae:cc:96:
61:4d:e0:32:9c:a1:c7:c0:52:d5:33:ac:52:d5:3b:ca:ae:86:
47:2e:75:0d:9f:8e:56:a5:16:cf:74:41:e7:ff:aa:15:91:3e:
d0:95:f0:a4:32:70:c1:20:ec:9a:37:ea:c0:b9:fc:3e:a3:41:
62:16:65:c3:4a:34:ef:55:d3:4b:22:25:ea:6d:5e:49:c8:bf:
7c:0a:32:0e
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYsZ7wE9uXyq2anOQwwx6iDGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmMjBjMWFhZTAzYzI3NGYwMjk0MjhlZWEwYTQ0MjQyMDhk
NGYzZWQwHhcNMjMxMDEwMTQxMjU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxOTNjMDNlN2ZkYzU5NDkzNjNlZjY0YzBhMDY1NTVjMjBmYjFjMTAyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqGR1mT3SOVZY78hPIkCY3Z44c54u
K0XWO6AaGtnlWVRX/93ZklKBAIan2k1ixMQt7QCsAPXe8gsBhcXKsbne3j6PWIzr
DhLcmBnNPmoY3LAemtVKHDAT/yic4dMA2nS6rDP+9KAG6ybAWIbX/90KMVoce9NR
rFeBoplqhXRXJHMM0+xgp03y2V7XFJaOiaVXl9sdtgt7gtNSFfsgZUwuGVoAOA8B
7D3U/QSGyw69xExpMtt+iiUcLARwxD0eh+246HZISTYu265Aqr4h8j5muadXg1V/
8/5BVmk7uO3QabA54WPxFH+2jTH1pYwA2y4XR0qi4r8xH8HPWOnpgWDCRwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFBk8A+f9xZSTY+9kwKBlVcIPscECMB8GA1UdIwQY
MBaAFG8gwargPCdPApQo7qCkQkII1PPtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYnlEQnF1QThKMDhDbENqdW9LUkNRZ2pVOC0wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS83ZTRiYTctZjU5Mi00ZWVjLWJjYWUt
MDk1ZDBiZDI1NTVmLzEvR1R3RDVfM0ZsSk5qNzJUQW9HVlZ3Zy14d1FJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS83ZTRiYTctZjU5Mi00ZWVjLWJjYWUtMDk1ZDBiZDI1NTVm
LzEvYnlEQnF1QThKMDhDbENqdW9LUkNRZ2pVOC0wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCufWQMA0E
AgACMAcDBQMqErzAMA0GCSqGSIb3DQEBCwUAA4IBAQBjFODIIk92vbUsrK5bQUNm
AT02Etx7sjZpqPxOucJCC6jmiamv8NVbxFDOBSOrjv6l1lxMgWQZVigCJHhBpAHw
+JJn3+0jNMpYMVB2e2xZK4nVQqMjlB3Dr6ND5gBAmzzyAvphMTmWtnEDHz3pS710
F5O/qpBSLY+PWY8V39TpChkPwGshlcSyhi9FeuI/QCjom42V1wGOp7oy+PWk+i3k
8Z+cxiKQ7egi5QtyYftZ/j+uzJZhTeAynKHHwFLVM6xS1TvKroZHLnUNn45WpRbP
dEHn/6oVkT7QlfCkMnDBIOyaN+rAufw+o0FiFmXDSjTvVdNLIiXqbV5JyL98CjIO
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:16:22 2025 by rpki-client