Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3e/1a43f0-c027-4fdc-8515-45f496f2fe75/1/GkwODB11IgHuYTEsVhU0jvl5040.roa
File: GkwODB11IgHuYTEsVhU0jvl5040.roa (raw, json)
Hash identifier: W2oW645hm4QaqyOsRAhr/ESva8K7J50HopfZ2xZXzRE=
Subject key identifier: 1A:4C:0E:0C:1D:75:22:01:EE:61:31:2C:56:15:34:8E:F9:79:D3:8D
Certificate issuer: /CN=46eb11af9355da9a2b5df73ecdd7fd0967a4b58c
Certificate serial: 01856C65CC1E08520138BD58CBA34C729D58
Authority key identifier: 46:EB:11:AF:93:55:DA:9A:2B:5D:F7:3E:CD:D7:FD:09:67:A4:B5:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RusRr5NV2porXfc-zdf9CWektYw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3e/1a43f0-c027-4fdc-8515-45f496f2fe75/1/GkwODB11IgHuYTEsVhU0jvl5040.roa
Signing time: Sun 01 Jan 2023 08:14:48 +0000
ROA not before: Sun 01 Jan 2023 08:14:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 16019
IP address blocks: 185.99.176.0/22 maxlen: 22
185.241.220.0/22 maxlen: 32
2a0c:b180::/29 maxlen: 48
2a00:8e80::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:65:cc:1e:08:52:01:38:bd:58:cb:a3:4c:72:9d:58
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=46eb11af9355da9a2b5df73ecdd7fd0967a4b58c
Validity
Not Before: Jan 1 08:14:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1a4c0e0c1d752201ee61312c5615348ef979d38d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:b5:9e:2c:c2:92:a9:d3:fd:bf:b8:f1:86:bf:
91:21:fd:91:99:43:df:76:01:d0:b7:d8:51:25:3d:
3f:7a:6a:11:b3:ed:42:12:3e:d9:99:f4:ef:b3:e4:
3d:e2:c3:9f:5d:11:b5:f3:a7:74:3f:ed:cc:ac:4f:
a8:c0:77:71:82:c1:73:12:8d:d5:4a:82:0c:1b:09:
70:8a:f4:66:24:39:ed:c1:c9:fc:03:1e:bf:71:39:
54:ac:24:b4:a8:63:82:06:bb:4a:d2:65:67:69:1c:
36:3a:06:6a:44:7e:f9:1b:c0:be:c3:a8:e0:49:b8:
4d:67:99:f1:a2:02:9a:e6:50:30:ce:8b:d2:94:16:
e7:58:0c:b0:00:5e:f0:43:45:a8:63:9d:f5:a1:f4:
eb:ca:f9:4e:0c:5d:69:d9:c4:97:5d:b2:5c:6c:7c:
65:79:93:fc:fd:74:c0:de:5f:d2:6d:29:ef:10:79:
b8:fa:c1:18:ab:c8:1b:e4:78:d8:a4:70:9c:9b:86:
1f:ac:51:96:97:0b:76:a9:65:4c:d0:79:53:77:77:
60:8e:f5:dc:34:55:eb:20:b9:ef:0d:cb:82:06:35:
23:04:02:e4:0a:76:19:4a:62:27:d1:44:ec:35:07:
4e:30:f3:46:68:a0:ed:56:97:12:f2:e1:72:b0:19:
f2:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1A:4C:0E:0C:1D:75:22:01:EE:61:31:2C:56:15:34:8E:F9:79:D3:8D
X509v3 Authority Key Identifier:
keyid:46:EB:11:AF:93:55:DA:9A:2B:5D:F7:3E:CD:D7:FD:09:67:A4:B5:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RusRr5NV2porXfc-zdf9CWektYw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/1a43f0-c027-4fdc-8515-45f496f2fe75/1/GkwODB11IgHuYTEsVhU0jvl5040.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/1a43f0-c027-4fdc-8515-45f496f2fe75/1/RusRr5NV2porXfc-zdf9CWektYw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.99.176.0/22
185.241.220.0/22
IPv6:
2a00:8e80::/29
2a0c:b180::/29
Signature Algorithm: sha256WithRSAEncryption
02:b6:1c:a8:75:1e:e5:57:e1:c4:55:0c:75:36:70:64:bb:59:
b8:de:7f:46:6f:93:21:bf:49:45:fe:98:74:c1:c5:b9:18:03:
8a:38:b8:30:f0:d2:66:a4:db:44:64:be:c3:2d:3f:a5:cd:b6:
38:53:db:e7:b6:01:db:3c:6a:40:96:5d:87:6e:87:f4:54:df:
13:bd:33:2e:62:5c:ac:ed:d7:16:a3:4c:a0:0b:7e:31:05:54:
e6:a6:25:16:31:33:1c:26:fe:54:32:dc:d1:f6:5c:8e:df:b8:
39:96:cf:83:f1:fc:df:9e:a6:b5:32:e0:3b:a3:2e:8c:e0:ae:
fa:72:69:ea:e4:7f:58:01:f8:17:3d:48:c9:22:2a:cc:c7:e6:
6b:b0:20:38:b0:a4:d3:c9:4b:ab:47:76:d1:bf:5a:9e:92:e1:
4c:87:6b:c9:a9:6f:ad:00:46:8d:c0:d4:d0:0d:8a:b2:b6:4d:
5d:64:87:b6:d6:06:e3:78:a7:aa:76:4e:27:db:fa:5e:b3:20:
a6:91:8d:0b:0c:0f:39:5c:f9:6f:60:e5:98:f5:5d:ca:91:3d:
89:36:af:6c:19:c5:68:81:60:30:49:98:5d:50:fe:13:92:82:
d9:92:7b:a5:f1:a3:54:28:46:24:01:64:78:e0:eb:85:7e:55:
b2:ab:c9:2a
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAYVsZcweCFIBOL1Yy6NMcp1YMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ2ZWIxMWFmOTM1NWRhOWEyYjVkZjczZWNkZDdmZDA5Njdh
NGI1OGMwHhcNMjMwMTAxMDgxNDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYTRjMGUwYzFkNzUyMjAxZWU2MTMxMmM1NjE1MzQ4ZWY5NzlkMzhkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp7WeLMKSqdP9v7jxhr+RIf2RmUPf
dgHQt9hRJT0/emoRs+1CEj7ZmfTvs+Q94sOfXRG186d0P+3MrE+owHdxgsFzEo3V
SoIMGwlwivRmJDntwcn8Ax6/cTlUrCS0qGOCBrtK0mVnaRw2OgZqRH75G8C+w6jg
SbhNZ5nxogKa5lAwzovSlBbnWAywAF7wQ0WoY531ofTryvlODF1p2cSXXbJcbHxl
eZP8/XTA3l/SbSnvEHm4+sEYq8gb5HjYpHCcm4YfrFGWlwt2qWVM0HlTd3dgjvXc
NFXrILnvDcuCBjUjBALkCnYZSmIn0UTsNQdOMPNGaKDtVpcS8uFysBnyHwIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFBpMDgwddSIB7mExLFYVNI75edONMB8GA1UdIwQY
MBaAFEbrEa+TVdqaK133Ps3X/QlnpLWMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUnVzUnI1TlYycG9yWGZjLXpkZjlDV2VrdFl3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZS8xYTQzZjAtYzAyNy00ZmRjLTg1MTUt
NDVmNDk2ZjJmZTc1LzEvR2t3T0RCMTFJZ0h1WVRFc1ZoVTBqdmw1MDQwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZS8xYTQzZjAtYzAyNy00ZmRjLTg1MTUtNDVmNDk2ZjJmZTc1
LzEvUnVzUnI1TlYycG9yWGZjLXpkZjlDV2VrdFl3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjASBAIAATAMAwQCuWOwAwQC
ufHcMBQEAgACMA4DBQMqAI6AAwUDKgyxgDANBgkqhkiG9w0BAQsFAAOCAQEAArYc
qHUe5VfhxFUMdTZwZLtZuN5/Rm+TIb9JRf6YdMHFuRgDiji4MPDSZqTbRGS+wy0/
pc22OFPb57YB2zxqQJZdh26H9FTfE70zLmJcrO3XFqNMoAt+MQVU5qYlFjEzHCb+
VDLc0fZcjt+4OZbPg/H8356mtTLgO6MujOCu+nJp6uR/WAH4Fz1IySIqzMfma7Ag
OLCk08lLq0d20b9anpLhTIdryalvrQBGjcDU0A2KsrZNXWSHttYG43inqnZOJ9v6
XrMgppGNCwwPOVz5b2DlmPVdypE9iTavbBnFaIFgMEmYXVD+E5KC2ZJ7pfGjVChG
JAFkeODrhX5VsqvJKg==
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:00:05 2025 by rpki-client