Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/75/eaf974-6efd-4633-b84a-a8aaf886c820/1/Gywdaw8xN542Qq2DmQqLA27-__c.roa
File: Gywdaw8xN542Qq2DmQqLA27-__c.roa (raw, json)
Hash identifier: NZTKQxMZOeV9Kd2qCZRebyNPrrybPT/kDQnHWVJHS9s=
Subject key identifier: 1B:2C:1D:6B:0F:31:37:9E:36:42:AD:83:99:0A:8B:03:6E:FE:FF:F7
Certificate issuer: /CN=d0d852703295ecf8b97201f916310f88f4c08ab7
Certificate serial: 07E9709E
Authority key identifier: D0:D8:52:70:32:95:EC:F8:B9:72:01:F9:16:31:0F:88:F4:C0:8A:B7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0NhScDKV7Pi5cgH5FjEPiPTAirc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/75/eaf974-6efd-4633-b84a-a8aaf886c820/1/Gywdaw8xN542Qq2DmQqLA27-__c.roa
Signing time: Sat 01 Jan 2022 02:01:11 +0000
ROA not before: Sat 01 Jan 2022 02:01:11 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 201079
IP address blocks: 185.250.192.0/24 maxlen: 24
185.250.192.0/22 maxlen: 22
185.250.195.0/24 maxlen: 24
185.250.194.0/24 maxlen: 24
185.250.193.0/24 maxlen: 24
185.85.206.0/24 maxlen: 24
185.85.205.0/24 maxlen: 24
185.85.204.0/22 maxlen: 22
185.85.204.0/24 maxlen: 24
185.85.207.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 132739230 (0x7e9709e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d0d852703295ecf8b97201f916310f88f4c08ab7
Validity
Not Before: Jan 1 02:01:11 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=1b2c1d6b0f31379e3642ad83990a8b036efefff7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:59:dc:8c:52:27:81:6d:51:67:ed:8f:ff:15:
a5:55:c5:9c:db:8c:f8:a1:61:b2:f0:6e:38:60:0b:
1b:12:5c:17:f1:c7:85:49:76:88:8c:05:38:77:1a:
30:9d:30:12:f4:39:cf:2d:7b:e1:48:09:9f:95:fc:
87:91:a5:c6:f1:9e:f1:03:c7:3d:33:f3:b6:99:16:
8a:bc:f7:71:e4:6f:25:a5:1e:2a:cc:ca:13:de:5d:
4d:bb:a0:4c:44:14:6a:56:59:78:19:77:1a:0a:a0:
1e:78:64:cc:cc:ea:98:92:6b:75:db:cd:e2:0b:a0:
61:73:73:29:0b:ed:59:e6:da:c4:ad:9c:87:31:3c:
72:c7:27:ab:40:b6:d2:e1:11:bd:43:84:34:cf:48:
2d:0c:19:27:0f:26:a3:d5:6e:fe:16:cf:58:3e:95:
90:e7:88:b7:af:1b:ae:09:27:15:d0:17:20:b8:3f:
b4:0d:d9:9f:b4:41:5e:44:8c:06:93:be:aa:83:2c:
42:7b:8d:e7:1c:1c:7a:0b:c1:c7:7c:b5:1e:cd:e8:
26:17:d8:d7:e3:32:47:83:0f:54:38:42:f5:27:a8:
d6:14:bd:3f:fc:45:1c:1f:7e:e8:6c:26:eb:c6:87:
6d:b8:9f:5e:a8:90:0c:6c:e2:f5:36:b3:ed:af:f9:
3c:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1B:2C:1D:6B:0F:31:37:9E:36:42:AD:83:99:0A:8B:03:6E:FE:FF:F7
X509v3 Authority Key Identifier:
keyid:D0:D8:52:70:32:95:EC:F8:B9:72:01:F9:16:31:0F:88:F4:C0:8A:B7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0NhScDKV7Pi5cgH5FjEPiPTAirc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/75/eaf974-6efd-4633-b84a-a8aaf886c820/1/Gywdaw8xN542Qq2DmQqLA27-__c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/75/eaf974-6efd-4633-b84a-a8aaf886c820/1/0NhScDKV7Pi5cgH5FjEPiPTAirc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.85.204.0/22
185.250.192.0/22
Signature Algorithm: sha256WithRSAEncryption
04:51:d3:d2:70:e9:10:ae:4e:93:2c:15:38:97:51:aa:ea:2f:
47:84:b0:cb:51:5b:10:28:6c:ec:86:82:1d:ca:15:d0:ed:bc:
31:5d:41:3f:60:77:43:5e:7a:9f:60:00:27:85:db:35:f2:86:
7b:ba:80:9d:bf:ac:80:25:2c:e9:f5:82:06:dd:66:a2:32:31:
4f:24:cc:4a:6a:e8:5c:c8:ab:f7:4e:40:a4:f8:c0:ec:f8:7d:
2e:05:4f:bb:e6:60:93:57:ed:48:c3:dc:d3:6f:25:62:f8:1e:
a4:38:2f:4b:a6:04:25:94:08:56:84:8e:99:92:49:20:c0:05:
89:89:9e:5a:e1:3d:bb:04:72:f8:b4:77:e3:e3:5b:bf:f6:dc:
42:20:dd:e1:d3:74:e5:82:53:d0:f9:34:20:fd:fa:94:7b:52:
e5:ac:d3:29:9a:63:47:05:c6:a4:4a:d4:3f:80:3e:ea:82:67:
fe:65:43:82:8c:97:80:89:51:37:e6:d3:3b:b9:ea:f7:04:99:
f8:04:b4:d5:0e:40:22:60:aa:74:2a:4a:2e:e9:f9:d3:05:e2:
b3:57:5a:da:99:b1:08:a4:97:89:05:a6:83:60:b0:29:a2:05:
ea:de:aa:09:7d:24:1d:96:13:ad:d6:9a:f1:75:4a:a1:36:5a:
2b:7f:e9:04
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIEB+lwnjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
MGQ4NTI3MDMyOTVlY2Y4Yjk3MjAxZjkxNjMxMGY4OGY0YzA4YWI3MB4XDTIyMDEw
MTAyMDExMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMWIyYzFkNmIwZjMx
Mzc5ZTM2NDJhZDgzOTkwYThiMDM2ZWZlZmZmNzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJ9Z3IxSJ4FtUWftj/8VpVXFnNuM+KFhsvBuOGALGxJcF/HH
hUl2iIwFOHcaMJ0wEvQ5zy174UgJn5X8h5GlxvGe8QPHPTPztpkWirz3ceRvJaUe
KszKE95dTbugTEQUalZZeBl3GgqgHnhkzMzqmJJrddvN4gugYXNzKQvtWebaxK2c
hzE8cscnq0C20uERvUOENM9ILQwZJw8mo9Vu/hbPWD6VkOeIt68brgknFdAXILg/
tA3Zn7RBXkSMBpO+qoMsQnuN5xwcegvBx3y1Hs3oJhfY1+MyR4MPVDhC9Seo1hS9
P/xFHB9+6Gwm68aHbbifXqiQDGzi9Taz7a/5PHECAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBQbLB1rDzE3njZCrYOZCosDbv7/9zAfBgNVHSMEGDAWgBTQ2FJwMpXs+Lly
AfkWMQ+I9MCKtzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzBOaFNjREtWN1BpNWNnSDVGakVQaVBUQWlyYy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNzUvZWFmOTc0LTZlZmQtNDYzMy1iODRhLWE4YWFmODg2YzgyMC8x
L0d5d2Rhdzh4TjU0MlFxMkRtUXFMQTI3LV9fYy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzUv
ZWFmOTc0LTZlZmQtNDYzMy1iODRhLWE4YWFmODg2YzgyMC8xLzBOaFNjREtWN1Bp
NWNnSDVGakVQaVBUQWlyYy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEArlVzAMEArn6wDANBgkqhkiG9w0B
AQsFAAOCAQEABFHT0nDpEK5OkywVOJdRquovR4Swy1FbEChs7IaCHcoV0O28MV1B
P2B3Q156n2AAJ4XbNfKGe7qAnb+sgCUs6fWCBt1mojIxTyTMSmroXMir905ApPjA
7Ph9LgVPu+Zgk1ftSMPc028lYvgepDgvS6YEJZQIVoSOmZJJIMAFiYmeWuE9uwRy
+LR34+Nbv/bcQiDd4dN05YJT0Pk0IP36lHtS5azTKZpjRwXGpErUP4A+6oJn/mVD
goyXgIlRN+bTO7nq9wSZ+AS01Q5AImCqdCpKLun50wXis1da2pmxCKSXiQWmg2Cw
KaIF6t6qCX0kHZYTrdaa8XVKoTZaK3/pBA==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:23:33 2025 by rpki-client