Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b6/465c40-6718-4ea9-91e5-912047153e01/1/_GKmYumWTfUE5qMg7gnJBIJLqSY.roa
File: _GKmYumWTfUE5qMg7gnJBIJLqSY.roa (raw, json)
Hash identifier: La5W1nRWfHODkDvKpKbauHKXpVUkBAMDt99Q/1lZ2fk=
Subject key identifier: FC:62:A6:62:E9:96:4D:F5:04:E6:A3:20:EE:09:C9:04:82:4B:A9:26
Certificate issuer: /CN=b135377901a7871d3bff7a70277a2f4e2fc0e277
Certificate serial: 01856D6610CB7930C396E33F4F946EB00CC2
Authority key identifier: B1:35:37:79:01:A7:87:1D:3B:FF:7A:70:27:7A:2F:4E:2F:C0:E2:77
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sTU3eQGnhx07_3pwJ3ovTi_A4nc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b6/465c40-6718-4ea9-91e5-912047153e01/1/_GKmYumWTfUE5qMg7gnJBIJLqSY.roa
Signing time: Sun 01 Jan 2023 12:54:43 +0000
ROA not before: Sun 01 Jan 2023 12:54:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 209220
IP address blocks: 185.104.122.0/24 maxlen: 24
185.104.122.0/23 maxlen: 23
185.104.123.0/24 maxlen: 24
2a06:3000:1000::/36 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:66:10:cb:79:30:c3:96:e3:3f:4f:94:6e:b0:0c:c2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b135377901a7871d3bff7a70277a2f4e2fc0e277
Validity
Not Before: Jan 1 12:54:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=fc62a662e9964df504e6a320ee09c904824ba926
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:73:0f:ba:7c:36:3a:70:61:e4:1a:85:35:fd:
5f:18:94:ba:f0:ae:f9:6e:1a:c9:d8:b1:11:da:b1:
92:72:36:71:74:0e:59:3b:11:4e:87:0e:c6:1d:64:
95:37:44:2d:bf:be:22:d6:0c:1e:25:97:e7:4d:75:
4e:e0:d5:4f:0e:3c:43:76:b5:b4:99:f8:37:fc:bc:
3b:70:f2:fc:4d:ed:4e:aa:94:26:57:17:47:60:92:
bc:08:c7:0f:7f:5b:aa:2f:75:1c:0e:41:01:e5:fd:
9d:25:b3:1f:ec:5f:3b:19:36:80:83:9a:31:57:65:
18:45:c4:26:e0:41:1d:be:5f:e7:de:ec:f9:25:61:
86:3f:de:05:80:7c:d5:4d:be:39:ab:01:f6:ba:53:
27:e9:4e:e5:45:c9:1d:73:19:38:0d:d4:3f:a3:7e:
f7:98:87:10:bb:0d:da:bb:32:db:15:0f:af:3c:da:
7f:ac:a6:b0:26:c2:2f:85:5c:06:01:33:68:1a:32:
cd:72:f4:5b:3d:65:0c:3d:26:ba:bd:30:52:70:2c:
35:cd:e1:d2:86:74:ce:fb:cd:a4:2b:64:eb:d9:e5:
94:2e:91:d7:41:b5:13:94:bf:0a:16:9c:c7:75:dc:
16:5c:8d:11:82:bd:cd:4b:96:2d:01:6e:7c:83:79:
a9:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FC:62:A6:62:E9:96:4D:F5:04:E6:A3:20:EE:09:C9:04:82:4B:A9:26
X509v3 Authority Key Identifier:
keyid:B1:35:37:79:01:A7:87:1D:3B:FF:7A:70:27:7A:2F:4E:2F:C0:E2:77
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sTU3eQGnhx07_3pwJ3ovTi_A4nc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/465c40-6718-4ea9-91e5-912047153e01/1/_GKmYumWTfUE5qMg7gnJBIJLqSY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/465c40-6718-4ea9-91e5-912047153e01/1/sTU3eQGnhx07_3pwJ3ovTi_A4nc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.104.122.0/23
IPv6:
2a06:3000:1000::/36
Signature Algorithm: sha256WithRSAEncryption
1c:8b:e3:26:e3:95:93:e7:b0:f8:da:a9:ae:ed:4b:ff:b5:20:
10:d2:c0:d7:a5:03:c0:d8:a3:6e:68:9c:ea:08:21:fa:95:13:
9b:5b:20:ac:bd:38:5c:83:12:0c:2d:bb:0b:d1:0a:5c:fd:84:
b5:fc:43:d9:b3:a1:57:87:44:7a:18:a4:e5:6f:3f:46:7a:07:
81:81:a3:5f:89:b7:af:32:15:8f:90:fd:56:fd:bf:74:89:9f:
c8:4e:61:37:0d:2c:5c:c3:4f:a6:54:47:52:7b:a9:b4:e5:f9:
ff:99:0d:c6:f5:7b:db:96:59:bc:65:ae:2b:47:ec:ab:71:30:
d1:78:bd:ee:27:45:ec:93:72:ac:bc:2d:c4:22:96:48:7a:19:
64:12:34:e1:18:a2:61:6e:21:cc:49:0c:90:f3:1b:8f:75:8d:
40:6e:3f:aa:be:b1:10:4c:ae:df:91:78:bc:be:11:67:63:b2:
dc:12:d6:61:ba:d0:0d:55:c0:76:a0:a3:34:c8:d6:c3:e1:43:
cb:1f:53:d7:da:e2:fb:d4:d5:7e:88:7f:75:25:f2:8a:fb:c4:
24:b4:6f:45:5b:4b:0d:b4:e3:80:2f:1b:f8:c6:82:62:e9:41:
a7:29:1d:d1:a9:0c:3f:73:d6:98:f1:19:82:94:a3:93:03:e3:
f4:f0:dd:a6
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgISAYVtZhDLeTDDluM/T5RusAzCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxMzUzNzc5MDFhNzg3MWQzYmZmN2E3MDI3N2EyZjRlMmZj
MGUyNzcwHhcNMjMwMTAxMTI1NDQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYzYyYTY2MmU5OTY0ZGY1MDRlNmEzMjBlZTA5YzkwNDgyNGJhOTI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy3MPunw2OnBh5BqFNf1fGJS68K75
bhrJ2LER2rGScjZxdA5ZOxFOhw7GHWSVN0Qtv74i1gweJZfnTXVO4NVPDjxDdrW0
mfg3/Lw7cPL8Te1OqpQmVxdHYJK8CMcPf1uqL3UcDkEB5f2dJbMf7F87GTaAg5ox
V2UYRcQm4EEdvl/n3uz5JWGGP94FgHzVTb45qwH2ulMn6U7lRckdcxk4DdQ/o373
mIcQuw3auzLbFQ+vPNp/rKawJsIvhVwGATNoGjLNcvRbPWUMPSa6vTBScCw1zeHS
hnTO+82kK2Tr2eWULpHXQbUTlL8KFpzHddwWXI0Rgr3NS5YtAW58g3mpoQIDAQAB
o4ICGTCCAhUwHQYDVR0OBBYEFPxipmLplk31BOajIO4JyQSCS6kmMB8GA1UdIwQY
MBaAFLE1N3kBp4cdO/96cCd6L04vwOJ3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc1RVM2VRR25oeDA3XzNwd0ozb3ZUaV9BNG5jLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNi80NjVjNDAtNjcxOC00ZWE5LTkxZTUt
OTEyMDQ3MTUzZTAxLzEvX0dLbVl1bVdUZlVFNXFNZzdnbkpCSUpMcVNZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNi80NjVjNDAtNjcxOC00ZWE5LTkxZTUtOTEyMDQ3MTUzZTAx
LzEvc1RVM2VRR25oeDA3XzNwd0ozb3ZUaV9BNG5jLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC8GCCsGAQUFBwEHAQH/BCAwHjAMBAIAATAGAwQBuWh6MA4E
AgACMAgDBgQqBjAAEDANBgkqhkiG9w0BAQsFAAOCAQEAHIvjJuOVk+ew+Nqpru1L
/7UgENLA16UDwNijbmic6ggh+pUTm1sgrL04XIMSDC27C9EKXP2EtfxD2bOhV4dE
ehik5W8/RnoHgYGjX4m3rzIVj5D9Vv2/dImfyE5hNw0sXMNPplRHUnuptOX5/5kN
xvV725ZZvGWuK0fsq3Ew0Xi97idF7JNyrLwtxCKWSHoZZBI04RiiYW4hzEkMkPMb
j3WNQG4/qr6xEEyu35F4vL4RZ2Oy3BLWYbrQDVXAdqCjNMjWw+FDyx9T19ri+9TV
foh/dSXyivvEJLRvRVtLDbTjgC8b+MaCYulBpykd0akMP3PWmPEZgpSjkwPj9PDd
pg==
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:22:25 2025 by rpki-client