Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/e8dd6b-4627-4a3c-ba73-a54b869dcd27/1/gKnM0cjXdFISfu5WZsKnfX6Ozyg.roa
File: gKnM0cjXdFISfu5WZsKnfX6Ozyg.roa (raw, json)
Hash identifier: QJLMV+m49geDy4C5/ZBSzzYA+ZM/jrY3O4CotPp+hqc=
Subject key identifier: 80:A9:CC:D1:C8:D7:74:52:12:7E:EE:56:66:C2:A7:7D:7E:8E:CF:28
Certificate issuer: /CN=b1f7d0094adc98d9b032720e81e3db5aa7581c74
Certificate serial: 0185704BAAC1EC3274DBCE4E3DA3B78213BC
Authority key identifier: B1:F7:D0:09:4A:DC:98:D9:B0:32:72:0E:81:E3:DB:5A:A7:58:1C:74
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sffQCUrcmNmwMnIOgePbWqdYHHQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b8/e8dd6b-4627-4a3c-ba73-a54b869dcd27/1/gKnM0cjXdFISfu5WZsKnfX6Ozyg.roa
Signing time: Mon 02 Jan 2023 02:24:45 +0000
ROA not before: Mon 02 Jan 2023 02:24:45 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 205313
IP address blocks: 185.222.74.0/23 maxlen: 23
185.222.75.0/24 maxlen: 24
185.222.72.0/24 maxlen: 24
185.222.73.0/24 maxlen: 24
185.222.72.0/23 maxlen: 23
185.222.72.0/22 maxlen: 22
185.222.74.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:4b:aa:c1:ec:32:74:db:ce:4e:3d:a3:b7:82:13:bc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b1f7d0094adc98d9b032720e81e3db5aa7581c74
Validity
Not Before: Jan 2 02:24:45 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=80a9ccd1c8d77452127eee5666c2a77d7e8ecf28
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:42:79:1e:37:22:a5:81:c1:51:c2:0e:70:af:
50:0a:33:4a:28:90:66:b9:db:c5:a4:2c:42:b9:8c:
36:41:ab:cf:b7:25:3e:ff:89:46:72:53:51:4c:0e:
71:cd:be:d1:ad:96:c4:34:64:b9:72:46:fb:fc:be:
d9:65:30:f2:27:25:8e:c4:2b:38:92:be:36:0f:7e:
ce:81:af:1e:21:e4:33:da:87:b4:8e:7d:77:d6:66:
a4:6e:d0:15:7b:c1:8f:a6:8b:4d:41:ea:7f:8f:f4:
c7:44:61:91:67:e8:6b:ab:2b:9e:02:01:a7:a2:77:
4c:59:f6:29:6a:b8:7d:97:6a:13:21:c8:fb:e2:4b:
11:50:9b:44:10:5e:7f:93:9a:60:59:bd:d0:25:c0:
ed:de:2c:ed:9d:29:7e:cd:2b:4f:68:9f:66:f4:06:
d7:c2:91:ab:c3:a4:b7:3d:a5:23:13:cf:86:da:4d:
23:63:87:49:f9:e8:db:99:8c:0b:f6:b0:b3:36:33:
2b:f5:0c:9e:36:4d:82:4e:0d:ed:6f:ef:bc:08:d4:
1e:63:94:42:9c:c9:ba:8b:d4:82:ad:39:20:d9:ee:
0a:05:34:b3:17:e8:75:fc:b2:33:65:c0:ec:e2:00:
ef:46:02:1d:42:72:66:27:bb:eb:2e:4b:cd:6c:f5:
90:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
80:A9:CC:D1:C8:D7:74:52:12:7E:EE:56:66:C2:A7:7D:7E:8E:CF:28
X509v3 Authority Key Identifier:
keyid:B1:F7:D0:09:4A:DC:98:D9:B0:32:72:0E:81:E3:DB:5A:A7:58:1C:74
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sffQCUrcmNmwMnIOgePbWqdYHHQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/e8dd6b-4627-4a3c-ba73-a54b869dcd27/1/gKnM0cjXdFISfu5WZsKnfX6Ozyg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/e8dd6b-4627-4a3c-ba73-a54b869dcd27/1/sffQCUrcmNmwMnIOgePbWqdYHHQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.222.72.0/22
Signature Algorithm: sha256WithRSAEncryption
54:7a:db:79:30:a7:35:04:0a:5d:30:68:cb:03:13:9b:c2:28:
b9:26:d6:43:7a:21:6e:55:16:29:cc:44:3a:10:17:4b:75:fd:
b8:e7:01:6d:11:ca:44:27:5c:ce:9b:3e:d4:0f:a5:00:45:35:
cf:1b:70:e5:6a:c3:36:aa:98:7a:48:99:80:44:6f:70:37:e8:
f3:ca:cf:15:79:b7:9b:f9:36:e9:a0:be:71:63:9c:a7:30:9c:
77:0b:9d:c7:25:64:5a:47:bd:b3:ee:4d:97:87:f7:19:33:b4:
50:12:5e:ed:1a:cf:1e:f7:3c:81:8b:34:26:16:8d:04:44:59:
33:5d:3a:75:8e:c5:4e:50:70:a4:19:e8:39:96:55:d0:55:de:
51:03:c0:d5:68:30:6e:45:13:5c:10:55:6e:de:fa:74:ed:3b:
8a:66:4f:e5:7e:8f:da:9c:a7:81:2d:62:36:76:63:59:73:de:
56:ee:67:bd:a0:7c:44:08:a1:2c:5f:c0:67:94:3e:7a:f8:11:
2b:2c:e0:56:01:8d:8b:3b:ef:49:8a:fd:0c:1c:3f:f1:f2:2d:
1d:0d:48:be:38:ff:c3:57:83:6c:cb:a2:4c:2e:6e:0a:cc:28:
b8:8e:c9:ae:76:e0:91:9a:f7:35:b5:cb:0e:63:22:46:3f:74:
e7:c6:2e:d3
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVwS6rB7DJ0285OPaO3ghO8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxZjdkMDA5NGFkYzk4ZDliMDMyNzIwZTgxZTNkYjVhYTc1
ODFjNzQwHhcNMjMwMTAyMDIyNDQ1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MGE5Y2NkMWM4ZDc3NDUyMTI3ZWVlNTY2NmMyYTc3ZDdlOGVjZjI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0EJ5HjcipYHBUcIOcK9QCjNKKJBm
udvFpCxCuYw2QavPtyU+/4lGclNRTA5xzb7RrZbENGS5ckb7/L7ZZTDyJyWOxCs4
kr42D37Oga8eIeQz2oe0jn131makbtAVe8GPpotNQep/j/THRGGRZ+hrqyueAgGn
ondMWfYparh9l2oTIcj74ksRUJtEEF5/k5pgWb3QJcDt3iztnSl+zStPaJ9m9AbX
wpGrw6S3PaUjE8+G2k0jY4dJ+ejbmYwL9rCzNjMr9QyeNk2CTg3tb++8CNQeY5RC
nMm6i9SCrTkg2e4KBTSzF+h1/LIzZcDs4gDvRgIdQnJmJ7vrLkvNbPWQXQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFICpzNHI13RSEn7uVmbCp31+js8oMB8GA1UdIwQY
MBaAFLH30AlK3JjZsDJyDoHj21qnWBx0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc2ZmUUNVcmNtTm13TW5JT2dlUGJXcWRZSEhRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOC9lOGRkNmItNDYyNy00YTNjLWJhNzMt
YTU0Yjg2OWRjZDI3LzEvZ0tuTTBjalhkRklTZnU1V1pzS25mWDZPenlnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOC9lOGRkNmItNDYyNy00YTNjLWJhNzMtYTU0Yjg2OWRjZDI3
LzEvc2ZmUUNVcmNtTm13TW5JT2dlUGJXcWRZSEhRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCud5IMA0G
CSqGSIb3DQEBCwUAA4IBAQBUett5MKc1BApdMGjLAxObwii5JtZDeiFuVRYpzEQ6
EBdLdf245wFtEcpEJ1zOmz7UD6UARTXPG3DlasM2qph6SJmARG9wN+jzys8Vebeb
+TbpoL5xY5ynMJx3C53HJWRaR72z7k2Xh/cZM7RQEl7tGs8e9zyBizQmFo0ERFkz
XTp1jsVOUHCkGeg5llXQVd5RA8DVaDBuRRNcEFVu3vp07TuKZk/lfo/anKeBLWI2
dmNZc95W7me9oHxECKEsX8BnlD56+BErLOBWAY2LO+9Jiv0MHD/x8i0dDUi+OP/D
V4Nsy6JMLm4KzCi4jsmuduCRmvc1tcsOYyJGP3Tnxi7T
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:12:55 2025 by rpki-client