Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f5/d52eac-c7e2-4881-88e3-471d42c2d806/1/g0zn-ZKFvxj90gVnMdB_WJfHWYA.roa
File: g0zn-ZKFvxj90gVnMdB_WJfHWYA.roa (raw, json)
Hash identifier: y9ZkL2rSsJCIH7S+YYJQVvL9lU5d/NSRyRWjQ9xtXVk=
Subject key identifier: 83:4C:E7:F9:92:85:BF:18:FD:D2:05:67:31:D0:7F:58:97:C7:59:80
Certificate issuer: /CN=49179e7cf60488c3ef5b770d21aeb147da4c7cee
Certificate serial: 01856D13DED1B2EACDF7FD0665EAEE32DDF2
Authority key identifier: 49:17:9E:7C:F6:04:88:C3:EF:5B:77:0D:21:AE:B1:47:DA:4C:7C:EE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SReefPYEiMPvW3cNIa6xR9pMfO4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f5/d52eac-c7e2-4881-88e3-471d42c2d806/1/g0zn-ZKFvxj90gVnMdB_WJfHWYA.roa
Signing time: Sun 01 Jan 2023 11:24:56 +0000
ROA not before: Sun 01 Jan 2023 11:24:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 44400
IP address blocks: 185.204.181.0/24 maxlen: 24
185.204.180.0/24 maxlen: 24
185.204.180.0/22 maxlen: 22
185.204.183.0/24 maxlen: 24
185.204.182.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:13:de:d1:b2:ea:cd:f7:fd:06:65:ea:ee:32:dd:f2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=49179e7cf60488c3ef5b770d21aeb147da4c7cee
Validity
Not Before: Jan 1 11:24:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=834ce7f99285bf18fdd2056731d07f5897c75980
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f8:e9:00:60:c1:b2:7e:b9:d5:c7:57:76:30:6c:
6f:c7:aa:f9:53:ea:73:a5:09:dc:1f:77:e5:10:47:
b7:e4:8c:4a:c7:a1:60:47:16:a3:74:9f:94:1a:98:
66:5f:83:6b:39:58:90:ce:f6:17:e9:57:69:e8:88:
08:6d:8b:63:d5:14:a5:d3:98:e1:8a:0e:2b:4d:9f:
81:63:c5:86:71:03:f6:55:87:ba:09:d2:52:68:e6:
3f:d1:f5:1f:3f:a0:d7:95:01:fe:9a:32:48:7b:d3:
8c:11:43:e8:f8:ca:8d:69:50:ff:a4:9a:01:43:6f:
a5:2d:d6:68:c3:d6:9b:0c:c7:eb:fd:6d:07:73:c4:
d9:43:ff:00:22:8b:97:ef:4c:b4:69:ea:7d:4c:43:
f3:fc:64:d1:5d:54:8d:6f:8f:7b:30:77:db:66:22:
1c:1e:75:c3:53:e5:2a:88:eb:04:1e:57:5d:79:4b:
db:4f:3b:5b:61:31:60:14:02:32:6f:c6:57:28:64:
7b:d8:a3:31:d9:dd:d0:a2:59:ba:90:cb:f6:83:e3:
5d:87:9f:d0:27:4b:13:86:73:8d:04:0c:2d:b1:43:
d4:b7:09:28:e9:b0:48:55:38:cc:18:d3:70:78:a2:
42:91:a6:8f:25:7c:4b:aa:1e:15:df:0d:9b:b2:23:
cb:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
83:4C:E7:F9:92:85:BF:18:FD:D2:05:67:31:D0:7F:58:97:C7:59:80
X509v3 Authority Key Identifier:
keyid:49:17:9E:7C:F6:04:88:C3:EF:5B:77:0D:21:AE:B1:47:DA:4C:7C:EE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SReefPYEiMPvW3cNIa6xR9pMfO4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/d52eac-c7e2-4881-88e3-471d42c2d806/1/g0zn-ZKFvxj90gVnMdB_WJfHWYA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/d52eac-c7e2-4881-88e3-471d42c2d806/1/SReefPYEiMPvW3cNIa6xR9pMfO4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.204.180.0/22
Signature Algorithm: sha256WithRSAEncryption
46:ae:7a:8c:4d:91:9f:1d:eb:9c:f9:20:7c:c6:88:34:c4:37:
29:29:f5:d1:cd:e5:0e:58:34:48:28:69:30:b8:64:ec:ea:c0:
7d:4c:10:83:69:22:20:44:34:c5:4d:99:b0:32:8f:de:86:bd:
0b:77:e4:c4:83:a3:13:f8:35:dd:c4:80:6c:e3:15:e3:40:44:
5c:e3:e5:3d:03:e6:c3:6a:6c:01:3c:63:90:17:7a:fb:44:f8:
da:f8:08:fb:0c:b9:1a:c2:ec:48:1b:5f:ba:08:ca:b9:92:a9:
aa:9b:e8:12:3c:6d:cb:a4:94:81:f2:05:10:e5:d3:23:3d:e3:
3b:1c:f4:15:03:ab:76:90:b2:e1:66:1e:8b:ad:a0:01:19:08:
4b:46:44:9e:66:23:51:35:90:59:a5:da:ae:0d:39:2c:06:7b:
3a:34:13:f9:cd:b3:96:aa:20:6a:03:29:50:5b:c3:7a:cd:c0:
38:4e:96:a4:57:e0:08:3d:d9:2d:f1:28:a5:31:3e:19:23:6f:
14:b5:e0:ac:27:dd:86:f6:6f:92:17:5f:60:43:10:10:df:43:
8d:53:15:27:1a:38:ed:ea:38:8b:ce:b8:31:f8:4a:d7:d7:58:
0c:34:e5:b1:6e:3a:a1:27:95:60:4f:9a:bc:99:a5:e8:ee:8f:
b4:23:30:16
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVtE97RsurN9/0GZeruMt3yMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ5MTc5ZTdjZjYwNDg4YzNlZjViNzcwZDIxYWViMTQ3ZGE0
YzdjZWUwHhcNMjMwMTAxMTEyNDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MzRjZTdmOTkyODViZjE4ZmRkMjA1NjczMWQwN2Y1ODk3Yzc1OTgwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA+OkAYMGyfrnVx1d2MGxvx6r5U+pz
pQncH3flEEe35IxKx6FgRxajdJ+UGphmX4NrOViQzvYX6Vdp6IgIbYtj1RSl05jh
ig4rTZ+BY8WGcQP2VYe6CdJSaOY/0fUfP6DXlQH+mjJIe9OMEUPo+MqNaVD/pJoB
Q2+lLdZow9abDMfr/W0Hc8TZQ/8AIouX70y0aep9TEPz/GTRXVSNb497MHfbZiIc
HnXDU+UqiOsEHlddeUvbTztbYTFgFAIyb8ZXKGR72KMx2d3Qolm6kMv2g+Ndh5/Q
J0sThnONBAwtsUPUtwko6bBIVTjMGNNweKJCkaaPJXxLqh4V3w2bsiPLvQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFINM5/mShb8Y/dIFZzHQf1iXx1mAMB8GA1UdIwQY
MBaAFEkXnnz2BIjD71t3DSGusUfaTHzuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU1JlZWZQWUVpTVB2VzNjTklhNnhSOXBNZk80LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNS9kNTJlYWMtYzdlMi00ODgxLTg4ZTMt
NDcxZDQyYzJkODA2LzEvZzB6bi1aS0Z2eGo5MGdWbk1kQl9XSmZIV1lBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNS9kNTJlYWMtYzdlMi00ODgxLTg4ZTMtNDcxZDQyYzJkODA2
LzEvU1JlZWZQWUVpTVB2VzNjTklhNnhSOXBNZk80LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCucy0MA0G
CSqGSIb3DQEBCwUAA4IBAQBGrnqMTZGfHeuc+SB8xog0xDcpKfXRzeUOWDRIKGkw
uGTs6sB9TBCDaSIgRDTFTZmwMo/ehr0Ld+TEg6MT+DXdxIBs4xXjQERc4+U9A+bD
amwBPGOQF3r7RPja+Aj7DLkawuxIG1+6CMq5kqmqm+gSPG3LpJSB8gUQ5dMjPeM7
HPQVA6t2kLLhZh6LraABGQhLRkSeZiNRNZBZpdquDTksBns6NBP5zbOWqiBqAylQ
W8N6zcA4TpakV+AIPdkt8SilMT4ZI28UteCsJ92G9m+SF19gQxAQ30ONUxUnGjjt
6jiLzrgx+ErX11gMNOWxbjqhJ5VgT5q8maXo7o+0IzAW
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:53:50 2025 by rpki-client