Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/db1aca-2659-42a3-a631-9a1295f02f2e/1/rv-zZ4p9HJnMRu-dLk4mNXmR39A.roa
File: rv-zZ4p9HJnMRu-dLk4mNXmR39A.roa (raw, json)
Hash identifier: 3u24msNXMmYYew6LkFpj7hoBlvA4JNhdUFHAIahO6Qg=
Subject key identifier: AE:FF:B3:67:8A:7D:1C:99:CC:46:EF:9D:2E:4E:26:35:79:91:DF:D0
Certificate issuer: /CN=73f986c7705bd808c1b02ebd754fbfa91807e9b6
Certificate serial: 1188A9FE
Authority key identifier: 73:F9:86:C7:70:5B:D8:08:C1:B0:2E:BD:75:4F:BF:A9:18:07:E9:B6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/c_mGx3Bb2AjBsC69dU-_qRgH6bY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b8/db1aca-2659-42a3-a631-9a1295f02f2e/1/rv-zZ4p9HJnMRu-dLk4mNXmR39A.roa
Signing time: Sat 01 Jan 2022 11:04:05 +0000
ROA not before: Sat 01 Jan 2022 11:04:05 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 43350
IP address blocks: 185.167.204.0/24 maxlen: 24
185.167.205.0/24 maxlen: 24
185.167.206.0/24 maxlen: 24
2a0b:b600:3c04::/48 maxlen: 48
2a0b:b600:110::/44 maxlen: 44
2a0b:b600::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 294169086 (0x1188a9fe)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=73f986c7705bd808c1b02ebd754fbfa91807e9b6
Validity
Not Before: Jan 1 11:04:05 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=aeffb3678a7d1c99cc46ef9d2e4e26357991dfd0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:06:c0:11:cb:98:25:ba:c7:47:25:33:55:dc:
b6:bc:94:48:f6:09:c2:2f:2d:00:ce:f5:40:95:90:
74:5b:f4:70:fd:10:fd:35:24:98:55:43:68:35:a0:
ed:c6:f5:2e:2a:90:e3:bc:cd:69:f8:4b:25:fb:68:
ca:94:35:08:bf:62:88:ff:cf:b8:a6:c7:ff:a0:de:
eb:d8:63:05:59:51:17:e0:17:de:07:af:8b:72:bc:
9d:73:bc:72:2f:01:46:15:90:6c:66:a8:34:82:88:
05:5c:b9:d9:b7:74:9d:43:cd:f0:67:cc:bc:52:1c:
0b:3c:87:a2:ab:07:6f:90:f2:94:1c:95:0f:e3:d6:
f2:98:9b:65:17:2f:a3:be:9a:97:18:bc:b3:b6:04:
db:19:50:6f:db:32:49:66:0a:65:96:1e:21:a5:bb:
27:5c:82:2b:16:97:2e:e5:7b:a0:f8:9f:21:04:03:
16:c8:11:27:29:3c:20:50:3b:48:af:e9:cc:9c:ee:
3e:81:21:5c:93:8f:4e:e7:ff:59:ef:f5:f9:b2:7d:
28:f3:2c:8a:b3:d2:7c:e4:bd:ca:cd:0d:bf:dd:7c:
68:50:27:e0:fc:d1:74:43:59:11:ee:14:27:1c:ad:
41:ff:f8:5a:39:69:11:4c:a1:3f:9d:f0:92:03:1e:
ef:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:FF:B3:67:8A:7D:1C:99:CC:46:EF:9D:2E:4E:26:35:79:91:DF:D0
X509v3 Authority Key Identifier:
keyid:73:F9:86:C7:70:5B:D8:08:C1:B0:2E:BD:75:4F:BF:A9:18:07:E9:B6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/c_mGx3Bb2AjBsC69dU-_qRgH6bY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/db1aca-2659-42a3-a631-9a1295f02f2e/1/rv-zZ4p9HJnMRu-dLk4mNXmR39A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/db1aca-2659-42a3-a631-9a1295f02f2e/1/c_mGx3Bb2AjBsC69dU-_qRgH6bY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.167.204.0-185.167.206.255
IPv6:
2a0b:b600::/48
2a0b:b600:110::/44
2a0b:b600:3c04::/48
Signature Algorithm: sha256WithRSAEncryption
7e:98:ae:a0:b9:8b:7e:22:66:68:58:19:8c:ae:9c:1f:1a:fb:
c2:1f:81:c5:31:b4:90:b5:7b:90:1f:44:03:4d:e7:df:c0:a3:
27:bc:1c:8f:a1:c8:58:f4:c9:8c:c9:d2:71:18:2c:29:1b:d0:
6b:4c:ff:f4:ee:92:98:01:ca:8d:55:b2:9d:d4:ee:77:09:bb:
e9:63:34:8e:e3:70:5b:75:d7:fe:ca:7a:5a:ee:f2:fb:2f:1e:
06:02:7f:d1:e5:1d:6b:19:de:84:78:3d:f9:0b:0c:ac:98:01:
b2:5e:aa:04:56:84:ed:1c:13:d6:34:c1:4d:01:65:91:44:b0:
04:f6:45:05:7d:c2:dd:55:7a:92:43:e5:df:39:0c:a5:5d:c4:
c3:af:1f:2a:a8:2e:9d:d5:3e:8f:e8:57:ab:66:5d:d5:c6:d0:
14:aa:11:e5:42:cd:6f:d1:a5:df:e5:3c:5d:3c:af:d1:2f:d0:
a6:fa:50:b3:b2:0d:92:56:1c:4c:8c:2c:a8:c0:c0:3a:5e:66:
91:13:f6:67:4a:30:a8:92:6a:d1:ef:1c:dc:33:ed:47:39:fe:
a5:e8:4a:5f:09:51:07:3f:21:f2:9f:85:15:62:ec:5b:24:40:
86:00:26:73:61:eb:52:f6:71:a9:a6:bc:30:03:96:5d:04:9b:
19:1a:b2:3a
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgIEEYip/jANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
M2Y5ODZjNzcwNWJkODA4YzFiMDJlYmQ3NTRmYmZhOTE4MDdlOWI2MB4XDTIyMDEw
MTExMDQwNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYWVmZmIzNjc4YTdk
MWM5OWNjNDZlZjlkMmU0ZTI2MzU3OTkxZGZkMDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMQGwBHLmCW6x0clM1XctryUSPYJwi8tAM71QJWQdFv0cP0Q
/TUkmFVDaDWg7cb1LiqQ47zNafhLJftoypQ1CL9iiP/PuKbH/6De69hjBVlRF+AX
3gevi3K8nXO8ci8BRhWQbGaoNIKIBVy52bd0nUPN8GfMvFIcCzyHoqsHb5DylByV
D+PW8pibZRcvo76alxi8s7YE2xlQb9sySWYKZZYeIaW7J1yCKxaXLuV7oPifIQQD
FsgRJyk8IFA7SK/pzJzuPoEhXJOPTuf/We/1+bJ9KPMsirPSfOS9ys0Nv918aFAn
4PzRdENZEe4UJxytQf/4WjlpEUyhP53wkgMe738CAwEAAaOCAjQwggIwMB0GA1Ud
DgQWBBSu/7Nnin0cmcxG750uTiY1eZHf0DAfBgNVHSMEGDAWgBRz+YbHcFvYCMGw
Lr11T7+pGAfptjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2NfbUd4M0JiMkFqQnNDNjlkVS1fcVJnSDZiWS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYjgvZGIxYWNhLTI2NTktNDJhMy1hNjMxLTlhMTI5NWYwMmYyZS8x
L3J2LXpaNHA5SEpuTVJ1LWRMazRtTlhtUjM5QS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjgv
ZGIxYWNhLTI2NTktNDJhMy1hNjMxLTlhMTI5NWYwMmYyZS8xL2NfbUd4M0JiMkFq
QnNDNjlkVS1fcVJnSDZiWS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBK
BggrBgEFBQcBBwEB/wQ7MDkwFAQCAAEwDjAMAwQCuafMAwQAuafOMCEEAgACMBsD
BwAqC7YAAAADBwQqC7YAARADBwAqC7YAPAQwDQYJKoZIhvcNAQELBQADggEBAH6Y
rqC5i34iZmhYGYyunB8a+8IfgcUxtJC1e5AfRANN59/Aoye8HI+hyFj0yYzJ0nEY
LCkb0GtM//TukpgByo1Vsp3U7ncJu+ljNI7jcFt11/7Kelru8vsvHgYCf9HlHWsZ
3oR4PfkLDKyYAbJeqgRWhO0cE9Y0wU0BZZFEsAT2RQV9wt1VepJD5d85DKVdxMOv
HyqoLp3VPo/oV6tmXdXG0BSqEeVCzW/Rpd/lPF08r9Ev0Kb6ULOyDZJWHEyMLKjA
wDpeZpET9mdKMKiSatHvHNwz7Uc5/qXoSl8JUQc/IfKfhRVi7FskQIYAJnNh61L2
cammvDADll0Emxkasjo=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:51:14 2024 by rpki-client on console-fra.rpki-client.org