Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/33/863ba0-0476-43d7-8be7-66eda228fec7/1/4gbfLIyk-CmyQKhm1OtAsKVWRWM.roa
File: 4gbfLIyk-CmyQKhm1OtAsKVWRWM.roa (raw, json)
Hash identifier: aKH+fgmI9X8xyZqs5w5L27IZ/CHVLKDUlLS9ItK+G2w=
Subject key identifier: E2:06:DF:2C:8C:A4:F8:29:B2:40:A8:66:D4:EB:40:B0:A5:56:45:63
Certificate issuer: /CN=bc4703e08ca0d6a310cbc643ffcb307ff6cdc65c
Certificate serial: 018BDCFB586D51ABE0ADC1A8566F21C3A911
Authority key identifier: BC:47:03:E0:8C:A0:D6:A3:10:CB:C6:43:FF:CB:30:7F:F6:CD:C6:5C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vEcD4Iyg1qMQy8ZD_8swf_bNxlw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/33/863ba0-0476-43d7-8be7-66eda228fec7/1/4gbfLIyk-CmyQKhm1OtAsKVWRWM.roa
Signing time: Fri 17 Nov 2023 11:12:21 +0000
ROA not before: Fri 17 Nov 2023 11:12:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 57665
IP address blocks: 185.226.44.0/22 maxlen: 22
185.241.104.0/24 maxlen: 24
185.241.105.0/24 maxlen: 24
185.241.104.0/22 maxlen: 22
185.241.104.0/23 maxlen: 23
31.222.16.0/21 maxlen: 21
185.241.106.0/24 maxlen: 24
185.241.107.0/24 maxlen: 24
185.241.106.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:dc:fb:58:6d:51:ab:e0:ad:c1:a8:56:6f:21:c3:a9:11
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bc4703e08ca0d6a310cbc643ffcb307ff6cdc65c
Validity
Not Before: Nov 17 11:12:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e206df2c8ca4f829b240a866d4eb40b0a5564563
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:98:39:ba:30:51:98:a4:3d:3f:8c:06:c6:f1:
8f:1f:8d:59:02:01:ac:c0:43:af:22:6e:0c:70:10:
ef:2a:d7:ec:e8:88:b4:a6:25:cd:6d:44:4f:b3:8f:
17:97:d8:2f:37:21:0a:7e:c3:2e:03:84:db:4e:a9:
cc:52:eb:75:b9:d2:20:94:94:29:e4:9e:c5:01:d0:
83:c8:22:a5:d9:2b:62:0d:9b:a5:dd:aa:25:ea:76:
a4:d9:7d:db:3b:73:20:c9:84:82:43:32:f1:30:5d:
02:7f:ef:20:c7:01:dc:1c:0d:91:c3:b6:11:f5:68:
41:1c:10:f9:c8:ca:89:89:4b:6e:f2:35:8b:18:17:
f9:29:84:1c:43:60:19:ab:4f:f1:31:f4:59:a6:fd:
49:3b:10:e4:dd:17:ab:bf:89:e0:f9:3c:8f:75:85:
5b:1b:93:4f:3f:e3:f0:b2:65:53:57:49:7b:af:d8:
d7:bc:ad:34:41:6a:b4:54:22:95:d4:9e:ee:b0:ab:
a1:3e:73:56:7c:06:db:72:bc:87:3d:17:7c:31:53:
30:28:80:b2:a6:fc:1e:fe:33:ac:58:0f:bf:e3:b9:
06:df:1a:ba:fb:89:d3:a1:00:27:1f:f9:73:8c:4f:
12:eb:31:2b:21:3d:ed:0a:38:3a:21:13:94:a6:2a:
8d:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:06:DF:2C:8C:A4:F8:29:B2:40:A8:66:D4:EB:40:B0:A5:56:45:63
X509v3 Authority Key Identifier:
keyid:BC:47:03:E0:8C:A0:D6:A3:10:CB:C6:43:FF:CB:30:7F:F6:CD:C6:5C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vEcD4Iyg1qMQy8ZD_8swf_bNxlw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/33/863ba0-0476-43d7-8be7-66eda228fec7/1/4gbfLIyk-CmyQKhm1OtAsKVWRWM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/33/863ba0-0476-43d7-8be7-66eda228fec7/1/vEcD4Iyg1qMQy8ZD_8swf_bNxlw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.222.16.0/21
185.226.44.0/22
185.241.104.0/22
Signature Algorithm: sha256WithRSAEncryption
5a:0c:1e:4d:14:2d:7c:02:a5:30:9f:e4:90:48:ec:1b:1b:15:
05:9b:8e:6c:c0:5d:5a:a7:f5:4b:d8:e8:d0:ee:d9:39:37:a5:
e8:58:90:08:1a:1a:7d:98:78:25:bc:ac:1b:04:d8:91:7c:f6:
b6:13:d7:77:b8:5e:06:17:08:cf:f0:4c:98:fd:12:75:41:1e:
04:b0:74:d7:86:35:90:d0:4c:5b:19:7f:3d:fc:73:bd:7a:1c:
a6:e6:54:c7:de:03:e8:8b:6c:a4:f0:d3:fc:69:12:07:97:a3:
ca:aa:04:1e:0f:9b:dc:b9:a1:6d:67:b7:ca:d6:3d:fa:ae:db:
9e:97:99:55:3e:a9:b5:35:2a:07:78:e7:36:d1:61:4f:46:e2:
6f:db:9e:5d:18:94:e4:13:9d:ca:00:ee:5c:e7:4c:e4:4e:d7:
b9:f1:29:bd:8a:0f:43:92:0f:cb:bf:22:06:39:9b:e2:82:5c:
ff:fd:1e:80:e4:1f:7a:bf:1a:b3:86:ae:d8:2c:97:39:ce:4f:
29:66:65:1d:bc:2d:24:69:45:f8:8b:6c:fc:d5:11:64:47:c9:
f0:ee:89:cd:66:db:13:c7:ad:4d:9f:6e:8b:2a:c0:34:33:bf:
ad:19:a0:3d:ea:64:ce:ec:e4:50:a4:36:0d:73:4f:34:31:70:
dd:02:a4:94
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYvc+1htUavgrcGoVm8hw6kRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJjNDcwM2UwOGNhMGQ2YTMxMGNiYzY0M2ZmY2IzMDdmZjZj
ZGM2NWMwHhcNMjMxMTE3MTExMjIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMjA2ZGYyYzhjYTRmODI5YjI0MGE4NjZkNGViNDBiMGE1NTY0NTYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhpg5ujBRmKQ9P4wGxvGPH41ZAgGs
wEOvIm4McBDvKtfs6Ii0piXNbURPs48Xl9gvNyEKfsMuA4TbTqnMUut1udIglJQp
5J7FAdCDyCKl2StiDZul3aol6nak2X3bO3MgyYSCQzLxMF0Cf+8gxwHcHA2Rw7YR
9WhBHBD5yMqJiUtu8jWLGBf5KYQcQ2AZq0/xMfRZpv1JOxDk3Rerv4ng+TyPdYVb
G5NPP+PwsmVTV0l7r9jXvK00QWq0VCKV1J7usKuhPnNWfAbbcryHPRd8MVMwKICy
pvwe/jOsWA+/47kG3xq6+4nToQAnH/lzjE8S6zErIT3tCjg6IROUpiqNPQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFOIG3yyMpPgpskCoZtTrQLClVkVjMB8GA1UdIwQY
MBaAFLxHA+CMoNajEMvGQ//LMH/2zcZcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdkVjRDRJeWcxcU1ReThaRF84c3dmX2JOeGx3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMy84NjNiYTAtMDQ3Ni00M2Q3LThiZTct
NjZlZGEyMjhmZWM3LzEvNGdiZkxJeWstQ215UUtobTFPdEFzS1ZXUldNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMy84NjNiYTAtMDQ3Ni00M2Q3LThiZTctNjZlZGEyMjhmZWM3
LzEvdkVjRDRJeWcxcU1ReThaRF84c3dmX2JOeGx3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQDH94QAwQC
ueIsAwQCufFoMA0GCSqGSIb3DQEBCwUAA4IBAQBaDB5NFC18AqUwn+SQSOwbGxUF
m45swF1ap/VL2OjQ7tk5N6XoWJAIGhp9mHglvKwbBNiRfPa2E9d3uF4GFwjP8EyY
/RJ1QR4EsHTXhjWQ0ExbGX89/HO9ehym5lTH3gPoi2yk8NP8aRIHl6PKqgQeD5vc
uaFtZ7fK1j36rtuel5lVPqm1NSoHeOc20WFPRuJv255dGJTkE53KAO5c50zkTte5
8Sm9ig9Dkg/LvyIGOZviglz//R6A5B96vxqzhq7YLJc5zk8pZmUdvC0kaUX4i2z8
1RFkR8nw7onNZtsTx61Nn26LKsA0M7+tGaA96mTO7ORQpDYNc080MXDdAqSU
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:14:38 2025 by rpki-client