Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4d/8fad67-bb6b-4773-b81e-c900a89f20f1/1/3L9rlTLnq5AgC6cBmpFwnCn1wIM.roa
File: 3L9rlTLnq5AgC6cBmpFwnCn1wIM.roa (raw, json)
Hash identifier: gNqGL6tYjb56BFr0nzvZU39TyuVvXAKAYamsA0WR29k=
Subject key identifier: DC:BF:6B:95:32:E7:AB:90:20:0B:A7:01:9A:91:70:9C:29:F5:C0:83
Certificate issuer: /CN=541fdc7a2f11a5766d3ad7bdf625ce5e119a8fdf
Certificate serial: 01836DF3A96D9275FA7A31636B0A18BB7C8E
Authority key identifier: 54:1F:DC:7A:2F:11:A5:76:6D:3A:D7:BD:F6:25:CE:5E:11:9A:8F:DF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VB_cei8RpXZtOte99iXOXhGaj98.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4d/8fad67-bb6b-4773-b81e-c900a89f20f1/1/3L9rlTLnq5AgC6cBmpFwnCn1wIM.roa
Signing time: Sat 24 Sep 2022 05:23:48 +0000
ROA not before: Sat 24 Sep 2022 05:23:48 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 140947
IP address blocks: 185.104.32.0/24 maxlen: 24
185.104.33.0/24 maxlen: 24
185.104.34.0/24 maxlen: 24
185.104.36.0/24 maxlen: 24
185.104.37.0/24 maxlen: 24
185.104.39.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:6d:f3:a9:6d:92:75:fa:7a:31:63:6b:0a:18:bb:7c:8e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=541fdc7a2f11a5766d3ad7bdf625ce5e119a8fdf
Validity
Not Before: Sep 24 05:23:48 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=dcbf6b9532e7ab90200ba7019a91709c29f5c083
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:a6:47:c2:ee:71:e2:c9:93:0e:e8:9a:a5:c1:
d1:64:fd:5a:d9:90:5a:ec:aa:8e:9e:b0:b3:fb:e7:
66:09:f6:d4:43:77:c2:c6:a8:12:cc:bc:dc:46:44:
14:3b:99:7f:be:da:14:ee:4b:b3:f4:cd:f9:e6:87:
2c:f1:91:4d:ef:c1:7f:ae:35:d5:d5:ba:fe:52:ba:
64:e6:7b:08:7b:8e:94:ca:13:c3:58:0a:0f:a4:49:
32:9c:1e:7d:6b:41:9b:d4:eb:9f:79:ce:1f:08:74:
8e:25:e7:8c:d8:4a:04:78:80:0f:0e:ba:04:ea:3f:
e5:03:61:7f:f9:13:98:48:6d:70:0c:8b:81:cd:a1:
52:29:a9:b9:86:cc:e4:44:7c:5c:be:6f:5a:b4:38:
bb:f0:b8:6f:43:66:55:ca:36:a3:9e:ff:69:1c:ed:
42:20:ce:9f:63:c0:ba:0e:d7:05:ec:1c:a1:64:7d:
32:d4:33:ba:b6:88:bc:2d:c7:75:a3:45:bc:76:90:
2c:3b:cb:6f:0c:dc:f4:fd:1f:c7:45:f5:71:cd:06:
c6:8e:b7:84:dc:83:6b:00:08:1d:9f:46:4f:5a:f4:
9f:09:2c:3f:ae:22:10:ee:57:f6:8e:d0:7b:fc:cd:
29:bd:8e:17:5d:18:e5:5e:3f:92:b7:d6:17:6d:d1:
4c:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:BF:6B:95:32:E7:AB:90:20:0B:A7:01:9A:91:70:9C:29:F5:C0:83
X509v3 Authority Key Identifier:
keyid:54:1F:DC:7A:2F:11:A5:76:6D:3A:D7:BD:F6:25:CE:5E:11:9A:8F:DF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VB_cei8RpXZtOte99iXOXhGaj98.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/8fad67-bb6b-4773-b81e-c900a89f20f1/1/3L9rlTLnq5AgC6cBmpFwnCn1wIM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/8fad67-bb6b-4773-b81e-c900a89f20f1/1/VB_cei8RpXZtOte99iXOXhGaj98.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.104.32.0-185.104.34.255
185.104.36.0/23
185.104.39.0/24
Signature Algorithm: sha256WithRSAEncryption
0b:4e:ff:a2:61:33:36:de:24:60:1c:ec:2c:d6:02:a3:42:a7:
5d:75:e6:fd:aa:0e:8a:1c:65:dd:da:c7:e1:24:87:0e:58:7d:
63:32:c0:cc:7b:2d:5f:d5:78:d4:4a:52:ad:d1:dc:e0:5e:31:
49:7a:26:d0:39:c5:1c:22:2f:fa:e6:cd:19:b4:6b:18:e8:e3:
da:b8:34:50:d4:1c:9d:05:81:98:d9:e0:4f:64:91:04:71:b4:
e2:9f:0d:29:7b:17:51:f3:12:d3:a9:ed:6b:ee:b3:cb:36:88:
a6:be:64:ee:97:29:3b:78:d2:57:0b:ab:0e:66:6f:ee:2e:bc:
21:65:8e:35:ce:ae:61:a1:81:3d:eb:1c:c7:06:38:5f:d0:52:
c1:3a:43:84:b8:42:c2:ae:97:e6:94:4e:7a:ec:a1:1f:ee:8e:
a8:53:5d:2f:85:02:e4:9f:43:f2:db:e4:94:5f:92:c7:50:96:
22:ca:65:4c:07:ac:4d:7f:01:da:3f:8e:75:66:97:c8:6f:eb:
90:1c:e6:2f:c6:62:5b:6a:30:b5:92:82:6b:40:c9:37:e7:18:
ac:88:ef:74:f0:04:b3:ad:c1:6e:77:2f:9a:da:78:58:75:a7:
fd:03:96:c4:7a:f1:65:6f:47:9a:78:44:e6:ec:2b:ce:f9:68:
54:92:3c:af
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYNt86ltknX6ejFjawoYu3yOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU0MWZkYzdhMmYxMWE1NzY2ZDNhZDdiZGY2MjVjZTVlMTE5
YThmZGYwHhcNMjIwOTI0MDUyMzQ4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkY2JmNmI5NTMyZTdhYjkwMjAwYmE3MDE5YTkxNzA5YzI5ZjVjMDgzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtKZHwu5x4smTDuiapcHRZP1a2ZBa
7KqOnrCz++dmCfbUQ3fCxqgSzLzcRkQUO5l/vtoU7kuz9M355ocs8ZFN78F/rjXV
1br+Urpk5nsIe46UyhPDWAoPpEkynB59a0Gb1Oufec4fCHSOJeeM2EoEeIAPDroE
6j/lA2F/+ROYSG1wDIuBzaFSKam5hszkRHxcvm9atDi78LhvQ2ZVyjajnv9pHO1C
IM6fY8C6DtcF7ByhZH0y1DO6toi8Lcd1o0W8dpAsO8tvDNz0/R/HRfVxzQbGjreE
3INrAAgdn0ZPWvSfCSw/riIQ7lf2jtB7/M0pvY4XXRjlXj+St9YXbdFMxQIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFNy/a5Uy56uQIAunAZqRcJwp9cCDMB8GA1UdIwQY
MBaAFFQf3HovEaV2bTrXvfYlzl4Rmo/fMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVkJfY2VpOFJwWFp0T3RlOTlpWE9YaEdhajk4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZC84ZmFkNjctYmI2Yi00NzczLWI4MWUt
YzkwMGE4OWYyMGYxLzEvM0w5cmxUTG5xNUFnQzZjQm1wRnduQ24xd0lNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZC84ZmFkNjctYmI2Yi00NzczLWI4MWUtYzkwMGE4OWYyMGYx
LzEvVkJfY2VpOFJwWFp0T3RlOTlpWE9YaEdhajk4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaMAwDBAW5aCAD
BAC5aCIDBAG5aCQDBAC5aCcwDQYJKoZIhvcNAQELBQADggEBAAtO/6JhMzbeJGAc
7CzWAqNCp1115v2qDoocZd3ax+Ekhw5YfWMywMx7LV/VeNRKUq3R3OBeMUl6JtA5
xRwiL/rmzRm0axjo49q4NFDUHJ0FgZjZ4E9kkQRxtOKfDSl7F1HzEtOp7Wvus8s2
iKa+ZO6XKTt40lcLqw5mb+4uvCFljjXOrmGhgT3rHMcGOF/QUsE6Q4S4QsKul+aU
TnrsoR/ujqhTXS+FAuSfQ/Lb5JRfksdQliLKZUwHrE1/Ado/jnVml8hv65Ac5i/G
YltqMLWSgmtAyTfnGKyI73TwBLOtwW53L5raeFh1p/0DlsR68WVvR5p4RObsK875
aFSSPK8=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:47:57 2023 by rpki-client on console-fra.rpki-client.org