Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4d/8fad67-bb6b-4773-b81e-c900a89f20f1/1/AZ2MrbTVw_6TFR4jdYKmCujnmTY.roa
File: AZ2MrbTVw_6TFR4jdYKmCujnmTY.roa (raw, json)
Hash identifier: i7klOJ27czojRUvkJps3YG9veMvbQ6P6e75uOeZfZZc=
Subject key identifier: 01:9D:8C:AD:B4:D5:C3:FE:93:15:1E:23:75:82:A6:0A:E8:E7:99:36
Certificate issuer: /CN=541fdc7a2f11a5766d3ad7bdf625ce5e119a8fdf
Certificate serial: 0187DC3B9E61A38E4DF5499110EBE5E5A712
Authority key identifier: 54:1F:DC:7A:2F:11:A5:76:6D:3A:D7:BD:F6:25:CE:5E:11:9A:8F:DF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VB_cei8RpXZtOte99iXOXhGaj98.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4d/8fad67-bb6b-4773-b81e-c900a89f20f1/1/AZ2MrbTVw_6TFR4jdYKmCujnmTY.roa
Signing time: Tue 02 May 2023 11:31:47 +0000
ROA not before: Tue 02 May 2023 11:31:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 48881
IP address blocks: 185.104.180.0/22 maxlen: 22
185.104.48.0/21 maxlen: 21
2a06:1fc0::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:dc:3b:9e:61:a3:8e:4d:f5:49:91:10:eb:e5:e5:a7:12
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=541fdc7a2f11a5766d3ad7bdf625ce5e119a8fdf
Validity
Not Before: May 2 11:31:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=019d8cadb4d5c3fe93151e237582a60ae8e79936
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:92:dd:7b:fa:ac:11:00:17:26:63:79:6d:b4:
73:f1:ca:7f:96:3c:a4:86:af:46:ed:68:48:8a:8d:
f6:96:05:93:02:83:12:98:c9:41:f1:cc:7e:0b:f9:
48:91:88:14:88:dc:d0:21:8e:88:7d:d3:2d:77:46:
42:7d:eb:2b:b3:d9:b2:11:5c:9c:b8:d7:6e:38:00:
b7:34:9f:65:4d:c5:cc:1d:0e:97:ed:7f:db:74:16:
98:40:20:76:23:ea:d0:c1:27:5f:c2:96:5d:57:ed:
09:87:8a:51:bd:7e:01:de:62:fe:13:d1:1a:ae:2f:
af:f7:c2:d5:3f:65:43:33:b1:cd:75:96:57:b5:8a:
3f:d7:31:01:12:e5:dd:92:c3:3d:86:86:e6:73:9d:
aa:4f:5a:2f:1c:61:05:4c:48:05:52:92:f8:18:2d:
75:c2:2d:76:0d:35:db:79:8d:ad:2c:89:88:a4:f7:
32:0a:a1:7f:ea:76:8d:59:e5:d7:59:7d:77:a1:83:
9a:96:a3:ed:5c:3b:33:f6:1b:ab:23:63:9f:44:a7:
64:78:c7:93:3f:3a:13:66:b2:b4:18:a5:6e:3c:0d:
0b:33:fa:d8:84:b2:55:0e:32:14:39:fd:aa:20:a2:
3e:5d:87:71:cd:7d:38:4e:c7:cf:a1:c4:dd:06:21:
f1:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
01:9D:8C:AD:B4:D5:C3:FE:93:15:1E:23:75:82:A6:0A:E8:E7:99:36
X509v3 Authority Key Identifier:
keyid:54:1F:DC:7A:2F:11:A5:76:6D:3A:D7:BD:F6:25:CE:5E:11:9A:8F:DF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VB_cei8RpXZtOte99iXOXhGaj98.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/8fad67-bb6b-4773-b81e-c900a89f20f1/1/AZ2MrbTVw_6TFR4jdYKmCujnmTY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/8fad67-bb6b-4773-b81e-c900a89f20f1/1/VB_cei8RpXZtOte99iXOXhGaj98.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.104.48.0/21
185.104.180.0/22
IPv6:
2a06:1fc0::/29
Signature Algorithm: sha256WithRSAEncryption
5b:af:4a:f3:08:82:29:8a:cf:3f:99:a4:91:1c:7d:68:a2:95:
bd:83:8e:99:38:ef:19:c2:fc:44:1d:0d:42:8a:eb:fe:85:62:
03:7b:50:91:fd:e5:a4:bb:63:b2:de:e6:50:20:73:00:94:42:
e3:50:a2:75:f4:60:ba:ca:51:73:db:a0:50:79:1f:b5:17:f5:
4b:8b:af:70:54:00:e0:b0:6f:55:46:5d:b2:8d:01:52:a0:ca:
ca:75:e8:dc:84:bd:24:63:81:54:4c:5a:9a:26:6d:26:74:5c:
9b:68:10:60:c1:59:99:32:5c:b0:25:b3:63:66:c5:98:7e:aa:
01:85:34:e4:ee:04:98:88:aa:b7:8b:0a:b5:79:11:44:46:83:
22:b0:3c:fc:4f:11:5a:7e:19:dc:18:29:3d:dc:94:47:ed:79:
8d:22:63:dc:15:e2:d8:5e:8a:47:5a:12:bd:72:8c:55:d5:21:
58:d0:ce:d2:89:50:15:ac:9a:6c:88:70:33:54:36:85:7d:e8:
a1:5f:6b:4d:20:3f:1e:ba:39:2c:f0:94:13:ae:83:c3:f1:1d:
60:ab:e1:8a:2a:e2:4f:4a:6b:0a:0c:1c:cf:28:3f:7f:7d:e4:
3a:b3:f4:e7:53:77:41:94:e4:a0:87:c2:a3:3b:ba:8a:3b:9b:
ea:7f:50:fc
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYfcO55ho45N9UmREOvl5acSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU0MWZkYzdhMmYxMWE1NzY2ZDNhZDdiZGY2MjVjZTVlMTE5
YThmZGYwHhcNMjMwNTAyMTEzMTQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMTlkOGNhZGI0ZDVjM2ZlOTMxNTFlMjM3NTgyYTYwYWU4ZTc5OTM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkJLde/qsEQAXJmN5bbRz8cp/ljyk
hq9G7WhIio32lgWTAoMSmMlB8cx+C/lIkYgUiNzQIY6IfdMtd0ZCfesrs9myEVyc
uNduOAC3NJ9lTcXMHQ6X7X/bdBaYQCB2I+rQwSdfwpZdV+0Jh4pRvX4B3mL+E9Ea
ri+v98LVP2VDM7HNdZZXtYo/1zEBEuXdksM9hobmc52qT1ovHGEFTEgFUpL4GC11
wi12DTXbeY2tLImIpPcyCqF/6naNWeXXWX13oYOalqPtXDsz9hurI2OfRKdkeMeT
PzoTZrK0GKVuPA0LM/rYhLJVDjIUOf2qIKI+XYdxzX04TsfPocTdBiHxDQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFAGdjK201cP+kxUeI3WCpgro55k2MB8GA1UdIwQY
MBaAFFQf3HovEaV2bTrXvfYlzl4Rmo/fMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVkJfY2VpOFJwWFp0T3RlOTlpWE9YaEdhajk4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZC84ZmFkNjctYmI2Yi00NzczLWI4MWUt
YzkwMGE4OWYyMGYxLzEvQVoyTXJiVFZ3XzZURlI0amRZS21DdWpubVRZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZC84ZmFkNjctYmI2Yi00NzczLWI4MWUtYzkwMGE4OWYyMGYx
LzEvVkJfY2VpOFJwWFp0T3RlOTlpWE9YaEdhajk4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQDuWgwAwQC
uWi0MA0EAgACMAcDBQMqBh/AMA0GCSqGSIb3DQEBCwUAA4IBAQBbr0rzCIIpis8/
maSRHH1oopW9g46ZOO8ZwvxEHQ1Ciuv+hWIDe1CR/eWku2Oy3uZQIHMAlELjUKJ1
9GC6ylFz26BQeR+1F/VLi69wVADgsG9VRl2yjQFSoMrKdejchL0kY4FUTFqaJm0m
dFybaBBgwVmZMlywJbNjZsWYfqoBhTTk7gSYiKq3iwq1eRFERoMisDz8TxFafhnc
GCk93JRH7XmNImPcFeLYXopHWhK9coxV1SFY0M7SiVAVrJpsiHAzVDaFfeihX2tN
ID8eujks8JQTroPD8R1gq+GKKuJPSmsKDBzPKD9/feQ6s/TnU3dBlOSgh8KjO7qK
O5vqf1D8
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:17:20 2025 by rpki-client