Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4d/8fad67-bb6b-4773-b81e-c900a89f20f1/1/Kx2gafEi4oGZSIKv_ar1ucpwC1I.roa
File: Kx2gafEi4oGZSIKv_ar1ucpwC1I.roa (raw, json)
Hash identifier: EIPSZBzrZgMlAUF6qNJjP2fpaU4tS9W7OLgY32iTNb8=
Subject key identifier: 2B:1D:A0:69:F1:22:E2:81:99:48:82:AF:FD:AA:F5:B9:CA:70:0B:52
Certificate issuer: /CN=541fdc7a2f11a5766d3ad7bdf625ce5e119a8fdf
Certificate serial: 0184F6645276096A65CCF4748746BCC0D704
Authority key identifier: 54:1F:DC:7A:2F:11:A5:76:6D:3A:D7:BD:F6:25:CE:5E:11:9A:8F:DF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VB_cei8RpXZtOte99iXOXhGaj98.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4d/8fad67-bb6b-4773-b81e-c900a89f20f1/1/Kx2gafEi4oGZSIKv_ar1ucpwC1I.roa
Signing time: Fri 09 Dec 2022 10:18:00 +0000
ROA not before: Fri 09 Dec 2022 10:18:00 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 211373
IP address blocks: 185.104.32.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:f6:64:52:76:09:6a:65:cc:f4:74:87:46:bc:c0:d7:04
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=541fdc7a2f11a5766d3ad7bdf625ce5e119a8fdf
Validity
Not Before: Dec 9 10:18:00 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=2b1da069f122e281994882affdaaf5b9ca700b52
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:95:b2:1f:3d:35:38:f2:38:5b:5b:2d:f6:3d:
a1:8e:f7:4c:a5:40:29:29:5b:2e:f2:85:19:ca:d5:
b5:74:02:36:63:ef:da:ed:ce:08:a3:f1:f5:a1:cb:
1d:19:60:f6:41:98:6e:5c:91:2a:c8:a3:a5:68:e7:
8b:be:b5:a7:f7:a1:cf:4a:a7:af:32:7e:55:95:5a:
4a:f1:fb:3a:6d:87:ff:6b:ac:69:c7:6b:be:8a:3f:
46:d6:89:9b:81:5e:66:4f:74:9c:53:da:00:36:6f:
3f:77:03:a3:ed:1c:90:2e:59:3b:5f:6d:95:2d:e9:
b2:f7:87:c9:7b:7e:f7:e5:d8:9f:a3:38:c5:63:49:
d8:88:48:c6:8b:77:2f:62:b0:79:d5:a2:43:54:9e:
8c:e7:68:58:30:d9:e0:b5:b6:01:08:e6:14:12:0e:
cb:3d:48:30:f2:e7:9f:5e:ff:10:df:62:17:03:39:
cb:22:7d:01:48:b2:46:50:c2:e8:8c:c9:43:67:44:
21:fd:b6:a6:b6:89:b3:55:9f:4e:1a:7e:45:6a:2a:
e0:b5:47:57:82:50:62:46:ab:94:c8:f6:fe:d2:84:
c8:79:6f:97:d3:f2:07:47:ce:f8:71:bd:52:7e:38:
d5:67:4a:46:f2:75:d0:82:d3:60:d6:1a:23:f3:06:
85:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:1D:A0:69:F1:22:E2:81:99:48:82:AF:FD:AA:F5:B9:CA:70:0B:52
X509v3 Authority Key Identifier:
keyid:54:1F:DC:7A:2F:11:A5:76:6D:3A:D7:BD:F6:25:CE:5E:11:9A:8F:DF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VB_cei8RpXZtOte99iXOXhGaj98.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/8fad67-bb6b-4773-b81e-c900a89f20f1/1/Kx2gafEi4oGZSIKv_ar1ucpwC1I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/8fad67-bb6b-4773-b81e-c900a89f20f1/1/VB_cei8RpXZtOte99iXOXhGaj98.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.104.32.0/24
Signature Algorithm: sha256WithRSAEncryption
66:95:d7:76:5d:9f:f3:79:6c:e6:d8:76:27:42:71:ad:3a:f6:
a1:68:81:9a:de:f0:d4:91:c7:c8:f8:02:43:40:3c:d2:82:de:
33:c2:0c:f2:42:7c:fd:68:2c:47:50:b9:eb:2c:3b:f6:72:63:
f2:0c:46:c9:49:e6:5b:46:d8:12:c0:6b:50:9e:e3:b5:a4:f2:
0c:ef:62:0c:1c:68:6c:a5:a9:c1:f6:a8:25:71:8d:63:39:d2:
a1:50:e9:89:cb:8f:51:d9:06:2c:10:b6:e0:55:2d:c2:e8:93:
c4:0e:17:b0:bb:eb:dc:6e:a3:0b:4a:87:a2:42:59:01:f8:90:
43:85:3c:de:95:28:ec:a2:75:a9:b9:79:64:8a:3e:e4:ff:d3:
a2:52:81:2a:f7:6f:0c:11:44:00:09:94:e1:c4:a2:dd:39:e8:
d4:da:6b:67:bc:56:70:c0:41:fb:31:c8:e0:e0:79:ee:f7:35:
b9:2d:c8:2c:ba:f5:3a:15:cb:bb:4d:68:3d:be:c9:88:9b:d8:
03:0a:68:72:61:49:8f:cb:5e:e6:f3:12:99:91:17:1b:03:13:
95:e5:6e:50:73:62:09:b8:2f:9d:0a:3a:70:f5:9b:49:bd:e7:
84:6b:1a:83:9c:63:6c:e7:8d:58:a0:24:ba:a8:d1:e4:99:11:
b3:7d:60:f6
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYT2ZFJ2CWplzPR0h0a8wNcEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU0MWZkYzdhMmYxMWE1NzY2ZDNhZDdiZGY2MjVjZTVlMTE5
YThmZGYwHhcNMjIxMjA5MTAxODAwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYjFkYTA2OWYxMjJlMjgxOTk0ODgyYWZmZGFhZjViOWNhNzAwYjUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArpWyHz01OPI4W1st9j2hjvdMpUAp
KVsu8oUZytW1dAI2Y+/a7c4Io/H1ocsdGWD2QZhuXJEqyKOlaOeLvrWn96HPSqev
Mn5VlVpK8fs6bYf/a6xpx2u+ij9G1ombgV5mT3ScU9oANm8/dwOj7RyQLlk7X22V
Lemy94fJe3735difozjFY0nYiEjGi3cvYrB51aJDVJ6M52hYMNngtbYBCOYUEg7L
PUgw8uefXv8Q32IXAznLIn0BSLJGUMLojMlDZ0Qh/bamtomzVZ9OGn5FairgtUdX
glBiRquUyPb+0oTIeW+X0/IHR874cb1SfjjVZ0pG8nXQgtNg1hoj8waFhwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCsdoGnxIuKBmUiCr/2q9bnKcAtSMB8GA1UdIwQY
MBaAFFQf3HovEaV2bTrXvfYlzl4Rmo/fMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVkJfY2VpOFJwWFp0T3RlOTlpWE9YaEdhajk4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZC84ZmFkNjctYmI2Yi00NzczLWI4MWUt
YzkwMGE4OWYyMGYxLzEvS3gyZ2FmRWk0b0daU0lLdl9hcjF1Y3B3QzFJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZC84ZmFkNjctYmI2Yi00NzczLWI4MWUtYzkwMGE4OWYyMGYx
LzEvVkJfY2VpOFJwWFp0T3RlOTlpWE9YaEdhajk4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuWggMA0G
CSqGSIb3DQEBCwUAA4IBAQBmldd2XZ/zeWzm2HYnQnGtOvahaIGa3vDUkcfI+AJD
QDzSgt4zwgzyQnz9aCxHULnrLDv2cmPyDEbJSeZbRtgSwGtQnuO1pPIM72IMHGhs
panB9qglcY1jOdKhUOmJy49R2QYsELbgVS3C6JPEDhewu+vcbqMLSoeiQlkB+JBD
hTzelSjsonWpuXlkij7k/9OiUoEq928MEUQACZThxKLdOejU2mtnvFZwwEH7Mcjg
4Hnu9zW5LcgsuvU6Fcu7TWg9vsmIm9gDCmhyYUmPy17m8xKZkRcbAxOV5W5Qc2IJ
uC+dCjpw9ZtJveeEaxqDnGNs541YoCS6qNHkmRGzfWD2
-----END CERTIFICATE-----
Generated at Sat Apr 19 12:37:58 2025 by rpki-client