Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4d/8fad67-bb6b-4773-b81e-c900a89f20f1/1/adRi3FurREcwav64DnoGtZKbLH4.roa
File: adRi3FurREcwav64DnoGtZKbLH4.roa (raw, json)
Hash identifier: XfakdcVIqmFNsq0HP2ND0GEKmkunrSQPul16RrmK2Cg=
Subject key identifier: 69:D4:62:DC:5B:AB:44:47:30:6A:FE:B8:0E:7A:06:B5:92:9B:2C:7E
Certificate issuer: /CN=541fdc7a2f11a5766d3ad7bdf625ce5e119a8fdf
Certificate serial: 01856F14E734C9F47DD656D96685C65DCA44
Authority key identifier: 54:1F:DC:7A:2F:11:A5:76:6D:3A:D7:BD:F6:25:CE:5E:11:9A:8F:DF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VB_cei8RpXZtOte99iXOXhGaj98.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4d/8fad67-bb6b-4773-b81e-c900a89f20f1/1/adRi3FurREcwav64DnoGtZKbLH4.roa
Signing time: Sun 01 Jan 2023 20:45:18 +0000
ROA not before: Sun 01 Jan 2023 20:45:18 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 48881
IP address blocks: 185.104.180.0/22 maxlen: 22
185.104.48.0/21 maxlen: 21
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:14:e7:34:c9:f4:7d:d6:56:d9:66:85:c6:5d:ca:44
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=541fdc7a2f11a5766d3ad7bdf625ce5e119a8fdf
Validity
Not Before: Jan 1 20:45:18 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=69d462dc5bab4447306afeb80e7a06b5929b2c7e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:62:7d:f4:a8:9e:b4:03:8e:19:91:f4:57:b1:
e2:ff:e9:c3:b2:70:d1:39:a2:af:73:25:0a:43:13:
77:95:bf:de:55:0f:fc:ba:81:13:fd:55:ad:2a:17:
01:6f:02:6e:1e:ac:26:9d:0d:31:d0:99:74:57:1e:
36:3d:cc:94:3c:c1:68:af:cd:83:07:74:c2:81:5d:
ea:1c:2d:0e:1e:5a:45:bc:b4:c7:9d:1e:a8:05:c5:
df:2f:8d:55:32:f4:83:2d:49:6a:af:6c:72:53:d0:
69:eb:ca:cf:f9:a0:11:6d:af:f4:37:3b:c1:d8:d5:
d4:d6:dc:fd:fa:13:57:76:b5:d1:68:7d:c3:a0:44:
ae:96:d0:00:0c:14:92:d8:d9:38:b5:e2:a3:79:17:
03:9a:49:ba:d7:a9:72:59:be:6f:68:d4:53:6d:29:
51:40:ea:0f:fb:65:7e:fa:66:57:1b:91:64:10:4d:
fc:f3:a4:00:6a:43:92:15:3b:e8:3b:5b:0d:2c:8b:
76:45:ad:a9:6c:48:07:0c:80:75:1e:e8:69:da:8d:
79:11:61:3b:f5:df:37:ca:89:81:de:f2:7b:fa:b1:
f6:fa:d0:73:03:9e:3e:98:d8:0d:14:36:3b:bb:ab:
2a:23:ff:4e:55:6d:eb:8b:23:50:73:0a:57:c9:0a:
21:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:D4:62:DC:5B:AB:44:47:30:6A:FE:B8:0E:7A:06:B5:92:9B:2C:7E
X509v3 Authority Key Identifier:
keyid:54:1F:DC:7A:2F:11:A5:76:6D:3A:D7:BD:F6:25:CE:5E:11:9A:8F:DF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VB_cei8RpXZtOte99iXOXhGaj98.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/8fad67-bb6b-4773-b81e-c900a89f20f1/1/adRi3FurREcwav64DnoGtZKbLH4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/8fad67-bb6b-4773-b81e-c900a89f20f1/1/VB_cei8RpXZtOte99iXOXhGaj98.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.104.48.0/21
185.104.180.0/22
Signature Algorithm: sha256WithRSAEncryption
41:2a:ff:ce:46:f9:b1:db:61:a5:8f:f7:8e:59:ba:1b:9b:21:
51:e3:e5:f9:02:52:84:77:0f:ed:cb:54:f7:d1:95:9f:5a:6f:
ef:82:49:eb:8e:f3:d8:d6:f3:df:8f:50:c2:7b:8a:a2:5f:4a:
5e:0d:b5:c9:0b:38:23:c5:d7:db:e8:45:ad:60:07:9a:db:be:
87:16:47:14:b3:09:b0:5c:ac:e3:41:e4:2e:89:65:2f:cd:31:
1b:c4:a5:ad:0b:7f:9b:23:96:36:a0:b0:24:be:b4:c0:73:c2:
ba:42:74:ab:e8:5d:df:5e:38:0b:7d:d8:00:0e:ab:6a:4a:95:
23:e0:f2:4e:0a:0d:ab:bc:82:1b:c1:08:e2:0d:b6:7e:ed:c1:
6b:d6:fb:5e:9e:d7:9a:3f:44:12:6c:f9:fc:72:d6:88:ef:d6:
9f:f4:cf:d5:73:4c:4c:d1:b1:9d:f8:76:92:d7:47:c6:93:c2:
8b:a5:5a:93:4c:1f:2c:a6:b0:8a:fe:28:d4:27:96:1d:0f:a9:
0d:a2:41:2c:b2:de:ff:e2:d0:32:15:f0:8c:97:db:8d:f8:30:
12:3d:7a:d0:3b:26:54:7b:c3:02:c4:41:5d:06:3f:5c:05:42:
da:88:b5:be:56:4d:46:e5:af:8a:10:e1:15:68:fe:08:e0:fa:
66:0f:46:e9
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVvFOc0yfR91lbZZoXGXcpEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU0MWZkYzdhMmYxMWE1NzY2ZDNhZDdiZGY2MjVjZTVlMTE5
YThmZGYwHhcNMjMwMTAxMjA0NTE4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OWQ0NjJkYzViYWI0NDQ3MzA2YWZlYjgwZTdhMDZiNTkyOWIyYzdlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjmJ99KietAOOGZH0V7Hi/+nDsnDR
OaKvcyUKQxN3lb/eVQ/8uoET/VWtKhcBbwJuHqwmnQ0x0Jl0Vx42PcyUPMFor82D
B3TCgV3qHC0OHlpFvLTHnR6oBcXfL41VMvSDLUlqr2xyU9Bp68rP+aARba/0NzvB
2NXU1tz9+hNXdrXRaH3DoESultAADBSS2Nk4teKjeRcDmkm616lyWb5vaNRTbSlR
QOoP+2V++mZXG5FkEE3886QAakOSFTvoO1sNLIt2Ra2pbEgHDIB1Huhp2o15EWE7
9d83yomB3vJ7+rH2+tBzA54+mNgNFDY7u6sqI/9OVW3riyNQcwpXyQohbQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFGnUYtxbq0RHMGr+uA56BrWSmyx+MB8GA1UdIwQY
MBaAFFQf3HovEaV2bTrXvfYlzl4Rmo/fMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVkJfY2VpOFJwWFp0T3RlOTlpWE9YaEdhajk4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZC84ZmFkNjctYmI2Yi00NzczLWI4MWUt
YzkwMGE4OWYyMGYxLzEvYWRSaTNGdXJSRWN3YXY2NERub0d0WktiTEg0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZC84ZmFkNjctYmI2Yi00NzczLWI4MWUtYzkwMGE4OWYyMGYx
LzEvVkJfY2VpOFJwWFp0T3RlOTlpWE9YaEdhajk4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQDuWgwAwQC
uWi0MA0GCSqGSIb3DQEBCwUAA4IBAQBBKv/ORvmx22Glj/eOWbobmyFR4+X5AlKE
dw/ty1T30ZWfWm/vgknrjvPY1vPfj1DCe4qiX0peDbXJCzgjxdfb6EWtYAea276H
FkcUswmwXKzjQeQuiWUvzTEbxKWtC3+bI5Y2oLAkvrTAc8K6QnSr6F3fXjgLfdgA
DqtqSpUj4PJOCg2rvIIbwQjiDbZ+7cFr1vtenteaP0QSbPn8ctaI79af9M/Vc0xM
0bGd+HaS10fGk8KLpVqTTB8sprCK/ijUJ5YdD6kNokEsst7/4tAyFfCMl9uN+DAS
PXrQOyZUe8MCxEFdBj9cBULaiLW+Vk1G5a+KEOEVaP4I4PpmD0bp
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:23:46 2025 by rpki-client