Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/82/c6e217-03ff-4396-adfe-255f0c51bbe0/1/4Crt6r7DnDXYTXeg5nAN46T61kg.roa
File: 4Crt6r7DnDXYTXeg5nAN46T61kg.roa (raw, json)
Hash identifier: O3o3R73SPr7nNhBmFgGHBetMn8mVAxo+JBq2U3c0YqM=
Subject key identifier: E0:2A:ED:EA:BE:C3:9C:35:D8:4D:77:A0:E6:70:0D:E3:A4:FA:D6:48
Certificate issuer: /CN=043692f2a1d1bc76ff7f9d29091beda08b7bc96c
Certificate serial: 018571A78F138212D704D36031922F2FB347
Authority key identifier: 04:36:92:F2:A1:D1:BC:76:FF:7F:9D:29:09:1B:ED:A0:8B:7B:C9:6C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BDaS8qHRvHb_f50pCRvtoIt7yWw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/82/c6e217-03ff-4396-adfe-255f0c51bbe0/1/4Crt6r7DnDXYTXeg5nAN46T61kg.roa
Signing time: Mon 02 Jan 2023 08:44:44 +0000
ROA not before: Mon 02 Jan 2023 08:44:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207151
IP address blocks: 185.234.104.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:a7:8f:13:82:12:d7:04:d3:60:31:92:2f:2f:b3:47
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=043692f2a1d1bc76ff7f9d29091beda08b7bc96c
Validity
Not Before: Jan 2 08:44:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e02aedeabec39c35d84d77a0e6700de3a4fad648
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:f3:69:14:d1:aa:77:94:46:e5:a4:d6:99:2f:
20:e1:4d:91:c1:2e:d4:e8:8e:b9:21:12:e3:3e:e5:
6e:cd:79:00:8b:ec:a7:d7:0e:56:23:43:99:66:7a:
3b:69:05:3d:66:97:1f:12:a3:07:ac:20:76:f1:9f:
15:5a:dc:9b:b4:70:f8:ff:f7:c1:a6:44:e3:fc:94:
d3:3d:36:27:2c:89:32:23:c8:b9:3a:fd:50:eb:76:
94:02:60:fd:b5:71:ba:5d:eb:0e:d5:69:2f:2e:55:
fa:e2:7c:bb:e6:4d:62:2e:cf:fc:58:f8:88:19:8a:
fe:d6:c2:63:89:ec:a0:44:ef:b1:5c:56:9e:c5:4f:
11:15:80:54:27:ed:82:d1:c6:66:9a:52:cc:94:6e:
c3:2c:5f:0a:fd:eb:c3:22:47:d4:64:de:86:93:39:
2f:db:08:37:2b:b5:a4:40:95:68:65:d3:ab:28:dd:
b2:bf:60:71:b3:ff:eb:17:93:e4:20:f4:14:60:a5:
8e:5c:43:62:db:4d:ba:30:6d:35:ad:fc:84:b4:d1:
aa:13:bd:01:c4:5e:a6:c0:e1:96:98:33:d1:d1:cb:
65:18:1a:b2:66:33:91:4c:c2:1a:d9:5a:ae:8f:1e:
6a:86:f7:8f:c8:a0:29:d0:f1:33:d2:d7:57:4b:f2:
cc:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:2A:ED:EA:BE:C3:9C:35:D8:4D:77:A0:E6:70:0D:E3:A4:FA:D6:48
X509v3 Authority Key Identifier:
keyid:04:36:92:F2:A1:D1:BC:76:FF:7F:9D:29:09:1B:ED:A0:8B:7B:C9:6C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BDaS8qHRvHb_f50pCRvtoIt7yWw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/82/c6e217-03ff-4396-adfe-255f0c51bbe0/1/4Crt6r7DnDXYTXeg5nAN46T61kg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/82/c6e217-03ff-4396-adfe-255f0c51bbe0/1/BDaS8qHRvHb_f50pCRvtoIt7yWw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.234.104.0/22
Signature Algorithm: sha256WithRSAEncryption
14:02:9d:2f:12:b0:a6:0d:d4:00:7c:e4:6a:7d:da:5d:81:a6:
fe:81:d2:45:45:cf:fa:cd:de:fc:75:05:f7:0b:a1:78:c2:8a:
a1:08:a4:84:e6:1e:d8:48:de:4b:d3:80:5a:07:ba:94:72:94:
fc:f7:51:06:bf:5e:f5:0a:20:10:2a:49:d8:77:95:78:25:65:
c1:04:25:8e:88:9f:17:82:b8:6f:b1:fa:4e:05:5b:c6:fc:33:
52:eb:fe:b0:29:f8:dd:31:99:3b:b6:6b:e3:eb:5c:53:52:2a:
c8:df:11:92:0d:e6:b0:1c:3e:d4:ca:bc:7d:f7:b7:0c:2d:42:
f8:16:87:12:06:d6:72:f5:c7:09:d0:46:2d:31:2a:8c:42:dd:
80:4e:7d:eb:5b:68:b7:58:b7:30:09:6e:a4:47:43:56:94:21:
b0:d8:e2:59:ee:c3:a4:1a:b6:f8:00:60:b5:1d:ed:fe:2b:f9:
b1:93:98:9d:48:ca:03:b7:8c:e4:e5:f2:da:0a:b2:25:99:4d:
61:6a:8f:6f:46:ae:76:de:d4:d9:c0:19:3c:33:46:fa:db:b6:
b7:90:5b:50:2d:32:ed:58:c4:0f:1e:aa:af:93:1a:fb:82:1b:
38:3e:cd:c0:43:d5:ce:ed:0e:71:51:cf:ae:66:5a:7e:62:35:
86:35:eb:e3
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVxp48TghLXBNNgMZIvL7NHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA0MzY5MmYyYTFkMWJjNzZmZjdmOWQyOTA5MWJlZGEwOGI3
YmM5NmMwHhcNMjMwMTAyMDg0NDQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMDJhZWRlYWJlYzM5YzM1ZDg0ZDc3YTBlNjcwMGRlM2E0ZmFkNjQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAivNpFNGqd5RG5aTWmS8g4U2RwS7U
6I65IRLjPuVuzXkAi+yn1w5WI0OZZno7aQU9ZpcfEqMHrCB28Z8VWtybtHD4//fB
pkTj/JTTPTYnLIkyI8i5Ov1Q63aUAmD9tXG6XesO1WkvLlX64ny75k1iLs/8WPiI
GYr+1sJjieygRO+xXFaexU8RFYBUJ+2C0cZmmlLMlG7DLF8K/evDIkfUZN6Gkzkv
2wg3K7WkQJVoZdOrKN2yv2Bxs//rF5PkIPQUYKWOXENi2026MG01rfyEtNGqE70B
xF6mwOGWmDPR0ctlGBqyZjORTMIa2Vqujx5qhvePyKAp0PEz0tdXS/LMPwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOAq7eq+w5w12E13oOZwDeOk+tZIMB8GA1UdIwQY
MBaAFAQ2kvKh0bx2/3+dKQkb7aCLe8lsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQkRhUzhxSFJ2SGJfZjUwcENSdnRvSXQ3eVd3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Mi9jNmUyMTctMDNmZi00Mzk2LWFkZmUt
MjU1ZjBjNTFiYmUwLzEvNENydDZyN0RuRFhZVFhlZzVuQU40NlQ2MWtnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Mi9jNmUyMTctMDNmZi00Mzk2LWFkZmUtMjU1ZjBjNTFiYmUw
LzEvQkRhUzhxSFJ2SGJfZjUwcENSdnRvSXQ3eVd3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuepoMA0G
CSqGSIb3DQEBCwUAA4IBAQAUAp0vErCmDdQAfORqfdpdgab+gdJFRc/6zd78dQX3
C6F4woqhCKSE5h7YSN5L04BaB7qUcpT891EGv171CiAQKknYd5V4JWXBBCWOiJ8X
grhvsfpOBVvG/DNS6/6wKfjdMZk7tmvj61xTUirI3xGSDeawHD7Uyrx997cMLUL4
FocSBtZy9ccJ0EYtMSqMQt2ATn3rW2i3WLcwCW6kR0NWlCGw2OJZ7sOkGrb4AGC1
He3+K/mxk5idSMoDt4zk5fLaCrIlmU1hao9vRq523tTZwBk8M0b627a3kFtQLTLt
WMQPHqqvkxr7ghs4Ps3AQ9XO7Q5xUc+uZlp+YjWGNevj
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:02:35 2025 by rpki-client