Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/86/35dee5-d8db-48e3-b7bb-0810d16bcc87/1/FN05BHq2V5E1-_g6S87p4RhRlUI.roa
File: FN05BHq2V5E1-_g6S87p4RhRlUI.roa (raw, json)
Hash identifier: 117S5qaeowYIMZbyJCvilsH5u8mltmSdG6ZaqInHKfM=
Subject key identifier: 14:DD:39:04:7A:B6:57:91:35:FB:F8:3A:4B:CE:E9:E1:18:51:95:42
Certificate issuer: /CN=9fd68f1b241423da97647b99224530386d25698c
Certificate serial: 01857355D73067AF7F6F3E57A8387D3F406C
Authority key identifier: 9F:D6:8F:1B:24:14:23:DA:97:64:7B:99:22:45:30:38:6D:25:69:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/n9aPGyQUI9qXZHuZIkUwOG0laYw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/86/35dee5-d8db-48e3-b7bb-0810d16bcc87/1/FN05BHq2V5E1-_g6S87p4RhRlUI.roa
Signing time: Mon 02 Jan 2023 16:34:43 +0000
ROA not before: Mon 02 Jan 2023 16:34:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 28746
IP address blocks: 185.104.23.0/24 maxlen: 24
185.104.20.0/24 maxlen: 24
185.104.21.0/24 maxlen: 24
185.104.22.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:73:55:d7:30:67:af:7f:6f:3e:57:a8:38:7d:3f:40:6c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9fd68f1b241423da97647b99224530386d25698c
Validity
Not Before: Jan 2 16:34:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=14dd39047ab6579135fbf83a4bcee9e118519542
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:13:9c:4a:48:15:70:c7:9e:9d:14:15:6c:47:
ee:c4:4b:04:80:9e:1d:94:af:ca:5d:e7:0d:bd:ae:
42:b6:dd:b0:e2:f7:a0:d9:f4:a4:ae:55:40:e7:c7:
6c:84:66:2a:ca:88:93:b3:b5:65:00:5f:2b:fd:f9:
50:41:01:f4:cf:17:46:c9:a5:8f:01:09:8f:bb:70:
6d:1c:34:1f:f6:84:41:60:de:78:98:10:3c:0b:5e:
cf:bd:79:83:dd:4f:4c:c9:c2:40:25:4b:70:94:8a:
06:31:0c:a0:69:22:2c:a4:6f:bc:7e:a1:69:72:3c:
30:23:77:6d:13:8c:ab:b1:f8:db:b7:7a:a5:56:1a:
0f:b0:ac:e0:a0:1e:db:25:44:d7:6c:4b:db:a4:df:
03:31:0f:cd:73:a4:e9:ae:16:9f:04:4d:8f:e2:1c:
33:92:1f:3d:1a:d5:bf:c1:56:e2:9b:98:7f:04:41:
b6:19:6d:82:dd:32:3b:2d:b4:1b:87:35:b0:f7:c1:
04:61:19:fd:a9:64:97:ee:7e:f6:d2:e8:f1:5c:7e:
b1:2f:a1:b7:a9:4e:07:36:0e:43:66:2d:a8:50:e4:
2b:31:4e:c9:4a:58:26:4d:40:3f:ac:df:41:74:5c:
12:0c:ac:6a:f5:31:34:b2:4f:ee:e8:b1:a0:ee:4a:
a9:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
14:DD:39:04:7A:B6:57:91:35:FB:F8:3A:4B:CE:E9:E1:18:51:95:42
X509v3 Authority Key Identifier:
keyid:9F:D6:8F:1B:24:14:23:DA:97:64:7B:99:22:45:30:38:6D:25:69:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/n9aPGyQUI9qXZHuZIkUwOG0laYw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/35dee5-d8db-48e3-b7bb-0810d16bcc87/1/FN05BHq2V5E1-_g6S87p4RhRlUI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/86/35dee5-d8db-48e3-b7bb-0810d16bcc87/1/n9aPGyQUI9qXZHuZIkUwOG0laYw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.104.20.0/22
Signature Algorithm: sha256WithRSAEncryption
98:59:c6:41:19:b5:34:e8:b6:4d:50:7f:1a:33:5f:7c:b3:86:
ab:e2:e2:40:5e:a8:fa:84:ee:ef:d4:07:c1:72:43:32:f9:c0:
07:c1:f6:87:0d:4d:b7:73:54:4e:75:4f:91:dd:26:37:87:a8:
ef:c7:da:3c:4f:91:9c:9e:8d:f9:6c:1b:c0:6c:26:b4:a8:8c:
09:29:9b:1f:79:d7:66:15:30:dd:99:b2:31:38:19:d1:5a:ed:
9d:80:15:e0:c0:00:18:a8:58:e6:d4:1e:9d:2d:61:3a:a0:32:
97:e9:6c:eb:9c:50:3a:28:c7:3b:7f:d8:9a:cf:20:64:9a:55:
5b:d2:16:3a:eb:58:bf:b3:a2:2b:9a:87:63:cf:84:3c:26:d0:
af:78:58:5e:d6:4d:38:8f:e8:ab:8b:74:d7:21:e4:96:11:59:
8a:5c:09:02:5f:a3:a5:84:d4:7d:81:03:df:e8:7d:06:d0:45:
74:00:47:ea:de:7a:5e:e6:38:cb:ed:91:7a:e5:4e:04:00:51:
a3:8d:fd:0f:51:97:b9:01:0f:51:a6:73:79:ff:ba:ee:1a:f3:
d0:e1:65:0a:62:c5:d1:81:db:3a:2f:13:41:d2:21:e4:98:ee:
b2:21:d6:47:4c:05:fc:66:13:73:4d:70:0a:ba:93:0d:6f:92:
af:56:1b:1f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVzVdcwZ69/bz5XqDh9P0BsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlmZDY4ZjFiMjQxNDIzZGE5NzY0N2I5OTIyNDUzMDM4NmQy
NTY5OGMwHhcNMjMwMTAyMTYzNDQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNGRkMzkwNDdhYjY1NzkxMzVmYmY4M2E0YmNlZTllMTE4NTE5NTQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3ROcSkgVcMeenRQVbEfuxEsEgJ4d
lK/KXecNva5Ctt2w4veg2fSkrlVA58dshGYqyoiTs7VlAF8r/flQQQH0zxdGyaWP
AQmPu3BtHDQf9oRBYN54mBA8C17PvXmD3U9MycJAJUtwlIoGMQygaSIspG+8fqFp
cjwwI3dtE4yrsfjbt3qlVhoPsKzgoB7bJUTXbEvbpN8DMQ/Nc6TprhafBE2P4hwz
kh89GtW/wVbim5h/BEG2GW2C3TI7LbQbhzWw98EEYRn9qWSX7n720ujxXH6xL6G3
qU4HNg5DZi2oUOQrMU7JSlgmTUA/rN9BdFwSDKxq9TE0sk/u6LGg7kqp0wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBTdOQR6tleRNfv4OkvO6eEYUZVCMB8GA1UdIwQY
MBaAFJ/WjxskFCPal2R7mSJFMDhtJWmMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbjlhUEd5UVVJOXFYWkh1WklrVXdPRzBsYVl3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ni8zNWRlZTUtZDhkYi00OGUzLWI3YmIt
MDgxMGQxNmJjYzg3LzEvRk4wNUJIcTJWNUUxLV9nNlM4N3A0UmhSbFVJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ni8zNWRlZTUtZDhkYi00OGUzLWI3YmItMDgxMGQxNmJjYzg3
LzEvbjlhUEd5UVVJOXFYWkh1WklrVXdPRzBsYVl3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuWgUMA0G
CSqGSIb3DQEBCwUAA4IBAQCYWcZBGbU06LZNUH8aM198s4ar4uJAXqj6hO7v1AfB
ckMy+cAHwfaHDU23c1ROdU+R3SY3h6jvx9o8T5Gcno35bBvAbCa0qIwJKZsfeddm
FTDdmbIxOBnRWu2dgBXgwAAYqFjm1B6dLWE6oDKX6WzrnFA6KMc7f9iazyBkmlVb
0hY661i/s6Irmodjz4Q8JtCveFhe1k04j+iri3TXIeSWEVmKXAkCX6OlhNR9gQPf
6H0G0EV0AEfq3npe5jjL7ZF65U4EAFGjjf0PUZe5AQ9RpnN5/7ruGvPQ4WUKYsXR
gds6LxNB0iHkmO6yIdZHTAX8ZhNzTXAKupMNb5KvVhsf
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:47:07 2025 by rpki-client