Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/af2f8f-1212-4943-bd0c-d86ab2fe7648/1/RR8z7RdsYBD7U8C2dCKDFRXZQNY.roa
File: RR8z7RdsYBD7U8C2dCKDFRXZQNY.roa (raw, json)
Hash identifier: F3VzvkEcoS+AlXhsVG3O1t7sP05yphGq1nhANHQcdBY=
Subject key identifier: 45:1F:33:ED:17:6C:60:10:FB:53:C0:B6:74:22:83:15:15:D9:40:D6
Certificate issuer: /CN=397d9f3dbfc365332e282bd176a68075446d1d1b
Certificate serial: 01AEC9A4
Authority key identifier: 39:7D:9F:3D:BF:C3:65:33:2E:28:2B:D1:76:A6:80:75:44:6D:1D:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OX2fPb_DZTMuKCvRdqaAdURtHRs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/af2f8f-1212-4943-bd0c-d86ab2fe7648/1/RR8z7RdsYBD7U8C2dCKDFRXZQNY.roa
Signing time: Tue 01 Feb 2022 16:22:43 +0000
ROA not before: Tue 01 Feb 2022 16:22:43 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 210963
IP address blocks: 185.218.104.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 28232100 (0x1aec9a4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=397d9f3dbfc365332e282bd176a68075446d1d1b
Validity
Not Before: Feb 1 16:22:43 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=451f33ed176c6010fb53c0b67422831515d940d6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:7c:a9:8c:93:b6:f4:38:68:29:84:b9:f9:f1:
f8:30:23:9d:0d:21:0e:c3:7f:64:de:b5:5a:ac:c5:
1e:8a:21:a3:f5:f1:92:ac:28:c8:0d:b0:aa:82:fd:
86:54:59:5e:8c:7e:a9:4a:3a:ab:0e:46:ca:33:93:
5f:0a:29:a6:64:b9:4b:cb:1f:c5:b0:55:c0:06:a8:
18:9d:d5:bb:cf:1d:87:bb:20:68:b5:0e:c8:58:e5:
f2:63:d0:a8:ac:81:65:45:41:22:2e:9f:b1:ef:8e:
61:c3:92:ca:f2:2c:5f:51:e9:76:93:9d:c8:66:2a:
b1:91:47:db:19:f8:69:c6:99:88:d3:43:62:5c:bc:
a9:85:1e:2d:cb:7d:b4:36:30:51:f5:78:bb:3e:2c:
05:25:75:7c:0a:48:7a:8c:79:30:2b:f5:ba:61:f0:
f2:b2:b0:33:f8:0d:ab:b5:3c:6d:d4:c9:b5:4d:c8:
6f:98:e6:f6:30:33:07:c6:bc:e4:ae:f4:40:ac:60:
59:09:eb:0b:bc:6b:60:10:ba:fd:39:dc:0b:1c:bc:
e9:43:55:1c:b3:60:de:25:59:98:ab:83:43:2b:1d:
bb:a3:16:3b:b2:c1:2c:4b:ea:57:23:6f:4f:24:d4:
17:5c:69:62:32:55:c0:98:15:e9:2a:2c:6f:05:9b:
70:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
45:1F:33:ED:17:6C:60:10:FB:53:C0:B6:74:22:83:15:15:D9:40:D6
X509v3 Authority Key Identifier:
keyid:39:7D:9F:3D:BF:C3:65:33:2E:28:2B:D1:76:A6:80:75:44:6D:1D:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OX2fPb_DZTMuKCvRdqaAdURtHRs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/af2f8f-1212-4943-bd0c-d86ab2fe7648/1/RR8z7RdsYBD7U8C2dCKDFRXZQNY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/af2f8f-1212-4943-bd0c-d86ab2fe7648/1/OX2fPb_DZTMuKCvRdqaAdURtHRs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.218.104.0/24
Signature Algorithm: sha256WithRSAEncryption
58:75:66:69:9a:4d:18:6b:53:0d:10:1d:9d:d9:f5:25:9d:aa:
85:32:7f:9e:3d:f3:b4:52:1b:de:03:cd:9d:15:9e:03:4f:6e:
1a:fd:62:a4:f4:f5:25:04:be:2b:6f:77:45:3c:00:2f:99:f5:
98:04:fe:5f:e3:99:58:48:88:ff:ee:dc:4f:80:c0:c6:f0:0d:
93:25:d0:e1:0c:1f:ae:ed:f6:02:f5:0c:37:e3:b7:c1:4e:b6:
f1:13:41:33:66:0d:5d:16:7e:2b:19:85:b8:86:75:00:24:a3:
24:37:0e:68:f9:80:ff:8c:e4:1a:fb:f8:b6:7a:39:a1:97:5a:
46:25:35:8b:bd:bb:72:0c:d0:a3:83:4c:20:71:9d:c9:d5:37:
af:a8:79:a7:7a:33:61:bd:aa:ba:f1:29:0b:5b:a7:af:c0:30:
18:dc:99:d3:ed:97:37:11:67:f3:c5:a8:ef:0a:48:f5:90:7c:
33:b8:82:6e:01:84:51:96:8d:7c:00:f0:69:36:00:0b:68:5a:
0a:30:e4:09:ab:48:19:09:9c:37:da:5d:ae:41:8e:b2:e3:20:
6b:04:aa:c8:0f:9f:9c:dc:c9:7a:4f:ce:9f:da:70:f1:7a:24:
7b:93:eb:40:b8:01:51:b6:f2:95:84:95:e9:dd:72:7a:0f:a7:
a5:52:30:02
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAa7JpDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
OTdkOWYzZGJmYzM2NTMzMmUyODJiZDE3NmE2ODA3NTQ0NmQxZDFiMB4XDTIyMDIw
MTE2MjI0M1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNDUxZjMzZWQxNzZj
NjAxMGZiNTNjMGI2NzQyMjgzMTUxNWQ5NDBkNjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJp8qYyTtvQ4aCmEufnx+DAjnQ0hDsN/ZN61WqzFHooho/Xx
kqwoyA2wqoL9hlRZXox+qUo6qw5GyjOTXwoppmS5S8sfxbBVwAaoGJ3Vu88dh7sg
aLUOyFjl8mPQqKyBZUVBIi6fse+OYcOSyvIsX1HpdpOdyGYqsZFH2xn4acaZiNND
Yly8qYUeLct9tDYwUfV4uz4sBSV1fApIeox5MCv1umHw8rKwM/gNq7U8bdTJtU3I
b5jm9jAzB8a85K70QKxgWQnrC7xrYBC6/TncCxy86UNVHLNg3iVZmKuDQysdu6MW
O7LBLEvqVyNvTyTUF1xpYjJVwJgV6SosbwWbcLcCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRFHzPtF2xgEPtTwLZ0IoMVFdlA1jAfBgNVHSMEGDAWgBQ5fZ89v8NlMy4o
K9F2poB1RG0dGzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L09YMmZQYl9EWlRNdUtDdlJkcWFBZFVSdEhScy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOGEvYWYyZjhmLTEyMTItNDk0My1iZDBjLWQ4NmFiMmZlNzY0OC8x
L1JSOHo3UmRzWUJEN1U4QzJkQ0tERlJYWlFOWS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOGEv
YWYyZjhmLTEyMTItNDk0My1iZDBjLWQ4NmFiMmZlNzY0OC8xL09YMmZQYl9EWlRN
dUtDdlJkcWFBZFVSdEhScy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEALnaaDANBgkqhkiG9w0BAQsFAAOC
AQEAWHVmaZpNGGtTDRAdndn1JZ2qhTJ/nj3ztFIb3gPNnRWeA09uGv1ipPT1JQS+
K293RTwAL5n1mAT+X+OZWEiI/+7cT4DAxvANkyXQ4Qwfru32AvUMN+O3wU628RNB
M2YNXRZ+KxmFuIZ1ACSjJDcOaPmA/4zkGvv4tno5oZdaRiU1i727cgzQo4NMIHGd
ydU3r6h5p3ozYb2quvEpC1unr8AwGNyZ0+2XNxFn88Wo7wpI9ZB8M7iCbgGEUZaN
fADwaTYAC2haCjDkCatIGQmcN9pdrkGOsuMgawSqyA+fnNzJek/On9pw8Xoke5Pr
QLgBUbbylYSV6d1yeg+npVIwAg==
-----END CERTIFICATE-----
Generated at Thu Mar 13 20:40:43 2025 by rpki-client