Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/efd282-33b2-4373-9948-3239a81c9fc8/1/0oG1hD7m4-zeWFoviHQJ349kvoc.roa
File: 0oG1hD7m4-zeWFoviHQJ349kvoc.roa (raw, json)
Hash identifier: p+3cTMXg4Y6HF5K+3ClFQ/XWySrN7pGN50IO2V8ORUk=
Subject key identifier: D2:81:B5:84:3E:E6:E3:EC:DE:58:5A:2F:88:74:09:DF:8F:64:BE:87
Certificate issuer: /CN=c97edcedec3254b357b09615a02b16e06ebe63eb
Certificate serial: 0185701ED83853A8B33975631BF9F2834466
Authority key identifier: C9:7E:DC:ED:EC:32:54:B3:57:B0:96:15:A0:2B:16:E0:6E:BE:63:EB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yX7c7ewyVLNXsJYVoCsW4G6-Y-s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a0/efd282-33b2-4373-9948-3239a81c9fc8/1/0oG1hD7m4-zeWFoviHQJ349kvoc.roa
Signing time: Mon 02 Jan 2023 01:35:47 +0000
ROA not before: Mon 02 Jan 2023 01:35:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 12941
IP address blocks: 185.104.204.0/22 maxlen: 22
2a06:3380::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:1e:d8:38:53:a8:b3:39:75:63:1b:f9:f2:83:44:66
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c97edcedec3254b357b09615a02b16e06ebe63eb
Validity
Not Before: Jan 2 01:35:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d281b5843ee6e3ecde585a2f887409df8f64be87
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:51:94:53:25:bf:5c:33:e2:e6:24:24:98:5a:
ca:9a:d8:20:1a:f5:04:3d:49:89:9a:18:79:7a:bc:
81:48:e7:4d:2a:a6:99:53:d4:d3:6b:45:42:5e:4f:
cf:21:74:b3:39:41:ce:83:fb:49:bb:67:5a:27:64:
c8:7a:d8:bd:1d:29:06:9b:93:08:3c:59:73:e8:c3:
07:13:6f:5b:55:78:5a:79:d1:81:87:6d:31:d1:6e:
df:b3:52:44:30:d9:ec:0e:2b:88:12:59:97:4a:41:
73:b3:b8:48:83:fb:06:28:33:94:a7:28:3f:49:03:
c2:5f:2e:8f:26:92:f3:53:a7:73:0c:0d:2e:f4:40:
be:7e:28:19:9c:4d:e5:14:b4:43:ac:d2:17:81:5f:
03:a1:59:7c:bf:09:4a:6d:2f:dc:9f:6a:79:41:ff:
dd:75:68:70:3f:65:8b:36:83:56:67:10:ac:42:0b:
a2:56:c0:57:68:56:26:73:65:4b:f0:eb:44:0f:e4:
0d:e1:68:e3:af:c2:b1:e7:e2:03:8f:17:84:43:fd:
09:1b:b8:8f:56:91:57:60:d9:c1:41:30:66:44:86:
da:fa:67:36:33:a2:9b:7b:44:b3:80:dc:87:c4:de:
de:dd:d5:46:7f:ba:4f:fd:f3:95:87:67:76:d6:1e:
58:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:81:B5:84:3E:E6:E3:EC:DE:58:5A:2F:88:74:09:DF:8F:64:BE:87
X509v3 Authority Key Identifier:
keyid:C9:7E:DC:ED:EC:32:54:B3:57:B0:96:15:A0:2B:16:E0:6E:BE:63:EB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yX7c7ewyVLNXsJYVoCsW4G6-Y-s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/efd282-33b2-4373-9948-3239a81c9fc8/1/0oG1hD7m4-zeWFoviHQJ349kvoc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/efd282-33b2-4373-9948-3239a81c9fc8/1/yX7c7ewyVLNXsJYVoCsW4G6-Y-s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.104.204.0/22
IPv6:
2a06:3380::/29
Signature Algorithm: sha256WithRSAEncryption
54:9c:2a:e8:92:57:19:3e:b0:c2:36:3e:bd:cb:4f:bf:e3:e0:
c4:e1:02:5d:45:7d:f9:89:3a:5e:75:78:f1:26:73:d8:cf:1b:
9e:85:ae:a3:7a:bb:2a:3f:5e:ea:64:ff:47:86:6e:75:ca:3d:
35:08:3f:db:74:9a:26:53:63:ad:05:e1:87:67:96:67:28:0d:
33:d3:b3:bc:38:fa:7b:19:24:cf:d2:9f:b8:3a:f5:74:73:1a:
1b:11:ad:b2:b9:9d:1c:cd:49:99:a6:45:95:01:7a:a3:b8:d6:
f4:9b:8b:a9:83:ff:ce:ec:53:68:6c:f6:41:fa:2a:7c:4a:6a:
f4:0c:a5:59:98:b5:6a:8e:d1:c1:4a:91:4d:f1:7d:d1:90:4d:
fd:8a:ac:e4:8b:7d:7a:c9:c5:89:73:5b:47:1d:6e:92:55:f0:
05:50:ee:26:1a:12:8a:9a:80:5e:0a:d0:7a:42:d0:13:50:24:
48:94:21:41:ba:49:17:e6:24:32:c4:80:eb:77:e0:ca:bd:e0:
67:e8:98:c5:01:be:c7:33:3e:6b:c4:11:06:0a:27:5c:25:43:
86:5c:b8:b8:a2:f0:97:23:0b:51:48:86:92:48:3d:81:5d:97:
60:22:b6:df:ce:f0:54:30:0b:b7:08:73:71:9b:34:61:d9:9b:
1a:ce:de:36
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVwHtg4U6izOXVjG/nyg0RmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM5N2VkY2VkZWMzMjU0YjM1N2IwOTYxNWEwMmIxNmUwNmVi
ZTYzZWIwHhcNMjMwMTAyMDEzNTQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMjgxYjU4NDNlZTZlM2VjZGU1ODVhMmY4ODc0MDlkZjhmNjRiZTg3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxFGUUyW/XDPi5iQkmFrKmtggGvUE
PUmJmhh5eryBSOdNKqaZU9TTa0VCXk/PIXSzOUHOg/tJu2daJ2TIeti9HSkGm5MI
PFlz6MMHE29bVXhaedGBh20x0W7fs1JEMNnsDiuIElmXSkFzs7hIg/sGKDOUpyg/
SQPCXy6PJpLzU6dzDA0u9EC+figZnE3lFLRDrNIXgV8DoVl8vwlKbS/cn2p5Qf/d
dWhwP2WLNoNWZxCsQguiVsBXaFYmc2VL8OtED+QN4Wjjr8Kx5+IDjxeEQ/0JG7iP
VpFXYNnBQTBmRIba+mc2M6Kbe0SzgNyHxN7e3dVGf7pP/fOVh2d21h5YpwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFNKBtYQ+5uPs3lhaL4h0Cd+PZL6HMB8GA1UdIwQY
MBaAFMl+3O3sMlSzV7CWFaArFuBuvmPrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveVg3Yzdld3lWTE5Yc0pZVm9Dc1c0RzYtWS1zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC9lZmQyODItMzNiMi00MzczLTk5NDgt
MzIzOWE4MWM5ZmM4LzEvMG9HMWhEN200LXplV0ZvdmlIUUozNDlrdm9jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC9lZmQyODItMzNiMi00MzczLTk5NDgtMzIzOWE4MWM5ZmM4
LzEveVg3Yzdld3lWTE5Yc0pZVm9Dc1c0RzYtWS1zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuWjMMA0E
AgACMAcDBQMqBjOAMA0GCSqGSIb3DQEBCwUAA4IBAQBUnCroklcZPrDCNj69y0+/
4+DE4QJdRX35iTpedXjxJnPYzxueha6jersqP17qZP9Hhm51yj01CD/bdJomU2Ot
BeGHZ5ZnKA0z07O8OPp7GSTP0p+4OvV0cxobEa2yuZ0czUmZpkWVAXqjuNb0m4up
g//O7FNobPZB+ip8Smr0DKVZmLVqjtHBSpFN8X3RkE39iqzki316ycWJc1tHHW6S
VfAFUO4mGhKKmoBeCtB6QtATUCRIlCFBukkX5iQyxIDrd+DKveBn6JjFAb7HMz5r
xBEGCidcJUOGXLi4ovCXIwtRSIaSSD2BXZdgIrbfzvBUMAu3CHNxmzRh2Zsazt42
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:33:57 2025 by rpki-client