Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ac/4ae64b-f73e-408c-b4a8-cbb3d635d82f/1/2cQp57CxVJSjgzB_ckm-YzWEXKM.roa
File: 2cQp57CxVJSjgzB_ckm-YzWEXKM.roa (raw, json)
Hash identifier: cawWxFXQscIR5euti5MCm7LCV4vWjQYSAoA53lcQUvY=
Subject key identifier: D9:C4:29:E7:B0:B1:54:94:A3:83:30:7F:72:49:BE:63:35:84:5C:A3
Certificate issuer: /CN=69042c1f27a7d7862475087023dc97c3330f73c6
Certificate serial: 0184B3899E09ABB7CE2DDF463547F3200FE4
Authority key identifier: 69:04:2C:1F:27:A7:D7:86:24:75:08:70:23:DC:97:C3:33:0F:73:C6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aQQsHyen14YkdQhwI9yXwzMPc8Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ac/4ae64b-f73e-408c-b4a8-cbb3d635d82f/1/2cQp57CxVJSjgzB_ckm-YzWEXKM.roa
Signing time: Sat 26 Nov 2022 10:44:11 +0000
ROA not before: Sat 26 Nov 2022 10:44:11 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 48847
IP address blocks: 185.104.71.32/28 maxlen: 28
185.104.71.176/29 maxlen: 29
185.104.68.240/29 maxlen: 29
185.104.70.220/30 maxlen: 30
185.104.68.0/26 maxlen: 26
185.104.68.64/26 maxlen: 26
185.104.71.0/24 maxlen: 24
185.104.70.0/24 maxlen: 24
185.104.68.0/22 maxlen: 22
185.104.68.0/24 maxlen: 24
185.104.71.16/30 maxlen: 30
185.104.71.20/30 maxlen: 30
2a06:3480::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:b3:89:9e:09:ab:b7:ce:2d:df:46:35:47:f3:20:0f:e4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=69042c1f27a7d7862475087023dc97c3330f73c6
Validity
Not Before: Nov 26 10:44:11 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d9c429e7b0b15494a383307f7249be6335845ca3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:29:5f:36:dd:76:f2:27:02:c0:9c:27:05:d4:
8c:b0:5d:f0:b3:0a:19:73:b2:16:c8:32:b9:56:dc:
f1:37:03:16:63:f7:98:de:8a:5a:3b:19:1c:cd:6e:
61:42:bf:0c:c6:b9:f6:3e:99:3f:c4:47:f6:66:96:
af:79:d1:70:5f:d6:af:8f:f5:8f:bf:24:72:6f:6a:
74:be:22:1d:5f:cc:1e:3a:4a:d2:8a:18:ca:dc:63:
ce:f9:7b:98:b0:21:50:06:38:d0:cd:61:4d:39:f3:
ac:d8:ab:8a:75:5c:79:e7:44:f2:be:44:89:44:b4:
ca:c5:ef:6c:c7:7c:8c:1a:57:09:90:c4:29:25:cd:
39:47:40:98:0f:6d:85:98:eb:bb:83:4a:6a:56:c1:
9d:84:1d:2c:c7:3b:64:27:c7:de:d7:d1:90:e9:5e:
78:f7:db:40:73:c5:9e:9e:b4:26:e8:c9:71:95:f6:
0b:45:56:4f:d1:de:4a:97:7c:f8:65:1f:39:e6:ab:
57:62:5e:dc:97:24:a6:b1:2e:ab:f6:42:64:c9:7e:
0a:8c:5d:a9:e7:d6:ee:9e:ac:87:f5:46:34:34:a4:
8c:85:68:6c:8e:b0:2c:1d:5a:c5:d6:02:f5:e3:5f:
51:e0:45:b3:de:1d:1c:15:7a:f3:b6:f1:ec:d8:2c:
37:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:C4:29:E7:B0:B1:54:94:A3:83:30:7F:72:49:BE:63:35:84:5C:A3
X509v3 Authority Key Identifier:
keyid:69:04:2C:1F:27:A7:D7:86:24:75:08:70:23:DC:97:C3:33:0F:73:C6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aQQsHyen14YkdQhwI9yXwzMPc8Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/4ae64b-f73e-408c-b4a8-cbb3d635d82f/1/2cQp57CxVJSjgzB_ckm-YzWEXKM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/4ae64b-f73e-408c-b4a8-cbb3d635d82f/1/aQQsHyen14YkdQhwI9yXwzMPc8Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.104.68.0/22
IPv6:
2a06:3480::/29
Signature Algorithm: sha256WithRSAEncryption
31:56:8f:25:6e:85:11:69:2a:25:3a:0c:15:3a:8e:f7:a1:34:
fb:dc:f2:03:be:08:cf:40:d1:86:ad:84:52:e3:c3:17:d4:d1:
0e:2b:9f:6a:65:4e:a1:4d:5d:05:ae:f1:9d:bc:61:af:ab:11:
42:e9:73:89:9e:63:ac:0d:4e:79:26:55:0c:52:ba:f4:4c:2c:
04:29:88:59:59:0c:bd:d2:76:37:d1:f3:c5:fc:e4:b3:bf:f7:
42:47:99:bd:f8:aa:f6:b1:51:ff:b3:11:51:d3:f6:3a:51:ef:
97:ce:d2:fe:0a:5f:51:5c:93:7d:f1:e3:c0:be:67:11:82:2e:
94:82:08:b2:d2:02:16:ec:e8:36:b5:6b:00:11:c1:71:7b:df:
db:80:5a:dd:3f:ad:d5:8e:db:a1:7f:9f:00:d0:71:f9:01:45:
78:f6:ef:09:e8:64:2e:0e:b3:41:3e:bd:ca:aa:65:68:58:e4:
46:fc:96:c8:51:a1:40:0d:bd:08:a2:ee:e5:8a:c3:16:77:eb:
e2:4c:ea:02:4b:2a:56:1d:00:24:68:d7:f7:1f:7b:d6:9b:23:
e9:ce:05:9a:19:24:6c:c8:d7:67:8a:fe:ce:2a:b5:99:40:20:
5f:85:58:a8:e3:42:1b:44:ea:89:68:97:d2:09:6b:61:cf:65:
ee:7d:7c:c3
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYSziZ4Jq7fOLd9GNUfzIA/kMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY5MDQyYzFmMjdhN2Q3ODYyNDc1MDg3MDIzZGM5N2MzMzMw
ZjczYzYwHhcNMjIxMTI2MTA0NDExWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOWM0MjllN2IwYjE1NDk0YTM4MzMwN2Y3MjQ5YmU2MzM1ODQ1Y2EzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnylfNt128icCwJwnBdSMsF3wswoZ
c7IWyDK5VtzxNwMWY/eY3opaOxkczW5hQr8Mxrn2Ppk/xEf2ZpavedFwX9avj/WP
vyRyb2p0viIdX8weOkrSihjK3GPO+XuYsCFQBjjQzWFNOfOs2KuKdVx550TyvkSJ
RLTKxe9sx3yMGlcJkMQpJc05R0CYD22FmOu7g0pqVsGdhB0sxztkJ8fe19GQ6V54
99tAc8WenrQm6MlxlfYLRVZP0d5Kl3z4ZR855qtXYl7clySmsS6r9kJkyX4KjF2p
59bunqyH9UY0NKSMhWhsjrAsHVrF1gL1419R4EWz3h0cFXrztvHs2Cw3CQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFNnEKeewsVSUo4Mwf3JJvmM1hFyjMB8GA1UdIwQY
MBaAFGkELB8np9eGJHUIcCPcl8MzD3PGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYVFRc0h5ZW4xNFlrZFFod0k5eVh3ek1QYzhZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYy80YWU2NGItZjczZS00MDhjLWI0YTgt
Y2JiM2Q2MzVkODJmLzEvMmNRcDU3Q3hWSlNqZ3pCX2NrbS1ZeldFWEtNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYy80YWU2NGItZjczZS00MDhjLWI0YTgtY2JiM2Q2MzVkODJm
LzEvYVFRc0h5ZW4xNFlrZFFod0k5eVh3ek1QYzhZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuWhEMA0E
AgACMAcDBQMqBjSAMA0GCSqGSIb3DQEBCwUAA4IBAQAxVo8lboURaSolOgwVOo73
oTT73PIDvgjPQNGGrYRS48MX1NEOK59qZU6hTV0FrvGdvGGvqxFC6XOJnmOsDU55
JlUMUrr0TCwEKYhZWQy90nY30fPF/OSzv/dCR5m9+Kr2sVH/sxFR0/Y6Ue+XztL+
Cl9RXJN98ePAvmcRgi6Uggiy0gIW7Og2tWsAEcFxe9/bgFrdP63Vjtuhf58A0HH5
AUV49u8J6GQuDrNBPr3KqmVoWORG/JbIUaFADb0Iou7lisMWd+viTOoCSypWHQAk
aNf3H3vWmyPpzgWaGSRsyNdniv7OKrWZQCBfhVio40IbROqJaJfSCWthz2XufXzD
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:06:01 2023 by rpki-client on console-ams.rpki-client.org