Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ac/4ae64b-f73e-408c-b4a8-cbb3d635d82f/1/58ExZYdKEcLRhf06rzMyFqegVfk.roa
File: 58ExZYdKEcLRhf06rzMyFqegVfk.roa (raw, json)
Hash identifier: ULGsr1U28yG8fsYtzzyUI7rUVck4kzUNemakwU2zC0o=
Subject key identifier: E7:C1:31:65:87:4A:11:C2:D1:85:FD:3A:AF:33:32:16:A7:A0:55:F9
Certificate issuer: /CN=69042c1f27a7d7862475087023dc97c3330f73c6
Certificate serial: 01843408E8C178D0C8C3A8A81146E9601D43
Authority key identifier: 69:04:2C:1F:27:A7:D7:86:24:75:08:70:23:DC:97:C3:33:0F:73:C6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aQQsHyen14YkdQhwI9yXwzMPc8Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ac/4ae64b-f73e-408c-b4a8-cbb3d635d82f/1/58ExZYdKEcLRhf06rzMyFqegVfk.roa
Signing time: Tue 01 Nov 2022 16:31:49 +0000
ROA not before: Tue 01 Nov 2022 16:31:49 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 48847
IP address blocks: 185.104.71.0/24 maxlen: 24
185.104.70.0/24 maxlen: 24
185.104.68.0/22 maxlen: 22
185.104.68.0/24 maxlen: 24
185.104.71.16/30 maxlen: 30
185.104.71.20/30 maxlen: 30
2a06:3480::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:34:08:e8:c1:78:d0:c8:c3:a8:a8:11:46:e9:60:1d:43
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=69042c1f27a7d7862475087023dc97c3330f73c6
Validity
Not Before: Nov 1 16:31:49 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=e7c13165874a11c2d185fd3aaf333216a7a055f9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:80:91:20:3b:c5:f4:e5:b4:b8:c8:b0:0b:34:
c1:df:e0:7a:c5:95:60:37:86:25:92:07:36:a6:10:
c1:e0:37:c2:cc:d3:1e:57:19:72:1d:47:58:00:40:
5a:b3:89:78:5e:03:55:12:f3:fc:8f:ed:9e:88:f9:
f9:a9:83:d2:e7:71:54:e3:36:8c:4e:fd:a5:74:a0:
50:4c:4f:0e:a0:da:2e:c5:f7:fa:a6:8e:cd:a6:a7:
67:a8:47:da:71:90:be:20:aa:8e:72:65:35:b5:2d:
f2:dd:5c:eb:ae:95:e5:c9:01:19:fb:27:1c:c3:33:
2a:97:b4:84:31:56:13:9f:73:22:4a:ac:39:e4:c3:
c0:54:08:08:41:88:33:46:b8:4d:35:98:75:72:0f:
b6:d8:06:c4:f9:60:ce:51:43:2c:61:c4:49:6e:9b:
dc:a9:b8:6c:63:26:86:eb:40:8a:2c:52:7a:ab:a9:
2f:a3:77:93:99:1b:b8:7a:2c:92:9e:a6:e3:f1:fa:
28:ba:64:39:98:15:f1:7d:c4:16:e3:d3:28:ad:3c:
4c:b9:81:9b:cd:e8:df:24:a7:08:f9:66:8a:b0:e3:
7c:b4:cb:4e:f9:a9:b2:27:37:70:5c:5e:7e:17:e6:
7e:fd:c4:63:d1:84:32:1c:66:8a:ed:58:b7:e5:8d:
96:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E7:C1:31:65:87:4A:11:C2:D1:85:FD:3A:AF:33:32:16:A7:A0:55:F9
X509v3 Authority Key Identifier:
keyid:69:04:2C:1F:27:A7:D7:86:24:75:08:70:23:DC:97:C3:33:0F:73:C6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aQQsHyen14YkdQhwI9yXwzMPc8Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/4ae64b-f73e-408c-b4a8-cbb3d635d82f/1/58ExZYdKEcLRhf06rzMyFqegVfk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/4ae64b-f73e-408c-b4a8-cbb3d635d82f/1/aQQsHyen14YkdQhwI9yXwzMPc8Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.104.68.0/22
IPv6:
2a06:3480::/29
Signature Algorithm: sha256WithRSAEncryption
19:dd:71:ac:dc:ef:23:7c:0b:27:a8:f4:d2:52:ab:15:e0:d0:
5f:0f:ca:9c:9f:0b:f0:73:29:94:44:77:5c:2b:2c:6f:ca:07:
64:79:f4:45:db:a0:2f:ff:0a:f3:b8:7e:cf:b6:80:59:8e:12:
ce:2b:e3:4b:c6:26:3d:86:71:1b:ff:ef:8f:9d:6e:35:42:4a:
cd:82:80:fb:f0:0f:5c:10:61:bf:97:48:f0:16:d3:2b:f3:7c:
6c:fa:a3:e4:00:c6:6f:1d:32:42:35:37:a5:52:fb:56:bf:35:
de:ee:ad:6c:9f:9a:5d:e2:87:c1:37:1b:36:a0:2a:38:18:c6:
e9:4e:dc:1d:81:e5:33:19:49:41:55:ba:25:c8:cd:88:e4:e3:
0e:1b:55:29:f6:91:71:e1:4c:19:49:f7:1a:fd:9c:a4:4c:83:
d5:a7:82:ef:40:73:a7:08:3d:2e:4c:c5:58:8c:85:a3:be:31:
93:73:01:6d:1e:8f:f7:fd:02:db:db:62:e5:01:cf:8b:14:de:
e7:3d:29:7a:41:2c:82:cc:8d:2d:62:6f:de:4f:7d:29:75:66:
49:07:5b:99:af:b5:94:d1:ac:95:fb:94:c9:3f:8d:59:a9:14:
99:a0:6c:3c:af:26:d5:cc:e7:36:f9:4d:29:f1:00:7e:fc:09:
7f:3e:55:03
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYQ0COjBeNDIw6ioEUbpYB1DMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY5MDQyYzFmMjdhN2Q3ODYyNDc1MDg3MDIzZGM5N2MzMzMw
ZjczYzYwHhcNMjIxMTAxMTYzMTQ5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlN2MxMzE2NTg3NGExMWMyZDE4NWZkM2FhZjMzMzIxNmE3YTA1NWY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoICRIDvF9OW0uMiwCzTB3+B6xZVg
N4Ylkgc2phDB4DfCzNMeVxlyHUdYAEBas4l4XgNVEvP8j+2eiPn5qYPS53FU4zaM
Tv2ldKBQTE8OoNouxff6po7NpqdnqEfacZC+IKqOcmU1tS3y3VzrrpXlyQEZ+ycc
wzMql7SEMVYTn3MiSqw55MPAVAgIQYgzRrhNNZh1cg+22AbE+WDOUUMsYcRJbpvc
qbhsYyaG60CKLFJ6q6kvo3eTmRu4eiySnqbj8fooumQ5mBXxfcQW49MorTxMuYGb
zejfJKcI+WaKsON8tMtO+amyJzdwXF5+F+Z+/cRj0YQyHGaK7Vi35Y2WJQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFOfBMWWHShHC0YX9Oq8zMhanoFX5MB8GA1UdIwQY
MBaAFGkELB8np9eGJHUIcCPcl8MzD3PGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYVFRc0h5ZW4xNFlrZFFod0k5eVh3ek1QYzhZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYy80YWU2NGItZjczZS00MDhjLWI0YTgt
Y2JiM2Q2MzVkODJmLzEvNThFeFpZZEtFY0xSaGYwNnJ6TXlGcWVnVmZrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYy80YWU2NGItZjczZS00MDhjLWI0YTgtY2JiM2Q2MzVkODJm
LzEvYVFRc0h5ZW4xNFlrZFFod0k5eVh3ek1QYzhZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuWhEMA0E
AgACMAcDBQMqBjSAMA0GCSqGSIb3DQEBCwUAA4IBAQAZ3XGs3O8jfAsnqPTSUqsV
4NBfD8qcnwvwcymURHdcKyxvygdkefRF26Av/wrzuH7PtoBZjhLOK+NLxiY9hnEb
/++PnW41QkrNgoD78A9cEGG/l0jwFtMr83xs+qPkAMZvHTJCNTelUvtWvzXe7q1s
n5pd4ofBNxs2oCo4GMbpTtwdgeUzGUlBVbolyM2I5OMOG1Up9pFx4UwZSfca/Zyk
TIPVp4LvQHOnCD0uTMVYjIWjvjGTcwFtHo/3/QLb22LlAc+LFN7nPSl6QSyCzI0t
Ym/eT30pdWZJB1uZr7WU0ayV+5TJP41ZqRSZoGw8rybVzOc2+U0p8QB+/Al/PlUD
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:38:01 2024 by rpki-client on console-ams.rpki-client.org