Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ac/4ae64b-f73e-408c-b4a8-cbb3d635d82f/1/CARguRnBoU2RcsV1M13gBvHo1yc.roa
File: CARguRnBoU2RcsV1M13gBvHo1yc.roa (raw, json)
Hash identifier: g1YCICXNXYva5eTBbDltF1HYF45Zj+W8klrmkB4GVOk=
Subject key identifier: 08:04:60:B9:19:C1:A1:4D:91:72:C5:75:33:5D:E0:06:F1:E8:D7:27
Certificate issuer: /CN=69042c1f27a7d7862475087023dc97c3330f73c6
Certificate serial: 0184AE55855426450852CD3454644A2E651B
Authority key identifier: 69:04:2C:1F:27:A7:D7:86:24:75:08:70:23:DC:97:C3:33:0F:73:C6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aQQsHyen14YkdQhwI9yXwzMPc8Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ac/4ae64b-f73e-408c-b4a8-cbb3d635d82f/1/CARguRnBoU2RcsV1M13gBvHo1yc.roa
Signing time: Fri 25 Nov 2022 10:29:11 +0000
ROA not before: Fri 25 Nov 2022 10:29:11 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 48847
IP address blocks: 185.104.71.0/24 maxlen: 24
185.104.70.0/24 maxlen: 24
185.104.71.32/28 maxlen: 28
185.104.68.0/22 maxlen: 22
185.104.68.0/24 maxlen: 24
185.104.71.16/30 maxlen: 30
185.104.71.176/29 maxlen: 29
185.104.70.220/30 maxlen: 30
185.104.71.20/30 maxlen: 30
2a06:3480::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:ae:55:85:54:26:45:08:52:cd:34:54:64:4a:2e:65:1b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=69042c1f27a7d7862475087023dc97c3330f73c6
Validity
Not Before: Nov 25 10:29:11 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=080460b919c1a14d9172c575335de006f1e8d727
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:77:4a:bf:72:8b:a6:05:3d:6d:1f:73:18:46:
5e:3c:38:c3:a9:e0:43:c7:96:65:f2:28:09:75:1e:
69:8c:a8:f2:40:0b:b5:a8:6f:9e:9d:a1:a3:29:22:
db:8c:a2:f4:27:b3:bd:35:03:80:75:e7:df:b2:da:
b0:17:77:2f:da:8b:69:df:99:01:b1:df:a7:d4:ca:
5e:b1:ca:2e:88:0b:b9:fe:31:ce:83:77:c9:78:10:
97:89:a7:04:aa:6e:a8:1b:11:57:6f:04:ac:b6:1d:
bc:f1:dd:af:03:ad:b2:7a:a3:d3:d1:69:db:86:d1:
28:81:e9:ea:fe:45:8b:b7:bf:89:f2:ca:fb:fc:3d:
a5:8b:a1:de:82:a4:c9:40:7b:d9:62:35:a9:3f:db:
56:87:d8:a8:51:f4:fd:ad:9b:fb:91:cd:f4:07:30:
0a:d9:38:e0:e7:78:94:12:98:00:6f:43:f3:ae:79:
ae:a5:56:a1:ba:a1:cd:4b:49:40:d2:38:09:51:74:
99:06:a0:e8:8a:7d:33:be:5b:62:94:75:2f:34:66:
56:d6:00:96:da:94:10:7b:5d:48:bb:df:39:ff:63:
d1:d3:46:7e:ba:f1:66:ad:b5:66:bb:c1:27:d7:7d:
3c:35:db:79:0f:0e:59:f7:e0:12:f3:41:23:db:75:
5e:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:04:60:B9:19:C1:A1:4D:91:72:C5:75:33:5D:E0:06:F1:E8:D7:27
X509v3 Authority Key Identifier:
keyid:69:04:2C:1F:27:A7:D7:86:24:75:08:70:23:DC:97:C3:33:0F:73:C6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aQQsHyen14YkdQhwI9yXwzMPc8Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/4ae64b-f73e-408c-b4a8-cbb3d635d82f/1/CARguRnBoU2RcsV1M13gBvHo1yc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/4ae64b-f73e-408c-b4a8-cbb3d635d82f/1/aQQsHyen14YkdQhwI9yXwzMPc8Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.104.68.0/22
IPv6:
2a06:3480::/29
Signature Algorithm: sha256WithRSAEncryption
3f:a9:f9:39:04:49:68:34:b1:77:b1:74:9d:d2:e6:34:21:86:
01:c3:82:30:cf:b6:4b:04:39:bd:d2:bd:f0:64:21:d4:f5:02:
36:8f:70:21:bf:7f:9c:36:5c:d0:d0:d1:37:1e:26:ce:8e:f3:
8c:a7:e2:ad:f0:17:37:54:93:8b:a1:b8:7b:a1:24:6b:a3:80:
a0:69:a1:46:c6:b2:53:f5:7d:5a:87:4c:7a:35:3e:b3:78:90:
c2:e5:ad:38:72:0b:39:47:10:2b:1c:7e:bf:27:8f:4a:97:52:
58:1d:cd:a0:dc:6e:eb:1d:62:48:e0:f3:a4:60:ca:96:04:80:
98:7a:8d:52:f0:b1:af:76:ce:76:ef:36:32:64:01:bf:72:6d:
45:51:a0:36:ba:cc:1c:09:dc:00:96:11:f2:23:31:a5:9e:1d:
91:a3:b0:26:c8:85:ac:86:e3:9e:80:cc:88:3a:ab:e4:c2:d4:
02:d1:5c:d3:84:32:e5:12:0a:04:8b:63:ac:38:cd:36:0c:25:
86:dc:ce:94:19:b1:b5:6e:76:0e:60:9c:8e:1a:6e:6f:51:fd:
c0:b2:d7:0b:d0:7b:5f:bb:50:35:c9:e5:27:5a:79:d7:3c:3b:
e1:f6:26:71:44:98:aa:d1:e3:88:c2:7f:9e:27:18:8a:a6:69:
e8:fb:52:8e
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYSuVYVUJkUIUs00VGRKLmUbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY5MDQyYzFmMjdhN2Q3ODYyNDc1MDg3MDIzZGM5N2MzMzMw
ZjczYzYwHhcNMjIxMTI1MTAyOTExWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwODA0NjBiOTE5YzFhMTRkOTE3MmM1NzUzMzVkZTAwNmYxZThkNzI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhXdKv3KLpgU9bR9zGEZePDjDqeBD
x5Zl8igJdR5pjKjyQAu1qG+enaGjKSLbjKL0J7O9NQOAdeffstqwF3cv2otp35kB
sd+n1MpescouiAu5/jHOg3fJeBCXiacEqm6oGxFXbwSsth288d2vA62yeqPT0Wnb
htEogenq/kWLt7+J8sr7/D2li6HegqTJQHvZYjWpP9tWh9ioUfT9rZv7kc30BzAK
2Tjg53iUEpgAb0PzrnmupVahuqHNS0lA0jgJUXSZBqDoin0zvltilHUvNGZW1gCW
2pQQe11Iu985/2PR00Z+uvFmrbVmu8En1308Ndt5Dw5Z9+AS80Ej23VeJQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFAgEYLkZwaFNkXLFdTNd4Abx6NcnMB8GA1UdIwQY
MBaAFGkELB8np9eGJHUIcCPcl8MzD3PGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYVFRc0h5ZW4xNFlrZFFod0k5eVh3ek1QYzhZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYy80YWU2NGItZjczZS00MDhjLWI0YTgt
Y2JiM2Q2MzVkODJmLzEvQ0FSZ3VSbkJvVTJSY3NWMU0xM2dCdkhvMXljLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYy80YWU2NGItZjczZS00MDhjLWI0YTgtY2JiM2Q2MzVkODJm
LzEvYVFRc0h5ZW4xNFlrZFFod0k5eVh3ek1QYzhZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuWhEMA0E
AgACMAcDBQMqBjSAMA0GCSqGSIb3DQEBCwUAA4IBAQA/qfk5BEloNLF3sXSd0uY0
IYYBw4Iwz7ZLBDm90r3wZCHU9QI2j3Ahv3+cNlzQ0NE3HibOjvOMp+Kt8Bc3VJOL
obh7oSRro4CgaaFGxrJT9X1ah0x6NT6zeJDC5a04cgs5RxArHH6/J49Kl1JYHc2g
3G7rHWJI4POkYMqWBICYeo1S8LGvds527zYyZAG/cm1FUaA2uswcCdwAlhHyIzGl
nh2Ro7AmyIWshuOegMyIOqvkwtQC0VzThDLlEgoEi2OsOM02DCWG3M6UGbG1bnYO
YJyOGm5vUf3AstcL0Htfu1A1yeUnWnnXPDvh9iZxRJiq0eOIwn+eJxiKpmno+1KO
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:06:01 2023 by rpki-client on console-ams.rpki-client.org