Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ac/4ae64b-f73e-408c-b4a8-cbb3d635d82f/1/SMaTnCTICK0aCBxmCcsIeg-b8YM.roa
File: SMaTnCTICK0aCBxmCcsIeg-b8YM.roa (raw, json)
Hash identifier: vrCyRr8auZM5s0HJF52RrXqSS3LE3bRmHsbvCbrqBR0=
Subject key identifier: 48:C6:93:9C:24:C8:08:AD:1A:08:1C:66:09:CB:08:7A:0F:9B:F1:83
Certificate issuer: /CN=69042c1f27a7d7862475087023dc97c3330f73c6
Certificate serial: 0184BF223460E19F8A300233070272FF887E
Authority key identifier: 69:04:2C:1F:27:A7:D7:86:24:75:08:70:23:DC:97:C3:33:0F:73:C6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aQQsHyen14YkdQhwI9yXwzMPc8Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ac/4ae64b-f73e-408c-b4a8-cbb3d635d82f/1/SMaTnCTICK0aCBxmCcsIeg-b8YM.roa
Signing time: Mon 28 Nov 2022 16:46:40 +0000
ROA not before: Mon 28 Nov 2022 16:46:40 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 48847
IP address blocks: 185.104.68.144/28 maxlen: 28
185.104.71.32/28 maxlen: 28
185.104.71.176/29 maxlen: 29
185.104.68.240/29 maxlen: 29
185.104.70.220/30 maxlen: 30
185.104.68.0/26 maxlen: 26
185.104.68.64/26 maxlen: 26
185.104.71.0/24 maxlen: 24
185.104.70.0/24 maxlen: 24
185.104.68.0/22 maxlen: 22
185.104.68.0/24 maxlen: 24
185.104.71.16/30 maxlen: 30
185.104.71.20/30 maxlen: 30
2a06:3480::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:bf:22:34:60:e1:9f:8a:30:02:33:07:02:72:ff:88:7e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=69042c1f27a7d7862475087023dc97c3330f73c6
Validity
Not Before: Nov 28 16:46:40 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=48c6939c24c808ad1a081c6609cb087a0f9bf183
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:3e:78:d2:cb:83:95:e5:32:29:9c:ea:aa:8b:
b3:f4:91:64:1b:75:a3:40:b8:3c:41:a2:41:b7:2f:
62:10:24:87:b1:d7:42:dc:93:5e:bf:94:85:fa:bf:
ad:d7:f5:d5:59:1e:a7:71:e2:73:db:5b:65:98:db:
d3:6e:a4:92:00:8e:f7:f0:75:5a:e1:e0:7b:01:ac:
0e:bb:1a:3b:f6:6c:f5:2b:02:8a:a7:b2:31:bc:de:
61:68:76:ce:80:ab:a3:a5:b1:bf:40:1c:95:5d:9d:
e6:c9:ad:02:d4:7a:20:89:89:27:28:fe:0e:9f:da:
0e:75:5e:bb:e6:b7:d0:11:58:27:aa:92:1e:61:76:
d0:df:56:45:b0:ad:5e:45:7e:68:66:53:59:4d:c9:
e8:04:d1:20:cf:eb:96:98:0c:ef:d6:97:a1:b0:2b:
32:f7:30:64:10:f8:cc:83:48:5a:a4:29:da:e4:4f:
d0:0f:3e:64:26:4a:b6:d4:a3:73:1c:9d:49:cf:dd:
0b:69:ea:07:1e:62:6e:60:79:ab:1a:07:cf:2e:81:
b3:87:2f:d8:e2:b0:91:da:e2:1f:73:db:d1:53:cd:
27:3d:e8:6f:0b:b0:b0:30:ed:e3:6d:c0:d9:e6:53:
d8:f4:34:71:d3:ab:a9:b4:95:62:9e:a4:39:21:99:
5b:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
48:C6:93:9C:24:C8:08:AD:1A:08:1C:66:09:CB:08:7A:0F:9B:F1:83
X509v3 Authority Key Identifier:
keyid:69:04:2C:1F:27:A7:D7:86:24:75:08:70:23:DC:97:C3:33:0F:73:C6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aQQsHyen14YkdQhwI9yXwzMPc8Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/4ae64b-f73e-408c-b4a8-cbb3d635d82f/1/SMaTnCTICK0aCBxmCcsIeg-b8YM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/4ae64b-f73e-408c-b4a8-cbb3d635d82f/1/aQQsHyen14YkdQhwI9yXwzMPc8Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.104.68.0/22
IPv6:
2a06:3480::/29
Signature Algorithm: sha256WithRSAEncryption
3a:6c:d5:44:68:a9:86:ae:d2:64:07:9d:21:de:ab:0d:a0:13:
11:46:bc:66:b5:86:32:f4:50:5f:bd:cf:13:17:93:69:df:c7:
95:fc:c2:c9:ae:6d:50:61:79:19:f3:62:fb:34:1b:1d:3f:15:
1f:dc:14:e4:1c:c1:92:30:47:30:e1:c8:bf:9d:1f:d1:c6:b1:
3f:d9:17:53:f0:b5:3a:f0:2e:06:0c:fb:90:f0:e1:2e:f1:4c:
40:9d:83:07:81:b2:bc:cf:03:37:dc:a8:3f:ff:3e:0a:b2:b3:
6b:99:ed:76:37:f2:48:0b:84:0a:d5:f9:8b:d5:1f:b9:76:88:
af:a5:5e:f5:98:5a:d3:da:7d:43:f0:f9:46:2d:f0:1b:e9:e3:
5f:fc:05:2c:45:70:77:b9:de:f6:4d:d8:8c:31:16:3b:10:e2:
32:cd:dc:ad:ea:31:5d:d6:e5:24:e5:46:d0:3f:42:31:c2:c6:
8b:e5:c0:36:a3:a7:7d:89:1b:a5:8f:cf:d6:9d:6a:93:8a:84:
71:61:ee:22:40:c0:55:a6:20:40:ba:3f:d3:dc:70:8e:89:87:
a9:88:a7:ca:39:17:5f:36:e0:7c:57:ed:f8:e3:4d:8b:c0:e3:
72:7e:b0:ee:9c:da:2c:b1:83:1e:79:ac:80:fe:80:e1:ae:85:
66:6a:1a:c0
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYS/IjRg4Z+KMAIzBwJy/4h+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY5MDQyYzFmMjdhN2Q3ODYyNDc1MDg3MDIzZGM5N2MzMzMw
ZjczYzYwHhcNMjIxMTI4MTY0NjQwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0OGM2OTM5YzI0YzgwOGFkMWEwODFjNjYwOWNiMDg3YTBmOWJmMTgzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwD540suDleUyKZzqqouz9JFkG3Wj
QLg8QaJBty9iECSHsddC3JNev5SF+r+t1/XVWR6nceJz21tlmNvTbqSSAI738HVa
4eB7AawOuxo79mz1KwKKp7IxvN5haHbOgKujpbG/QByVXZ3mya0C1HogiYknKP4O
n9oOdV675rfQEVgnqpIeYXbQ31ZFsK1eRX5oZlNZTcnoBNEgz+uWmAzv1pehsCsy
9zBkEPjMg0hapCna5E/QDz5kJkq21KNzHJ1Jz90LaeoHHmJuYHmrGgfPLoGzhy/Y
4rCR2uIfc9vRU80nPehvC7CwMO3jbcDZ5lPY9DRx06uptJVinqQ5IZlb3wIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFEjGk5wkyAitGggcZgnLCHoPm/GDMB8GA1UdIwQY
MBaAFGkELB8np9eGJHUIcCPcl8MzD3PGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYVFRc0h5ZW4xNFlrZFFod0k5eVh3ek1QYzhZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYy80YWU2NGItZjczZS00MDhjLWI0YTgt
Y2JiM2Q2MzVkODJmLzEvU01hVG5DVElDSzBhQ0J4bUNjc0llZy1iOFlNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYy80YWU2NGItZjczZS00MDhjLWI0YTgtY2JiM2Q2MzVkODJm
LzEvYVFRc0h5ZW4xNFlrZFFod0k5eVh3ek1QYzhZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuWhEMA0E
AgACMAcDBQMqBjSAMA0GCSqGSIb3DQEBCwUAA4IBAQA6bNVEaKmGrtJkB50h3qsN
oBMRRrxmtYYy9FBfvc8TF5Np38eV/MLJrm1QYXkZ82L7NBsdPxUf3BTkHMGSMEcw
4ci/nR/RxrE/2RdT8LU68C4GDPuQ8OEu8UxAnYMHgbK8zwM33Kg//z4KsrNrme12
N/JIC4QK1fmL1R+5doivpV71mFrT2n1D8PlGLfAb6eNf/AUsRXB3ud72TdiMMRY7
EOIyzdyt6jFd1uUk5UbQP0IxwsaL5cA2o6d9iRulj8/WnWqTioRxYe4iQMBVpiBA
uj/T3HCOiYepiKfKORdfNuB8V+34402LwONyfrDunNossYMeeayA/oDhroVmahrA
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:02:05 2023 by rpki-client on console-fra.rpki-client.org