Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ac/4ae64b-f73e-408c-b4a8-cbb3d635d82f/1/p3TuW6TgpvKynFAEhvyYBzYNNtw.roa
File: p3TuW6TgpvKynFAEhvyYBzYNNtw.roa (raw, json)
Hash identifier: ngfQgAfAbuS+7FHEdeQJNH7KS6JnJ5Rmx3CcjC07los=
Subject key identifier: A7:74:EE:5B:A4:E0:A6:F2:B2:9C:50:04:86:FC:98:07:36:0D:36:DC
Certificate issuer: /CN=69042c1f27a7d7862475087023dc97c3330f73c6
Certificate serial: 6992CB
Authority key identifier: 69:04:2C:1F:27:A7:D7:86:24:75:08:70:23:DC:97:C3:33:0F:73:C6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aQQsHyen14YkdQhwI9yXwzMPc8Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ac/4ae64b-f73e-408c-b4a8-cbb3d635d82f/1/p3TuW6TgpvKynFAEhvyYBzYNNtw.roa
Signing time: Sat 01 Jan 2022 00:55:43 +0000
ROA not before: Sat 01 Jan 2022 00:55:43 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 48847
IP address blocks: 185.104.71.0/24 maxlen: 24
185.104.70.0/24 maxlen: 24
185.104.68.0/22 maxlen: 22
185.104.68.0/24 maxlen: 24
2a06:3480::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6918859 (0x6992cb)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=69042c1f27a7d7862475087023dc97c3330f73c6
Validity
Not Before: Jan 1 00:55:43 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a774ee5ba4e0a6f2b29c500486fc9807360d36dc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:f8:da:65:d8:c3:22:da:05:ee:30:92:cf:a9:
ba:3b:e0:9b:05:bc:5b:ba:75:6d:69:b3:71:91:cb:
ef:e4:23:af:94:6c:ee:84:8a:1f:71:bb:50:4e:a3:
74:d2:0b:55:b7:51:be:e8:fe:e5:eb:12:1e:09:15:
e6:e3:fe:6b:c4:cb:e4:1a:fe:76:6b:07:b5:d1:7f:
40:10:28:0d:e2:cf:77:9b:2f:d1:c1:b9:fc:dd:8d:
84:96:11:d6:d2:d6:d7:b7:d0:86:75:4f:1f:2e:63:
bb:bd:cb:ba:c1:9f:14:57:65:04:d8:53:24:78:59:
9d:56:4e:52:fc:70:ad:39:37:b0:48:b9:be:a7:a4:
fd:3b:9c:78:41:1b:99:44:35:c7:34:1c:b8:7a:ef:
38:22:79:cd:63:d2:39:37:f2:82:70:0f:da:31:20:
ca:d9:00:63:fe:fa:5c:76:35:1c:80:d8:2c:c9:8d:
e1:1f:92:eb:4b:b5:50:0d:6b:e2:89:9a:a6:42:f5:
50:2f:63:0d:0f:fd:a4:5e:da:16:bf:60:d6:44:8b:
4e:4e:0a:69:b2:6d:65:82:74:01:81:ff:ae:84:6c:
1f:47:81:79:bb:4e:f9:35:fd:0f:cb:46:d1:9d:2a:
2e:98:76:e5:b2:16:92:68:ef:f2:32:39:2f:40:b1:
f1:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A7:74:EE:5B:A4:E0:A6:F2:B2:9C:50:04:86:FC:98:07:36:0D:36:DC
X509v3 Authority Key Identifier:
keyid:69:04:2C:1F:27:A7:D7:86:24:75:08:70:23:DC:97:C3:33:0F:73:C6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aQQsHyen14YkdQhwI9yXwzMPc8Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/4ae64b-f73e-408c-b4a8-cbb3d635d82f/1/p3TuW6TgpvKynFAEhvyYBzYNNtw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/4ae64b-f73e-408c-b4a8-cbb3d635d82f/1/aQQsHyen14YkdQhwI9yXwzMPc8Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.104.68.0/22
IPv6:
2a06:3480::/29
Signature Algorithm: sha256WithRSAEncryption
87:0b:af:11:89:6c:4c:8b:a1:eb:42:cd:e9:cb:76:42:50:0e:
6f:aa:29:98:7b:98:b7:f5:cb:93:29:e7:6c:e7:b7:eb:e9:3d:
e9:c7:68:1b:8e:a0:9c:c4:8f:36:7d:77:88:c2:19:84:6d:20:
48:0f:96:83:1d:c7:55:e6:39:ce:7c:f8:ff:bf:ca:5c:20:35:
de:e6:e3:45:06:20:36:2f:ae:67:e6:4f:3f:6d:8a:44:60:c1:
2f:68:2f:0e:b0:e4:e3:ed:6c:4c:95:78:71:2a:6b:44:9b:db:
4d:8c:93:fa:70:10:f6:25:79:72:ba:78:fb:9a:2e:d3:11:46:
36:44:28:f5:74:77:cb:58:95:5c:47:bf:62:66:aa:af:9f:88:
3e:29:9b:8e:b2:9d:ea:aa:a9:0b:dd:5f:a5:9b:b1:06:b4:13:
56:a3:75:16:a8:6a:b3:a6:7e:9a:11:ca:48:0e:d1:98:62:32:
8c:26:ee:6b:b0:07:c7:7c:8d:23:15:27:e6:c2:bf:fd:ce:55:
f4:6f:c0:f4:8c:7a:97:34:a5:e7:c1:f6:38:41:6a:e4:f2:9d:
12:d7:df:a5:3d:9d:f3:ef:9e:16:00:51:36:94:22:21:b6:55:
83:fb:74:92:1c:eb:75:78:13:24:33:a5:ee:a9:ef:4a:5e:59:
ed:25:6d:e5
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgIDaZLLMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDY5
MDQyYzFmMjdhN2Q3ODYyNDc1MDg3MDIzZGM5N2MzMzMwZjczYzYwHhcNMjIwMTAx
MDA1NTQzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyhhNzc0ZWU1YmE0ZTBh
NmYyYjI5YzUwMDQ4NmZjOTgwNzM2MGQzNmRjMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAv/jaZdjDItoF7jCSz6m6O+CbBbxbunVtabNxkcvv5COvlGzu
hIofcbtQTqN00gtVt1G+6P7l6xIeCRXm4/5rxMvkGv52awe10X9AECgN4s93my/R
wbn83Y2ElhHW0tbXt9CGdU8fLmO7vcu6wZ8UV2UE2FMkeFmdVk5S/HCtOTewSLm+
p6T9O5x4QRuZRDXHNBy4eu84InnNY9I5N/KCcA/aMSDK2QBj/vpcdjUcgNgsyY3h
H5LrS7VQDWviiZqmQvVQL2MND/2kXtoWv2DWRItOTgppsm1lgnQBgf+uhGwfR4F5
u075Nf0Py0bRnSoumHblshaSaO/yMjkvQLHxrwIDAQABo4ICGDCCAhQwHQYDVR0O
BBYEFKd07luk4KbyspxQBIb8mAc2DTbcMB8GA1UdIwQYMBaAFGkELB8np9eGJHUI
cCPcl8MzD3PGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
YVFRc0h5ZW4xNFlrZFFod0k5eVh3ek1QYzhZLmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9hYy80YWU2NGItZjczZS00MDhjLWI0YTgtY2JiM2Q2MzVkODJmLzEv
cDNUdVc2VGdwdkt5bkZBRWh2eVlCellOTnR3LnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYy80
YWU2NGItZjczZS00MDhjLWI0YTgtY2JiM2Q2MzVkODJmLzEvYVFRc0h5ZW4xNFlr
ZFFod0k5eVh3ek1QYzhZLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMC4G
CCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuWhEMA0EAgACMAcDBQMqBjSAMA0G
CSqGSIb3DQEBCwUAA4IBAQCHC68RiWxMi6HrQs3py3ZCUA5vqimYe5i39cuTKeds
57fr6T3px2gbjqCcxI82fXeIwhmEbSBID5aDHcdV5jnOfPj/v8pcIDXe5uNFBiA2
L65n5k8/bYpEYMEvaC8OsOTj7WxMlXhxKmtEm9tNjJP6cBD2JXlyunj7mi7TEUY2
RCj1dHfLWJVcR79iZqqvn4g+KZuOsp3qqqkL3V+lm7EGtBNWo3UWqGqzpn6aEcpI
DtGYYjKMJu5rsAfHfI0jFSfmwr/9zlX0b8D0jHqXNKXnwfY4QWrk8p0S19+lPZ3z
754WAFE2lCIhtlWD+3SSHOt1eBMkM6Xuqe9KXlntJW3l
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:49:27 2024 by rpki-client on console-fra.rpki-client.org