Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/a3fb67-d514-4aee-adb9-72bad9d73c80/1/twJ7Hkh2nna7ob2H9nanBhgKXHM.roa
File: twJ7Hkh2nna7ob2H9nanBhgKXHM.roa (raw, json)
Hash identifier: huuBa3uS20fxhqGb74waSwtZ2f6RwLmIs61/A9nX1K8=
Subject key identifier: B7:02:7B:1E:48:76:9E:76:BB:A1:BD:87:F6:76:A7:06:18:0A:5C:73
Certificate issuer: /CN=d0b849b9bc9042a1557331937e4ad71518af61cf
Certificate serial: 018AF077687B289E51068102FE2C01F1E309
Authority key identifier: D0:B8:49:B9:BC:90:42:A1:55:73:31:93:7E:4A:D7:15:18:AF:61:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0LhJubyQQqFVczGTfkrXFRivYc8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/40/a3fb67-d514-4aee-adb9-72bad9d73c80/1/twJ7Hkh2nna7ob2H9nanBhgKXHM.roa
Signing time: Mon 02 Oct 2023 12:57:51 +0000
ROA not before: Mon 02 Oct 2023 12:57:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49645
IP address blocks: 91.213.76.0/24 maxlen: 24
185.234.130.0/24 maxlen: 24
185.234.129.0/24 maxlen: 24
185.234.128.0/24 maxlen: 24
185.234.128.0/22 maxlen: 22
5.183.168.0/24 maxlen: 24
5.183.171.0/24 maxlen: 24
2a0d:c9c0:1::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:f0:77:68:7b:28:9e:51:06:81:02:fe:2c:01:f1:e3:09
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d0b849b9bc9042a1557331937e4ad71518af61cf
Validity
Not Before: Oct 2 12:57:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b7027b1e48769e76bba1bd87f676a706180a5c73
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:0b:74:16:04:da:33:09:91:ec:e5:1d:14:ae:
e6:f0:5c:cc:7e:4e:72:a2:76:4a:06:14:b0:5f:80:
3f:c4:51:39:a5:ff:72:80:3c:e3:7f:63:ea:99:47:
11:1c:c2:ca:d8:76:b2:b1:e0:0a:d2:53:77:68:9b:
20:3c:97:68:cd:a2:49:4e:07:1f:21:2f:26:99:89:
91:e8:8b:14:55:e3:04:cf:7f:a8:fd:74:86:b3:f9:
6b:53:b9:0a:42:fd:fa:3d:c5:63:78:fb:9a:01:16:
9a:22:82:74:bf:69:86:bf:09:c8:12:f4:ab:57:8f:
d4:06:b6:13:07:ac:16:b5:17:6b:a6:d6:cc:1d:f6:
cb:9a:18:48:51:72:9f:85:d5:c7:a8:c3:d6:b7:67:
46:00:3a:ab:d9:fb:b2:dd:54:55:d2:c4:d1:56:f1:
fd:dc:f4:bf:29:00:d9:9e:4e:4a:fd:c0:ec:6b:77:
38:4d:b8:9d:5d:ad:b7:9e:92:7a:18:ba:d2:57:f3:
e3:8f:f0:93:41:c1:26:41:64:62:c5:27:a8:2b:6d:
a1:21:14:d9:46:0d:ee:68:fe:f4:bd:1a:2e:20:58:
ba:99:2d:74:a2:16:ee:96:d1:2f:ab:dd:3e:73:d9:
56:57:52:62:aa:1b:e7:27:8b:83:33:26:33:56:bf:
e5:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:02:7B:1E:48:76:9E:76:BB:A1:BD:87:F6:76:A7:06:18:0A:5C:73
X509v3 Authority Key Identifier:
keyid:D0:B8:49:B9:BC:90:42:A1:55:73:31:93:7E:4A:D7:15:18:AF:61:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0LhJubyQQqFVczGTfkrXFRivYc8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/a3fb67-d514-4aee-adb9-72bad9d73c80/1/twJ7Hkh2nna7ob2H9nanBhgKXHM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/40/a3fb67-d514-4aee-adb9-72bad9d73c80/1/0LhJubyQQqFVczGTfkrXFRivYc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.183.168.0/24
5.183.171.0/24
91.213.76.0/24
185.234.128.0/22
IPv6:
2a0d:c9c0:1::/48
Signature Algorithm: sha256WithRSAEncryption
80:18:df:f4:79:24:ed:73:33:7c:3c:ec:6e:72:0a:cf:72:4f:
58:09:0f:3b:70:4a:84:ae:b8:1f:0b:dd:a4:35:10:ad:43:ea:
3a:4c:6a:d7:5a:4a:f1:0b:02:43:bf:db:ad:e5:88:99:4e:18:
ec:5b:45:89:ce:16:84:14:99:0a:1c:ee:54:36:82:de:7d:0c:
7d:d1:97:34:95:c0:93:98:0b:2d:c7:f1:26:25:b8:1e:59:89:
fb:50:47:4b:85:c0:d8:12:c6:ea:65:3b:27:9a:3c:79:f4:08:
55:fd:19:7f:a4:08:46:05:4e:37:27:c5:3b:11:1c:a3:13:10:
8e:78:53:1d:b8:26:3c:f1:a9:7d:84:73:51:07:f3:06:df:27:
84:69:f7:de:fa:86:d4:e2:00:a5:0e:c8:46:d2:b9:08:ac:ea:
30:a3:e7:52:34:f2:d1:9d:6b:45:e6:9d:56:d1:a7:bb:34:38:
fd:95:7a:a1:0a:01:20:7f:95:14:28:c0:e5:b3:96:25:38:23:
df:42:95:c8:3c:42:f5:39:52:e3:29:a3:78:37:08:02:10:5a:
71:96:7a:05:6c:26:57:4d:f4:6b:ed:5a:3c:87:7a:42:b8:9f:
93:35:d5:59:01:1d:33:78:35:a2:83:2b:25:1e:d8:43:91:54:
c1:60:61:7a
-----BEGIN CERTIFICATE-----
MIIFIDCCBAigAwIBAgISAYrwd2h7KJ5RBoEC/iwB8eMJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQwYjg0OWI5YmM5MDQyYTE1NTczMzE5MzdlNGFkNzE1MThh
ZjYxY2YwHhcNMjMxMDAyMTI1NzUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNzAyN2IxZTQ4NzY5ZTc2YmJhMWJkODdmNjc2YTcwNjE4MGE1YzczMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyQt0FgTaMwmR7OUdFK7m8FzMfk5y
onZKBhSwX4A/xFE5pf9ygDzjf2PqmUcRHMLK2HayseAK0lN3aJsgPJdozaJJTgcf
IS8mmYmR6IsUVeMEz3+o/XSGs/lrU7kKQv36PcVjePuaARaaIoJ0v2mGvwnIEvSr
V4/UBrYTB6wWtRdrptbMHfbLmhhIUXKfhdXHqMPWt2dGADqr2fuy3VRV0sTRVvH9
3PS/KQDZnk5K/cDsa3c4TbidXa23npJ6GLrSV/Pjj/CTQcEmQWRixSeoK22hIRTZ
Rg3uaP70vRouIFi6mS10ohbultEvq90+c9lWV1JiqhvnJ4uDMyYzVr/ljQIDAQAB
o4ICLDCCAigwHQYDVR0OBBYEFLcCex5Idp52u6G9h/Z2pwYYClxzMB8GA1UdIwQY
MBaAFNC4Sbm8kEKhVXMxk35K1xUYr2HPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMExoSnVieVFRcUZWY3pHVGZrclhGUml2WWM4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC9hM2ZiNjctZDUxNC00YWVlLWFkYjkt
NzJiYWQ5ZDczYzgwLzEvdHdKN0hraDJubmE3b2IySDluYW5CaGdLWEhNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC9hM2ZiNjctZDUxNC00YWVlLWFkYjktNzJiYWQ5ZDczYzgw
LzEvMExoSnVieVFRcUZWY3pHVGZrclhGUml2WWM4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEIGCCsGAQUFBwEHAQH/BDMwMTAeBAIAATAYAwQABbeoAwQA
BberAwQAW9VMAwQCueqAMA8EAgACMAkDBwAqDcnAAAEwDQYJKoZIhvcNAQELBQAD
ggEBAIAY3/R5JO1zM3w87G5yCs9yT1gJDztwSoSuuB8L3aQ1EK1D6jpMatdaSvEL
AkO/263liJlOGOxbRYnOFoQUmQoc7lQ2gt59DH3RlzSVwJOYCy3H8SYluB5ZiftQ
R0uFwNgSxuplOyeaPHn0CFX9GX+kCEYFTjcnxTsRHKMTEI54Ux24JjzxqX2Ec1EH
8wbfJ4Rp9976htTiAKUOyEbSuQis6jCj51I08tGda0XmnVbRp7s0OP2VeqEKASB/
lRQowOWzliU4I99Clcg8QvU5UuMpo3g3CAIQWnGWegVsJldN9GvtWjyHekK4n5M1
1VkBHTN4NaKDKyUe2EORVMFgYXo=
-----END CERTIFICATE-----
Generated at Thu Apr 17 03:21:16 2025 by rpki-client