Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6d/4b911c-3d4d-42d5-9234-f288137cb500/1/TwQvNwbkK2d-Bx0Ahp8jAPctth0.roa
File: TwQvNwbkK2d-Bx0Ahp8jAPctth0.roa (raw, json)
Hash identifier: Y2UFmWY3NeNgEqgu2XElRf3Dt6uze29ChGA8YxqDhOo=
Subject key identifier: 4F:04:2F:37:06:E4:2B:67:7E:07:1D:00:86:9F:23:00:F7:2D:B6:1D
Certificate issuer: /CN=42b4c79a22a3fe987ef31908cd44ff81e9b1acf4
Certificate serial: 08FBAE18
Authority key identifier: 42:B4:C7:9A:22:A3:FE:98:7E:F3:19:08:CD:44:FF:81:E9:B1:AC:F4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QrTHmiKj_ph-8xkIzUT_gemxrPQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6d/4b911c-3d4d-42d5-9234-f288137cb500/1/TwQvNwbkK2d-Bx0Ahp8jAPctth0.roa
Signing time: Thu 31 Mar 2022 10:13:14 +0000
ROA not before: Thu 31 Mar 2022 10:13:14 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 48293
IP address blocks: 185.108.23.0/24 maxlen: 24
185.108.20.0/22 maxlen: 22
185.108.22.0/24 maxlen: 24
185.108.21.0/24 maxlen: 24
91.212.217.0/24 maxlen: 24
91.194.246.0/24 maxlen: 24
91.194.246.0/23 maxlen: 23
94.228.192.0/20 maxlen: 20
94.228.192.0/24 maxlen: 24
94.228.196.0/24 maxlen: 24
94.228.195.0/24 maxlen: 24
94.228.198.0/24 maxlen: 24
94.228.197.0/24 maxlen: 24
94.228.199.0/24 maxlen: 24
94.228.201.0/24 maxlen: 24
94.228.200.0/24 maxlen: 24
94.228.202.0/24 maxlen: 24
94.228.206.0/24 maxlen: 24
94.228.207.0/24 maxlen: 24
2a06:4180::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 150711832 (0x8fbae18)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=42b4c79a22a3fe987ef31908cd44ff81e9b1acf4
Validity
Not Before: Mar 31 10:13:14 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=4f042f3706e42b677e071d00869f2300f72db61d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:53:da:0d:0d:31:fb:76:67:8d:6f:45:4d:ec:
05:87:32:ed:5d:d5:e6:17:c6:9d:15:c6:9f:ba:33:
32:1a:45:26:1a:76:90:e9:7c:4a:dc:39:7d:4c:62:
3b:10:e1:36:0b:bb:4d:20:69:2e:f1:60:14:a0:90:
0f:e4:fb:48:73:0e:4d:31:a2:87:48:62:ee:72:eb:
7a:08:8a:3d:4e:95:3e:31:eb:85:41:b6:94:74:cb:
f3:7a:d9:7b:e8:aa:78:a7:a7:45:4e:70:02:8d:86:
4b:44:68:b4:25:01:2f:fe:b6:6c:ac:54:b3:d1:08:
75:06:a9:8a:e6:de:13:c9:fe:1f:8d:c0:58:af:9b:
a6:62:cb:6d:bf:27:6c:f4:f8:de:1b:50:4e:df:e9:
22:d1:c0:34:65:f3:37:ee:c0:9d:ea:fb:ee:89:ca:
c7:35:7a:d9:c6:b9:ab:2c:4d:41:44:cd:99:62:67:
45:83:a2:a7:55:45:ab:03:af:0a:6b:2c:d0:c0:a4:
08:fb:c2:da:4e:d5:06:87:fa:95:f1:ac:14:eb:fc:
37:a9:fd:a8:8b:79:7e:0e:98:ae:a5:cc:ce:d5:db:
37:81:52:11:b4:91:c3:f9:1f:17:e7:35:44:31:54:
1f:ee:8e:18:a9:37:90:f6:e7:2b:a1:af:49:0a:e3:
d0:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4F:04:2F:37:06:E4:2B:67:7E:07:1D:00:86:9F:23:00:F7:2D:B6:1D
X509v3 Authority Key Identifier:
keyid:42:B4:C7:9A:22:A3:FE:98:7E:F3:19:08:CD:44:FF:81:E9:B1:AC:F4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QrTHmiKj_ph-8xkIzUT_gemxrPQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/4b911c-3d4d-42d5-9234-f288137cb500/1/TwQvNwbkK2d-Bx0Ahp8jAPctth0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/4b911c-3d4d-42d5-9234-f288137cb500/1/QrTHmiKj_ph-8xkIzUT_gemxrPQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.194.246.0/23
91.212.217.0/24
94.228.192.0/20
185.108.20.0/22
IPv6:
2a06:4180::/29
Signature Algorithm: sha256WithRSAEncryption
56:e7:f4:32:f8:54:f9:20:27:db:3a:2a:c6:ac:0f:d2:20:4b:
03:73:7d:60:c6:42:aa:a2:7b:54:4b:b8:35:23:5a:81:06:30:
ba:ed:bc:04:8b:05:88:8d:66:3f:77:7c:27:83:42:1b:df:15:
cf:00:22:6e:c4:04:c3:51:83:69:9c:e8:83:1d:52:7f:9a:40:
ac:79:4c:bd:be:1f:66:d8:cc:b9:14:65:83:a2:43:a2:c4:81:
de:4d:05:d0:d8:e7:42:4a:04:7e:73:fd:ae:14:e6:dc:81:4d:
9d:cd:de:18:c2:d4:c6:86:5c:dd:0f:ca:64:a2:78:19:87:af:
af:83:d7:63:34:84:e5:1e:f7:e1:b0:72:55:c8:eb:ee:e0:a0:
2f:fc:3f:5f:ad:0d:e8:9b:72:e3:71:fd:28:95:9e:e3:c8:0a:
18:5c:28:56:af:34:4e:49:c2:61:e6:3d:e7:f3:ee:2c:74:ee:
d2:a9:23:d4:80:31:c1:03:2e:8a:ee:98:2f:99:38:53:60:c8:
a9:3e:1c:a8:74:d4:00:a6:79:5f:bc:b5:a7:4b:48:ce:f7:67:
67:35:9d:1d:25:a7:af:9b:59:d8:d7:7b:7a:dc:5b:8d:28:87:
9f:56:32:60:cd:ab:b6:f0:81:9a:a6:31:36:1e:43:6a:d1:0a:
b9:29:63:4e
-----BEGIN CERTIFICATE-----
MIIFEDCCA/igAwIBAgIECPuuGDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0
MmI0Yzc5YTIyYTNmZTk4N2VmMzE5MDhjZDQ0ZmY4MWU5YjFhY2Y0MB4XDTIyMDMz
MTEwMTMxNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNGYwNDJmMzcwNmU0
MmI2NzdlMDcxZDAwODY5ZjIzMDBmNzJkYjYxZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALBT2g0NMft2Z41vRU3sBYcy7V3V5hfGnRXGn7ozMhpFJhp2
kOl8Stw5fUxiOxDhNgu7TSBpLvFgFKCQD+T7SHMOTTGih0hi7nLregiKPU6VPjHr
hUG2lHTL83rZe+iqeKenRU5wAo2GS0RotCUBL/62bKxUs9EIdQapiubeE8n+H43A
WK+bpmLLbb8nbPT43htQTt/pItHANGXzN+7Aner77onKxzV62ca5qyxNQUTNmWJn
RYOip1VFqwOvCmss0MCkCPvC2k7VBof6lfGsFOv8N6n9qIt5fg6YrqXMztXbN4FS
EbSRw/kfF+c1RDFUH+6OGKk3kPbnK6GvSQrj0H0CAwEAAaOCAiowggImMB0GA1Ud
DgQWBBRPBC83BuQrZ34HHQCGnyMA9y22HTAfBgNVHSMEGDAWgBRCtMeaIqP+mH7z
GQjNRP+B6bGs9DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1FyVEhtaUtqX3BoLTh4a0l6VVRfZ2VteHJQUS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNmQvNGI5MTFjLTNkNGQtNDJkNS05MjM0LWYyODgxMzdjYjUwMC8x
L1R3UXZOd2JrSzJkLUJ4MEFocDhqQVBjdHRoMC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNmQv
NGI5MTFjLTNkNGQtNDJkNS05MjM0LWYyODgxMzdjYjUwMC8xL1FyVEhtaUtqX3Bo
LTh4a0l6VVRfZ2VteHJQUS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBA
BggrBgEFBQcBBwEB/wQxMC8wHgQCAAEwGAMEAVvC9gMEAFvU2QMEBF7kwAMEArls
FDANBAIAAjAHAwUDKgZBgDANBgkqhkiG9w0BAQsFAAOCAQEAVuf0MvhU+SAn2zoq
xqwP0iBLA3N9YMZCqqJ7VEu4NSNagQYwuu28BIsFiI1mP3d8J4NCG98VzwAibsQE
w1GDaZzogx1Sf5pArHlMvb4fZtjMuRRlg6JDosSB3k0F0NjnQkoEfnP9rhTm3IFN
nc3eGMLUxoZc3Q/KZKJ4GYevr4PXYzSE5R734bByVcjr7uCgL/w/X60N6Jty43H9
KJWe48gKGFwoVq80TknCYeY95/PuLHTu0qkj1IAxwQMuiu6YL5k4U2DIqT4cqHTU
AKZ5X7y1p0tIzvdnZzWdHSWnr5tZ2Nd7etxbjSiHn1YyYM2rtvCBmqYxNh5DatEK
uSljTg==
-----END CERTIFICATE-----
Generated at Sat Apr 19 01:56:59 2025 by rpki-client