Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a2/a945f7-53b3-4db5-ae04-23772e7f92e3/1/tw6XgbBcHQb14k-DhfRssD8DBwA.roa
File: tw6XgbBcHQb14k-DhfRssD8DBwA.roa (raw, json)
Hash identifier: H1YG3aTQqwgPUjMulEkx0OGCe1ogdf1L6VmxliXt2rc=
Subject key identifier: B7:0E:97:81:B0:5C:1D:06:F5:E2:4F:83:85:F4:6C:B0:3F:03:07:00
Certificate issuer: /CN=1fe90fde9784a91d93a7a2af59d4d043f1171fba
Certificate serial: 01856D6643229BA1A42096019AE9CE0E621C
Authority key identifier: 1F:E9:0F:DE:97:84:A9:1D:93:A7:A2:AF:59:D4:D0:43:F1:17:1F:BA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/H-kP3peEqR2Tp6KvWdTQQ_EXH7o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a2/a945f7-53b3-4db5-ae04-23772e7f92e3/1/tw6XgbBcHQb14k-DhfRssD8DBwA.roa
Signing time: Sun 01 Jan 2023 12:54:56 +0000
ROA not before: Sun 01 Jan 2023 12:54:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 40371
IP address blocks: 84.207.212.0/24 maxlen: 24
83.125.36.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:66:43:22:9b:a1:a4:20:96:01:9a:e9:ce:0e:62:1c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1fe90fde9784a91d93a7a2af59d4d043f1171fba
Validity
Not Before: Jan 1 12:54:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b70e9781b05c1d06f5e24f8385f46cb03f030700
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:1b:45:04:e6:2f:b5:82:36:a2:89:07:eb:2d:
34:54:21:bd:a7:94:08:1d:9a:5a:a9:75:41:d6:b5:
48:4f:12:9a:4b:93:cd:f8:4e:17:1f:c4:e3:f9:e2:
cd:d8:2a:be:3a:de:3f:ff:c5:b6:fb:08:b2:74:d9:
87:a9:f4:3d:b8:fb:ed:3f:b9:be:61:d8:9e:d2:81:
02:9f:41:97:6e:12:70:f4:e2:5f:3a:0a:4c:8b:d3:
02:09:43:9a:39:bd:91:1c:7d:f4:4b:74:4a:58:93:
8a:48:89:b4:ce:d9:30:37:02:4f:31:b3:25:c1:64:
09:6e:98:bc:b4:cb:d4:65:31:0d:1e:fd:7c:ee:3d:
50:7c:f1:07:69:b7:dd:d1:82:d7:17:56:36:a3:dc:
20:a0:26:7d:e0:c6:69:3e:f0:fb:e5:e8:b2:9e:fd:
c7:47:88:f3:f3:10:d1:c0:a4:26:6e:b1:b8:8b:4a:
cf:65:06:05:8c:81:fd:5c:3b:23:20:ab:22:13:39:
47:ac:ef:5f:6e:f8:d0:fd:b3:d8:1b:d5:ea:2a:f0:
45:8e:6b:1a:b5:da:08:72:84:b1:9f:ee:7c:38:e1:
a0:68:47:9f:0c:70:2a:6f:f6:0d:2e:f4:d7:83:45:
1b:6a:75:81:6d:68:e6:e2:79:2f:6d:d1:54:69:59:
da:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:0E:97:81:B0:5C:1D:06:F5:E2:4F:83:85:F4:6C:B0:3F:03:07:00
X509v3 Authority Key Identifier:
keyid:1F:E9:0F:DE:97:84:A9:1D:93:A7:A2:AF:59:D4:D0:43:F1:17:1F:BA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/H-kP3peEqR2Tp6KvWdTQQ_EXH7o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/a945f7-53b3-4db5-ae04-23772e7f92e3/1/tw6XgbBcHQb14k-DhfRssD8DBwA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/a945f7-53b3-4db5-ae04-23772e7f92e3/1/H-kP3peEqR2Tp6KvWdTQQ_EXH7o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.125.36.0/24
84.207.212.0/24
Signature Algorithm: sha256WithRSAEncryption
89:4d:83:c4:6e:42:c8:cc:1d:f9:cf:57:fd:5a:14:3b:28:a7:
a6:fc:f5:31:0f:81:90:38:e5:99:12:f9:50:5d:8b:b4:37:3d:
72:29:db:5a:c0:db:fc:2b:1e:42:58:30:38:ab:3b:3a:a5:39:
a0:8e:b7:98:f3:66:22:bf:be:94:bc:a0:b5:2f:10:90:2e:33:
ca:58:b2:3b:01:32:85:39:fd:44:ba:1b:bd:75:0a:4e:f2:24:
21:a5:4a:3c:92:26:b3:e9:07:4f:49:ca:77:5e:5e:cb:80:44:
b8:c4:28:05:28:cb:df:6f:21:09:4d:2b:38:60:2c:e2:aa:12:
05:6c:5b:7e:e3:f5:a6:ac:8a:15:e6:e8:3f:fb:bd:f8:9b:3c:
32:1f:9b:94:33:c2:5a:11:f0:ec:17:f7:15:37:76:5d:a6:9c:
88:e2:8a:fb:39:e4:13:b1:11:cc:c5:47:71:bc:62:6f:e5:50:
c1:da:7f:ac:24:1e:30:9e:f9:0c:da:d4:7e:d4:69:90:07:5a:
3f:bd:8a:0f:cd:ba:be:fd:2c:c5:7d:35:5d:8c:c8:4e:c0:4b:
65:55:86:4d:85:76:10:7d:b3:df:67:06:22:63:ea:5c:5a:3e:
1e:6a:28:7c:ea:21:e1:b2:a1:ea:45:90:0b:66:d9:79:e1:1d:
5a:7f:ae:69
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVtZkMim6GkIJYBmunODmIcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFmZTkwZmRlOTc4NGE5MWQ5M2E3YTJhZjU5ZDRkMDQzZjEx
NzFmYmEwHhcNMjMwMTAxMTI1NDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNzBlOTc4MWIwNWMxZDA2ZjVlMjRmODM4NWY0NmNiMDNmMDMwNzAwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAshtFBOYvtYI2ookH6y00VCG9p5QI
HZpaqXVB1rVITxKaS5PN+E4XH8Tj+eLN2Cq+Ot4//8W2+wiydNmHqfQ9uPvtP7m+
Ydie0oECn0GXbhJw9OJfOgpMi9MCCUOaOb2RHH30S3RKWJOKSIm0ztkwNwJPMbMl
wWQJbpi8tMvUZTENHv187j1QfPEHabfd0YLXF1Y2o9wgoCZ94MZpPvD75eiynv3H
R4jz8xDRwKQmbrG4i0rPZQYFjIH9XDsjIKsiEzlHrO9fbvjQ/bPYG9XqKvBFjmsa
tdoIcoSxn+58OOGgaEefDHAqb/YNLvTXg0UbanWBbWjm4nkvbdFUaVnaDwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFLcOl4GwXB0G9eJPg4X0bLA/AwcAMB8GA1UdIwQY
MBaAFB/pD96XhKkdk6eir1nU0EPxFx+6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSC1rUDNwZUVxUjJUcDZLdldkVFFRX0VYSDdvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMi9hOTQ1ZjctNTNiMy00ZGI1LWFlMDQt
MjM3NzJlN2Y5MmUzLzEvdHc2WGdiQmNIUWIxNGstRGhmUnNzRDhEQndBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMi9hOTQ1ZjctNTNiMy00ZGI1LWFlMDQtMjM3NzJlN2Y5MmUz
LzEvSC1rUDNwZUVxUjJUcDZLdldkVFFRX0VYSDdvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAU30kAwQA
VM/UMA0GCSqGSIb3DQEBCwUAA4IBAQCJTYPEbkLIzB35z1f9WhQ7KKem/PUxD4GQ
OOWZEvlQXYu0Nz1yKdtawNv8Kx5CWDA4qzs6pTmgjreY82Yiv76UvKC1LxCQLjPK
WLI7ATKFOf1Euhu9dQpO8iQhpUo8kiaz6QdPScp3Xl7LgES4xCgFKMvfbyEJTSs4
YCziqhIFbFt+4/WmrIoV5ug/+734mzwyH5uUM8JaEfDsF/cVN3ZdppyI4or7OeQT
sRHMxUdxvGJv5VDB2n+sJB4wnvkM2tR+1GmQB1o/vYoPzbq+/SzFfTVdjMhOwEtl
VYZNhXYQfbPfZwYiY+pcWj4eaih86iHhsqHqRZALZtl54R1af65p
-----END CERTIFICATE-----
Generated at Wed Apr 16 14:07:00 2025 by rpki-client