Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/05/9a8ad8-b6c9-4c6c-ac27-62d881aa906f/1/tr-XoPJZ7BOeRfVzuPx9wJoyptk.roa
File: tr-XoPJZ7BOeRfVzuPx9wJoyptk.roa (raw, json)
Hash identifier: ON+Ge5IY48GBYV3pRnrCxU8rpqBhbMKrxSnvL8obB0w=
Subject key identifier: B6:BF:97:A0:F2:59:EC:13:9E:45:F5:73:B8:FC:7D:C0:9A:32:A6:D9
Certificate issuer: /CN=60b9615df8c659dac8cc087bd011d4b5ff373e2a
Certificate serial: 13D283BC
Authority key identifier: 60:B9:61:5D:F8:C6:59:DA:C8:CC:08:7B:D0:11:D4:B5:FF:37:3E:2A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YLlhXfjGWdrIzAh70BHUtf83Pio.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/05/9a8ad8-b6c9-4c6c-ac27-62d881aa906f/1/tr-XoPJZ7BOeRfVzuPx9wJoyptk.roa
Signing time: Sat 01 Jan 2022 02:56:28 +0000
ROA not before: Sat 01 Jan 2022 02:56:28 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 8589
IP address blocks: 185.121.124.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 332563388 (0x13d283bc)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=60b9615df8c659dac8cc087bd011d4b5ff373e2a
Validity
Not Before: Jan 1 02:56:28 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=b6bf97a0f259ec139e45f573b8fc7dc09a32a6d9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:e9:f9:b1:7d:9e:fb:cd:17:51:34:4a:14:0d:
03:72:bd:57:d0:fd:1c:77:78:52:a1:bc:a8:8d:07:
bc:23:b7:35:88:f6:ea:28:08:fe:16:08:2e:51:72:
21:d3:c6:2f:bc:e8:78:12:ab:1f:48:cc:80:6d:a7:
68:0d:89:f3:fc:58:f9:8b:5d:ec:04:24:65:3d:7a:
73:63:5c:c8:52:4b:e1:e4:01:95:53:03:34:ac:c7:
8b:4d:b4:1a:08:7c:69:0a:b0:ae:d5:27:ed:ab:23:
cb:5b:2e:91:2e:60:26:a3:df:52:0c:e9:a2:86:8f:
65:6d:cf:c5:64:f5:13:79:f8:57:61:c7:a3:be:d6:
a2:79:3a:1e:b6:36:ab:24:9e:b3:59:2a:ac:73:22:
6d:b6:31:e9:5e:af:b0:96:ed:23:5d:e4:ca:85:94:
6b:65:55:5c:21:45:97:b4:19:be:2c:53:4c:56:02:
99:05:da:77:ef:ee:be:7c:41:34:b9:7e:1e:54:b4:
1e:24:7a:ab:67:f6:e1:93:80:b0:44:6a:43:47:1c:
48:65:53:af:11:3e:3e:1c:49:81:67:0e:de:21:25:
93:84:2f:2f:77:01:13:6a:f8:ba:3d:dc:af:8d:7c:
3f:19:f2:a1:b3:29:c2:19:2b:a9:f0:6a:77:04:e7:
eb:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:BF:97:A0:F2:59:EC:13:9E:45:F5:73:B8:FC:7D:C0:9A:32:A6:D9
X509v3 Authority Key Identifier:
keyid:60:B9:61:5D:F8:C6:59:DA:C8:CC:08:7B:D0:11:D4:B5:FF:37:3E:2A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YLlhXfjGWdrIzAh70BHUtf83Pio.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/05/9a8ad8-b6c9-4c6c-ac27-62d881aa906f/1/tr-XoPJZ7BOeRfVzuPx9wJoyptk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/05/9a8ad8-b6c9-4c6c-ac27-62d881aa906f/1/YLlhXfjGWdrIzAh70BHUtf83Pio.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.121.124.0/22
Signature Algorithm: sha256WithRSAEncryption
84:18:9d:a0:1a:0e:87:96:a8:64:6d:42:ab:78:d0:a2:09:c3:
d9:01:6a:72:ff:ab:30:7c:17:0d:b8:2b:c1:ff:88:7c:dc:1e:
53:11:b0:d4:04:78:31:a0:ae:a0:15:ac:d0:a8:7b:3a:31:a9:
70:f8:f8:82:90:6f:32:ae:ea:f3:bb:ec:7c:d8:dc:1e:64:9b:
92:8b:19:e5:32:e3:32:66:bb:6b:98:37:3d:4e:a4:6f:b0:8e:
64:50:41:fd:bc:38:99:21:33:d8:6c:7b:25:c0:81:f5:7e:f4:
a2:55:4c:38:1a:25:f0:1e:8e:4a:6f:89:e3:b9:a3:27:5d:4b:
e9:a1:92:e8:27:d4:f0:7c:87:a0:f7:f8:82:74:d6:fa:c2:f0:
d8:06:33:02:78:8e:ba:59:f9:80:35:d4:a3:91:39:4e:97:11:
7a:d5:c5:66:67:4b:b8:29:11:1f:36:4e:b0:6c:b4:84:7f:b0:
b7:d9:1c:d9:bc:4e:77:7c:aa:ca:6e:de:0f:3b:2e:d0:06:9e:
ff:23:c5:8c:65:0f:53:2c:c9:08:7b:1a:1f:e1:02:3b:de:f8:
95:f3:ad:dc:cd:3a:a6:25:68:01:b1:18:00:2c:6f:39:62:8d:
ed:2d:a3:b8:5c:a1:d3:d9:72:40:87:46:e2:ba:89:ad:57:ec:
fd:5b:45:f4
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEE9KDvDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
MGI5NjE1ZGY4YzY1OWRhYzhjYzA4N2JkMDExZDRiNWZmMzczZTJhMB4XDTIyMDEw
MTAyNTYyOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYjZiZjk3YTBmMjU5
ZWMxMzllNDVmNTczYjhmYzdkYzA5YTMyYTZkOTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKTp+bF9nvvNF1E0ShQNA3K9V9D9HHd4UqG8qI0HvCO3NYj2
6igI/hYILlFyIdPGL7zoeBKrH0jMgG2naA2J8/xY+Ytd7AQkZT16c2NcyFJL4eQB
lVMDNKzHi020Ggh8aQqwrtUn7asjy1sukS5gJqPfUgzpooaPZW3PxWT1E3n4V2HH
o77Wonk6HrY2qySes1kqrHMibbYx6V6vsJbtI13kyoWUa2VVXCFFl7QZvixTTFYC
mQXad+/uvnxBNLl+HlS0HiR6q2f24ZOAsERqQ0ccSGVTrxE+PhxJgWcO3iElk4Qv
L3cBE2r4uj3cr418PxnyobMpwhkrqfBqdwTn640CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBS2v5eg8lnsE55F9XO4/H3AmjKm2TAfBgNVHSMEGDAWgBRguWFd+MZZ2sjM
CHvQEdS1/zc+KjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1lMbGhYZmpHV2RySXpBaDcwQkhVdGY4M1Bpby5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMDUvOWE4YWQ4LWI2YzktNGM2Yy1hYzI3LTYyZDg4MWFhOTA2Zi8x
L3RyLVhvUEpaN0JPZVJmVnp1UHg5d0pveXB0ay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMDUv
OWE4YWQ4LWI2YzktNGM2Yy1hYzI3LTYyZDg4MWFhOTA2Zi8xL1lMbGhYZmpHV2Ry
SXpBaDcwQkhVdGY4M1Bpby5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEArl5fDANBgkqhkiG9w0BAQsFAAOC
AQEAhBidoBoOh5aoZG1Cq3jQognD2QFqcv+rMHwXDbgrwf+IfNweUxGw1AR4MaCu
oBWs0Kh7OjGpcPj4gpBvMq7q87vsfNjcHmSbkosZ5TLjMma7a5g3PU6kb7COZFBB
/bw4mSEz2Gx7JcCB9X70olVMOBol8B6OSm+J47mjJ11L6aGS6CfU8HyHoPf4gnTW
+sLw2AYzAniOuln5gDXUo5E5TpcRetXFZmdLuCkRHzZOsGy0hH+wt9kc2bxOd3yq
ym7eDzsu0Aae/yPFjGUPUyzJCHsaH+ECO974lfOt3M06piVoAbEYACxvOWKN7S2j
uFyh09lyQIdG4rqJrVfs/VtF9A==
-----END CERTIFICATE-----
Generated at Thu Apr 17 22:37:15 2025 by rpki-client