Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/06/0044e2-a842-48ab-bc54-62542228291c/1/TVxkn3vS7TdExp8eNuzJ3XeoSMI.roa
File: TVxkn3vS7TdExp8eNuzJ3XeoSMI.roa (raw, json)
Hash identifier: KJ1DhAarnMnEC61uXUF2Mw2JRMPMEEloIP0WtcembTE=
Subject key identifier: 4D:5C:64:9F:7B:D2:ED:37:44:C6:9F:1E:36:EC:C9:DD:77:A8:48:C2
Certificate issuer: /CN=f177817124f20772743bd30594a8853b2bdec6aa
Certificate serial: 0185718C489F1D066C95F42DFBB7677824D0
Authority key identifier: F1:77:81:71:24:F2:07:72:74:3B:D3:05:94:A8:85:3B:2B:DE:C6:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8XeBcSTyB3J0O9MFlKiFOyvexqo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/06/0044e2-a842-48ab-bc54-62542228291c/1/TVxkn3vS7TdExp8eNuzJ3XeoSMI.roa
Signing time: Mon 02 Jan 2023 08:14:57 +0000
ROA not before: Mon 02 Jan 2023 08:14:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49935
IP address blocks: 185.94.136.0/22 maxlen: 27
185.1.243.0/24 maxlen: 28
195.62.90.0/23 maxlen: 27
185.135.191.0/24 maxlen: 27
2a10:1740::/29 maxlen: 126
2001:7f8:12d::/48 maxlen: 126
2001:678:9ac::/48 maxlen: 126
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:8c:48:9f:1d:06:6c:95:f4:2d:fb:b7:67:78:24:d0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f177817124f20772743bd30594a8853b2bdec6aa
Validity
Not Before: Jan 2 08:14:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4d5c649f7bd2ed3744c69f1e36ecc9dd77a848c2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ef:69:2b:c0:af:9b:4b:c5:83:02:95:67:6a:b5:
f8:7e:d9:a5:5a:04:3e:8c:f4:b6:21:e6:dc:45:78:
d3:3a:90:a8:66:a5:a4:7b:9f:1b:ad:52:6a:b3:22:
53:99:5b:3b:48:a6:58:37:ef:68:67:4e:59:ab:19:
f1:d7:f2:81:55:bb:c4:66:93:4b:4b:69:da:a9:df:
38:16:cd:ee:9d:4e:16:11:5c:ef:5b:37:19:55:17:
46:67:d6:46:fb:f2:99:11:71:cb:c2:be:ac:c6:47:
4f:7d:6a:b1:8f:85:85:7a:ae:63:94:98:40:d7:71:
87:2f:25:64:37:1f:6e:32:b8:46:a2:cc:dc:19:4c:
7b:f1:80:77:7b:eb:81:06:64:21:eb:ca:ba:da:4c:
03:7b:30:a7:72:55:8f:b2:5e:ae:0f:23:07:7f:3f:
ae:b2:bc:73:51:c3:f6:c1:de:87:3d:b4:23:8f:cb:
ef:01:1b:f8:27:84:93:fc:e0:d3:81:a2:1a:d0:a3:
fe:35:68:65:fb:5e:ac:e1:87:e2:3d:05:85:9b:7d:
c4:6d:cb:2b:14:01:fe:0c:84:30:f3:38:a2:09:55:
93:3c:02:28:c2:94:c4:9d:66:c2:4e:91:3b:f8:f1:
8a:32:77:ce:97:3a:36:ba:5e:98:4b:b3:bd:99:32:
e1:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:5C:64:9F:7B:D2:ED:37:44:C6:9F:1E:36:EC:C9:DD:77:A8:48:C2
X509v3 Authority Key Identifier:
keyid:F1:77:81:71:24:F2:07:72:74:3B:D3:05:94:A8:85:3B:2B:DE:C6:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8XeBcSTyB3J0O9MFlKiFOyvexqo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/06/0044e2-a842-48ab-bc54-62542228291c/1/TVxkn3vS7TdExp8eNuzJ3XeoSMI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/06/0044e2-a842-48ab-bc54-62542228291c/1/8XeBcSTyB3J0O9MFlKiFOyvexqo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.1.243.0/24
185.94.136.0/22
185.135.191.0/24
195.62.90.0/23
IPv6:
2001:678:9ac::/48
2001:7f8:12d::/48
2a10:1740::/29
Signature Algorithm: sha256WithRSAEncryption
45:32:eb:4d:32:b8:96:e0:bb:2f:e3:a8:15:a0:7c:75:09:91:
30:ce:32:8f:4a:dd:16:5a:1f:50:67:55:2a:c7:3f:93:89:d2:
e6:24:0c:53:98:ab:f0:3b:5f:9e:16:55:54:f0:29:7e:c2:86:
66:01:3c:ea:63:de:f5:1e:5c:6d:1e:6c:c7:9c:be:f9:04:9f:
20:61:06:c3:79:ce:04:64:ed:71:fa:ac:d9:f2:42:62:d2:a3:
cc:13:7d:98:4a:9c:73:d9:6b:d2:ed:81:a7:e5:46:f8:a9:4c:
b3:f5:c6:7c:5b:e6:b6:bd:64:a6:d8:1e:84:16:b1:58:53:c4:
99:a5:84:ec:7c:49:a1:f7:e5:91:2b:2a:5d:00:b4:1f:38:b8:
48:36:b2:79:13:bc:21:6f:c5:03:bd:a8:e1:28:24:e1:ba:56:
76:f1:24:a8:17:d3:28:0d:0b:05:2e:b9:0c:89:75:9c:bd:90:
7f:6a:fc:47:3f:2e:2b:f8:cd:13:e2:be:63:76:fa:9a:87:99:
1e:4c:ea:f4:34:b0:94:00:a4:73:79:07:ec:62:30:7c:b6:f8:
1e:66:d9:6d:73:ae:05:bb:91:94:ec:98:e6:56:b1:34:a5:9a:
e1:13:07:82:77:0e:b8:05:f4:57:c4:08:9c:78:c4:72:b2:41:
a7:dc:c3:a3
-----BEGIN CERTIFICATE-----
MIIFMDCCBBigAwIBAgISAYVxjEifHQZslfQt+7dneCTQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxNzc4MTcxMjRmMjA3NzI3NDNiZDMwNTk0YTg4NTNiMmJk
ZWM2YWEwHhcNMjMwMTAyMDgxNDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZDVjNjQ5ZjdiZDJlZDM3NDRjNjlmMWUzNmVjYzlkZDc3YTg0OGMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA72krwK+bS8WDApVnarX4ftmlWgQ+
jPS2IebcRXjTOpCoZqWke58brVJqsyJTmVs7SKZYN+9oZ05Zqxnx1/KBVbvEZpNL
S2naqd84Fs3unU4WEVzvWzcZVRdGZ9ZG+/KZEXHLwr6sxkdPfWqxj4WFeq5jlJhA
13GHLyVkNx9uMrhGoszcGUx78YB3e+uBBmQh68q62kwDezCnclWPsl6uDyMHfz+u
srxzUcP2wd6HPbQjj8vvARv4J4ST/ODTgaIa0KP+NWhl+16s4YfiPQWFm33Ebcsr
FAH+DIQw8ziiCVWTPAIowpTEnWbCTpE7+PGKMnfOlzo2ul6YS7O9mTLhOQIDAQAB
o4ICPDCCAjgwHQYDVR0OBBYEFE1cZJ970u03RMafHjbsyd13qEjCMB8GA1UdIwQY
MBaAFPF3gXEk8gdydDvTBZSohTsr3saqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOFhlQmNTVHlCM0owTzlNRmxLaUZPeXZleHFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNi8wMDQ0ZTItYTg0Mi00OGFiLWJjNTQt
NjI1NDIyMjgyOTFjLzEvVFZ4a24zdlM3VGRFeHA4ZU51ekozWGVvU01JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNi8wMDQ0ZTItYTg0Mi00OGFiLWJjNTQtNjI1NDIyMjgyOTFj
LzEvOFhlQmNTVHlCM0owTzlNRmxLaUZPeXZleHFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFIGCCsGAQUFBwEHAQH/BEMwQTAeBAIAATAYAwQAuQHzAwQC
uV6IAwQAuYe/AwQBwz5aMB8EAgACMBkDBwAgAQZ4CawDBwAgAQf4AS0DBQMqEBdA
MA0GCSqGSIb3DQEBCwUAA4IBAQBFMutNMriW4Lsv46gVoHx1CZEwzjKPSt0WWh9Q
Z1Uqxz+TidLmJAxTmKvwO1+eFlVU8Cl+woZmATzqY971HlxtHmzHnL75BJ8gYQbD
ec4EZO1x+qzZ8kJi0qPME32YSpxz2WvS7YGn5Ub4qUyz9cZ8W+a2vWSm2B6EFrFY
U8SZpYTsfEmh9+WRKypdALQfOLhINrJ5E7whb8UDvajhKCThulZ28SSoF9MoDQsF
LrkMiXWcvZB/avxHPy4r+M0T4r5jdvqah5keTOr0NLCUAKRzeQfsYjB8tvgeZtlt
c64Fu5GU7JjmVrE0pZrhEweCdw64BfRXxAiceMRyskGn3MOj
-----END CERTIFICATE-----
Generated at Mon Apr 21 10:41:52 2025 by rpki-client