Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/e5195d-6698-4604-9114-68b3768f50dc/1/TALJ1pPn9qfJUtkJiFN9ffZGJqs.roa
File: TALJ1pPn9qfJUtkJiFN9ffZGJqs.roa (raw, json)
Hash identifier: QAEQflXdM5fORQzFnX/Eydt8/GFSUIIYNR+v41CQu3s=
Subject key identifier: 4C:02:C9:D6:93:E7:F6:A7:C9:52:D9:09:88:53:7D:7D:F6:46:26:AB
Certificate issuer: /CN=4d7683d6ea539fef1b6b6dbdd74a31d05e5f0a23
Certificate serial: 0185723A1DEFB05C2B3F4D094A6F8A61BF8A
Authority key identifier: 4D:76:83:D6:EA:53:9F:EF:1B:6B:6D:BD:D7:4A:31:D0:5E:5F:0A:23
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TXaD1upTn-8ba22910ox0F5fCiM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/09/e5195d-6698-4604-9114-68b3768f50dc/1/TALJ1pPn9qfJUtkJiFN9ffZGJqs.roa
Signing time: Mon 02 Jan 2023 11:24:49 +0000
ROA not before: Mon 02 Jan 2023 11:24:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 200356
IP address blocks: 193.84.18.0/24 maxlen: 24
2a02:4bb::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:3a:1d:ef:b0:5c:2b:3f:4d:09:4a:6f:8a:61:bf:8a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4d7683d6ea539fef1b6b6dbdd74a31d05e5f0a23
Validity
Not Before: Jan 2 11:24:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4c02c9d693e7f6a7c952d90988537d7df64626ab
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:f6:09:d6:29:64:57:18:86:25:b4:5a:9f:ad:
37:86:e2:5e:c8:e7:bb:02:32:1a:b5:a8:ed:15:0d:
b9:76:6e:f4:96:b7:d8:18:bd:f0:59:b7:56:18:e5:
aa:cf:15:0e:c9:9f:24:f4:c0:dd:0a:9b:fb:1f:2c:
6c:e4:73:ac:94:c5:22:f5:b7:e6:25:4d:3c:3f:6e:
71:07:f9:be:5a:e0:a5:13:92:24:b4:3f:cf:61:08:
3b:11:cf:d2:71:12:4a:f5:cd:bc:73:15:52:42:b1:
45:29:d3:7e:74:c7:b6:82:95:aa:7e:d9:a8:96:89:
f2:32:c3:80:f0:c2:08:93:b3:7b:5e:76:12:6b:98:
52:72:18:6b:58:82:16:d7:5c:63:1c:d2:de:e9:ab:
2a:37:c3:0a:93:a1:1d:73:19:e5:0a:5e:ea:0a:72:
dc:5e:d5:d9:8a:7f:fd:3a:91:ba:94:71:06:25:8a:
9e:50:f7:61:eb:b9:4e:21:e2:54:35:ba:26:dd:e0:
be:3b:e3:7d:fa:91:99:cc:7f:96:a9:cb:4c:f6:40:
fe:4e:28:21:82:03:95:a9:f6:c1:c6:82:ce:ce:c4:
9c:75:a4:fb:28:37:a1:8c:78:c5:7d:90:a9:6c:9f:
c5:1e:33:bf:5d:64:09:08:9c:7d:12:0e:9e:7b:18:
fd:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:02:C9:D6:93:E7:F6:A7:C9:52:D9:09:88:53:7D:7D:F6:46:26:AB
X509v3 Authority Key Identifier:
keyid:4D:76:83:D6:EA:53:9F:EF:1B:6B:6D:BD:D7:4A:31:D0:5E:5F:0A:23
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TXaD1upTn-8ba22910ox0F5fCiM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/e5195d-6698-4604-9114-68b3768f50dc/1/TALJ1pPn9qfJUtkJiFN9ffZGJqs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/09/e5195d-6698-4604-9114-68b3768f50dc/1/TXaD1upTn-8ba22910ox0F5fCiM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.84.18.0/24
IPv6:
2a02:4bb::/32
Signature Algorithm: sha256WithRSAEncryption
95:67:af:e5:ba:5c:4d:4a:02:89:ec:91:b2:60:6d:c2:4b:75:
bc:9b:a7:04:b0:c2:02:4b:23:91:52:69:21:d5:3a:66:a9:6c:
5c:5b:25:a5:b5:09:a7:b3:ec:4f:7c:83:21:f9:21:7f:76:14:
f2:16:55:63:e5:02:7e:49:95:2a:bc:4f:8e:48:5d:b1:e2:94:
11:3b:0b:91:50:35:be:f5:2b:7d:ea:e1:6b:c7:fd:7c:89:14:
20:8f:9c:5e:ed:fd:d7:d3:bd:fd:21:e3:86:c5:24:11:b2:dd:
ac:6b:0c:77:65:be:95:c5:29:c2:5e:bc:de:f8:83:75:91:a6:
57:6f:aa:ab:0a:a3:73:6f:9b:1a:3b:41:a6:8f:0c:58:73:59:
a9:16:cb:1c:42:48:b6:b2:f3:9e:14:8a:59:0a:1b:f7:b0:3f:
d2:52:d7:77:c6:51:7e:de:b6:22:48:04:25:bc:68:99:b6:cb:
e7:ac:58:d4:f9:86:27:db:34:c2:5d:0e:96:3c:d2:da:a2:d0:
5f:56:19:b2:05:7d:92:23:7f:58:35:c5:9c:95:36:c2:05:cf:
7f:f4:b5:4b:48:3d:c5:ca:42:ed:4f:37:dd:2f:9c:96:b0:e7:
89:1d:b8:34:7f:fc:03:52:99:3c:01:74:25:f7:9e:81:eb:b6:
80:4b:66:b7
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVyOh3vsFwrP00JSm+KYb+KMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRkNzY4M2Q2ZWE1MzlmZWYxYjZiNmRiZGQ3NGEzMWQwNWU1
ZjBhMjMwHhcNMjMwMTAyMTEyNDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YzAyYzlkNjkzZTdmNmE3Yzk1MmQ5MDk4ODUzN2Q3ZGY2NDYyNmFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhfYJ1ilkVxiGJbRan603huJeyOe7
AjIatajtFQ25dm70lrfYGL3wWbdWGOWqzxUOyZ8k9MDdCpv7Hyxs5HOslMUi9bfm
JU08P25xB/m+WuClE5IktD/PYQg7Ec/ScRJK9c28cxVSQrFFKdN+dMe2gpWqftmo
lonyMsOA8MIIk7N7XnYSa5hSchhrWIIW11xjHNLe6asqN8MKk6EdcxnlCl7qCnLc
XtXZin/9OpG6lHEGJYqeUPdh67lOIeJUNbom3eC+O+N9+pGZzH+WqctM9kD+Tigh
ggOVqfbBxoLOzsScdaT7KDehjHjFfZCpbJ/FHjO/XWQJCJx9Eg6eexj99QIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFEwCydaT5/anyVLZCYhTfX32RiarMB8GA1UdIwQY
MBaAFE12g9bqU5/vG2ttvddKMdBeXwojMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVFhhRDF1cFRuLThiYTIyOTEwb3gwRjVmQ2lNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOS9lNTE5NWQtNjY5OC00NjA0LTkxMTQt
NjhiMzc2OGY1MGRjLzEvVEFMSjFwUG45cWZKVXRrSmlGTjlmZlpHSnFzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOS9lNTE5NWQtNjY5OC00NjA0LTkxMTQtNjhiMzc2OGY1MGRj
LzEvVFhhRDF1cFRuLThiYTIyOTEwb3gwRjVmQ2lNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAwVQSMA0E
AgACMAcDBQAqAgS7MA0GCSqGSIb3DQEBCwUAA4IBAQCVZ6/lulxNSgKJ7JGyYG3C
S3W8m6cEsMICSyORUmkh1TpmqWxcWyWltQmns+xPfIMh+SF/dhTyFlVj5QJ+SZUq
vE+OSF2x4pQROwuRUDW+9St96uFrx/18iRQgj5xe7f3X0739IeOGxSQRst2sawx3
Zb6VxSnCXrze+IN1kaZXb6qrCqNzb5saO0GmjwxYc1mpFsscQki2svOeFIpZChv3
sD/SUtd3xlF+3rYiSAQlvGiZtsvnrFjU+YYn2zTCXQ6WPNLaotBfVhmyBX2SI39Y
NcWclTbCBc9/9LVLSD3FykLtTzfdL5yWsOeJHbg0f/wDUpk8AXQl956B67aAS2a3
-----END CERTIFICATE-----
Generated at Tue Apr 22 03:51:08 2025 by rpki-client