Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0d/d3dba0-d715-495f-9178-393a4080c747/1/tdgSiuyZbn8ybBXaKHxNLlwl3ZI.roa
File: tdgSiuyZbn8ybBXaKHxNLlwl3ZI.roa (raw, json)
Hash identifier: QaXGKW2kvPJwhIB2Eg8UvCD18KJh5DtoEWPaA+fHkrQ=
Subject key identifier: B5:D8:12:8A:EC:99:6E:7F:32:6C:15:DA:28:7C:4D:2E:5C:25:DD:92
Certificate issuer: /CN=e7fec2833d3c8e232903cdd3afc03ecdbe83b085
Certificate serial: 01857343C0AB804CE8702A5C3D0EFAD0DBB6
Authority key identifier: E7:FE:C2:83:3D:3C:8E:23:29:03:CD:D3:AF:C0:3E:CD:BE:83:B0:85
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5_7Cgz08jiMpA83Tr8A-zb6DsIU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0d/d3dba0-d715-495f-9178-393a4080c747/1/tdgSiuyZbn8ybBXaKHxNLlwl3ZI.roa
Signing time: Mon 02 Jan 2023 16:14:58 +0000
ROA not before: Mon 02 Jan 2023 16:14:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 56403
IP address blocks: 185.194.128.0/24 maxlen: 24
46.235.16.0/22 maxlen: 22
46.235.20.0/23 maxlen: 23
46.235.22.0/24 maxlen: 24
46.235.23.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:73:43:c0:ab:80:4c:e8:70:2a:5c:3d:0e:fa:d0:db:b6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e7fec2833d3c8e232903cdd3afc03ecdbe83b085
Validity
Not Before: Jan 2 16:14:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b5d8128aec996e7f326c15da287c4d2e5c25dd92
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:10:9f:55:94:71:7a:43:71:60:0b:11:97:bd:
b1:6b:ac:9d:a1:08:71:54:a6:06:8d:2d:b7:8d:53:
ce:a3:bc:2b:7d:14:bf:7f:e9:7e:53:82:37:29:50:
b3:c2:e6:14:95:9f:8c:f2:64:9d:df:59:79:13:7c:
57:fe:e3:f9:fc:a4:9a:b7:1a:6b:b1:b0:ab:70:f7:
64:e4:46:fe:d2:21:7c:60:24:c4:4d:bb:03:38:91:
9e:9b:12:72:5b:4d:21:43:8c:d6:14:dd:33:12:e1:
fb:e9:8c:2e:4e:30:5a:76:61:bc:02:64:ce:89:30:
cb:5c:e1:4d:ce:5e:ad:84:32:16:33:c2:3a:07:5b:
18:52:8f:d1:aa:37:39:e8:53:42:e8:36:7e:5c:40:
d5:0d:6f:29:80:2a:a9:88:e9:f6:5b:95:5c:74:79:
43:81:20:9e:bc:f0:1b:a2:9c:0f:51:c3:c1:57:38:
ad:ce:1f:8c:d4:b3:50:f9:2b:a4:30:a2:9b:a2:dc:
ec:1a:c8:86:d2:1f:22:3d:03:ba:7c:51:77:e9:bd:
21:1e:0b:49:3e:24:e2:29:bb:25:5b:81:6b:75:33:
3f:e8:19:5d:d0:83:b1:c9:07:34:17:ba:03:c2:0c:
24:68:06:a1:18:34:e0:43:b8:5d:00:a8:a4:f3:3d:
93:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:D8:12:8A:EC:99:6E:7F:32:6C:15:DA:28:7C:4D:2E:5C:25:DD:92
X509v3 Authority Key Identifier:
keyid:E7:FE:C2:83:3D:3C:8E:23:29:03:CD:D3:AF:C0:3E:CD:BE:83:B0:85
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5_7Cgz08jiMpA83Tr8A-zb6DsIU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/d3dba0-d715-495f-9178-393a4080c747/1/tdgSiuyZbn8ybBXaKHxNLlwl3ZI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/d3dba0-d715-495f-9178-393a4080c747/1/5_7Cgz08jiMpA83Tr8A-zb6DsIU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.235.16.0/21
185.194.128.0/24
Signature Algorithm: sha256WithRSAEncryption
11:06:85:23:a4:77:64:fd:df:4c:1c:4b:fa:6d:fa:ad:e9:a7:
e8:31:b0:b0:bf:88:4b:01:98:a1:5b:29:d5:b9:8d:17:f2:75:
21:ca:35:94:68:5a:0e:a4:31:d7:b9:db:0e:92:67:60:3e:ee:
c8:05:d9:12:9c:a4:27:dd:7b:e9:01:2a:a3:72:77:f5:4c:13:
b3:bb:9b:5e:ce:4f:60:8c:3e:20:19:4f:07:62:22:d8:83:55:
57:df:b1:af:77:4e:a9:24:6b:72:e7:81:92:a0:a2:c4:f8:69:
66:e8:cc:93:61:e0:bf:e9:e0:80:5b:1f:f2:5e:0f:d6:da:0f:
be:8f:6e:97:39:ab:0b:1e:b5:bb:1e:5f:88:d3:48:83:91:ee:
af:ff:3c:41:05:84:75:84:d0:94:a5:3c:04:2e:ff:5d:df:11:
0f:c5:a1:e8:38:bb:a2:23:25:22:b0:8b:7b:71:df:ca:0c:19:
da:3a:4e:22:45:e4:a4:ac:9c:b1:84:c5:e1:f6:fc:32:d2:d2:
19:3a:13:c4:b3:66:df:a0:6b:28:d7:e7:de:4c:67:24:b4:2d:
25:59:88:23:9f:9b:74:f7:d9:a0:bb:22:88:21:2d:67:aa:be:
4e:40:38:c4:dc:e6:5d:8e:9e:54:0a:fe:c8:3c:a7:36:b3:0f:
4d:d5:9f:4d
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVzQ8CrgEzocCpcPQ760Nu2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU3ZmVjMjgzM2QzYzhlMjMyOTAzY2RkM2FmYzAzZWNkYmU4
M2IwODUwHhcNMjMwMTAyMTYxNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNWQ4MTI4YWVjOTk2ZTdmMzI2YzE1ZGEyODdjNGQyZTVjMjVkZDkyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzxCfVZRxekNxYAsRl72xa6ydoQhx
VKYGjS23jVPOo7wrfRS/f+l+U4I3KVCzwuYUlZ+M8mSd31l5E3xX/uP5/KSatxpr
sbCrcPdk5Eb+0iF8YCTETbsDOJGemxJyW00hQ4zWFN0zEuH76YwuTjBadmG8AmTO
iTDLXOFNzl6thDIWM8I6B1sYUo/Rqjc56FNC6DZ+XEDVDW8pgCqpiOn2W5VcdHlD
gSCevPAbopwPUcPBVzitzh+M1LNQ+SukMKKbotzsGsiG0h8iPQO6fFF36b0hHgtJ
PiTiKbslW4FrdTM/6Bld0IOxyQc0F7oDwgwkaAahGDTgQ7hdAKik8z2T8wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFLXYEorsmW5/MmwV2ih8TS5cJd2SMB8GA1UdIwQY
MBaAFOf+woM9PI4jKQPN06/APs2+g7CFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNV83Q2d6MDhqaU1wQTgzVHI4QS16YjZEc0lVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZC9kM2RiYTAtZDcxNS00OTVmLTkxNzgt
MzkzYTQwODBjNzQ3LzEvdGRnU2l1eVpibjh5YkJYYUtIeE5MbHdsM1pJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZC9kM2RiYTAtZDcxNS00OTVmLTkxNzgtMzkzYTQwODBjNzQ3
LzEvNV83Q2d6MDhqaU1wQTgzVHI4QS16YjZEc0lVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQDLusQAwQA
ucKAMA0GCSqGSIb3DQEBCwUAA4IBAQARBoUjpHdk/d9MHEv6bfqt6afoMbCwv4hL
AZihWynVuY0X8nUhyjWUaFoOpDHXudsOkmdgPu7IBdkSnKQn3XvpASqjcnf1TBOz
u5tezk9gjD4gGU8HYiLYg1VX37Gvd06pJGty54GSoKLE+Glm6MyTYeC/6eCAWx/y
Xg/W2g++j26XOasLHrW7Hl+I00iDke6v/zxBBYR1hNCUpTwELv9d3xEPxaHoOLui
IyUisIt7cd/KDBnaOk4iReSkrJyxhMXh9vwy0tIZOhPEs2bfoGso1+feTGcktC0l
WYgjn5t099mguyKIIS1nqr5OQDjE3OZdjp5UCv7IPKc2sw9N1Z9N
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:35:05 2025 by rpki-client