Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0f/ad5bfd-85c7-47b7-997c-f5d2cb79456d/1/TjaI18XAi_ncuT7zVpBGky-ijf4.roa
File: TjaI18XAi_ncuT7zVpBGky-ijf4.roa (raw, json)
Hash identifier: BHbEaLEYqk8uV1VzKWanH2ygK+1xBHJFSVlje0+H8EY=
Subject key identifier: 4E:36:88:D7:C5:C0:8B:F9:DC:B9:3E:F3:56:90:46:93:2F:A2:8D:FE
Certificate issuer: /CN=5f099f49978b960fa31f81acf54671273dc7ff61
Certificate serial: 0185708CCFB4036AF0FD5C8813CC65D24E4C
Authority key identifier: 5F:09:9F:49:97:8B:96:0F:A3:1F:81:AC:F5:46:71:27:3D:C7:FF:61
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XwmfSZeLlg-jH4Gs9UZxJz3H_2E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0f/ad5bfd-85c7-47b7-997c-f5d2cb79456d/1/TjaI18XAi_ncuT7zVpBGky-ijf4.roa
Signing time: Mon 02 Jan 2023 03:35:54 +0000
ROA not before: Mon 02 Jan 2023 03:35:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 60979
IP address blocks: 185.22.68.0/22 maxlen: 24
185.70.120.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:8c:cf:b4:03:6a:f0:fd:5c:88:13:cc:65:d2:4e:4c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5f099f49978b960fa31f81acf54671273dc7ff61
Validity
Not Before: Jan 2 03:35:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4e3688d7c5c08bf9dcb93ef3569046932fa28dfe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:fb:9d:c3:07:d6:0a:d6:53:ad:7c:51:d6:58:
ae:b7:c6:b9:7e:b2:a4:58:db:17:76:63:0f:90:8f:
3e:e5:e1:8f:0e:9a:4f:55:34:a3:5e:04:5e:df:6e:
f7:80:a9:a3:5a:84:5d:86:96:c5:62:50:26:9f:8d:
41:34:f1:c3:48:60:d6:cd:8b:3f:b1:e7:9b:66:e1:
90:19:11:d9:4f:3b:a8:de:84:92:e1:ec:c5:42:2d:
60:77:1b:74:54:b0:63:e2:74:85:bd:11:84:2d:ce:
32:d9:0b:26:fc:f2:ad:39:37:66:02:af:8d:73:6a:
29:f8:15:98:a7:68:b7:9e:37:c5:d2:c8:b3:8c:2f:
a2:cd:17:b1:5c:0d:96:3b:11:4a:b0:c7:87:88:89:
92:d7:cf:83:2b:67:78:97:5b:2c:06:23:58:1e:20:
f6:1f:aa:21:31:b8:c3:66:75:40:6b:24:57:27:9d:
08:f9:ad:41:a7:c7:aa:68:3a:77:ea:86:d4:91:47:
a0:34:99:90:80:f4:94:c1:ce:0b:76:ae:a6:e8:1d:
df:5b:95:78:9e:82:a5:70:08:5c:56:49:95:a2:65:
5b:b7:25:0e:a4:af:f0:48:5a:d5:1d:c3:6e:3c:43:
69:69:41:4f:0f:97:c8:c3:03:59:ac:d7:1c:99:e2:
18:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:36:88:D7:C5:C0:8B:F9:DC:B9:3E:F3:56:90:46:93:2F:A2:8D:FE
X509v3 Authority Key Identifier:
keyid:5F:09:9F:49:97:8B:96:0F:A3:1F:81:AC:F5:46:71:27:3D:C7:FF:61
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XwmfSZeLlg-jH4Gs9UZxJz3H_2E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/ad5bfd-85c7-47b7-997c-f5d2cb79456d/1/TjaI18XAi_ncuT7zVpBGky-ijf4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/ad5bfd-85c7-47b7-997c-f5d2cb79456d/1/XwmfSZeLlg-jH4Gs9UZxJz3H_2E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.22.68.0/22
185.70.120.0/22
Signature Algorithm: sha256WithRSAEncryption
01:c1:40:82:eb:7f:de:88:92:4d:46:cb:38:eb:2a:02:51:26:
b8:f2:08:01:2e:7a:d1:1c:5c:9a:1d:cb:81:2a:36:33:62:30:
d2:67:e1:09:7b:ab:1d:22:9c:5c:f4:e2:f8:79:56:31:5c:1a:
11:c7:0e:d3:bf:06:97:9a:8e:bf:e1:93:99:f0:ad:5d:0e:e9:
2b:60:73:63:ab:c9:ae:cb:1c:ea:5f:04:b6:05:60:6e:a9:29:
59:85:04:5b:93:eb:7e:f6:66:14:4f:87:3c:42:fc:3e:c7:cb:
d5:bc:84:1a:b0:3b:dc:5a:39:93:c1:fa:47:3f:54:9a:dc:d2:
99:4e:04:96:c3:35:44:3a:f4:8e:a0:41:7e:07:e3:6e:5e:20:
3d:0b:d8:c7:ee:d1:c5:3b:0f:b8:cd:fb:f1:2d:86:1d:25:34:
02:1a:5f:66:6f:94:dd:30:eb:b8:64:d0:a4:0e:18:47:5f:67:
3f:16:1b:7f:63:27:b9:c0:96:82:bb:28:13:07:50:25:f9:78:
ba:00:b9:e1:bb:f8:ae:41:ba:6c:1f:84:2b:f3:23:ac:82:60:
50:38:90:d8:ef:18:8d:fd:12:b6:46:40:42:54:4e:dc:9c:8d:
95:d7:8b:96:36:bd:6f:67:a5:2f:d4:b4:6d:8c:ef:66:3e:21:
f0:8a:c6:4b
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVwjM+0A2rw/VyIE8xl0k5MMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVmMDk5ZjQ5OTc4Yjk2MGZhMzFmODFhY2Y1NDY3MTI3M2Rj
N2ZmNjEwHhcNMjMwMTAyMDMzNTU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZTM2ODhkN2M1YzA4YmY5ZGNiOTNlZjM1NjkwNDY5MzJmYTI4ZGZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApvudwwfWCtZTrXxR1liut8a5frKk
WNsXdmMPkI8+5eGPDppPVTSjXgRe3273gKmjWoRdhpbFYlAmn41BNPHDSGDWzYs/
seebZuGQGRHZTzuo3oSS4ezFQi1gdxt0VLBj4nSFvRGELc4y2Qsm/PKtOTdmAq+N
c2op+BWYp2i3njfF0sizjC+izRexXA2WOxFKsMeHiImS18+DK2d4l1ssBiNYHiD2
H6ohMbjDZnVAayRXJ50I+a1Bp8eqaDp36obUkUegNJmQgPSUwc4Ldq6m6B3fW5V4
noKlcAhcVkmVomVbtyUOpK/wSFrVHcNuPENpaUFPD5fIwwNZrNccmeIY2wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFE42iNfFwIv53Lk+81aQRpMvoo3+MB8GA1UdIwQY
MBaAFF8Jn0mXi5YPox+BrPVGcSc9x/9hMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWHdtZlNaZUxsZy1qSDRHczlVWnhKejNIXzJFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZi9hZDViZmQtODVjNy00N2I3LTk5N2Mt
ZjVkMmNiNzk0NTZkLzEvVGphSTE4WEFpX25jdVQ3elZwQkdreS1pamY0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZi9hZDViZmQtODVjNy00N2I3LTk5N2MtZjVkMmNiNzk0NTZk
LzEvWHdtZlNaZUxsZy1qSDRHczlVWnhKejNIXzJFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCuRZEAwQC
uUZ4MA0GCSqGSIb3DQEBCwUAA4IBAQABwUCC63/eiJJNRss46yoCUSa48ggBLnrR
HFyaHcuBKjYzYjDSZ+EJe6sdIpxc9OL4eVYxXBoRxw7TvwaXmo6/4ZOZ8K1dDukr
YHNjq8muyxzqXwS2BWBuqSlZhQRbk+t+9mYUT4c8Qvw+x8vVvIQasDvcWjmTwfpH
P1Sa3NKZTgSWwzVEOvSOoEF+B+NuXiA9C9jH7tHFOw+4zfvxLYYdJTQCGl9mb5Td
MOu4ZNCkDhhHX2c/Fht/Yye5wJaCuygTB1Al+Xi6ALnhu/iuQbpsH4Qr8yOsgmBQ
OJDY7xiN/RK2RkBCVE7cnI2V14uWNr1vZ6Uv1LRtjO9mPiHwisZL
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:49:13 2025 by rpki-client