Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/12/f22743-1898-47e5-96e2-f797e1f544d9/1/Tg3ioAnFHdlaTDI2IQlIfo0PlXA.roa
File: Tg3ioAnFHdlaTDI2IQlIfo0PlXA.roa (raw, json)
Hash identifier: zzU526fyBsehvDmng2iiFtIpidlb2pWhYUUYPcHLyQY=
Subject key identifier: 4E:0D:E2:A0:09:C5:1D:D9:5A:4C:32:36:21:09:48:7E:8D:0F:95:70
Certificate issuer: /CN=cf8df52adfe2fce6ae96f6fe05d14089e0247cee
Certificate serial: 0185714C2D73CD57D956F8D479D6C0FFCDBB
Authority key identifier: CF:8D:F5:2A:DF:E2:FC:E6:AE:96:F6:FE:05:D1:40:89:E0:24:7C:EE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/z431Kt_i_Oaulvb-BdFAieAkfO4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/12/f22743-1898-47e5-96e2-f797e1f544d9/1/Tg3ioAnFHdlaTDI2IQlIfo0PlXA.roa
Signing time: Mon 02 Jan 2023 07:04:55 +0000
ROA not before: Mon 02 Jan 2023 07:04:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 205784
IP address blocks: 94.142.248.0/24 maxlen: 24
88.210.29.0/24 maxlen: 24
88.210.49.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:4c:2d:73:cd:57:d9:56:f8:d4:79:d6:c0:ff:cd:bb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cf8df52adfe2fce6ae96f6fe05d14089e0247cee
Validity
Not Before: Jan 2 07:04:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4e0de2a009c51dd95a4c32362109487e8d0f9570
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:e6:67:c7:36:ad:e3:f4:1f:b7:88:b9:5f:05:
4e:c1:f9:db:e9:90:3c:0a:b8:9e:25:7a:b2:c0:14:
67:d3:13:b8:a3:15:09:ce:f0:fc:5a:e2:dd:c1:af:
4d:d0:6a:67:1f:66:29:00:23:58:ba:2c:bf:29:2e:
94:3c:6b:ad:23:be:9e:25:9d:c7:40:c8:fc:a3:e3:
a5:e4:8d:2c:ab:f3:30:ef:32:e7:cd:21:a5:da:3b:
21:06:e9:99:24:25:f4:af:a9:83:2f:63:03:e7:c9:
1f:b8:3f:6b:1d:f6:00:50:10:ef:34:97:4e:ca:41:
23:e5:db:1b:06:83:e9:68:86:2a:5f:1b:06:bb:56:
24:18:a8:5d:93:a1:ea:8b:c5:9f:39:4a:17:11:bb:
d9:5f:a2:da:ba:d3:96:a4:40:e6:a0:54:ff:6c:26:
74:d2:42:47:c7:18:c8:46:35:b9:42:77:63:0e:43:
da:b1:fe:53:8b:fd:bf:6c:ba:99:91:c4:8c:b3:82:
13:1c:97:56:2f:ef:99:ad:8e:07:5e:97:cf:ff:81:
a8:3c:9e:28:d1:26:fc:07:9a:bd:8f:4c:48:3f:e9:
63:a9:78:cc:a9:07:89:02:fa:1b:82:df:7d:ba:8f:
eb:a3:f6:04:fa:7c:24:a7:c3:e4:e6:27:79:d5:fa:
b7:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:0D:E2:A0:09:C5:1D:D9:5A:4C:32:36:21:09:48:7E:8D:0F:95:70
X509v3 Authority Key Identifier:
keyid:CF:8D:F5:2A:DF:E2:FC:E6:AE:96:F6:FE:05:D1:40:89:E0:24:7C:EE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/z431Kt_i_Oaulvb-BdFAieAkfO4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/12/f22743-1898-47e5-96e2-f797e1f544d9/1/Tg3ioAnFHdlaTDI2IQlIfo0PlXA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/12/f22743-1898-47e5-96e2-f797e1f544d9/1/z431Kt_i_Oaulvb-BdFAieAkfO4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
88.210.29.0/24
88.210.49.0/24
94.142.248.0/24
Signature Algorithm: sha256WithRSAEncryption
03:c5:94:0d:f6:51:e6:4a:51:f5:8e:31:16:a6:f3:4c:52:44:
e8:c5:8f:f0:bc:00:65:da:91:27:68:bf:a3:84:56:b2:7e:cd:
9f:14:c3:a6:5d:df:dd:90:f4:cf:f5:d1:82:f8:81:9a:fd:0d:
e9:54:9c:69:10:e6:fa:ad:7e:7e:8b:92:d7:21:79:bb:04:0f:
21:84:c8:ad:2c:10:96:f5:e4:30:be:4f:db:43:1d:c1:c8:18:
fd:d5:5a:a2:84:44:7a:7d:94:15:53:d4:c7:7b:44:9a:93:b2:
0c:a2:e9:95:d0:14:3c:ab:46:40:d5:9c:bb:12:f7:1e:c6:36:
8c:83:f8:30:d6:78:e9:fc:e4:af:ed:6a:e9:6e:be:96:2a:43:
50:c8:b9:f3:db:7d:a4:f3:1f:69:de:9a:3b:18:92:4e:72:eb:
b4:17:2d:5c:9b:11:a2:d9:84:ce:8d:28:0f:fe:0b:99:35:cd:
54:fb:9f:bd:0e:ec:32:f3:c8:f5:80:c7:8f:09:2b:24:14:a1:
f3:3e:8e:c4:80:54:67:f6:22:3c:5b:01:d7:cf:80:0e:ca:16:
16:05:8e:0a:bc:3c:90:18:b2:41:b6:b4:61:aa:db:73:ef:6c:
b0:ae:b1:95:79:c8:d3:d2:3a:ac:e9:d8:77:2d:57:14:45:e7:
42:9c:88:94
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVxTC1zzVfZVvjUedbA/827MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNmOGRmNTJhZGZlMmZjZTZhZTk2ZjZmZTA1ZDE0MDg5ZTAy
NDdjZWUwHhcNMjMwMTAyMDcwNDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZTBkZTJhMDA5YzUxZGQ5NWE0YzMyMzYyMTA5NDg3ZThkMGY5NTcwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk+Znxzat4/Qft4i5XwVOwfnb6ZA8
CrieJXqywBRn0xO4oxUJzvD8WuLdwa9N0GpnH2YpACNYuiy/KS6UPGutI76eJZ3H
QMj8o+Ol5I0sq/Mw7zLnzSGl2jshBumZJCX0r6mDL2MD58kfuD9rHfYAUBDvNJdO
ykEj5dsbBoPpaIYqXxsGu1YkGKhdk6Hqi8WfOUoXEbvZX6LautOWpEDmoFT/bCZ0
0kJHxxjIRjW5QndjDkPasf5Ti/2/bLqZkcSMs4ITHJdWL++ZrY4HXpfP/4GoPJ4o
0Sb8B5q9j0xIP+ljqXjMqQeJAvobgt99uo/ro/YE+nwkp8Pk5id51fq3WwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFE4N4qAJxR3ZWkwyNiEJSH6ND5VwMB8GA1UdIwQY
MBaAFM+N9Srf4vzmrpb2/gXRQIngJHzuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvejQzMUt0X2lfT2F1bHZiLUJkRkFpZUFrZk80LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMi9mMjI3NDMtMTg5OC00N2U1LTk2ZTIt
Zjc5N2UxZjU0NGQ5LzEvVGczaW9BbkZIZGxhVERJMklRbElmbzBQbFhBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMi9mMjI3NDMtMTg5OC00N2U1LTk2ZTItZjc5N2UxZjU0NGQ5
LzEvejQzMUt0X2lfT2F1bHZiLUJkRkFpZUFrZk80LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAWNIdAwQA
WNIxAwQAXo74MA0GCSqGSIb3DQEBCwUAA4IBAQADxZQN9lHmSlH1jjEWpvNMUkTo
xY/wvABl2pEnaL+jhFayfs2fFMOmXd/dkPTP9dGC+IGa/Q3pVJxpEOb6rX5+i5LX
IXm7BA8hhMitLBCW9eQwvk/bQx3ByBj91VqihER6fZQVU9THe0Sak7IMoumV0BQ8
q0ZA1Zy7EvcexjaMg/gw1njp/OSv7Wrpbr6WKkNQyLnz232k8x9p3po7GJJOcuu0
Fy1cmxGi2YTOjSgP/guZNc1U+5+9Duwy88j1gMePCSskFKHzPo7EgFRn9iI8WwHX
z4AOyhYWBY4KvDyQGLJBtrRhqttz72ywrrGVecjT0jqs6dh3LVcURedCnIiU
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:16:15 2025 by rpki-client