Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1e/a7c811-de55-4417-bb31-10fced5fd4ee/1/TX5PGM1jOm_EVGe9bnncQ5GfjT0.roa
File: TX5PGM1jOm_EVGe9bnncQ5GfjT0.roa (raw, json)
Hash identifier: 17i4hn1vUhLliadwr+3OM2AuJP7RnzGnwGF7EcP/qHI=
Subject key identifier: 4D:7E:4F:18:CD:63:3A:6F:C4:54:67:BD:6E:79:DC:43:91:9F:8D:3D
Certificate issuer: /CN=edc3988a84f9fbb4185ea4ac5b721845ca28037e
Certificate serial: 01856D13E4A02BDA97A286C4B8CDB3A821D3
Authority key identifier: ED:C3:98:8A:84:F9:FB:B4:18:5E:A4:AC:5B:72:18:45:CA:28:03:7E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7cOYioT5-7QYXqSsW3IYRcooA34.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1e/a7c811-de55-4417-bb31-10fced5fd4ee/1/TX5PGM1jOm_EVGe9bnncQ5GfjT0.roa
Signing time: Sun 01 Jan 2023 11:24:58 +0000
ROA not before: Sun 01 Jan 2023 11:24:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 198398
IP address blocks: 95.156.216.0/22 maxlen: 22
194.110.155.0/24 maxlen: 24
185.184.22.0/23 maxlen: 23
185.184.20.0/23 maxlen: 23
185.184.20.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:13:e4:a0:2b:da:97:a2:86:c4:b8:cd:b3:a8:21:d3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=edc3988a84f9fbb4185ea4ac5b721845ca28037e
Validity
Not Before: Jan 1 11:24:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4d7e4f18cd633a6fc45467bd6e79dc43919f8d3d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:49:68:d5:06:ed:80:60:1e:1d:7f:41:7f:d4:
83:27:6c:21:78:c5:48:99:d3:84:e0:02:0a:76:ea:
36:cb:10:fa:8d:36:ed:c0:f7:3a:f5:46:83:a1:c4:
e5:39:8c:0f:1d:11:89:59:e2:15:ae:4f:e7:f2:86:
f2:5d:e0:53:96:df:63:8f:22:29:8c:ba:b1:4a:ca:
30:86:bb:6a:ab:e7:71:c8:52:6b:b3:26:8a:f0:3a:
f5:cc:55:44:87:ec:d0:71:16:46:8f:5a:05:4d:a2:
ca:ec:0c:4f:f5:0b:1c:c7:b1:4c:09:8b:6f:75:ac:
38:45:3b:26:9c:d1:55:0a:4e:07:5f:90:cd:91:7c:
d4:f6:1c:b8:b0:d9:46:91:be:06:14:fe:1b:32:ba:
53:69:54:55:c5:73:c4:cb:06:af:3a:01:4b:da:f8:
bb:85:d2:fc:fa:cb:cd:44:41:3d:c6:fa:8d:c0:9b:
8c:83:c5:30:bc:f2:60:75:07:aa:f0:4b:a3:a9:76:
c1:b7:a9:b8:6b:72:7a:da:89:c1:37:26:e7:a1:fa:
54:24:ac:c9:88:64:46:c2:be:03:37:9c:e8:9c:d1:
36:ab:43:2a:c4:bf:93:0f:7f:16:2a:46:f9:40:8c:
0b:0f:36:98:f2:7c:81:f2:34:d1:b6:47:dc:67:ee:
f7:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:7E:4F:18:CD:63:3A:6F:C4:54:67:BD:6E:79:DC:43:91:9F:8D:3D
X509v3 Authority Key Identifier:
keyid:ED:C3:98:8A:84:F9:FB:B4:18:5E:A4:AC:5B:72:18:45:CA:28:03:7E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7cOYioT5-7QYXqSsW3IYRcooA34.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/a7c811-de55-4417-bb31-10fced5fd4ee/1/TX5PGM1jOm_EVGe9bnncQ5GfjT0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/a7c811-de55-4417-bb31-10fced5fd4ee/1/7cOYioT5-7QYXqSsW3IYRcooA34.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.156.216.0/22
185.184.20.0/22
194.110.155.0/24
Signature Algorithm: sha256WithRSAEncryption
0b:6c:a0:e6:5f:8b:59:41:f2:72:a5:42:1a:2b:e8:51:89:13:
42:6c:7d:0b:37:d2:21:a3:0d:34:aa:cb:a9:a1:b2:e5:8e:0d:
27:2f:17:68:e9:58:5b:a5:41:b5:d0:bb:a2:13:1c:98:b6:70:
4f:5f:9a:93:0b:d8:9c:d5:37:ed:15:61:fd:df:59:75:1e:b4:
52:d1:c4:92:42:6c:3d:23:2b:5f:d7:22:0e:58:d3:59:99:fa:
52:36:11:29:c3:2f:f2:1b:8f:ad:53:1b:6a:40:42:69:14:43:
64:4d:bf:1f:fc:93:c8:4e:e5:93:96:3d:b1:41:c3:cb:3c:c6:
11:d7:ea:d9:d3:ee:50:05:2b:6c:cb:1f:58:67:0a:00:bd:83:
9b:75:a4:31:90:54:f2:95:3b:19:dd:09:65:f3:6d:9e:24:2d:
e0:ee:a6:c9:0d:1f:80:f0:0c:6f:08:f9:36:08:ea:14:7d:f2:
ec:b2:37:09:d4:f2:c4:82:bf:31:32:bd:a8:b2:55:aa:11:37:
58:7a:3f:38:15:7b:b1:a1:08:14:2c:fb:68:d3:0a:26:a7:53:
41:b5:66:0c:d9:ff:bf:1f:ec:6c:b2:99:18:2f:cc:45:c4:d5:
3e:fc:aa:bd:23:68:b4:05:fa:1f:c5:5b:00:d1:72:82:d3:dd:
db:3e:1f:df
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVtE+SgK9qXoobEuM2zqCHTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVkYzM5ODhhODRmOWZiYjQxODVlYTRhYzViNzIxODQ1Y2Ey
ODAzN2UwHhcNMjMwMTAxMTEyNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZDdlNGYxOGNkNjMzYTZmYzQ1NDY3YmQ2ZTc5ZGM0MzkxOWY4ZDNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiElo1QbtgGAeHX9Bf9SDJ2wheMVI
mdOE4AIKduo2yxD6jTbtwPc69UaDocTlOYwPHRGJWeIVrk/n8obyXeBTlt9jjyIp
jLqxSsowhrtqq+dxyFJrsyaK8Dr1zFVEh+zQcRZGj1oFTaLK7AxP9Qscx7FMCYtv
daw4RTsmnNFVCk4HX5DNkXzU9hy4sNlGkb4GFP4bMrpTaVRVxXPEywavOgFL2vi7
hdL8+svNREE9xvqNwJuMg8UwvPJgdQeq8EujqXbBt6m4a3J62onBNybnofpUJKzJ
iGRGwr4DN5zonNE2q0MqxL+TD38WKkb5QIwLDzaY8nyB8jTRtkfcZ+73QQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFE1+TxjNYzpvxFRnvW553EORn409MB8GA1UdIwQY
MBaAFO3DmIqE+fu0GF6krFtyGEXKKAN+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN2NPWWlvVDUtN1FZWHFTc1czSVlSY29vQTM0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZS9hN2M4MTEtZGU1NS00NDE3LWJiMzEt
MTBmY2VkNWZkNGVlLzEvVFg1UEdNMWpPbV9FVkdlOWJubmNRNUdmalQwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZS9hN2M4MTEtZGU1NS00NDE3LWJiMzEtMTBmY2VkNWZkNGVl
LzEvN2NPWWlvVDUtN1FZWHFTc1czSVlSY29vQTM0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCX5zYAwQC
ubgUAwQAwm6bMA0GCSqGSIb3DQEBCwUAA4IBAQALbKDmX4tZQfJypUIaK+hRiRNC
bH0LN9Ihow00qsupobLljg0nLxdo6VhbpUG10LuiExyYtnBPX5qTC9ic1TftFWH9
31l1HrRS0cSSQmw9Iytf1yIOWNNZmfpSNhEpwy/yG4+tUxtqQEJpFENkTb8f/JPI
TuWTlj2xQcPLPMYR1+rZ0+5QBStsyx9YZwoAvYObdaQxkFTylTsZ3Qll822eJC3g
7qbJDR+A8AxvCPk2COoUffLssjcJ1PLEgr8xMr2oslWqETdYej84FXuxoQgULPto
0womp1NBtWYM2f+/H+xsspkYL8xFxNU+/Kq9I2i0BfofxVsA0XKC093bPh/f
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:19:49 2025 by rpki-client