Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/TJhzNR6UoUDoNG1lMMpHd8nFgx0.roa
File: TJhzNR6UoUDoNG1lMMpHd8nFgx0.roa (raw, json)
Hash identifier: eNpGQLgT1Zs+QndDZOw7IT0YPdsHIdrXQibYP7RI6iM=
Subject key identifier: 4C:98:73:35:1E:94:A1:40:E8:34:6D:65:30:CA:47:77:C9:C5:83:1D
Certificate issuer: /CN=d60475ebe7f07d74153cb1cca338c16d801f45f7
Certificate serial: 018C390E1B2C93FFC1FD486547BE305396D1
Authority key identifier: D6:04:75:EB:E7:F0:7D:74:15:3C:B1:CC:A3:38:C1:6D:80:1F:45:F7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1gR16-fwfXQVPLHMozjBbYAfRfc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/TJhzNR6UoUDoNG1lMMpHd8nFgx0.roa
Signing time: Tue 05 Dec 2023 08:17:54 +0000
ROA not before: Tue 05 Dec 2023 08:17:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 201295
IP address blocks: 94.74.145.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:39:0e:1b:2c:93:ff:c1:fd:48:65:47:be:30:53:96:d1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d60475ebe7f07d74153cb1cca338c16d801f45f7
Validity
Not Before: Dec 5 08:17:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4c9873351e94a140e8346d6530ca4777c9c5831d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:fd:b1:78:74:a0:34:56:7f:f6:65:a3:c7:55:
30:b1:44:17:12:0c:23:b4:89:03:18:c4:98:65:cb:
34:c3:68:88:da:38:35:fe:75:0e:82:87:f0:9b:94:
1e:b3:5f:af:90:a8:e7:10:bd:70:30:e1:c0:11:b1:
e1:b7:eb:1e:6d:0e:8a:d6:1d:69:12:7a:58:06:9b:
44:c7:20:0e:25:06:bf:37:ac:ac:ce:76:73:fc:41:
83:cf:03:a8:eb:96:a0:d1:19:41:85:7b:59:69:0f:
e6:f3:71:b3:22:c5:04:8b:2e:0d:46:2c:73:8e:38:
d9:6c:a5:4c:90:12:cf:c4:9b:ff:7e:97:dd:bd:7e:
2e:18:84:38:50:91:f2:75:aa:58:75:a1:13:98:5e:
89:dd:70:f8:01:41:5f:31:60:44:19:fa:cd:5e:7f:
15:5a:6b:2f:55:92:68:c9:9a:6d:4b:3c:ca:fb:56:
cf:06:d6:1a:e5:0e:b1:8b:e5:d1:68:b6:5d:46:b2:
e3:bc:1d:b7:66:83:33:86:b4:4c:6b:f5:ca:c5:20:
6e:ec:d6:28:22:37:20:22:48:d1:ab:b6:3a:0d:48:
2e:97:7d:9f:06:0f:49:c7:36:36:ef:86:81:29:9b:
a7:0a:36:92:a9:b1:b3:bd:46:71:bb:a0:6b:0f:9a:
28:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:98:73:35:1E:94:A1:40:E8:34:6D:65:30:CA:47:77:C9:C5:83:1D
X509v3 Authority Key Identifier:
keyid:D6:04:75:EB:E7:F0:7D:74:15:3C:B1:CC:A3:38:C1:6D:80:1F:45:F7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1gR16-fwfXQVPLHMozjBbYAfRfc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/TJhzNR6UoUDoNG1lMMpHd8nFgx0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/1gR16-fwfXQVPLHMozjBbYAfRfc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.74.145.0/24
Signature Algorithm: sha256WithRSAEncryption
24:20:af:a5:7d:49:df:05:5b:4d:fb:fa:9c:12:6f:fd:a7:a8:
b6:44:4a:e7:4a:cd:d4:50:b9:84:37:8b:22:48:9e:99:aa:2e:
18:96:fe:e5:24:ad:78:35:29:d7:08:2b:c4:2b:03:70:e7:fd:
dc:95:b9:c5:6f:a9:65:f9:d6:cf:06:75:12:76:8b:7d:c9:7c:
c4:a9:12:06:a5:4b:32:ac:ae:f9:e7:b7:67:1b:24:01:dc:49:
1b:96:af:b6:d5:b1:03:4b:c8:b0:3f:11:12:b2:cc:e8:50:33:
62:4c:10:3a:d6:af:89:ea:6e:2f:5b:97:da:9e:ff:71:31:44:
6d:d9:12:ef:f5:cb:14:65:03:fe:bf:6b:c7:55:19:a8:d4:28:
63:06:6b:c2:55:d0:e5:66:26:ff:76:d9:02:df:0e:8f:b8:26:
7a:d0:15:c0:b3:b5:ad:5d:01:3e:42:d2:15:51:cb:5f:c5:a9:
74:9e:94:94:8c:e7:5c:fb:ed:53:84:f5:bb:a6:da:47:72:e7:
91:54:50:57:e3:16:85:f5:90:d2:5c:29:1c:f7:86:97:91:e9:
4e:48:02:25:19:3c:6b:6f:86:c0:bb:be:51:fa:36:3e:87:a6:
84:d7:1a:be:f4:1d:1b:e6:70:d3:39:db:59:5a:04:a6:15:d2:
91:37:e9:36
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYw5Dhssk//B/UhlR74wU5bRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ2MDQ3NWViZTdmMDdkNzQxNTNjYjFjY2EzMzhjMTZkODAx
ZjQ1ZjcwHhcNMjMxMjA1MDgxNzU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0Yzk4NzMzNTFlOTRhMTQwZTgzNDZkNjUzMGNhNDc3N2M5YzU4MzFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0v2xeHSgNFZ/9mWjx1UwsUQXEgwj
tIkDGMSYZcs0w2iI2jg1/nUOgofwm5Qes1+vkKjnEL1wMOHAEbHht+sebQ6K1h1p
EnpYBptExyAOJQa/N6ysznZz/EGDzwOo65ag0RlBhXtZaQ/m83GzIsUEiy4NRixz
jjjZbKVMkBLPxJv/fpfdvX4uGIQ4UJHydapYdaETmF6J3XD4AUFfMWBEGfrNXn8V
WmsvVZJoyZptSzzK+1bPBtYa5Q6xi+XRaLZdRrLjvB23ZoMzhrRMa/XKxSBu7NYo
IjcgIkjRq7Y6DUgul32fBg9JxzY274aBKZunCjaSqbGzvUZxu6BrD5oo4QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEyYczUelKFA6DRtZTDKR3fJxYMdMB8GA1UdIwQY
MBaAFNYEdevn8H10FTyxzKM4wW2AH0X3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMWdSMTYtZndmWFFWUExITW96akJiWUFmUmZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC81MmViYWUtZTAwNi00Nzc4LWFjM2Mt
NDk2ZjhlYmIyZDYxLzEvVEpoek5SNlVvVURvTkcxbE1NcEhkOG5GZ3gwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC81MmViYWUtZTAwNi00Nzc4LWFjM2MtNDk2ZjhlYmIyZDYx
LzEvMWdSMTYtZndmWFFWUExITW96akJiWUFmUmZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAXkqRMA0G
CSqGSIb3DQEBCwUAA4IBAQAkIK+lfUnfBVtN+/qcEm/9p6i2RErnSs3UULmEN4si
SJ6Zqi4Ylv7lJK14NSnXCCvEKwNw5/3clbnFb6ll+dbPBnUSdot9yXzEqRIGpUsy
rK7557dnGyQB3Ekblq+21bEDS8iwPxESsszoUDNiTBA61q+J6m4vW5fanv9xMURt
2RLv9csUZQP+v2vHVRmo1ChjBmvCVdDlZib/dtkC3w6PuCZ60BXAs7WtXQE+QtIV
Uctfxal0npSUjOdc++1ThPW7ptpHcueRVFBX4xaF9ZDSXCkc94aXkelOSAIlGTxr
b4bAu75R+jY+h6aE1xq+9B0b5nDTOdtZWgSmFdKRN+k2
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:07:07 2025 by rpki-client