Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/c8c6f6-595c-45b1-a76e-bd192676c9bb/1/tRtEkIrfApVnhTZ0Trp3Hpsynmw.roa
File: tRtEkIrfApVnhTZ0Trp3Hpsynmw.roa (raw, json)
Hash identifier: +iCKw1BD6e3PhNUm3cGzrbz41EUaGDqa6An51xp5hD4=
Subject key identifier: B5:1B:44:90:8A:DF:02:95:67:85:36:74:4E:BA:77:1E:9B:32:9E:6C
Certificate issuer: /CN=2663f3db152e055ac145bdbb429e018654204c8d
Certificate serial: 01856D8B15431D04B1A0A069D0C429AFD209
Authority key identifier: 26:63:F3:DB:15:2E:05:5A:C1:45:BD:BB:42:9E:01:86:54:20:4C:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JmPz2xUuBVrBRb27Qp4BhlQgTI0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/c8c6f6-595c-45b1-a76e-bd192676c9bb/1/tRtEkIrfApVnhTZ0Trp3Hpsynmw.roa
Signing time: Sun 01 Jan 2023 13:35:09 +0000
ROA not before: Sun 01 Jan 2023 13:35:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 206466
IP address blocks: 194.209.31.0/24 maxlen: 24
195.65.142.0/24 maxlen: 24
194.6.170.0/24 maxlen: 24
194.6.173.0/24 maxlen: 24
194.209.199.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:8b:15:43:1d:04:b1:a0:a0:69:d0:c4:29:af:d2:09
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2663f3db152e055ac145bdbb429e018654204c8d
Validity
Not Before: Jan 1 13:35:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b51b44908adf0295678536744eba771e9b329e6c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:33:76:be:06:56:b5:85:6d:25:07:a5:b6:d8:
79:0e:28:2e:85:3d:be:8d:07:fa:4e:7e:cf:63:7c:
c2:ce:f3:92:80:b8:70:b8:6b:dc:fc:be:f4:0e:31:
b4:c0:3f:2d:d4:8a:19:ff:d2:07:99:fe:ac:96:84:
09:10:76:d7:7a:58:54:d6:20:23:ed:52:03:19:da:
18:94:ac:aa:fb:b7:65:b9:7a:a2:43:a7:ca:2e:f6:
69:f7:92:1f:fa:0e:5a:25:70:11:42:14:4a:14:25:
54:09:6a:f3:a5:17:a6:d9:33:65:34:6f:19:40:e2:
70:67:12:12:87:7b:e3:58:82:f8:8d:24:54:49:6f:
e0:51:51:16:d1:5d:7a:30:38:22:aa:90:c9:20:ac:
2d:eb:a2:5d:9d:3a:d2:47:62:a2:d6:da:58:3c:8e:
e9:3b:b6:93:6c:53:a1:ab:d7:c6:27:d3:8b:5b:6f:
11:0c:61:72:f8:d5:52:19:f9:f4:9a:07:63:9a:26:
11:f9:1b:fd:60:ff:c7:11:b5:78:26:ce:93:73:ab:
44:85:c5:b3:6e:dd:32:1c:0c:c1:63:ea:3f:b4:3c:
b9:db:c6:23:9d:26:bb:2b:3d:1c:50:d0:f7:c9:ee:
ba:a1:72:d8:3c:46:22:bc:90:33:96:19:fb:f0:bf:
b9:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:1B:44:90:8A:DF:02:95:67:85:36:74:4E:BA:77:1E:9B:32:9E:6C
X509v3 Authority Key Identifier:
keyid:26:63:F3:DB:15:2E:05:5A:C1:45:BD:BB:42:9E:01:86:54:20:4C:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JmPz2xUuBVrBRb27Qp4BhlQgTI0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/c8c6f6-595c-45b1-a76e-bd192676c9bb/1/tRtEkIrfApVnhTZ0Trp3Hpsynmw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/29/c8c6f6-595c-45b1-a76e-bd192676c9bb/1/JmPz2xUuBVrBRb27Qp4BhlQgTI0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.6.170.0/24
194.6.173.0/24
194.209.31.0/24
194.209.199.0/24
195.65.142.0/24
Signature Algorithm: sha256WithRSAEncryption
78:6c:ab:44:b3:86:a4:bf:6d:98:9c:74:27:0b:95:17:0b:68:
b0:38:6d:cd:05:a4:ec:37:99:ea:4c:11:ff:f1:15:0a:ad:96:
e2:9d:da:b5:9f:10:a9:fb:f8:08:0c:4a:1a:0e:b5:55:a3:31:
bc:58:d8:cd:37:51:b2:95:f8:6d:31:de:c5:76:0e:5b:a7:70:
87:06:7f:d6:b0:c2:d0:f9:fb:8a:b5:35:40:92:8c:9f:51:16:
9a:36:88:40:56:3b:0f:c5:80:ef:ff:ef:d4:d5:ec:d7:7e:cd:
b2:20:b7:2b:55:17:d5:c7:ef:c5:0b:c5:d1:4c:94:44:98:1c:
3a:dc:5b:27:5f:3d:45:77:46:64:f7:cb:72:1b:d1:dc:67:39:
0a:6e:d3:85:ea:c7:ec:20:e0:2b:35:3c:52:39:e7:3e:9f:a5:
9f:d7:b2:1d:72:47:0a:37:c2:e6:03:aa:12:39:03:a4:47:fd:
e5:6a:2b:b0:42:67:4e:60:61:46:44:b9:76:c3:1e:86:03:23:
3c:d3:a7:5f:23:d0:c2:ea:5c:53:f1:89:12:e4:1d:7b:ad:31:
35:10:71:4b:99:23:e5:cf:cf:aa:c4:27:28:a6:90:0e:d9:c4:
0c:53:e8:ca:4d:b4:ea:51:05:68:24:0b:e5:4a:4d:57:15:26:
4f:e8:05:56
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYVtixVDHQSxoKBp0MQpr9IJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI2NjNmM2RiMTUyZTA1NWFjMTQ1YmRiYjQyOWUwMTg2NTQy
MDRjOGQwHhcNMjMwMTAxMTMzNTA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNTFiNDQ5MDhhZGYwMjk1Njc4NTM2NzQ0ZWJhNzcxZTliMzI5ZTZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAljN2vgZWtYVtJQeltth5DiguhT2+
jQf6Tn7PY3zCzvOSgLhwuGvc/L70DjG0wD8t1IoZ/9IHmf6sloQJEHbXelhU1iAj
7VIDGdoYlKyq+7dluXqiQ6fKLvZp95If+g5aJXARQhRKFCVUCWrzpRem2TNlNG8Z
QOJwZxISh3vjWIL4jSRUSW/gUVEW0V16MDgiqpDJIKwt66JdnTrSR2Ki1tpYPI7p
O7aTbFOhq9fGJ9OLW28RDGFy+NVSGfn0mgdjmiYR+Rv9YP/HEbV4Js6Tc6tEhcWz
bt0yHAzBY+o/tDy528YjnSa7Kz0cUND3ye66oXLYPEYivJAzlhn78L+5XQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFLUbRJCK3wKVZ4U2dE66dx6bMp5sMB8GA1UdIwQY
MBaAFCZj89sVLgVawUW9u0KeAYZUIEyNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSm1QejJ4VXVCVnJCUmIyN1FwNEJobFFnVEkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS9jOGM2ZjYtNTk1Yy00NWIxLWE3NmUt
YmQxOTI2NzZjOWJiLzEvdFJ0RWtJcmZBcFZuaFRaMFRycDNIcHN5bm13LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOS9jOGM2ZjYtNTk1Yy00NWIxLWE3NmUtYmQxOTI2NzZjOWJi
LzEvSm1QejJ4VXVCVnJCUmIyN1FwNEJobFFnVEkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAwgaqAwQA
wgatAwQAwtEfAwQAwtHHAwQAw0GOMA0GCSqGSIb3DQEBCwUAA4IBAQB4bKtEs4ak
v22YnHQnC5UXC2iwOG3NBaTsN5nqTBH/8RUKrZbindq1nxCp+/gIDEoaDrVVozG8
WNjNN1GylfhtMd7Fdg5bp3CHBn/WsMLQ+fuKtTVAkoyfURaaNohAVjsPxYDv/+/U
1ezXfs2yILcrVRfVx+/FC8XRTJREmBw63FsnXz1Fd0Zk98tyG9HcZzkKbtOF6sfs
IOArNTxSOec+n6Wf17IdckcKN8LmA6oSOQOkR/3laiuwQmdOYGFGRLl2wx6GAyM8
06dfI9DC6lxT8YkS5B17rTE1EHFLmSPlz8+qxCcoppAO2cQMU+jKTbTqUQVoJAvl
Sk1XFSZP6AVW
-----END CERTIFICATE-----
Generated at Sun Apr 6 22:34:44 2025 by rpki-client