Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/229650-8a01-4370-991e-b504c9ae9bbc/1/TsmzPXcPZI39JHDw1l6Dq9e_Bw0.roa
File: TsmzPXcPZI39JHDw1l6Dq9e_Bw0.roa (raw, json)
Hash identifier: v3w9UhQ0zRsJdG0oftsBfjYJp1yjAtsrStMOh8iSzYE=
Subject key identifier: 4E:C9:B3:3D:77:0F:64:8D:FD:24:70:F0:D6:5E:83:AB:D7:BF:07:0D
Certificate issuer: /CN=123c3de61011de07101e14dc0727395171cb03ab
Certificate serial: 018C2C483F583D5BD5F3FC0738F6C86FC209
Authority key identifier: 12:3C:3D:E6:10:11:DE:07:10:1E:14:DC:07:27:39:51:71:CB:03:AB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ejw95hAR3gcQHhTcByc5UXHLA6s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/229650-8a01-4370-991e-b504c9ae9bbc/1/TsmzPXcPZI39JHDw1l6Dq9e_Bw0.roa
Signing time: Sat 02 Dec 2023 20:46:21 +0000
ROA not before: Sat 02 Dec 2023 20:46:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 203459
IP address blocks: 185.133.225.0/24 maxlen: 24
185.133.226.0/24 maxlen: 24
185.133.224.0/24 maxlen: 24
185.133.227.0/24 maxlen: 24
2a06:7fc0::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:2c:48:3f:58:3d:5b:d5:f3:fc:07:38:f6:c8:6f:c2:09
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=123c3de61011de07101e14dc0727395171cb03ab
Validity
Not Before: Dec 2 20:46:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4ec9b33d770f648dfd2470f0d65e83abd7bf070d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:40:23:97:8c:ef:58:83:f3:c7:ba:08:15:91:
10:82:1d:1d:e7:f9:0d:99:59:36:f0:71:c5:2b:2a:
4d:00:22:ac:91:75:59:01:1c:c8:bd:67:05:b5:c7:
08:bd:cc:e8:83:24:99:ae:4f:d6:6e:98:c0:f6:fa:
16:31:cc:0c:8f:18:8e:19:56:c6:68:24:7d:b3:fe:
35:b0:30:9a:27:7d:3c:d9:7f:50:5e:76:e7:d4:c4:
59:54:df:30:de:4b:89:64:73:bc:39:61:d7:12:d7:
92:9f:59:ba:86:9a:ea:ee:bb:e9:a2:91:de:fb:fc:
9b:66:d4:e6:3d:68:e5:c3:3a:ff:82:03:eb:24:4a:
5e:d4:29:ab:26:da:31:df:c7:34:5a:81:82:77:ba:
76:ab:28:e6:6d:5f:e2:50:f9:51:d5:33:cd:f8:b5:
da:b3:e8:d4:f5:35:34:7f:f7:a9:0a:a5:b1:c7:ab:
06:b2:45:5f:6b:c4:46:6e:bc:2a:18:86:4c:af:13:
36:b6:24:8c:65:33:6d:7c:1c:50:1d:7b:fb:c7:93:
f0:10:8c:34:f3:1e:22:65:b3:3c:7b:f7:3e:9f:b1:
13:33:99:24:37:32:c8:f5:cb:01:76:ac:ba:b6:95:
3b:95:33:8d:fc:af:28:98:c3:ba:3f:ff:15:17:b5:
eb:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:C9:B3:3D:77:0F:64:8D:FD:24:70:F0:D6:5E:83:AB:D7:BF:07:0D
X509v3 Authority Key Identifier:
keyid:12:3C:3D:E6:10:11:DE:07:10:1E:14:DC:07:27:39:51:71:CB:03:AB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ejw95hAR3gcQHhTcByc5UXHLA6s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/229650-8a01-4370-991e-b504c9ae9bbc/1/TsmzPXcPZI39JHDw1l6Dq9e_Bw0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/229650-8a01-4370-991e-b504c9ae9bbc/1/Ejw95hAR3gcQHhTcByc5UXHLA6s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.133.224.0/22
IPv6:
2a06:7fc0::/29
Signature Algorithm: sha256WithRSAEncryption
e4:4d:fe:09:e3:bc:4f:80:f2:6f:8a:d8:05:0e:aa:3b:3c:75:
85:dc:77:1d:ba:54:f6:a3:4a:96:1c:1b:d2:dd:86:16:40:13:
4f:08:b3:99:4e:35:87:4e:9d:3e:ff:1e:88:a7:45:7e:1f:44:
49:f1:3e:1f:77:2c:9b:56:d7:da:d5:b4:0f:bb:ae:9e:75:3a:
fa:2c:4c:99:fd:e8:8d:91:83:9b:1a:7f:4a:56:91:1c:a8:37:
ca:02:6e:fb:f6:76:2a:6a:85:15:9e:8b:54:39:b8:0f:93:df:
d2:86:da:34:97:47:08:91:c0:5c:d8:45:c4:b2:1b:89:f7:6e:
8d:a3:f3:62:d4:38:8d:c2:88:91:a7:6d:d0:8b:3c:a6:e1:ab:
26:3b:02:5c:d8:0a:2c:db:6f:79:7e:58:92:d7:26:8f:41:3c:
dc:9a:ce:0e:b4:3b:e9:30:2b:ba:7f:8a:9f:b4:5f:e4:92:08:
01:3c:ab:8d:5e:36:cf:29:fc:ad:7d:48:6d:ae:ff:b4:06:37:
41:81:a8:85:54:f3:85:42:db:fc:15:2b:7f:57:f0:3f:3a:2c:
c9:41:42:de:1c:c1:6b:47:45:ac:11:e3:3c:2e:0f:71:59:aa:
37:7e:40:95:c6:85:f7:30:f6:fb:a7:6e:fb:ab:e9:1e:7a:ad:
e2:d6:57:af
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYwsSD9YPVvV8/wHOPbIb8IJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEyM2MzZGU2MTAxMWRlMDcxMDFlMTRkYzA3MjczOTUxNzFj
YjAzYWIwHhcNMjMxMjAyMjA0NjIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZWM5YjMzZDc3MGY2NDhkZmQyNDcwZjBkNjVlODNhYmQ3YmYwNzBkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgkAjl4zvWIPzx7oIFZEQgh0d5/kN
mVk28HHFKypNACKskXVZARzIvWcFtccIvczogySZrk/WbpjA9voWMcwMjxiOGVbG
aCR9s/41sDCaJ3082X9QXnbn1MRZVN8w3kuJZHO8OWHXEteSn1m6hprq7rvpopHe
+/ybZtTmPWjlwzr/ggPrJEpe1CmrJtox38c0WoGCd7p2qyjmbV/iUPlR1TPN+LXa
s+jU9TU0f/epCqWxx6sGskVfa8RGbrwqGIZMrxM2tiSMZTNtfBxQHXv7x5PwEIw0
8x4iZbM8e/c+n7ETM5kkNzLI9csBdqy6tpU7lTON/K8omMO6P/8VF7XryQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFE7Jsz13D2SN/SRw8NZeg6vXvwcNMB8GA1UdIwQY
MBaAFBI8PeYQEd4HEB4U3AcnOVFxywOrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRWp3OTVoQVIzZ2NRSGhUY0J5YzVVWEhMQTZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi8yMjk2NTAtOGEwMS00MzcwLTk5MWUt
YjUwNGM5YWU5YmJjLzEvVHNtelBYY1BaSTM5SkhEdzFsNkRxOWVfQncwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi8yMjk2NTAtOGEwMS00MzcwLTk5MWUtYjUwNGM5YWU5YmJj
LzEvRWp3OTVoQVIzZ2NRSGhUY0J5YzVVWEhMQTZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuYXgMA0E
AgACMAcDBQMqBn/AMA0GCSqGSIb3DQEBCwUAA4IBAQDkTf4J47xPgPJvitgFDqo7
PHWF3HcdulT2o0qWHBvS3YYWQBNPCLOZTjWHTp0+/x6Ip0V+H0RJ8T4fdyybVtfa
1bQPu66edTr6LEyZ/eiNkYObGn9KVpEcqDfKAm779nYqaoUVnotUObgPk9/Shto0
l0cIkcBc2EXEshuJ926No/Ni1DiNwoiRp23Qizym4asmOwJc2Aos2295fliS1yaP
QTzcms4OtDvpMCu6f4qftF/kkggBPKuNXjbPKfytfUhtrv+0BjdBgaiFVPOFQtv8
FSt/V/A/OizJQULeHMFrR0WsEeM8Lg9xWao3fkCVxoX3MPb7p277q+keeq3i1lev
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:30:01 2025 by rpki-client