Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/25b6b5-28d7-4695-b4de-8bdf291d93d1/1/TgHC-RlIUFDnUZV-1LITBWnvd9g.roa
File: TgHC-RlIUFDnUZV-1LITBWnvd9g.roa (raw, json)
Hash identifier: y/HZfeTpeEpuvvP+hCy6fI0PAPVNUfQqRdLcorRku8w=
Subject key identifier: 4E:01:C2:F9:19:48:50:50:E7:51:95:7E:D4:B2:13:05:69:EF:77:D8
Certificate issuer: /CN=b1ed6676a857590b6365b76c5580d70fca8dbaa6
Certificate serial: 0185715E5BE6DEA35AD8BFB7093DF7AB2226
Authority key identifier: B1:ED:66:76:A8:57:59:0B:63:65:B7:6C:55:80:D7:0F:CA:8D:BA:A6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/se1mdqhXWQtjZbdsVYDXD8qNuqY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/25b6b5-28d7-4695-b4de-8bdf291d93d1/1/TgHC-RlIUFDnUZV-1LITBWnvd9g.roa
Signing time: Mon 02 Jan 2023 07:24:47 +0000
ROA not before: Mon 02 Jan 2023 07:24:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 198932
IP address blocks: 193.242.135.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:5e:5b:e6:de:a3:5a:d8:bf:b7:09:3d:f7:ab:22:26
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b1ed6676a857590b6365b76c5580d70fca8dbaa6
Validity
Not Before: Jan 2 07:24:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4e01c2f919485050e751957ed4b2130569ef77d8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:49:ef:3a:70:d0:d1:a8:40:6b:d0:da:18:3a:
f2:b6:07:15:53:38:fa:3a:1c:99:f0:d4:c8:fe:3a:
3a:83:29:c4:b7:52:53:e6:fe:da:27:f8:e7:fd:75:
c1:75:ee:f4:26:06:e2:9b:fc:cc:83:d2:03:33:e2:
17:0c:02:a7:ca:8b:2b:d6:62:96:74:2d:a5:2f:37:
d2:97:dc:b8:5f:7f:d1:77:8b:fe:c1:26:ad:32:f7:
4d:cf:06:25:59:d5:4a:b7:a4:2b:fe:c7:b6:d4:29:
f7:a0:55:07:8b:01:ba:97:b3:26:6f:a8:56:03:f9:
b3:11:cb:7b:9a:0c:e7:b9:a3:c1:b3:94:5b:d6:8d:
b3:bb:f5:b6:bb:0e:73:cf:bc:5f:db:72:ea:fe:70:
b4:ff:1e:ab:2b:ad:9b:06:39:da:21:a6:d9:aa:fa:
d2:d5:9f:d7:61:62:28:f7:28:fc:68:3f:a5:2a:e7:
4e:4b:1b:96:a9:16:4a:8b:92:73:3b:da:2d:4e:24:
27:49:c5:15:36:34:35:f8:da:57:84:b1:f5:a5:d0:
5a:24:32:5f:78:43:5a:2b:a9:73:8a:c0:49:19:ba:
bd:75:58:38:e8:c0:19:13:a3:49:94:73:f6:d7:aa:
03:18:50:f6:f8:22:17:47:2a:9d:b4:fd:49:85:90:
57:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:01:C2:F9:19:48:50:50:E7:51:95:7E:D4:B2:13:05:69:EF:77:D8
X509v3 Authority Key Identifier:
keyid:B1:ED:66:76:A8:57:59:0B:63:65:B7:6C:55:80:D7:0F:CA:8D:BA:A6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/se1mdqhXWQtjZbdsVYDXD8qNuqY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/25b6b5-28d7-4695-b4de-8bdf291d93d1/1/TgHC-RlIUFDnUZV-1LITBWnvd9g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/25b6b5-28d7-4695-b4de-8bdf291d93d1/1/se1mdqhXWQtjZbdsVYDXD8qNuqY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.242.135.0/24
Signature Algorithm: sha256WithRSAEncryption
a2:f0:15:27:d9:57:1b:c9:b4:36:a5:25:ae:80:48:45:8a:58:
e1:6b:4e:be:26:d1:78:e6:a9:b9:4e:7f:22:57:b7:22:2e:bc:
2c:4c:ce:2b:90:81:e6:14:88:f3:5f:d9:a8:ea:1f:25:72:f8:
44:fb:b9:ba:a0:68:0f:d5:e7:f5:77:45:77:dc:96:e3:07:e3:
f4:01:16:99:b4:2e:37:2f:df:9d:c3:e6:78:f2:df:e9:5d:12:
83:69:4b:32:b4:4a:3d:61:53:0c:ee:72:2c:5f:9e:9d:27:b6:
15:9f:c5:3d:35:56:73:90:f9:1f:40:ae:49:74:23:8f:ab:da:
c2:83:32:4e:79:d6:2b:46:5d:74:c7:46:9e:00:a5:1c:8a:57:
91:43:25:b8:b9:a6:c0:1b:12:21:13:00:b5:f9:5e:96:7d:f7:
de:af:a5:78:ff:f6:23:cd:f1:23:12:db:e4:dd:81:f5:70:88:
34:d7:71:18:f0:03:29:38:b5:80:92:47:fa:f7:4f:8b:19:9d:
d5:a6:ab:3d:ba:53:03:f1:61:c5:cc:b6:17:1e:86:01:0f:71:
d8:ef:a6:e4:8e:e4:5b:6a:34:c1:e7:dd:2b:39:92:0a:fb:f0:
d4:dd:f8:2c:76:ca:8d:36:fc:85:ff:7d:fe:6f:83:cb:bb:13:
6b:79:32:0b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVxXlvm3qNa2L+3CT33qyImMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxZWQ2Njc2YTg1NzU5MGI2MzY1Yjc2YzU1ODBkNzBmY2E4
ZGJhYTYwHhcNMjMwMTAyMDcyNDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZTAxYzJmOTE5NDg1MDUwZTc1MTk1N2VkNGIyMTMwNTY5ZWY3N2Q4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApknvOnDQ0ahAa9DaGDrytgcVUzj6
OhyZ8NTI/jo6gynEt1JT5v7aJ/jn/XXBde70Jgbim/zMg9IDM+IXDAKnyosr1mKW
dC2lLzfSl9y4X3/Rd4v+wSatMvdNzwYlWdVKt6Qr/se21Cn3oFUHiwG6l7Mmb6hW
A/mzEct7mgznuaPBs5Rb1o2zu/W2uw5zz7xf23Lq/nC0/x6rK62bBjnaIabZqvrS
1Z/XYWIo9yj8aD+lKudOSxuWqRZKi5JzO9otTiQnScUVNjQ1+NpXhLH1pdBaJDJf
eENaK6lzisBJGbq9dVg46MAZE6NJlHP216oDGFD2+CIXRyqdtP1JhZBX2QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFE4BwvkZSFBQ51GVftSyEwVp73fYMB8GA1UdIwQY
MBaAFLHtZnaoV1kLY2W3bFWA1w/KjbqmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc2UxbWRxaFhXUXRqWmJkc1ZZRFhEOHFOdXFZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC8yNWI2YjUtMjhkNy00Njk1LWI0ZGUt
OGJkZjI5MWQ5M2QxLzEvVGdIQy1SbElVRkRuVVpWLTFMSVRCV252ZDlnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC8yNWI2YjUtMjhkNy00Njk1LWI0ZGUtOGJkZjI5MWQ5M2Qx
LzEvc2UxbWRxaFhXUXRqWmJkc1ZZRFhEOHFOdXFZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwfKHMA0G
CSqGSIb3DQEBCwUAA4IBAQCi8BUn2VcbybQ2pSWugEhFiljha06+JtF45qm5Tn8i
V7ciLrwsTM4rkIHmFIjzX9mo6h8lcvhE+7m6oGgP1ef1d0V33JbjB+P0ARaZtC43
L9+dw+Z48t/pXRKDaUsytEo9YVMM7nIsX56dJ7YVn8U9NVZzkPkfQK5JdCOPq9rC
gzJOedYrRl10x0aeAKUcileRQyW4uabAGxIhEwC1+V6Wfffer6V4//YjzfEjEtvk
3YH1cIg013EY8AMpOLWAkkf690+LGZ3Vpqs9ulMD8WHFzLYXHoYBD3HY76bkjuRb
ajTB590rOZIK+/DU3fgsdsqNNvyF/33+b4PLuxNreTIL
-----END CERTIFICATE-----
Generated at Sat Apr 19 17:58:59 2025 by rpki-client