Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/37/77f2aa-cc0c-4f15-8b39-addcd8552026/1/T4R5OPoNrnlbcFQ5jpKgVCwlrMQ.roa
File: T4R5OPoNrnlbcFQ5jpKgVCwlrMQ.roa (raw, json)
Hash identifier: BDtSckZ4L5a1mDGQYHW5fOqZbY2YO0xPHNkwFwTaLws=
Subject key identifier: 4F:84:79:38:FA:0D:AE:79:5B:70:54:39:8E:92:A0:54:2C:25:AC:C4
Certificate issuer: /CN=d8300936fb500a7456440aba8b3b8ad53c9f0140
Certificate serial: 018571FA292587BFE7A37818295278192FAB
Authority key identifier: D8:30:09:36:FB:50:0A:74:56:44:0A:BA:8B:3B:8A:D5:3C:9F:01:40
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2DAJNvtQCnRWRAq6izuK1TyfAUA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/37/77f2aa-cc0c-4f15-8b39-addcd8552026/1/T4R5OPoNrnlbcFQ5jpKgVCwlrMQ.roa
Signing time: Mon 02 Jan 2023 10:14:57 +0000
ROA not before: Mon 02 Jan 2023 10:14:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 206922
IP address blocks: 185.171.246.0/24 maxlen: 24
185.171.247.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:fa:29:25:87:bf:e7:a3:78:18:29:52:78:19:2f:ab
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d8300936fb500a7456440aba8b3b8ad53c9f0140
Validity
Not Before: Jan 2 10:14:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4f847938fa0dae795b7054398e92a0542c25acc4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:0b:28:90:7f:cb:f3:30:4a:4d:7f:71:8c:49:
88:05:9f:85:44:92:43:7b:fe:10:28:af:e3:67:c0:
ea:bd:70:ce:4b:20:48:32:c2:53:f0:f9:0d:54:d6:
01:fa:5e:f6:54:96:2c:01:05:5d:03:11:19:eb:c6:
27:81:96:ef:7a:81:ae:46:4d:cd:a4:26:01:b5:df:
2f:13:69:f5:b9:7a:a1:1f:3c:c2:4a:f6:b7:11:53:
49:43:08:c9:41:37:b3:d6:c9:f1:99:1c:59:72:e1:
48:dd:d8:95:cf:67:18:9e:ed:20:32:ca:5a:c1:c8:
8e:02:e6:10:f0:d5:a1:e3:a3:2a:29:fa:a2:95:15:
75:66:fa:33:70:57:7d:20:a7:7f:c2:39:fe:c2:04:
e5:9c:44:c4:93:b6:88:6f:5a:98:68:a0:b1:b9:a8:
97:d3:57:ef:62:d6:a6:30:bb:8c:d8:f4:a0:9c:56:
ef:8d:82:c1:2b:77:a9:49:4a:61:45:99:3e:9a:51:
aa:bb:b0:66:0b:1c:45:47:02:2d:9f:eb:8b:bc:54:
b3:51:4c:79:dd:d3:6c:e9:2a:df:8f:52:12:93:ee:
e6:90:47:c2:e5:02:1c:ee:84:20:7f:42:4a:50:79:
f8:9b:b4:44:38:1e:bb:44:d7:3f:dd:83:48:ba:1c:
13:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4F:84:79:38:FA:0D:AE:79:5B:70:54:39:8E:92:A0:54:2C:25:AC:C4
X509v3 Authority Key Identifier:
keyid:D8:30:09:36:FB:50:0A:74:56:44:0A:BA:8B:3B:8A:D5:3C:9F:01:40
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2DAJNvtQCnRWRAq6izuK1TyfAUA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/37/77f2aa-cc0c-4f15-8b39-addcd8552026/1/T4R5OPoNrnlbcFQ5jpKgVCwlrMQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/37/77f2aa-cc0c-4f15-8b39-addcd8552026/1/2DAJNvtQCnRWRAq6izuK1TyfAUA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.171.246.0/23
Signature Algorithm: sha256WithRSAEncryption
11:0b:29:c0:da:76:5c:75:78:34:d1:bf:d7:71:c6:d2:f3:65:
22:92:7e:6d:4d:77:20:5a:90:55:8b:87:34:db:cc:a3:06:71:
1a:da:40:3c:54:ce:76:37:b7:5c:86:14:d9:06:19:71:0e:3b:
3e:92:52:d1:58:db:53:fb:93:69:75:ee:fb:ba:86:b9:a8:44:
38:57:11:74:1a:ea:a9:8d:6f:25:6b:39:b3:63:f4:25:b9:ce:
e6:40:8b:ed:ea:77:63:ff:cd:aa:26:bd:a7:0a:81:5e:65:8e:
3b:a4:28:3a:ff:97:40:e7:01:77:84:15:ee:1e:63:ab:ca:f2:
f0:bb:3e:3a:36:ea:53:30:0c:e7:92:1c:15:00:67:73:dc:87:
d0:98:48:3a:a1:5f:99:28:fb:c1:35:c9:8c:69:4f:77:7f:9d:
45:d8:1a:9b:b4:45:4c:a0:27:14:b4:42:a3:71:8d:4f:72:59:
6e:02:48:bf:12:ca:7c:80:71:16:f8:e2:ae:b4:3f:27:fa:71:
bc:af:fe:69:2d:db:ab:5b:4d:7c:8f:61:c8:73:b8:2d:31:b1:
20:72:9f:b9:03:68:f1:8f:86:a6:68:7f:5f:8c:63:67:62:76:
e3:42:5c:a2:1f:8b:48:42:56:a3:6c:0b:0f:29:e9:19:b9:b9:
8a:92:4a:64
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVx+iklh7/no3gYKVJ4GS+rMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ4MzAwOTM2ZmI1MDBhNzQ1NjQ0MGFiYThiM2I4YWQ1M2M5
ZjAxNDAwHhcNMjMwMTAyMTAxNDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0Zjg0NzkzOGZhMGRhZTc5NWI3MDU0Mzk4ZTkyYTA1NDJjMjVhY2M0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtwsokH/L8zBKTX9xjEmIBZ+FRJJD
e/4QKK/jZ8DqvXDOSyBIMsJT8PkNVNYB+l72VJYsAQVdAxEZ68YngZbveoGuRk3N
pCYBtd8vE2n1uXqhHzzCSva3EVNJQwjJQTez1snxmRxZcuFI3diVz2cYnu0gMspa
wciOAuYQ8NWh46MqKfqilRV1ZvozcFd9IKd/wjn+wgTlnETEk7aIb1qYaKCxuaiX
01fvYtamMLuM2PSgnFbvjYLBK3epSUphRZk+mlGqu7BmCxxFRwItn+uLvFSzUUx5
3dNs6Srfj1ISk+7mkEfC5QIc7oQgf0JKUHn4m7REOB67RNc/3YNIuhwTHQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFE+EeTj6Da55W3BUOY6SoFQsJazEMB8GA1UdIwQY
MBaAFNgwCTb7UAp0VkQKuos7itU8nwFAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMkRBSk52dFFDblJXUkFxNml6dUsxVHlmQVVBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNy83N2YyYWEtY2MwYy00ZjE1LThiMzkt
YWRkY2Q4NTUyMDI2LzEvVDRSNU9Qb05ybmxiY0ZRNWpwS2dWQ3dsck1RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNy83N2YyYWEtY2MwYy00ZjE1LThiMzktYWRkY2Q4NTUyMDI2
LzEvMkRBSk52dFFDblJXUkFxNml6dUsxVHlmQVVBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBuav2MA0G
CSqGSIb3DQEBCwUAA4IBAQARCynA2nZcdXg00b/XccbS82Uikn5tTXcgWpBVi4c0
28yjBnEa2kA8VM52N7dchhTZBhlxDjs+klLRWNtT+5Npde77uoa5qEQ4VxF0Guqp
jW8lazmzY/Qluc7mQIvt6ndj/82qJr2nCoFeZY47pCg6/5dA5wF3hBXuHmOryvLw
uz46NupTMAznkhwVAGdz3IfQmEg6oV+ZKPvBNcmMaU93f51F2BqbtEVMoCcUtEKj
cY1PclluAki/Esp8gHEW+OKutD8n+nG8r/5pLdurW018j2HIc7gtMbEgcp+5A2jx
j4amaH9fjGNnYnbjQlyiH4tIQlajbAsPKekZubmKkkpk
-----END CERTIFICATE-----
Generated at Wed Apr 16 04:42:15 2025 by rpki-client