Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3f/2c2d33-a367-449b-9c47-171db4690c0a/1/tkpO-08tUq99MW4ZE6gP_e3QbKk.roa
File: tkpO-08tUq99MW4ZE6gP_e3QbKk.roa (raw, json)
Hash identifier: y4UTdfcr2JbYMKEPQ2kEse7wGxmwpYtlpZvlvHvtgjg=
Subject key identifier: B6:4A:4E:FB:4F:2D:52:AF:7D:31:6E:19:13:A8:0F:FD:ED:D0:6C:A9
Certificate issuer: /CN=66634f14586e399cd3802d9c88b1e67d8ddb03a8
Certificate serial: 0E715FD2
Authority key identifier: 66:63:4F:14:58:6E:39:9C:D3:80:2D:9C:88:B1:E6:7D:8D:DB:03:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZmNPFFhuOZzTgC2ciLHmfY3bA6g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3f/2c2d33-a367-449b-9c47-171db4690c0a/1/tkpO-08tUq99MW4ZE6gP_e3QbKk.roa
Signing time: Sat 01 Jan 2022 13:06:18 +0000
ROA not before: Sat 01 Jan 2022 13:06:18 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 41354
IP address blocks: 185.208.88.0/22 maxlen: 24
2a0b:32c0::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 242311122 (0xe715fd2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=66634f14586e399cd3802d9c88b1e67d8ddb03a8
Validity
Not Before: Jan 1 13:06:18 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=b64a4efb4f2d52af7d316e1913a80ffdedd06ca9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:8e:24:ee:f9:3f:a4:44:49:7e:b6:d9:69:43:
6d:2a:e3:8e:c1:ad:64:16:67:05:84:27:a2:ad:b9:
93:c4:1d:6d:ca:f1:bf:30:c2:1f:48:10:c9:1e:84:
b8:04:de:e1:00:f8:54:d5:a1:f6:1e:0f:a8:bd:ec:
3a:ff:dd:72:df:a1:e0:63:29:16:25:d7:72:f1:72:
56:1d:97:9c:04:30:e4:d9:f0:74:fc:43:92:45:da:
a7:0e:f3:dc:ca:13:58:14:2e:f9:98:fb:52:3d:52:
c8:0b:6b:72:77:8a:78:3c:d5:20:b6:2a:70:ba:3a:
30:77:f9:a0:c9:62:0d:ac:12:5a:56:82:fb:46:1c:
d7:ab:04:e5:fe:b9:9e:0f:a1:07:f9:7b:b0:ef:ee:
01:0c:4b:23:86:14:d9:0b:1b:a7:1b:d4:5b:ec:98:
10:14:4e:45:ba:3b:c9:da:a6:a3:59:ef:4c:63:d2:
6c:19:8f:31:44:a9:4e:71:c3:6c:70:a7:c4:47:8d:
fa:ac:38:8d:28:21:bf:c6:87:2c:1a:74:dc:28:00:
b0:8f:15:4a:35:a4:a3:0b:21:6c:bf:fb:bc:3f:5f:
fc:8d:0d:c0:1e:b9:8c:c8:1f:81:b3:78:72:31:a4:
2f:69:97:21:f7:d0:01:4e:be:f4:2b:79:c9:cd:9e:
53:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:4A:4E:FB:4F:2D:52:AF:7D:31:6E:19:13:A8:0F:FD:ED:D0:6C:A9
X509v3 Authority Key Identifier:
keyid:66:63:4F:14:58:6E:39:9C:D3:80:2D:9C:88:B1:E6:7D:8D:DB:03:A8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZmNPFFhuOZzTgC2ciLHmfY3bA6g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/2c2d33-a367-449b-9c47-171db4690c0a/1/tkpO-08tUq99MW4ZE6gP_e3QbKk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/2c2d33-a367-449b-9c47-171db4690c0a/1/ZmNPFFhuOZzTgC2ciLHmfY3bA6g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.208.88.0/22
IPv6:
2a0b:32c0::/29
Signature Algorithm: sha256WithRSAEncryption
6a:9d:f2:9b:10:46:6e:2c:d7:df:cd:19:cc:91:72:5d:ec:f9:
7c:02:c9:5d:0d:83:bf:07:bb:46:fd:68:b2:52:75:ff:72:c0:
39:ff:40:83:f1:31:9e:1b:5f:ac:dd:52:28:45:58:21:96:6e:
ce:e9:8f:a7:0c:a4:58:e7:f9:1c:de:10:bf:42:97:26:05:b5:
9e:ac:72:8a:70:92:4c:84:c9:86:91:1e:15:3c:a4:8a:53:58:
0a:1c:7a:0a:bf:7b:94:c3:93:ca:60:d9:5c:ac:e3:0b:fa:2f:
63:69:c6:22:c7:c0:9b:88:07:74:95:30:82:f3:cd:e2:9f:9a:
46:ba:56:63:8c:09:c7:d9:c1:a9:47:bd:04:24:2a:59:6d:49:
c7:b0:0f:0a:c1:bf:56:99:09:35:75:1a:c7:d4:8d:01:6c:5d:
56:32:d9:90:50:0a:60:b4:2e:00:1f:24:56:3d:c9:79:a0:00:
28:ad:1e:a1:60:05:66:57:1a:50:71:d5:2f:e9:93:be:47:2a:
e3:26:d8:ac:21:46:91:d4:fb:8f:86:08:1b:58:78:8f:7f:a2:
ac:2d:8c:55:de:ed:c7:70:8f:db:75:16:33:ee:67:15:50:f8:
ee:d2:e2:41:7f:90:c0:5e:b8:d8:55:03:86:1e:72:66:31:fe:
bd:dd:de:7b
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIEDnFf0jANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
NjYzNGYxNDU4NmUzOTljZDM4MDJkOWM4OGIxZTY3ZDhkZGIwM2E4MB4XDTIyMDEw
MTEzMDYxOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYjY0YTRlZmI0ZjJk
NTJhZjdkMzE2ZTE5MTNhODBmZmRlZGQwNmNhOTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAIaOJO75P6RESX622WlDbSrjjsGtZBZnBYQnoq25k8Qdbcrx
vzDCH0gQyR6EuATe4QD4VNWh9h4PqL3sOv/dct+h4GMpFiXXcvFyVh2XnAQw5Nnw
dPxDkkXapw7z3MoTWBQu+Zj7Uj1SyAtrcneKeDzVILYqcLo6MHf5oMliDawSWlaC
+0Yc16sE5f65ng+hB/l7sO/uAQxLI4YU2QsbpxvUW+yYEBRORbo7ydqmo1nvTGPS
bBmPMUSpTnHDbHCnxEeN+qw4jSghv8aHLBp03CgAsI8VSjWkowshbL/7vD9f/I0N
wB65jMgfgbN4cjGkL2mXIffQAU6+9Ct5yc2eU9ECAwEAAaOCAhgwggIUMB0GA1Ud
DgQWBBS2Sk77Ty1Sr30xbhkTqA/97dBsqTAfBgNVHSMEGDAWgBRmY08UWG45nNOA
LZyIseZ9jdsDqDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1ptTlBGRmh1T1p6VGdDMmNpTEhtZlkzYkE2Zy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvM2YvMmMyZDMzLWEzNjctNDQ5Yi05YzQ3LTE3MWRiNDY5MGMwYS8x
L3RrcE8tMDh0VXE5OU1XNFpFNmdQX2UzUWJLay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvM2Yv
MmMyZDMzLWEzNjctNDQ5Yi05YzQ3LTE3MWRiNDY5MGMwYS8xL1ptTlBGRmh1T1p6
VGdDMmNpTEhtZlkzYkE2Zy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAu
BggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEArnQWDANBAIAAjAHAwUDKgsywDAN
BgkqhkiG9w0BAQsFAAOCAQEAap3ymxBGbizX380ZzJFyXez5fALJXQ2Dvwe7Rv1o
slJ1/3LAOf9Ag/ExnhtfrN1SKEVYIZZuzumPpwykWOf5HN4Qv0KXJgW1nqxyinCS
TITJhpEeFTykilNYChx6Cr97lMOTymDZXKzjC/ovY2nGIsfAm4gHdJUwgvPN4p+a
RrpWY4wJx9nBqUe9BCQqWW1Jx7APCsG/VpkJNXUax9SNAWxdVjLZkFAKYLQuAB8k
Vj3JeaAAKK0eoWAFZlcaUHHVL+mTvkcq4ybYrCFGkdT7j4YIG1h4j3+irC2MVd7t
x3CP23UWM+5nFVD47tLiQX+QwF642FUDhh5yZjH+vd3eew==
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:41:18 2025 by rpki-client