Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/58f45f-8b07-4e6a-9548-d5b0f91d97c2/1/TVHp2vENV6rd86VQq9-gE0n1cdQ.roa
File: TVHp2vENV6rd86VQq9-gE0n1cdQ.roa (raw, json)
Hash identifier: P420Lel57FPiTACYEiRVh0ZPB16/9ZXiwkQMsKx1+RI=
Subject key identifier: 4D:51:E9:DA:F1:0D:57:AA:DD:F3:A5:50:AB:DF:A0:13:49:F5:71:D4
Certificate issuer: /CN=2b976275547b75df2b04c4f9b291c0710c507740
Certificate serial: 01856DDD6638BAC34085C3E528445069A478
Authority key identifier: 2B:97:62:75:54:7B:75:DF:2B:04:C4:F9:B2:91:C0:71:0C:50:77:40
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/K5didVR7dd8rBMT5spHAcQxQd0A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/42/58f45f-8b07-4e6a-9548-d5b0f91d97c2/1/TVHp2vENV6rd86VQq9-gE0n1cdQ.roa
Signing time: Sun 01 Jan 2023 15:05:04 +0000
ROA not before: Sun 01 Jan 2023 15:05:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 30848
IP address blocks: 185.135.103.0/24 maxlen: 24
85.116.130.0/23 maxlen: 23
85.116.128.0/23 maxlen: 23
185.89.220.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:dd:66:38:ba:c3:40:85:c3:e5:28:44:50:69:a4:78
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2b976275547b75df2b04c4f9b291c0710c507740
Validity
Not Before: Jan 1 15:05:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4d51e9daf10d57aaddf3a550abdfa01349f571d4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:9d:73:50:77:21:02:8d:48:3b:2f:a3:b5:05:
45:d3:15:d0:2e:5d:de:71:1c:df:5e:57:78:96:9e:
f4:f0:f7:83:29:29:c4:64:48:c5:07:62:f9:62:da:
d7:6c:0d:72:4f:a0:f9:31:86:10:8b:ba:e1:9a:86:
65:d3:a7:39:5a:20:e5:90:aa:6f:91:fa:20:6d:bd:
a5:3d:97:de:dd:e4:25:4b:4c:f8:27:33:5b:aa:38:
2c:ab:4e:26:ca:f8:94:bf:4d:14:8b:09:e8:d7:4d:
a4:a6:88:b7:56:ee:7c:42:92:44:87:b8:ce:93:93:
a0:85:9a:c8:b5:82:21:fa:0c:6d:f5:93:30:51:eb:
62:57:cf:a5:6e:38:a5:b0:18:44:2d:77:33:36:ba:
3a:01:18:f9:39:48:91:c6:cd:f5:6b:62:52:19:c1:
d6:3f:f6:ef:d1:6e:55:ca:1a:1d:b5:75:23:76:30:
03:b5:ed:cb:0f:51:be:ac:09:53:e6:0f:3c:c6:f6:
a3:51:81:41:48:39:c4:f0:9b:85:5d:d2:09:ea:c0:
06:7c:e8:3e:b9:1f:c1:b3:1d:36:e8:9a:3d:54:32:
3e:f2:d0:10:09:a6:46:08:c9:e9:29:aa:f9:1a:92:
aa:77:a0:32:3e:5f:4d:46:fb:30:b9:32:a7:c7:b7:
7c:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:51:E9:DA:F1:0D:57:AA:DD:F3:A5:50:AB:DF:A0:13:49:F5:71:D4
X509v3 Authority Key Identifier:
keyid:2B:97:62:75:54:7B:75:DF:2B:04:C4:F9:B2:91:C0:71:0C:50:77:40
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/K5didVR7dd8rBMT5spHAcQxQd0A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/58f45f-8b07-4e6a-9548-d5b0f91d97c2/1/TVHp2vENV6rd86VQq9-gE0n1cdQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/42/58f45f-8b07-4e6a-9548-d5b0f91d97c2/1/K5didVR7dd8rBMT5spHAcQxQd0A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.116.128.0/22
185.89.220.0/23
185.135.103.0/24
Signature Algorithm: sha256WithRSAEncryption
5c:08:d4:43:45:c5:f6:72:3d:40:ec:0b:b1:c4:50:ad:38:fb:
fe:2e:f9:b5:d0:65:dd:4b:56:f7:b7:3e:ff:2f:80:26:a5:2f:
10:c7:87:9f:90:8f:d0:af:9d:66:0d:f3:9f:20:f3:3d:60:c0:
0a:8c:4e:e1:66:7d:ff:c7:02:45:8c:7e:c3:46:03:74:b5:c1:
88:82:ac:b4:9a:1b:2b:ae:67:c5:49:58:e8:43:84:83:0e:ea:
82:60:75:1c:bb:a7:38:b6:bf:7f:e6:d3:dd:07:07:b0:bd:9e:
c6:1f:1c:6e:25:f0:97:9c:07:65:d3:f4:d4:96:94:57:db:ce:
2f:bc:3c:97:5c:c4:97:2c:bc:81:5e:ea:f7:57:94:ca:67:89:
65:7f:4e:ce:04:c0:a6:ee:40:b3:a3:07:c7:7d:02:a9:01:8a:
b0:93:83:7e:bb:4e:9a:35:c8:8b:9c:92:56:82:fe:4a:59:94:
e3:17:5d:c0:ad:44:7f:62:da:10:aa:ed:d6:8c:a9:92:b3:79:
f9:fa:0c:06:77:c5:09:79:80:d3:aa:91:20:70:c6:78:7b:f9:
6f:b6:f3:1a:33:07:3f:e3:c8:b7:e7:54:80:b3:ca:c7:00:00:
ba:d6:ff:3c:7b:9d:86:d4:5f:b7:cb:1a:a6:95:45:23:3d:bd:
a1:51:3d:5c
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVt3WY4usNAhcPlKERQaaR4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJiOTc2Mjc1NTQ3Yjc1ZGYyYjA0YzRmOWIyOTFjMDcxMGM1
MDc3NDAwHhcNMjMwMTAxMTUwNTA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZDUxZTlkYWYxMGQ1N2FhZGRmM2E1NTBhYmRmYTAxMzQ5ZjU3MWQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlZ1zUHchAo1IOy+jtQVF0xXQLl3e
cRzfXld4lp708PeDKSnEZEjFB2L5YtrXbA1yT6D5MYYQi7rhmoZl06c5WiDlkKpv
kfogbb2lPZfe3eQlS0z4JzNbqjgsq04myviUv00Uiwno102kpoi3Vu58QpJEh7jO
k5OghZrItYIh+gxt9ZMwUetiV8+lbjilsBhELXczNro6ARj5OUiRxs31a2JSGcHW
P/bv0W5VyhodtXUjdjADte3LD1G+rAlT5g88xvajUYFBSDnE8JuFXdIJ6sAGfOg+
uR/Bsx026Jo9VDI+8tAQCaZGCMnpKar5GpKqd6AyPl9NRvswuTKnx7d8IwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFE1R6drxDVeq3fOlUKvfoBNJ9XHUMB8GA1UdIwQY
MBaAFCuXYnVUe3XfKwTE+bKRwHEMUHdAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSzVkaWRWUjdkZDhyQk1UNXNwSEFjUXhRZDBBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi81OGY0NWYtOGIwNy00ZTZhLTk1NDgt
ZDViMGY5MWQ5N2MyLzEvVFZIcDJ2RU5WNnJkODZWUXE5LWdFMG4xY2RRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Mi81OGY0NWYtOGIwNy00ZTZhLTk1NDgtZDViMGY5MWQ5N2My
LzEvSzVkaWRWUjdkZDhyQk1UNXNwSEFjUXhRZDBBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCVXSAAwQB
uVncAwQAuYdnMA0GCSqGSIb3DQEBCwUAA4IBAQBcCNRDRcX2cj1A7AuxxFCtOPv+
Lvm10GXdS1b3tz7/L4AmpS8Qx4efkI/Qr51mDfOfIPM9YMAKjE7hZn3/xwJFjH7D
RgN0tcGIgqy0mhsrrmfFSVjoQ4SDDuqCYHUcu6c4tr9/5tPdBwewvZ7GHxxuJfCX
nAdl0/TUlpRX284vvDyXXMSXLLyBXur3V5TKZ4llf07OBMCm7kCzowfHfQKpAYqw
k4N+u06aNciLnJJWgv5KWZTjF13ArUR/YtoQqu3WjKmSs3n5+gwGd8UJeYDTqpEg
cMZ4e/lvtvMaMwc/48i351SAs8rHAAC61v88e52G1F+3yxqmlUUjPb2hUT1c
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:51:03 2025 by rpki-client