Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/43/3bb178-b336-489c-9e8d-0d1164daa1e4/1/1-tTMXqr10GRr85tbwWJdWIcR3EI.roa
File: 1-tTMXqr10GRr85tbwWJdWIcR3EI.roa (raw, json)
Hash identifier: kDbHYOJ+8mA/ZnZK/YBkI4XHNl7qrNTXrNzYBqvDJG8=
Subject key identifier: FA:D4:CC:5E:AA:F5:D0:64:6B:F3:9B:5B:C1:62:5D:58:87:11:DC:42
Certificate issuer: /CN=92296e30487ba9463e4b6adc81ab7da647c39fe7
Certificate serial: 0832DA63
Authority key identifier: 92:29:6E:30:48:7B:A9:46:3E:4B:6A:DC:81:AB:7D:A6:47:C3:9F:E7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kiluMEh7qUY-S2rcgat9pkfDn-c.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/43/3bb178-b336-489c-9e8d-0d1164daa1e4/1/1-tTMXqr10GRr85tbwWJdWIcR3EI.roa
Signing time: Sat 01 Jan 2022 03:57:16 +0000
ROA not before: Sat 01 Jan 2022 03:57:16 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 41268
IP address blocks: 93.186.96.0/20 maxlen: 32
193.203.60.0/22 maxlen: 32
185.140.160.0/22 maxlen: 32
37.235.128.0/17 maxlen: 32
2a03:2c00::/32 maxlen: 128
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 137550435 (0x832da63)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=92296e30487ba9463e4b6adc81ab7da647c39fe7
Validity
Not Before: Jan 1 03:57:16 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=fad4cc5eaaf5d0646bf39b5bc1625d588711dc42
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:b4:29:d0:d5:ec:71:77:5a:76:f5:86:e1:3d:
03:83:4c:84:3b:01:7c:78:21:05:13:4e:76:33:9d:
0f:3c:85:20:35:98:85:54:ac:71:9c:a3:ad:de:20:
c0:0b:0e:e5:c4:b3:30:20:21:bc:8a:61:d9:6c:0e:
55:23:47:0e:7f:e8:58:46:a4:73:2a:b0:3a:f9:c7:
db:15:78:f3:99:c0:1a:2f:65:7e:31:50:21:1b:21:
db:da:6d:c0:5c:0a:83:df:4d:54:7d:eb:31:e9:d5:
28:8a:9c:40:9f:ae:a0:84:98:6f:c7:8f:70:83:2e:
b4:31:cd:db:26:c1:3b:0a:2a:c5:18:50:ce:16:f0:
bc:56:20:fd:e9:3f:3e:f9:0c:57:9c:83:86:a7:5d:
48:96:41:1d:15:93:dd:4f:53:eb:bc:ea:0a:c3:ed:
3c:6e:ca:37:c5:51:88:a2:82:43:3c:a7:ab:e0:b0:
29:fe:cf:2f:5b:cf:eb:69:eb:6c:e3:d9:1b:b4:50:
ec:f1:2a:2a:cc:7d:e5:7b:9a:5f:c2:c2:0d:3e:75:
a9:c6:fd:8d:69:02:f2:17:0d:3a:06:0b:6a:85:6e:
ab:75:8e:e2:52:62:ce:f5:a3:c5:bd:fc:43:53:8b:
b1:84:3b:46:fc:41:33:9d:e9:ce:bf:98:28:02:04:
2a:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:D4:CC:5E:AA:F5:D0:64:6B:F3:9B:5B:C1:62:5D:58:87:11:DC:42
X509v3 Authority Key Identifier:
keyid:92:29:6E:30:48:7B:A9:46:3E:4B:6A:DC:81:AB:7D:A6:47:C3:9F:E7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kiluMEh7qUY-S2rcgat9pkfDn-c.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/43/3bb178-b336-489c-9e8d-0d1164daa1e4/1/1-tTMXqr10GRr85tbwWJdWIcR3EI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/43/3bb178-b336-489c-9e8d-0d1164daa1e4/1/kiluMEh7qUY-S2rcgat9pkfDn-c.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.235.128.0/17
93.186.96.0/20
185.140.160.0/22
193.203.60.0/22
IPv6:
2a03:2c00::/32
Signature Algorithm: sha256WithRSAEncryption
9f:61:b5:ee:00:15:cd:4d:04:e4:2e:7c:1a:72:48:8e:73:3c:
6f:62:0e:cd:43:c7:84:58:c9:6b:27:4a:fc:cb:e3:11:c2:0a:
19:54:6f:7d:41:18:6c:f9:26:9b:0a:fd:93:13:d4:a9:42:56:
86:a7:3d:b9:46:c9:02:7d:7b:66:3e:26:fc:cb:86:1d:ea:3e:
30:07:4e:a7:d9:e7:34:69:90:10:24:c5:74:30:a8:a5:47:d2:
67:41:2b:ed:49:bb:17:de:14:21:45:8d:ae:aa:f4:55:c8:85:
9d:9f:13:66:db:07:b6:f5:d3:d9:b9:00:13:c9:06:b2:9d:48:
84:52:a3:f6:4a:12:13:89:8e:ae:af:9e:61:e5:02:61:5f:18:
28:7c:9b:03:50:ca:5f:f7:28:fe:a6:5d:01:ca:aa:f9:33:24:
df:a3:01:1c:4d:cb:ab:c7:ae:c9:89:31:13:c3:04:df:4d:56:
a0:62:13:51:81:19:14:d7:f4:70:6b:8c:9b:aa:d6:1b:09:dc:
0b:8a:8d:f2:70:b4:a4:45:80:77:8a:31:a4:93:83:a9:73:f8:
db:5f:1b:e4:63:13:3b:f6:91:be:97:98:16:41:c4:67:65:78:
11:1d:ab:b7:58:1f:e1:3e:84:6f:cf:6a:1d:d7:f1:7c:9e:40:
fa:49:54:14
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgIECDLaYzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
MjI5NmUzMDQ4N2JhOTQ2M2U0YjZhZGM4MWFiN2RhNjQ3YzM5ZmU3MB4XDTIyMDEw
MTAzNTcxNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZmFkNGNjNWVhYWY1
ZDA2NDZiZjM5YjViYzE2MjVkNTg4NzExZGM0MjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAL20KdDV7HF3Wnb1huE9A4NMhDsBfHghBRNOdjOdDzyFIDWY
hVSscZyjrd4gwAsO5cSzMCAhvIph2WwOVSNHDn/oWEakcyqwOvnH2xV485nAGi9l
fjFQIRsh29ptwFwKg99NVH3rMenVKIqcQJ+uoISYb8ePcIMutDHN2ybBOwoqxRhQ
zhbwvFYg/ek/PvkMV5yDhqddSJZBHRWT3U9T67zqCsPtPG7KN8VRiKKCQzynq+Cw
Kf7PL1vP62nrbOPZG7RQ7PEqKsx95XuaX8LCDT51qcb9jWkC8hcNOgYLaoVuq3WO
4lJizvWjxb38Q1OLsYQ7RvxBM53pzr+YKAIEKkkCAwEAAaOCAiswggInMB0GA1Ud
DgQWBBT61MxeqvXQZGvzm1vBYl1YhxHcQjAfBgNVHSMEGDAWgBSSKW4wSHupRj5L
atyBq32mR8Of5zAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2tpbHVNRWg3cVVZLVMycmNnYXQ5cGtmRG4tYy5jZXIwgY4GCCsGAQUFBwELBIGB
MH8wfQYIKwYBBQUHMAuGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNDMvM2JiMTc4LWIzMzYtNDg5Yy05ZThkLTBkMTE2NGRhYTFlNC8x
LzEtdFRNWHFyMTBHUnI4NXRid1dKZFdJY1IzRUkucm9hMIGBBgNVHR8EejB4MHag
dKByhnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzQz
LzNiYjE3OC1iMzM2LTQ4OWMtOWU4ZC0wZDExNjRkYWExZTQvMS9raWx1TUVoN3FV
WS1TMnJjZ2F0OXBrZkRuLWMuY3JsMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIw
QAYIKwYBBQUHAQcBAf8EMTAvMB4EAgABMBgDBAcl64ADBARdumADBAK5jKADBALB
yzwwDQQCAAIwBwMFACoDLAAwDQYJKoZIhvcNAQELBQADggEBAJ9hte4AFc1NBOQu
fBpySI5zPG9iDs1Dx4RYyWsnSvzL4xHCChlUb31BGGz5JpsK/ZMT1KlCVoanPblG
yQJ9e2Y+JvzLhh3qPjAHTqfZ5zRpkBAkxXQwqKVH0mdBK+1JuxfeFCFFja6q9FXI
hZ2fE2bbB7b109m5ABPJBrKdSIRSo/ZKEhOJjq6vnmHlAmFfGCh8mwNQyl/3KP6m
XQHKqvkzJN+jARxNy6vHrsmJMRPDBN9NVqBiE1GBGRTX9HBrjJuq1hsJ3AuKjfJw
tKRFgHeKMaSTg6lz+NtfG+RjEzv2kb6XmBZBxGdleBEdq7dYH+E+hG/Pah3X8Xye
QPpJVBQ=
-----END CERTIFICATE-----
Generated at Mon Apr 21 06:46:28 2025 by rpki-client