Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4b/332477-c83c-4f80-b1be-7c0db7bae135/1/Tmf9NFscb4vviyADD59ofwmEkoE.roa
File: Tmf9NFscb4vviyADD59ofwmEkoE.roa (raw, json)
Hash identifier: Z+a13ZDpgvYh1cdHsUJYqKaWAchMlHFjBm1GPo4prBI=
Subject key identifier: 4E:67:FD:34:5B:1C:6F:8B:EF:8B:20:03:0F:9F:68:7F:09:84:92:81
Certificate issuer: /CN=1ee5efbf65897160d55a52dc3a22c017876cd06c
Certificate serial: 018B37CBD1E87FBC9B1CFFC41B6DC859C4D3
Authority key identifier: 1E:E5:EF:BF:65:89:71:60:D5:5A:52:DC:3A:22:C0:17:87:6C:D0:6C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HuXvv2WJcWDVWlLcOiLAF4ds0Gw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4b/332477-c83c-4f80-b1be-7c0db7bae135/1/Tmf9NFscb4vviyADD59ofwmEkoE.roa
Signing time: Mon 16 Oct 2023 09:23:06 +0000
ROA not before: Mon 16 Oct 2023 09:23:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 205394
IP address blocks: 185.201.164.0/22 maxlen: 24
185.180.172.0/23 maxlen: 24
185.176.124.0/22 maxlen: 24
46.226.72.0/21 maxlen: 24
2a0a:c840::/29 maxlen: 32
2a00:5a00::/32 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:37:cb:d1:e8:7f:bc:9b:1c:ff:c4:1b:6d:c8:59:c4:d3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1ee5efbf65897160d55a52dc3a22c017876cd06c
Validity
Not Before: Oct 16 09:23:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4e67fd345b1c6f8bef8b20030f9f687f09849281
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:23:5d:df:87:14:01:e3:6f:af:e2:7d:20:77:
6f:e6:c8:da:88:1d:a1:df:ef:10:c0:da:80:c0:b8:
47:29:8d:84:32:b5:e1:f9:71:3e:f6:88:89:7d:c8:
a1:f9:19:37:bf:4e:c1:58:85:0a:75:1f:f7:ec:18:
7b:56:87:e6:d5:ec:36:1f:05:01:ab:6f:f4:bb:5c:
0a:8a:ae:38:cf:d5:48:8e:f3:0a:05:8e:e3:da:10:
ce:f5:f1:77:67:8c:9c:b0:90:2c:45:82:b8:90:cf:
30:42:7c:ce:ce:57:cf:11:42:c7:56:a3:88:d3:10:
1e:c5:68:15:0e:03:13:fe:9e:3e:68:28:a4:f7:08:
e2:a7:09:0a:9c:e6:24:a4:cc:ee:65:b5:61:51:8c:
60:73:ad:0d:c3:1d:38:9e:a2:d6:b5:6a:15:31:fe:
c8:23:b3:21:75:07:88:cd:ca:20:b3:ec:62:9f:e3:
7c:68:ca:5f:5e:23:5e:57:aa:08:fc:e4:b5:02:b2:
1a:66:b2:57:4b:79:8d:36:7c:3d:a1:10:45:55:e4:
df:dd:d9:e6:1a:ea:1a:0e:41:39:97:0e:04:a2:c5:
68:8e:5c:7c:c9:88:9f:84:eb:19:d9:6a:70:47:8b:
b8:3b:dd:d3:13:e6:06:13:64:44:8f:b4:b8:49:12:
84:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:67:FD:34:5B:1C:6F:8B:EF:8B:20:03:0F:9F:68:7F:09:84:92:81
X509v3 Authority Key Identifier:
keyid:1E:E5:EF:BF:65:89:71:60:D5:5A:52:DC:3A:22:C0:17:87:6C:D0:6C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HuXvv2WJcWDVWlLcOiLAF4ds0Gw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/332477-c83c-4f80-b1be-7c0db7bae135/1/Tmf9NFscb4vviyADD59ofwmEkoE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/332477-c83c-4f80-b1be-7c0db7bae135/1/HuXvv2WJcWDVWlLcOiLAF4ds0Gw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.226.72.0/21
185.176.124.0/22
185.180.172.0/23
185.201.164.0/22
IPv6:
2a00:5a00::/32
2a0a:c840::/29
Signature Algorithm: sha256WithRSAEncryption
b0:f7:85:7a:09:f1:6b:53:0e:9f:db:96:00:3e:08:17:f2:92:
c8:ac:59:c4:52:25:46:0f:40:f5:c6:0a:1a:eb:7d:1c:13:c7:
7a:04:56:a2:71:b7:18:2f:23:63:28:25:f2:67:8e:06:5b:0d:
7d:94:c4:e9:c7:1b:95:8c:56:4c:0b:e6:fe:dd:bb:49:c7:66:
d5:18:51:41:17:a0:54:30:20:4e:db:f3:27:3e:df:3a:8c:ae:
27:15:5d:46:f5:f8:50:38:79:bb:3b:3b:f5:74:6f:3e:c1:35:
fb:32:39:f4:ba:9a:bf:dc:03:d1:e6:95:3b:f3:ba:e1:4c:d3:
3d:66:72:49:07:d3:93:d7:92:44:d7:ed:13:02:35:e3:f9:f5:
7b:37:97:95:54:46:73:5d:c8:4d:d5:1a:2c:92:a7:3f:6f:27:
63:3a:cf:d2:41:f0:00:11:70:7a:5e:6f:17:13:8c:0f:cc:cf:
f4:c0:81:7b:0e:08:03:ba:c4:43:d0:6b:5d:08:fe:50:83:85:
5d:d0:1e:25:67:bd:92:0e:4c:f4:1d:48:0e:05:6d:06:0e:fe:
d3:f0:6e:1d:04:ca:ef:8f:7a:d3:a1:73:0b:84:8b:b9:af:96:
d4:81:e4:a1:4c:2f:43:44:fc:05:84:a6:44:69:e2:16:0b:51:
55:e4:cd:28
-----BEGIN CERTIFICATE-----
MIIFJTCCBA2gAwIBAgISAYs3y9Hof7ybHP/EG23IWcTTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFlZTVlZmJmNjU4OTcxNjBkNTVhNTJkYzNhMjJjMDE3ODc2
Y2QwNmMwHhcNMjMxMDE2MDkyMzA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZTY3ZmQzNDViMWM2ZjhiZWY4YjIwMDMwZjlmNjg3ZjA5ODQ5MjgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqSNd34cUAeNvr+J9IHdv5sjaiB2h
3+8QwNqAwLhHKY2EMrXh+XE+9oiJfcih+Rk3v07BWIUKdR/37Bh7Vofm1ew2HwUB
q2/0u1wKiq44z9VIjvMKBY7j2hDO9fF3Z4ycsJAsRYK4kM8wQnzOzlfPEULHVqOI
0xAexWgVDgMT/p4+aCik9wjipwkKnOYkpMzuZbVhUYxgc60Nwx04nqLWtWoVMf7I
I7MhdQeIzcogs+xin+N8aMpfXiNeV6oI/OS1ArIaZrJXS3mNNnw9oRBFVeTf3dnm
GuoaDkE5lw4EosVojlx8yYifhOsZ2WpwR4u4O93TE+YGE2REj7S4SRKE2wIDAQAB
o4ICMTCCAi0wHQYDVR0OBBYEFE5n/TRbHG+L74sgAw+faH8JhJKBMB8GA1UdIwQY
MBaAFB7l779liXFg1VpS3DoiwBeHbNBsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSHVYdnYyV0pjV0RWV2xMY09pTEFGNGRzMEd3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yi8zMzI0NzctYzgzYy00ZjgwLWIxYmUt
N2MwZGI3YmFlMTM1LzEvVG1mOU5Gc2NiNHZ2aXlBREQ1OW9md21Fa29FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yi8zMzI0NzctYzgzYy00ZjgwLWIxYmUtN2MwZGI3YmFlMTM1
LzEvSHVYdnYyV0pjV0RWV2xMY09pTEFGNGRzMEd3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEcGCCsGAQUFBwEHAQH/BDgwNjAeBAIAATAYAwQDLuJIAwQC
ubB8AwQBubSsAwQCucmkMBQEAgACMA4DBQAqAFoAAwUDKgrIQDANBgkqhkiG9w0B
AQsFAAOCAQEAsPeFegnxa1MOn9uWAD4IF/KSyKxZxFIlRg9A9cYKGut9HBPHegRW
onG3GC8jYygl8meOBlsNfZTE6ccblYxWTAvm/t27Scdm1RhRQRegVDAgTtvzJz7f
OoyuJxVdRvX4UDh5uzs79XRvPsE1+zI59Lqav9wD0eaVO/O64UzTPWZySQfTk9eS
RNftEwI14/n1ezeXlVRGc13ITdUaLJKnP28nYzrP0kHwABFwel5vFxOMD8zP9MCB
ew4IA7rEQ9BrXQj+UIOFXdAeJWe9kg5M9B1IDgVtBg7+0/BuHQTK749606FzC4SL
ua+W1IHkoUwvQ0T8BYSmRGniFgtRVeTNKA==
-----END CERTIFICATE-----
Generated at Thu Apr 17 09:18:11 2025 by rpki-client