Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4b/6444d1-5f00-4e50-8019-1b6f750cf9a2/1/T8yTyNu3CobDs-mfL4V6SC-8a0Y.roa
File: T8yTyNu3CobDs-mfL4V6SC-8a0Y.roa (raw, json)
Hash identifier: ZBB+4qiPyU/n2D8jGORn6EWzS9zjsmoNVULx3NO7zIg=
Subject key identifier: 4F:CC:93:C8:DB:B7:0A:86:C3:B3:E9:9F:2F:85:7A:48:2F:BC:6B:46
Certificate issuer: /CN=a865bae25778beed8880c08df2d3f37fc37abc1e
Certificate serial: 018689BAA71F7BA41896CC7DE1CB2D03614C
Authority key identifier: A8:65:BA:E2:57:78:BE:ED:88:80:C0:8D:F2:D3:F3:7F:C3:7A:BC:1E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qGW64ld4vu2IgMCN8tPzf8N6vB4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4b/6444d1-5f00-4e50-8019-1b6f750cf9a2/1/T8yTyNu3CobDs-mfL4V6SC-8a0Y.roa
Signing time: Sat 25 Feb 2023 17:59:16 +0000
ROA not before: Sat 25 Feb 2023 17:59:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 56899
IP address blocks: 185.126.252.0/24 maxlen: 24
185.126.255.0/24 maxlen: 24
194.4.69.0/24 maxlen: 24
194.4.70.0/23 maxlen: 23
194.4.68.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:89:ba:a7:1f:7b:a4:18:96:cc:7d:e1:cb:2d:03:61:4c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a865bae25778beed8880c08df2d3f37fc37abc1e
Validity
Not Before: Feb 25 17:59:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4fcc93c8dbb70a86c3b3e99f2f857a482fbc6b46
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:50:6f:e8:b0:a6:72:e8:8c:56:78:bf:2e:45:
02:99:6e:1d:e1:e6:6d:3f:d0:18:e7:90:83:28:bb:
4e:ce:5d:27:7f:42:fb:f1:6a:90:d5:36:e8:a0:e4:
dc:cc:a4:c9:e5:54:55:36:72:6c:30:24:8b:f1:ef:
c8:42:d0:bb:ab:bd:e3:34:94:dd:92:ef:58:67:de:
b2:ce:53:98:79:91:ab:61:f4:23:14:ea:9f:2c:b4:
4a:79:5a:57:e2:8a:ce:5d:19:eb:c2:cc:a8:39:f3:
06:93:5b:97:96:c1:fc:06:d6:3e:cc:20:75:1b:a2:
7a:52:57:93:08:9c:d5:e1:2e:ab:81:a9:69:de:ab:
f6:24:d7:66:f4:f4:56:39:85:b2:f8:e6:55:63:b1:
0d:dd:77:0a:0a:ba:e6:be:3e:1b:cb:da:fd:7f:f0:
62:9b:65:25:ad:01:b5:96:b7:ff:4b:48:90:e3:89:
0d:57:3f:3f:f9:38:d4:90:91:e3:d2:62:40:79:bc:
b8:53:b0:b9:24:a5:ce:4b:60:26:ac:2b:ba:d0:52:
c0:2d:b4:81:03:ee:b0:83:4a:f5:0c:bd:10:2e:54:
56:96:52:3a:eb:96:4c:77:b3:01:fb:77:44:28:55:
07:ee:94:5b:e2:70:72:4e:cd:63:04:2f:59:59:53:
c7:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4F:CC:93:C8:DB:B7:0A:86:C3:B3:E9:9F:2F:85:7A:48:2F:BC:6B:46
X509v3 Authority Key Identifier:
keyid:A8:65:BA:E2:57:78:BE:ED:88:80:C0:8D:F2:D3:F3:7F:C3:7A:BC:1E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qGW64ld4vu2IgMCN8tPzf8N6vB4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/6444d1-5f00-4e50-8019-1b6f750cf9a2/1/T8yTyNu3CobDs-mfL4V6SC-8a0Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/6444d1-5f00-4e50-8019-1b6f750cf9a2/1/qGW64ld4vu2IgMCN8tPzf8N6vB4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.126.252.0/24
185.126.255.0/24
194.4.68.0/22
Signature Algorithm: sha256WithRSAEncryption
ac:9d:08:b3:19:6c:6d:b5:09:11:b1:5a:7a:d3:f9:c7:7a:67:
62:7a:af:5f:b7:a5:a3:d9:9f:af:61:37:d7:e9:62:56:06:8b:
9f:f9:0f:28:ec:bb:bf:d2:7c:a0:ae:96:0a:c0:05:64:7a:88:
15:ad:80:d8:e7:f4:77:fa:d6:d9:cf:7d:d7:23:6e:3a:54:56:
97:9e:c9:4b:72:20:3d:25:e1:40:38:1e:67:a6:06:e1:bb:92:
96:7d:79:ac:b7:5f:1c:60:52:55:cc:1a:d2:29:03:27:9b:93:
d8:3b:13:de:25:1a:57:88:be:a2:f9:c3:86:b1:9b:68:aa:e3:
e1:2a:9c:27:72:3c:01:f9:3f:66:2c:d2:35:13:e4:d5:df:e2:
b1:00:23:72:bc:87:80:60:06:ac:a6:87:96:01:cb:ac:3d:03:
14:74:bb:94:27:2b:9e:dc:82:44:a8:fd:70:ab:5c:43:82:21:
c2:26:09:e6:ad:e5:e2:87:67:a5:79:ff:60:b2:64:79:fd:1b:
d1:b9:61:7b:8c:16:eb:f6:1e:cf:73:a5:90:30:b5:79:99:4f:
6a:ba:99:d2:13:10:5f:eb:7b:66:f2:6d:e4:46:c0:2f:b7:f4:
71:98:05:6c:10:81:83:37:fd:41:7e:68:1f:ef:4f:bd:50:6b:
95:a7:d4:c0
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYaJuqcfe6QYlsx94cstA2FMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE4NjViYWUyNTc3OGJlZWQ4ODgwYzA4ZGYyZDNmMzdmYzM3
YWJjMWUwHhcNMjMwMjI1MTc1OTE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZmNjOTNjOGRiYjcwYTg2YzNiM2U5OWYyZjg1N2E0ODJmYmM2YjQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmlBv6LCmcuiMVni/LkUCmW4d4eZt
P9AY55CDKLtOzl0nf0L78WqQ1TbooOTczKTJ5VRVNnJsMCSL8e/IQtC7q73jNJTd
ku9YZ96yzlOYeZGrYfQjFOqfLLRKeVpX4orOXRnrwsyoOfMGk1uXlsH8BtY+zCB1
G6J6UleTCJzV4S6rgalp3qv2JNdm9PRWOYWy+OZVY7EN3XcKCrrmvj4by9r9f/Bi
m2UlrQG1lrf/S0iQ44kNVz8/+TjUkJHj0mJAeby4U7C5JKXOS2AmrCu60FLALbSB
A+6wg0r1DL0QLlRWllI665ZMd7MB+3dEKFUH7pRb4nByTs1jBC9ZWVPHRQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFE/Mk8jbtwqGw7Ppny+FekgvvGtGMB8GA1UdIwQY
MBaAFKhluuJXeL7tiIDAjfLT83/DerweMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcUdXNjRsZDR2dTJJZ01DTjh0UHpmOE42dkI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yi82NDQ0ZDEtNWYwMC00ZTUwLTgwMTkt
MWI2Zjc1MGNmOWEyLzEvVDh5VHlOdTNDb2JEcy1tZkw0VjZTQy04YTBZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yi82NDQ0ZDEtNWYwMC00ZTUwLTgwMTktMWI2Zjc1MGNmOWEy
LzEvcUdXNjRsZDR2dTJJZ01DTjh0UHpmOE42dkI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAuX78AwQA
uX7/AwQCwgREMA0GCSqGSIb3DQEBCwUAA4IBAQCsnQizGWxttQkRsVp60/nHemdi
eq9ft6Wj2Z+vYTfX6WJWBouf+Q8o7Lu/0nygrpYKwAVkeogVrYDY5/R3+tbZz33X
I246VFaXnslLciA9JeFAOB5npgbhu5KWfXmst18cYFJVzBrSKQMnm5PYOxPeJRpX
iL6i+cOGsZtoquPhKpwncjwB+T9mLNI1E+TV3+KxACNyvIeAYAaspoeWAcusPQMU
dLuUJyue3IJEqP1wq1xDgiHCJgnmreXih2elef9gsmR5/RvRuWF7jBbr9h7Pc6WQ
MLV5mU9qupnSExBf63tm8m3kRsAvt/RxmAVsEIGDN/1Bfmgf70+9UGuVp9TA
-----END CERTIFICATE-----
Generated at Tue Apr 8 00:15:22 2025 by rpki-client