Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/662fbf-5576-4595-892b-b5b3aeae98ea/1/tc9CsSltE8q3XvjnAOGOJo11Zeg.roa
File: tc9CsSltE8q3XvjnAOGOJo11Zeg.roa (raw, json)
Hash identifier: gHi6z4hKKVEj5UFi1rTLeoERcQSmbI4gJPHvxM9okMg=
Subject key identifier: B5:CF:42:B1:29:6D:13:CA:B7:5E:F8:E7:00:E1:8E:26:8D:75:65:E8
Certificate issuer: /CN=322639b35e5d9d0fb3696fe2fd61cb6f4c3fa504
Certificate serial: 0187D1F3631B135ACF65BF243E30F1149BF1
Authority key identifier: 32:26:39:B3:5E:5D:9D:0F:B3:69:6F:E2:FD:61:CB:6F:4C:3F:A5:04
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MiY5s15dnQ-zaW_i_WHLb0w_pQQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/662fbf-5576-4595-892b-b5b3aeae98ea/1/tc9CsSltE8q3XvjnAOGOJo11Zeg.roa
Signing time: Sun 30 Apr 2023 11:36:41 +0000
ROA not before: Sun 30 Apr 2023 11:36:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 210021
IP address blocks: 185.206.172.0/24 maxlen: 24
185.206.172.0/22 maxlen: 22
185.206.174.0/24 maxlen: 24
185.206.173.0/24 maxlen: 24
185.206.175.0/24 maxlen: 24
31.14.228.0/22 maxlen: 22
2a05:27c0:1::/48 maxlen: 48
2a05:27c0:4::/48 maxlen: 64
2a05:27c0:2::/48 maxlen: 64
2a05:27c0::/48 maxlen: 48
2a05:27c0:3::/48 maxlen: 64
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:d1:f3:63:1b:13:5a:cf:65:bf:24:3e:30:f1:14:9b:f1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=322639b35e5d9d0fb3696fe2fd61cb6f4c3fa504
Validity
Not Before: Apr 30 11:36:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b5cf42b1296d13cab75ef8e700e18e268d7565e8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:1d:84:01:d6:26:d5:8e:ed:56:57:e6:80:48:
4e:83:c4:a2:4f:ed:9f:ae:90:36:78:21:30:e9:13:
e6:7f:3b:d4:ac:0b:2f:5b:c5:46:ca:33:dd:3b:de:
76:e7:18:29:fd:a7:5d:52:27:5b:6a:08:96:85:44:
37:76:a6:db:82:42:cf:8e:51:03:e9:57:89:ee:b1:
06:1b:b4:79:09:dd:3d:dc:ee:4b:9f:93:70:19:35:
89:54:36:85:65:a3:06:92:23:69:57:1d:6e:c5:48:
b2:f1:50:8d:78:b9:d6:9c:3f:67:3a:68:e4:81:14:
4c:b5:a8:46:f9:1a:17:06:d1:0a:dc:11:af:59:96:
ad:b6:20:3c:08:2d:33:1f:d8:ae:e4:6c:7e:6d:5c:
e9:12:1b:23:45:77:e6:2d:30:d8:e2:0f:d3:5f:32:
00:ea:6f:60:59:fd:09:2e:7f:52:18:25:7f:fe:50:
14:06:87:bf:e5:fa:c3:60:a5:8c:8d:25:41:42:90:
fe:a6:bb:f7:37:78:67:f8:31:01:c4:0e:de:c5:71:
e1:b0:4e:6d:b8:d2:9d:6d:73:17:c1:5e:97:fd:b9:
13:80:4c:48:c9:fb:a9:68:3d:7e:29:25:51:fe:7c:
f5:37:dd:cb:d8:a8:c6:f3:83:a0:54:78:11:c5:16:
e8:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:CF:42:B1:29:6D:13:CA:B7:5E:F8:E7:00:E1:8E:26:8D:75:65:E8
X509v3 Authority Key Identifier:
keyid:32:26:39:B3:5E:5D:9D:0F:B3:69:6F:E2:FD:61:CB:6F:4C:3F:A5:04
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MiY5s15dnQ-zaW_i_WHLb0w_pQQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/662fbf-5576-4595-892b-b5b3aeae98ea/1/tc9CsSltE8q3XvjnAOGOJo11Zeg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/662fbf-5576-4595-892b-b5b3aeae98ea/1/MiY5s15dnQ-zaW_i_WHLb0w_pQQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.14.228.0/22
185.206.172.0/22
IPv6:
2a05:27c0::-2a05:27c0:4:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
76:ad:2b:88:d5:33:59:09:e4:a3:15:1b:40:76:0f:c0:2b:18:
1f:08:a4:bc:38:70:8f:39:24:18:35:3b:e1:db:09:c9:0f:0a:
a6:57:d0:ed:41:6b:27:b9:f4:2c:18:31:11:9b:e5:95:a0:47:
4b:33:9a:9a:05:04:9a:cd:19:ee:81:d5:a5:80:f7:98:f5:92:
10:cb:db:f2:12:81:b1:89:77:25:54:b4:62:b7:d8:6c:5b:3c:
09:bd:2f:1e:53:75:30:53:ef:30:85:e0:c8:7b:52:f8:0f:79:
6e:d5:75:a8:21:ab:59:d9:3c:b7:11:83:29:00:8a:68:3e:7a:
8f:d3:df:ef:e5:5c:ee:46:71:01:2f:03:f4:7c:d2:80:cc:62:
85:4f:22:a1:06:f2:55:54:1d:8b:12:34:a4:55:c9:22:50:35:
cd:ba:a0:1f:18:29:e4:fa:82:5b:fe:6d:ea:79:32:de:27:58:
fb:b5:08:c9:1e:8d:db:12:cb:8d:0e:b8:db:98:36:c3:9a:8f:
fa:d7:76:1d:22:d0:ce:f4:ad:4f:7d:9a:01:3f:9e:52:dd:ec:
37:bf:33:c6:db:16:bb:ca:aa:05:1b:21:f3:b1:53:8f:f0:31:
59:99:76:45:e9:76:74:1a:19:00:d3:29:01:d3:fe:2f:14:16:
77:21:6d:8b
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAYfR82MbE1rPZb8kPjDxFJvxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMyMjYzOWIzNWU1ZDlkMGZiMzY5NmZlMmZkNjFjYjZmNGMz
ZmE1MDQwHhcNMjMwNDMwMTEzNjQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNWNmNDJiMTI5NmQxM2NhYjc1ZWY4ZTcwMGUxOGUyNjhkNzU2NWU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApB2EAdYm1Y7tVlfmgEhOg8SiT+2f
rpA2eCEw6RPmfzvUrAsvW8VGyjPdO9525xgp/addUidbagiWhUQ3dqbbgkLPjlED
6VeJ7rEGG7R5Cd093O5Ln5NwGTWJVDaFZaMGkiNpVx1uxUiy8VCNeLnWnD9nOmjk
gRRMtahG+RoXBtEK3BGvWZattiA8CC0zH9iu5Gx+bVzpEhsjRXfmLTDY4g/TXzIA
6m9gWf0JLn9SGCV//lAUBoe/5frDYKWMjSVBQpD+prv3N3hn+DEBxA7exXHhsE5t
uNKdbXMXwV6X/bkTgExIyfupaD1+KSVR/nz1N93L2KjG84OgVHgRxRbouQIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFLXPQrEpbRPKt1745wDhjiaNdWXoMB8GA1UdIwQY
MBaAFDImObNeXZ0Ps2lv4v1hy29MP6UEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTWlZNXMxNWRuUS16YVdfaV9XSExiMHdfcFFRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy82NjJmYmYtNTU3Ni00NTk1LTg5MmIt
YjViM2FlYWU5OGVhLzEvdGM5Q3NTbHRFOHEzWHZqbkFPR09KbzExWmVnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy82NjJmYmYtNTU3Ni00NTk1LTg5MmItYjViM2FlYWU5OGVh
LzEvTWlZNXMxNWRuUS16YVdfaV9XSExiMHdfcFFRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjASBAIAATAMAwQCHw7kAwQC
uc6sMBgEAgACMBIwEAMFBioFJ8ADBwAqBSfAAAQwDQYJKoZIhvcNAQELBQADggEB
AHatK4jVM1kJ5KMVG0B2D8ArGB8IpLw4cI85JBg1O+HbCckPCqZX0O1Baye59CwY
MRGb5ZWgR0szmpoFBJrNGe6B1aWA95j1khDL2/ISgbGJdyVUtGK32GxbPAm9Lx5T
dTBT7zCF4Mh7UvgPeW7Vdaghq1nZPLcRgykAimg+eo/T3+/lXO5GcQEvA/R80oDM
YoVPIqEG8lVUHYsSNKRVySJQNc26oB8YKeT6glv+bep5Mt4nWPu1CMkejdsSy40O
uNuYNsOaj/rXdh0i0M70rU99mgE/nlLd7De/M8bbFrvKqgUbIfOxU4/wMVmZdkXp
dnQaGQDTKQHT/i8UFnchbYs=
-----END CERTIFICATE-----
Generated at Sat Apr 19 03:15:42 2025 by rpki-client