Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/a877c8-e7cb-4540-bd43-5acdbf474548/1/tNjc6Mtbmmue9oBsdOMyUOjgnK4.roa
File: tNjc6Mtbmmue9oBsdOMyUOjgnK4.roa (raw, json)
Hash identifier: C7qBsFQKyY7quKSmCyLawuz2IRutCZdg4pyCuV5qOtc=
Subject key identifier: B4:D8:DC:E8:CB:5B:9A:6B:9E:F6:80:6C:74:E3:32:50:E8:E0:9C:AE
Certificate issuer: /CN=1d686e98acf2a37bf2aec69807e6964060979cb8
Certificate serial: 0FFDD285
Authority key identifier: 1D:68:6E:98:AC:F2:A3:7B:F2:AE:C6:98:07:E6:96:40:60:97:9C:B8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HWhumKzyo3vyrsaYB-aWQGCXnLg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/a877c8-e7cb-4540-bd43-5acdbf474548/1/tNjc6Mtbmmue9oBsdOMyUOjgnK4.roa
Signing time: Sat 01 Jan 2022 08:03:45 +0000
ROA not before: Sat 01 Jan 2022 08:03:45 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 21235
IP address blocks: 193.108.193.0/24 maxlen: 24
185.65.4.0/22 maxlen: 22
2a03:16e0::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 268292741 (0xffdd285)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1d686e98acf2a37bf2aec69807e6964060979cb8
Validity
Not Before: Jan 1 08:03:45 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=b4d8dce8cb5b9a6b9ef6806c74e33250e8e09cae
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:d1:71:5e:e0:f2:e5:9b:dd:5b:2e:96:29:89:
7c:26:d5:72:f7:f2:30:6a:4c:49:98:fa:2a:0e:69:
c0:f0:6c:f0:a5:25:e7:ff:81:6c:88:cc:da:f6:5c:
d5:5e:52:4e:8a:b6:63:60:5b:28:d6:41:84:0f:15:
fc:63:3a:a6:e1:b0:9a:d3:8c:4b:09:65:10:29:62:
7f:b6:c7:47:b8:e3:d7:d8:96:e3:87:bc:35:9e:cd:
71:fa:af:fc:cb:95:8f:cd:85:08:dc:a1:e2:6c:f6:
7b:2a:6d:88:12:ab:7b:6d:fa:42:be:60:ac:9a:5a:
0c:1f:84:3c:03:bf:ea:60:71:f3:7e:d7:c7:d8:43:
09:6d:00:ca:32:7f:ce:9e:3f:46:5b:5b:f4:da:0e:
ee:c6:43:0c:88:5d:27:79:dc:1f:8b:04:5f:ff:ef:
9e:56:16:eb:5e:a6:7f:35:06:87:4e:78:b1:db:b3:
af:12:dc:29:e3:6e:63:61:78:0f:af:11:f8:a3:e7:
dc:43:5f:c9:7d:3b:60:18:f9:42:15:75:7c:d5:10:
31:98:32:b5:90:9e:11:61:d0:1e:f8:20:cd:20:34:
47:4f:d0:be:c6:15:a4:ce:e4:20:bd:b6:6d:3a:9d:
55:93:1f:8a:d2:62:29:8f:20:f3:23:b3:68:4a:4d:
51:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:D8:DC:E8:CB:5B:9A:6B:9E:F6:80:6C:74:E3:32:50:E8:E0:9C:AE
X509v3 Authority Key Identifier:
keyid:1D:68:6E:98:AC:F2:A3:7B:F2:AE:C6:98:07:E6:96:40:60:97:9C:B8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HWhumKzyo3vyrsaYB-aWQGCXnLg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/a877c8-e7cb-4540-bd43-5acdbf474548/1/tNjc6Mtbmmue9oBsdOMyUOjgnK4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/a877c8-e7cb-4540-bd43-5acdbf474548/1/HWhumKzyo3vyrsaYB-aWQGCXnLg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.65.4.0/22
193.108.193.0/24
IPv6:
2a03:16e0::/32
Signature Algorithm: sha256WithRSAEncryption
71:22:3a:03:df:a1:fc:b0:7e:c7:66:01:f1:2f:7d:76:e4:35:
ad:e7:8a:d0:0e:cb:14:10:22:6e:06:7b:ab:93:73:6d:a6:03:
fd:26:48:86:50:48:60:2b:99:e9:e9:d5:98:9f:b5:e5:7e:a3:
f9:8f:e3:be:d7:61:9f:81:a4:6f:c8:30:b1:3b:0b:dd:52:06:
85:be:88:e2:2f:ce:cf:00:36:bb:66:b0:a1:42:57:8a:80:fc:
0b:6d:a6:eb:b5:0b:e3:87:51:4f:6b:9f:ef:52:a1:b7:ad:b3:
4c:2a:71:8c:9e:a2:30:9b:48:e5:ab:17:f8:85:41:56:ab:b2:
b8:dd:56:4b:3b:c6:75:63:1b:fc:c4:2e:a1:ad:83:14:9a:96:
62:f8:8a:0f:64:67:20:4a:4d:24:d0:6a:fa:b1:df:b3:1d:2d:
62:34:02:a1:f6:6a:3a:38:a3:68:09:88:78:b1:ec:66:df:36:
35:bd:ca:3b:9c:71:42:b9:c5:29:7b:85:41:21:5b:ea:a5:76:
34:8c:82:fb:17:b2:60:3e:28:f9:98:0d:f6:1a:f2:83:84:ec:
63:d8:71:43:1c:d4:8e:fa:44:3a:bc:8f:7e:a0:11:9f:65:73:
1f:20:b8:30:c3:4f:f4:8a:98:bb:97:8c:36:b3:3b:1e:43:57:
79:c0:4a:1e
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgIED/3ShTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
ZDY4NmU5OGFjZjJhMzdiZjJhZWM2OTgwN2U2OTY0MDYwOTc5Y2I4MB4XDTIyMDEw
MTA4MDM0NVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYjRkOGRjZThjYjVi
OWE2YjllZjY4MDZjNzRlMzMyNTBlOGUwOWNhZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKvRcV7g8uWb3VsulimJfCbVcvfyMGpMSZj6Kg5pwPBs8KUl
5/+BbIjM2vZc1V5SToq2Y2BbKNZBhA8V/GM6puGwmtOMSwllEClif7bHR7jj19iW
44e8NZ7Ncfqv/MuVj82FCNyh4mz2eyptiBKre236Qr5grJpaDB+EPAO/6mBx837X
x9hDCW0AyjJ/zp4/Rltb9NoO7sZDDIhdJ3ncH4sEX//vnlYW616mfzUGh054sduz
rxLcKeNuY2F4D68R+KPn3ENfyX07YBj5QhV1fNUQMZgytZCeEWHQHvggzSA0R0/Q
vsYVpM7kIL22bTqdVZMfitJiKY8g8yOzaEpNUYcCAwEAAaOCAh4wggIaMB0GA1Ud
DgQWBBS02Nzoy1uaa572gGx04zJQ6OCcrjAfBgNVHSMEGDAWgBQdaG6YrPKje/Ku
xpgH5pZAYJecuDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0hXaHVtS3p5bzN2eXJzYVlCLWFXUUdDWG5MZy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNGMvYTg3N2M4LWU3Y2ItNDU0MC1iZDQzLTVhY2RiZjQ3NDU0OC8x
L3ROamM2TXRibW11ZTlvQnNkT015VU9qZ25LNC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNGMv
YTg3N2M4LWU3Y2ItNDU0MC1iZDQzLTVhY2RiZjQ3NDU0OC8xL0hXaHVtS3p5bzN2
eXJzYVlCLWFXUUdDWG5MZy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA0
BggrBgEFBQcBBwEB/wQlMCMwEgQCAAEwDAMEArlBBAMEAMFswTANBAIAAjAHAwUA
KgMW4DANBgkqhkiG9w0BAQsFAAOCAQEAcSI6A9+h/LB+x2YB8S99duQ1reeK0A7L
FBAibgZ7q5NzbaYD/SZIhlBIYCuZ6enVmJ+15X6j+Y/jvtdhn4Gkb8gwsTsL3VIG
hb6I4i/OzwA2u2awoUJXioD8C22m67UL44dRT2uf71Kht62zTCpxjJ6iMJtI5asX
+IVBVquyuN1WSzvGdWMb/MQuoa2DFJqWYviKD2RnIEpNJNBq+rHfsx0tYjQCofZq
OjijaAmIeLHsZt82Nb3KO5xxQrnFKXuFQSFb6qV2NIyC+xeyYD4o+ZgN9hryg4Ts
Y9hxQxzUjvpEOryPfqARn2VzHyC4MMNP9IqYu5eMNrM7HkNXecBKHg==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:26:31 2025 by rpki-client