Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/bfbc8e-eab5-4f20-8eea-96bf143eb452/1/tCLTGEIqPPp3gcD0TP_jkjgHZZ0.roa
File: tCLTGEIqPPp3gcD0TP_jkjgHZZ0.roa (raw, json)
Hash identifier: 7d6H4/ZeP4AYycbiSaCt/4eEMfoa7gjiH+Os6yTZfXo=
Subject key identifier: B4:22:D3:18:42:2A:3C:FA:77:81:C0:F4:4C:FF:E3:92:38:07:65:9D
Certificate issuer: /CN=2e249793e5924a9f25f3a0a8dd994b374eb937d2
Certificate serial: 01856D93F63FD42652949C6778A2B7D207DD
Authority key identifier: 2E:24:97:93:E5:92:4A:9F:25:F3:A0:A8:DD:99:4B:37:4E:B9:37:D2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LiSXk-WSSp8l86Co3ZlLN065N9I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/bfbc8e-eab5-4f20-8eea-96bf143eb452/1/tCLTGEIqPPp3gcD0TP_jkjgHZZ0.roa
Signing time: Sun 01 Jan 2023 13:44:51 +0000
ROA not before: Sun 01 Jan 2023 13:44:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 42525
IP address blocks: 185.125.80.0/22 maxlen: 24
176.67.184.0/21 maxlen: 24
2a06:b740::/29 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:93:f6:3f:d4:26:52:94:9c:67:78:a2:b7:d2:07:dd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2e249793e5924a9f25f3a0a8dd994b374eb937d2
Validity
Not Before: Jan 1 13:44:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b422d318422a3cfa7781c0f44cffe3923807659d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:4c:96:ff:35:17:70:33:8a:40:eb:21:83:44:
36:21:f6:7b:51:06:72:66:e1:c2:13:32:62:5a:99:
9a:7a:1b:16:1a:ee:d7:6a:3c:c0:89:75:6a:76:4a:
f8:d6:70:74:40:5a:1a:5e:cb:13:11:67:66:9c:91:
ed:05:09:a2:2f:e3:e4:e6:60:33:69:eb:22:a0:0c:
60:31:37:dd:44:eb:13:6e:b5:77:be:b7:c8:19:2b:
b9:52:84:43:dc:8e:8d:27:03:cb:66:9b:76:69:81:
f6:30:92:d3:eb:a8:c6:3b:c5:65:f3:d6:c9:66:a0:
1a:c5:c3:14:8e:be:60:ab:4e:c9:ed:12:09:01:1a:
0a:7a:72:ba:8c:25:f1:ba:94:bc:3c:6e:8e:8b:03:
80:4f:3e:07:a9:2d:4f:aa:43:2e:bc:8b:a4:6d:3f:
ac:55:dd:26:ad:bb:5c:8e:d2:bb:0d:c9:21:6f:1a:
24:2c:e1:02:0a:43:47:ea:cb:81:84:68:45:05:fd:
a4:3b:6c:d4:0a:f5:24:ff:8a:19:77:d4:72:5e:4c:
d2:23:95:66:69:17:ee:08:5a:ef:7f:2b:64:51:77:
6f:bd:b3:a8:fd:f6:98:ee:90:0e:8d:80:19:11:14:
10:af:23:07:f7:3d:ed:ae:6d:31:5d:90:c6:da:cd:
2b:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:22:D3:18:42:2A:3C:FA:77:81:C0:F4:4C:FF:E3:92:38:07:65:9D
X509v3 Authority Key Identifier:
keyid:2E:24:97:93:E5:92:4A:9F:25:F3:A0:A8:DD:99:4B:37:4E:B9:37:D2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LiSXk-WSSp8l86Co3ZlLN065N9I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/bfbc8e-eab5-4f20-8eea-96bf143eb452/1/tCLTGEIqPPp3gcD0TP_jkjgHZZ0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/bfbc8e-eab5-4f20-8eea-96bf143eb452/1/LiSXk-WSSp8l86Co3ZlLN065N9I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.67.184.0/21
185.125.80.0/22
IPv6:
2a06:b740::/29
Signature Algorithm: sha256WithRSAEncryption
17:b6:9c:7e:3e:3a:2b:fc:47:8f:8b:94:5d:50:90:56:26:d9:
32:3c:b9:1f:e0:f2:fc:6d:09:b5:42:91:c5:0c:ad:f6:cb:83:
9c:3f:52:1d:f3:81:71:09:ea:fe:b8:ae:6f:26:6f:88:2f:44:
9d:61:93:71:3f:15:ca:22:c5:6b:bf:46:1c:6f:0e:1d:03:08:
29:c6:14:40:b9:6d:3d:75:1c:b4:de:42:7c:ac:30:c3:59:03:
16:e2:6a:e4:99:28:93:39:be:56:44:4d:f6:db:b4:4e:07:07:
2d:38:b2:d6:4a:dd:ff:d1:89:19:e7:29:0f:11:ac:a0:33:a1:
18:e3:6d:7d:5e:d4:02:00:12:c6:78:ff:70:0f:10:a7:c4:8b:
cf:e4:f6:53:7e:af:04:6b:c7:5a:ea:7e:61:fd:c4:3d:18:d4:
3a:74:59:b3:0f:a2:0a:fb:18:6f:72:77:a3:a9:e1:3f:33:c8:
f8:29:f3:08:bd:90:65:96:07:fa:ac:a7:89:20:ff:9e:29:26:
1a:a6:81:53:a7:f8:98:d4:9e:6b:f6:f0:2b:96:11:0e:e8:94:
ce:5b:e2:1d:44:c7:4a:22:59:66:fd:62:13:80:1e:08:03:a3:
f2:08:be:cd:be:e4:95:12:74:4f:5b:33:95:12:35:c1:cd:5e:
2a:5b:da:88
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYVtk/Y/1CZSlJxneKK30gfdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJlMjQ5NzkzZTU5MjRhOWYyNWYzYTBhOGRkOTk0YjM3NGVi
OTM3ZDIwHhcNMjMwMTAxMTM0NDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNDIyZDMxODQyMmEzY2ZhNzc4MWMwZjQ0Y2ZmZTM5MjM4MDc2NTlkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgEyW/zUXcDOKQOshg0Q2IfZ7UQZy
ZuHCEzJiWpmaehsWGu7XajzAiXVqdkr41nB0QFoaXssTEWdmnJHtBQmiL+Pk5mAz
aesioAxgMTfdROsTbrV3vrfIGSu5UoRD3I6NJwPLZpt2aYH2MJLT66jGO8Vl89bJ
ZqAaxcMUjr5gq07J7RIJARoKenK6jCXxupS8PG6OiwOATz4HqS1PqkMuvIukbT+s
Vd0mrbtcjtK7DckhbxokLOECCkNH6suBhGhFBf2kO2zUCvUk/4oZd9RyXkzSI5Vm
aRfuCFrvfytkUXdvvbOo/faY7pAOjYAZERQQryMH9z3trm0xXZDG2s0rIwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFLQi0xhCKjz6d4HA9Ez/45I4B2WdMB8GA1UdIwQY
MBaAFC4kl5PlkkqfJfOgqN2ZSzdOuTfSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTGlTWGstV1NTcDhsODZDbzNabExOMDY1TjlJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy9iZmJjOGUtZWFiNS00ZjIwLThlZWEt
OTZiZjE0M2ViNDUyLzEvdENMVEdFSXFQUHAzZ2NEMFRQX2pramdIWlowLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy9iZmJjOGUtZWFiNS00ZjIwLThlZWEtOTZiZjE0M2ViNDUy
LzEvTGlTWGstV1NTcDhsODZDbzNabExOMDY1TjlJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQDsEO4AwQC
uX1QMA0EAgACMAcDBQMqBrdAMA0GCSqGSIb3DQEBCwUAA4IBAQAXtpx+Pjor/EeP
i5RdUJBWJtkyPLkf4PL8bQm1QpHFDK32y4OcP1Id84FxCer+uK5vJm+IL0SdYZNx
PxXKIsVrv0Ycbw4dAwgpxhRAuW09dRy03kJ8rDDDWQMW4mrkmSiTOb5WRE3227RO
BwctOLLWSt3/0YkZ5ykPEaygM6EY4219XtQCABLGeP9wDxCnxIvP5PZTfq8Ea8da
6n5h/cQ9GNQ6dFmzD6IK+xhvcnejqeE/M8j4KfMIvZBllgf6rKeJIP+eKSYapoFT
p/iY1J5r9vArlhEO6JTOW+IdRMdKIllm/WITgB4IA6PyCL7NvuSVEnRPWzOVEjXB
zV4qW9qI
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:22:43 2025 by rpki-client