Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/53/861f32-81f4-4d64-8610-54de7a6cb3b1/1/TzqK6f3I7hELHQ4-qmGxr-MGi84.roa
File: TzqK6f3I7hELHQ4-qmGxr-MGi84.roa (raw, json)
Hash identifier: TUliTA2jqtbdPtDkCb+lNr9zFKdXOgKV0UTt89kCvWg=
Subject key identifier: 4F:3A:8A:E9:FD:C8:EE:11:0B:1D:0E:3E:AA:61:B1:AF:E3:06:8B:CE
Certificate issuer: /CN=83f8294469fb7aec2601bb03772d0156f470b74d
Certificate serial: 018C0BC186C1AA87A7316E5946600565096F
Authority key identifier: 83:F8:29:44:69:FB:7A:EC:26:01:BB:03:77:2D:01:56:F4:70:B7:4D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/g_gpRGn7euwmAbsDdy0BVvRwt00.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/53/861f32-81f4-4d64-8610-54de7a6cb3b1/1/TzqK6f3I7hELHQ4-qmGxr-MGi84.roa
Signing time: Sun 26 Nov 2023 13:11:21 +0000
ROA not before: Sun 26 Nov 2023 13:11:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 59884
IP address blocks: 185.67.213.0/24 maxlen: 24
185.67.212.0/24 maxlen: 24
185.67.212.0/22 maxlen: 22
185.67.214.0/24 maxlen: 24
185.67.215.0/24 maxlen: 24
2a05:1340::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:0b:c1:86:c1:aa:87:a7:31:6e:59:46:60:05:65:09:6f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=83f8294469fb7aec2601bb03772d0156f470b74d
Validity
Not Before: Nov 26 13:11:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4f3a8ae9fdc8ee110b1d0e3eaa61b1afe3068bce
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:76:7e:fc:93:1d:65:ea:bd:d1:d0:eb:e4:47:
04:3c:da:a0:0c:39:51:9f:39:53:cd:0a:ee:d6:01:
34:57:52:7e:96:4c:97:c5:b6:4f:48:64:f3:bb:19:
a9:76:c0:ca:ef:16:11:a2:a1:b1:9e:84:bc:32:f7:
84:5c:a4:13:98:33:f7:0a:89:87:64:fa:9d:30:5f:
96:49:4c:73:f5:23:41:0d:7a:d5:ed:4c:0e:9c:17:
0f:d2:81:79:bf:89:bf:16:b8:73:37:a5:94:42:74:
86:60:76:41:31:e7:b3:06:c0:3f:d6:a2:d7:76:9d:
a4:16:19:7e:19:0b:57:86:6f:6f:88:c4:5c:7c:83:
cd:f6:3e:00:ac:be:54:5b:ce:90:1a:62:7a:4c:98:
ea:ce:13:6f:73:28:21:4b:00:33:39:b0:1f:6e:9a:
8b:42:ed:3b:c8:93:9d:a9:aa:4b:0e:fe:8e:15:54:
c9:12:eb:cf:6e:90:60:86:8e:be:fc:20:5b:67:d2:
17:4b:c8:7d:61:f5:8b:00:ed:a4:1b:5e:f1:b3:e8:
a1:fe:c5:58:ee:7f:a9:81:79:63:b1:8c:75:90:dd:
4d:92:cb:4c:44:61:12:c5:0d:11:8d:e5:e5:c0:e3:
8d:77:ee:9f:7c:1a:8e:48:5f:06:21:86:b6:21:05:
fa:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4F:3A:8A:E9:FD:C8:EE:11:0B:1D:0E:3E:AA:61:B1:AF:E3:06:8B:CE
X509v3 Authority Key Identifier:
keyid:83:F8:29:44:69:FB:7A:EC:26:01:BB:03:77:2D:01:56:F4:70:B7:4D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/g_gpRGn7euwmAbsDdy0BVvRwt00.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/53/861f32-81f4-4d64-8610-54de7a6cb3b1/1/TzqK6f3I7hELHQ4-qmGxr-MGi84.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/53/861f32-81f4-4d64-8610-54de7a6cb3b1/1/g_gpRGn7euwmAbsDdy0BVvRwt00.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.67.212.0/22
IPv6:
2a05:1340::/29
Signature Algorithm: sha256WithRSAEncryption
ba:74:03:27:6a:03:46:14:a5:c5:d9:c7:06:a7:39:b5:3b:08:
c8:0b:17:f8:b9:3c:d7:41:90:e3:93:21:9f:39:82:40:5a:c1:
f8:4b:0b:ab:fd:1f:f5:62:4b:59:93:e4:fc:e5:af:6c:5d:37:
c4:3b:0f:f6:3f:9a:9c:8c:e2:c1:d0:58:39:5b:31:5a:fb:6a:
85:e0:6e:5e:c5:f2:3d:ce:d6:9d:37:be:85:99:df:77:f4:76:
16:fe:dd:29:00:eb:15:28:44:36:8a:fb:8c:69:56:76:8a:92:
89:bb:d9:e4:f7:3d:01:b4:d5:00:31:06:05:2a:2c:05:49:09:
a2:a8:82:8a:b7:f2:4f:dc:ec:68:d5:b8:3f:d8:b9:a6:1d:b7:
93:28:c8:56:93:ad:b6:07:30:a4:e2:c5:b0:16:dd:9b:77:68:
73:55:e0:c1:6b:f7:aa:16:10:40:56:58:71:6b:56:86:74:8c:
e5:db:79:28:bc:1f:8f:96:67:53:f2:f0:4a:77:15:3c:4f:cc:
b6:af:77:da:4e:f1:db:70:9b:2f:bb:22:50:1c:88:d7:75:5f:
b3:a6:e2:34:69:5c:d1:c8:56:a2:2e:f7:d1:2a:cc:a4:ef:82:
53:fb:11:81:b5:4a:28:00:9c:ba:4a:4a:50:e4:ed:78:24:ba:
a9:3a:de:94
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYwLwYbBqoenMW5ZRmAFZQlvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzZjgyOTQ0NjlmYjdhZWMyNjAxYmIwMzc3MmQwMTU2ZjQ3
MGI3NGQwHhcNMjMxMTI2MTMxMTIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZjNhOGFlOWZkYzhlZTExMGIxZDBlM2VhYTYxYjFhZmUzMDY4YmNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkXZ+/JMdZeq90dDr5EcEPNqgDDlR
nzlTzQru1gE0V1J+lkyXxbZPSGTzuxmpdsDK7xYRoqGxnoS8MveEXKQTmDP3ComH
ZPqdMF+WSUxz9SNBDXrV7UwOnBcP0oF5v4m/FrhzN6WUQnSGYHZBMeezBsA/1qLX
dp2kFhl+GQtXhm9viMRcfIPN9j4ArL5UW86QGmJ6TJjqzhNvcyghSwAzObAfbpqL
Qu07yJOdqapLDv6OFVTJEuvPbpBgho6+/CBbZ9IXS8h9YfWLAO2kG17xs+ih/sVY
7n+pgXljsYx1kN1NkstMRGESxQ0RjeXlwOONd+6ffBqOSF8GIYa2IQX6/wIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFE86iun9yO4RCx0OPqphsa/jBovOMB8GA1UdIwQY
MBaAFIP4KURp+3rsJgG7A3ctAVb0cLdNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ19ncFJHbjdldXdtQWJzRGR5MEJWdlJ3dDAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81My84NjFmMzItODFmNC00ZDY0LTg2MTAt
NTRkZTdhNmNiM2IxLzEvVHpxSzZmM0k3aEVMSFE0LXFtR3hyLU1HaTg0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81My84NjFmMzItODFmNC00ZDY0LTg2MTAtNTRkZTdhNmNiM2Ix
LzEvZ19ncFJHbjdldXdtQWJzRGR5MEJWdlJ3dDAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuUPUMA0E
AgACMAcDBQMqBRNAMA0GCSqGSIb3DQEBCwUAA4IBAQC6dAMnagNGFKXF2ccGpzm1
OwjICxf4uTzXQZDjkyGfOYJAWsH4Swur/R/1YktZk+T85a9sXTfEOw/2P5qcjOLB
0Fg5WzFa+2qF4G5exfI9ztadN76Fmd939HYW/t0pAOsVKEQ2ivuMaVZ2ipKJu9nk
9z0BtNUAMQYFKiwFSQmiqIKKt/JP3Oxo1bg/2LmmHbeTKMhWk622BzCk4sWwFt2b
d2hzVeDBa/eqFhBAVlhxa1aGdIzl23kovB+PlmdT8vBKdxU8T8y2r3faTvHbcJsv
uyJQHIjXdV+zpuI0aVzRyFaiLvfRKsyk74JT+xGBtUooAJy6SkpQ5O14JLqpOt6U
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:34:18 2025 by rpki-client