Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/55/d0642c-84e6-4290-afb1-484500bcfb07/1/TWPrnIur-6xSaoiOhw9mng8iHd8.roa
File: TWPrnIur-6xSaoiOhw9mng8iHd8.roa (raw, json)
Hash identifier: 0vZ2E51cM9CliDR9pHtvVpVCnZWZNyfZ2gCwsZgRjqI=
Subject key identifier: 4D:63:EB:9C:8B:AB:FB:AC:52:6A:88:8E:87:0F:66:9E:0F:22:1D:DF
Certificate issuer: /CN=20ba71e46c75916b8e5de193cc7f81069df86f73
Certificate serial: 01856F2FDF4E8297C2560286C35C92B410A5
Authority key identifier: 20:BA:71:E4:6C:75:91:6B:8E:5D:E1:93:CC:7F:81:06:9D:F8:6F:73
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ILpx5Gx1kWuOXeGTzH-BBp34b3M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/55/d0642c-84e6-4290-afb1-484500bcfb07/1/TWPrnIur-6xSaoiOhw9mng8iHd8.roa
Signing time: Sun 01 Jan 2023 21:14:46 +0000
ROA not before: Sun 01 Jan 2023 21:14:46 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 206616
IP address blocks: 185.149.92.0/22 maxlen: 29
212.15.88.0/21 maxlen: 21
2a07:7a80::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:2f:df:4e:82:97:c2:56:02:86:c3:5c:92:b4:10:a5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=20ba71e46c75916b8e5de193cc7f81069df86f73
Validity
Not Before: Jan 1 21:14:46 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4d63eb9c8babfbac526a888e870f669e0f221ddf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:3e:45:7d:64:8b:f0:5f:09:e9:2d:ef:b7:75:
ed:55:84:76:a8:14:52:6e:0d:41:67:c2:3a:a6:c5:
3f:09:30:33:04:39:89:85:20:f5:e9:e7:f2:e9:f0:
a3:22:8e:d6:d7:e0:8e:4c:3a:c2:37:22:d9:59:90:
14:c6:93:95:86:1d:92:f0:80:9b:16:8b:97:73:14:
ed:77:2a:21:e4:9d:e0:32:d3:5b:92:ec:f8:de:9e:
99:0c:a4:86:de:8c:7b:6b:0c:ec:02:b8:66:e8:c1:
e4:d8:c7:e3:13:8c:7a:41:69:1e:e6:1a:cb:8f:0a:
12:e0:2d:2b:21:19:df:bd:1f:88:36:20:33:65:a9:
e1:15:a4:77:c7:d2:cd:b8:0a:a0:e2:63:e5:c6:36:
8b:81:f1:21:93:46:5c:b9:29:ca:fc:3e:05:50:ef:
46:8f:e7:94:34:f0:85:ce:c8:5c:ab:f4:cd:c7:ed:
f6:b7:56:59:b6:31:9f:a9:76:66:58:df:68:13:e1:
2f:e1:8c:35:17:81:19:c0:a6:3d:9f:01:7e:a7:27:
89:0a:5a:dc:3f:44:5c:9b:15:02:10:38:2d:8b:7e:
53:58:60:cc:00:df:70:5d:95:5c:e1:1d:ef:f8:18:
49:88:bb:da:3e:29:ea:73:c4:29:4a:75:78:b9:b4:
3d:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:63:EB:9C:8B:AB:FB:AC:52:6A:88:8E:87:0F:66:9E:0F:22:1D:DF
X509v3 Authority Key Identifier:
keyid:20:BA:71:E4:6C:75:91:6B:8E:5D:E1:93:CC:7F:81:06:9D:F8:6F:73
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ILpx5Gx1kWuOXeGTzH-BBp34b3M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/55/d0642c-84e6-4290-afb1-484500bcfb07/1/TWPrnIur-6xSaoiOhw9mng8iHd8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/55/d0642c-84e6-4290-afb1-484500bcfb07/1/ILpx5Gx1kWuOXeGTzH-BBp34b3M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.149.92.0/22
212.15.88.0/21
IPv6:
2a07:7a80::/29
Signature Algorithm: sha256WithRSAEncryption
80:2f:58:b6:ee:7a:58:89:b1:16:11:24:5b:fe:ca:99:b0:53:
aa:d2:34:b3:86:32:b7:94:97:6d:c0:72:c3:c6:28:90:9f:4d:
ea:37:e2:32:5a:42:d0:ce:20:1f:e6:03:88:0e:74:bc:1e:8a:
74:64:77:86:c1:17:9f:90:d4:d9:e9:e6:78:fa:5a:9d:8a:96:
d7:f8:21:9b:f2:7b:0a:a1:9f:9b:79:98:23:88:f8:46:a8:17:
7d:e8:1c:09:72:4d:ab:3c:3c:d5:b5:00:48:eb:6d:92:6b:ec:
92:85:1a:be:04:db:61:32:36:42:1d:01:75:9b:90:57:21:e6:
47:c2:80:d7:e5:1b:04:e3:5d:81:52:3b:53:72:bd:de:5d:1e:
bf:1b:02:3a:08:aa:75:9c:18:2b:80:de:c0:1f:70:11:32:fd:
a2:0a:97:0b:38:08:58:08:a1:2f:1a:a3:34:78:5d:75:80:53:
7d:95:f2:b0:b7:f1:0c:0c:77:82:76:43:31:fa:9b:82:ac:5b:
43:6b:5f:c1:65:16:70:bc:44:68:a0:c1:19:7e:6b:90:95:dd:
ac:29:aa:59:62:24:a3:fc:ba:ed:5d:fb:a0:d5:45:1b:89:e7:
e8:31:0c:d1:11:7e:f5:f4:15:20:92:92:d2:04:85:cb:9d:19:
b7:d4:0c:3f
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYVvL99OgpfCVgKGw1yStBClMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIwYmE3MWU0NmM3NTkxNmI4ZTVkZTE5M2NjN2Y4MTA2OWRm
ODZmNzMwHhcNMjMwMTAxMjExNDQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZDYzZWI5YzhiYWJmYmFjNTI2YTg4OGU4NzBmNjY5ZTBmMjIxZGRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqT5FfWSL8F8J6S3vt3XtVYR2qBRS
bg1BZ8I6psU/CTAzBDmJhSD16efy6fCjIo7W1+COTDrCNyLZWZAUxpOVhh2S8ICb
FouXcxTtdyoh5J3gMtNbkuz43p6ZDKSG3ox7awzsArhm6MHk2MfjE4x6QWke5hrL
jwoS4C0rIRnfvR+INiAzZanhFaR3x9LNuAqg4mPlxjaLgfEhk0ZcuSnK/D4FUO9G
j+eUNPCFzshcq/TNx+32t1ZZtjGfqXZmWN9oE+Ev4Yw1F4EZwKY9nwF+pyeJClrc
P0RcmxUCEDgti35TWGDMAN9wXZVc4R3v+BhJiLvaPinqc8QpSnV4ubQ99QIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFE1j65yLq/usUmqIjocPZp4PIh3fMB8GA1UdIwQY
MBaAFCC6ceRsdZFrjl3hk8x/gQad+G9zMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSUxweDVHeDFrV3VPWGVHVHpILUJCcDM0YjNNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NS9kMDY0MmMtODRlNi00MjkwLWFmYjEt
NDg0NTAwYmNmYjA3LzEvVFdQcm5JdXItNnhTYW9pT2h3OW1uZzhpSGQ4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NS9kMDY0MmMtODRlNi00MjkwLWFmYjEtNDg0NTAwYmNmYjA3
LzEvSUxweDVHeDFrV3VPWGVHVHpILUJCcDM0YjNNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCuZVcAwQD
1A9YMA0EAgACMAcDBQMqB3qAMA0GCSqGSIb3DQEBCwUAA4IBAQCAL1i27npYibEW
ESRb/sqZsFOq0jSzhjK3lJdtwHLDxiiQn03qN+IyWkLQziAf5gOIDnS8Hop0ZHeG
wRefkNTZ6eZ4+lqdipbX+CGb8nsKoZ+beZgjiPhGqBd96BwJck2rPDzVtQBI622S
a+yShRq+BNthMjZCHQF1m5BXIeZHwoDX5RsE412BUjtTcr3eXR6/GwI6CKp1nBgr
gN7AH3ARMv2iCpcLOAhYCKEvGqM0eF11gFN9lfKwt/EMDHeCdkMx+puCrFtDa1/B
ZRZwvERooMEZfmuQld2sKapZYiSj/LrtXfug1UUbiefoMQzREX719BUgkpLSBIXL
nRm31Aw/
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:17:45 2025 by rpki-client