Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/4d5e4a-8a16-4537-be1f-1b1362b9b6a2/1/TtrUwA6nxAX9LKIUz_mv_ijG9Po.roa
File: TtrUwA6nxAX9LKIUz_mv_ijG9Po.roa (raw, json)
Hash identifier: ykDldqA7deul4tQKWg6AxhoXP4Na0pS0LTQPfqPdCH8=
Subject key identifier: 4E:DA:D4:C0:0E:A7:C4:05:FD:2C:A2:14:CF:F9:AF:FE:28:C6:F4:FA
Certificate issuer: /CN=fe54ab2d481cf1622a2c52183ab4f5a930a4ae41
Certificate serial: 018571D7AFC8C57F3BD4BCFFD23097CDAB15
Authority key identifier: FE:54:AB:2D:48:1C:F1:62:2A:2C:52:18:3A:B4:F5:A9:30:A4:AE:41
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_lSrLUgc8WIqLFIYOrT1qTCkrkE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/4d5e4a-8a16-4537-be1f-1b1362b9b6a2/1/TtrUwA6nxAX9LKIUz_mv_ijG9Po.roa
Signing time: Mon 02 Jan 2023 09:37:18 +0000
ROA not before: Mon 02 Jan 2023 09:37:18 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 25252
IP address blocks: 171.25.128.0/21 maxlen: 21
193.221.28.0/24 maxlen: 24
193.221.36.0/24 maxlen: 24
193.221.37.0/24 maxlen: 24
193.221.38.0/24 maxlen: 24
193.221.32.0/22 maxlen: 22
193.221.47.0/24 maxlen: 24
193.221.53.0/24 maxlen: 24
193.221.52.0/24 maxlen: 24
193.221.59.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:d7:af:c8:c5:7f:3b:d4:bc:ff:d2:30:97:cd:ab:15
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fe54ab2d481cf1622a2c52183ab4f5a930a4ae41
Validity
Not Before: Jan 2 09:37:18 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4edad4c00ea7c405fd2ca214cff9affe28c6f4fa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:a7:d5:6c:4d:0a:8b:ba:ba:95:bd:1f:37:b7:
06:1f:e2:51:56:6b:eb:cc:ad:79:8f:1d:7f:7b:9f:
7f:1b:6c:26:36:80:c4:94:8d:3b:e9:a2:3b:74:26:
d4:fc:1b:a3:c4:a0:3a:51:0e:6b:5b:8f:e6:19:cb:
4e:37:02:b8:48:77:57:77:6d:ed:60:89:6e:4d:5f:
63:4d:81:7f:62:23:66:74:19:8e:fb:3b:fb:af:8c:
82:e7:29:a9:d6:65:9c:ea:7a:ee:5a:2b:b1:09:0b:
bf:32:2f:6e:6a:8d:91:98:ab:a4:39:8c:71:4b:c8:
3b:82:51:b7:cd:84:3d:5f:a0:b2:5a:b7:43:34:62:
1b:ac:d4:ea:3f:0a:f6:4c:89:1c:84:d7:79:10:40:
a5:1b:a6:6d:07:be:82:dc:09:21:1f:f8:01:48:03:
d3:ea:93:ce:dd:2f:8a:55:f6:97:c9:0f:38:98:da:
74:ae:f4:ad:e0:73:ae:10:e7:86:5c:54:d2:d4:49:
31:95:63:27:41:79:e7:67:9b:bc:77:4c:32:79:e8:
21:60:7e:8a:69:a8:cd:cd:70:b3:0a:97:66:73:5f:
07:6c:b0:2a:f4:fd:d7:e5:c1:fe:a5:44:a5:a9:2d:
20:23:bd:f8:98:22:0b:6c:7f:c2:bc:ed:93:02:f3:
72:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:DA:D4:C0:0E:A7:C4:05:FD:2C:A2:14:CF:F9:AF:FE:28:C6:F4:FA
X509v3 Authority Key Identifier:
keyid:FE:54:AB:2D:48:1C:F1:62:2A:2C:52:18:3A:B4:F5:A9:30:A4:AE:41
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_lSrLUgc8WIqLFIYOrT1qTCkrkE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/4d5e4a-8a16-4537-be1f-1b1362b9b6a2/1/TtrUwA6nxAX9LKIUz_mv_ijG9Po.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/4d5e4a-8a16-4537-be1f-1b1362b9b6a2/1/_lSrLUgc8WIqLFIYOrT1qTCkrkE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
171.25.128.0/21
193.221.28.0/24
193.221.32.0-193.221.38.255
193.221.47.0/24
193.221.52.0/23
193.221.59.0/24
Signature Algorithm: sha256WithRSAEncryption
53:6d:c2:40:59:34:c0:f5:df:69:9a:5c:f2:32:af:06:cc:bf:
15:24:a9:d2:93:54:99:73:50:c3:58:a3:fa:f3:0a:db:7d:2c:
f6:64:81:0a:71:32:aa:31:02:de:c0:54:1f:a5:ba:e3:a8:9d:
5b:c9:54:8a:6e:e2:a0:12:fb:e9:fa:c8:7a:5a:5e:6b:7c:be:
2d:50:b8:55:7c:de:4a:5f:10:5d:2c:d0:85:5a:b4:b5:99:b7:
18:55:78:dc:8e:72:9c:06:f6:9e:f3:85:1e:40:9c:5c:c9:c3:
bb:16:53:f8:a5:87:06:a8:b1:70:d7:dd:03:8b:85:2e:3b:3a:
b6:59:6c:6e:07:40:05:20:8e:e1:de:8d:43:dd:28:6d:6c:33:
db:7e:cf:f4:42:94:ba:51:18:09:f6:22:2e:cd:de:d7:62:50:
37:af:d9:8c:5c:8f:c2:de:73:a4:b4:59:0c:3c:2c:05:8e:f6:
f1:b8:2f:f5:1c:24:e4:0b:a5:f0:3e:8d:df:2f:92:e5:83:01:
4a:b5:6d:57:64:19:18:9e:22:5b:e5:74:d0:6e:8e:98:92:b0:
eb:9c:20:76:5f:53:e2:09:19:25:91:48:6e:27:ad:79:45:b0:
a9:4c:e0:05:6d:42:7b:d6:77:02:69:3c:20:80:2a:a5:2e:0c:
1e:f9:61:44
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgISAYVx16/IxX871Lz/0jCXzasVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZlNTRhYjJkNDgxY2YxNjIyYTJjNTIxODNhYjRmNWE5MzBh
NGFlNDEwHhcNMjMwMTAyMDkzNzE4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZWRhZDRjMDBlYTdjNDA1ZmQyY2EyMTRjZmY5YWZmZTI4YzZmNGZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA36fVbE0Ki7q6lb0fN7cGH+JRVmvr
zK15jx1/e59/G2wmNoDElI076aI7dCbU/BujxKA6UQ5rW4/mGctONwK4SHdXd23t
YIluTV9jTYF/YiNmdBmO+zv7r4yC5ymp1mWc6nruWiuxCQu/Mi9uao2RmKukOYxx
S8g7glG3zYQ9X6CyWrdDNGIbrNTqPwr2TIkchNd5EEClG6ZtB76C3AkhH/gBSAPT
6pPO3S+KVfaXyQ84mNp0rvSt4HOuEOeGXFTS1EkxlWMnQXnnZ5u8d0wyeeghYH6K
aajNzXCzCpdmc18HbLAq9P3X5cH+pUSlqS0gI734mCILbH/CvO2TAvNyQQIDAQAB
o4ICLzCCAiswHQYDVR0OBBYEFE7a1MAOp8QF/SyiFM/5r/4oxvT6MB8GA1UdIwQY
MBaAFP5Uqy1IHPFiKixSGDq09akwpK5BMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX2xTckxVZ2M4V0lxTEZJWU9yVDFxVENrcmtFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC80ZDVlNGEtOGExNi00NTM3LWJlMWYt
MWIxMzYyYjliNmEyLzEvVHRyVXdBNm54QVg5TEtJVXpfbXZfaWpHOVBvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC80ZDVlNGEtOGExNi00NTM3LWJlMWYtMWIxMzYyYjliNmEy
LzEvX2xTckxVZ2M4V0lxTEZJWU9yVDFxVENrcmtFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEUGCCsGAQUFBwEHAQH/BDYwNDAyBAIAATAsAwQDqxmAAwQA
wd0cMAwDBAXB3SADBADB3SYDBADB3S8DBAHB3TQDBADB3TswDQYJKoZIhvcNAQEL
BQADggEBAFNtwkBZNMD132maXPIyrwbMvxUkqdKTVJlzUMNYo/rzCtt9LPZkgQpx
MqoxAt7AVB+luuOonVvJVIpu4qAS++n6yHpaXmt8vi1QuFV83kpfEF0s0IVatLWZ
txhVeNyOcpwG9p7zhR5AnFzJw7sWU/ilhwaosXDX3QOLhS47OrZZbG4HQAUgjuHe
jUPdKG1sM9t+z/RClLpRGAn2Ii7N3tdiUDev2Yxcj8Lec6S0WQw8LAWO9vG4L/Uc
JOQLpfA+jd8vkuWDAUq1bVdkGRieIlvldNBujpiSsOucIHZfU+IJGSWRSG4nrXlF
sKlM4AVtQnvWdwJpPCCAKqUuDB75YUQ=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:16:27 2025 by rpki-client