Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/59/d910d1-94c6-4412-8506-9cb51e51ff77/1/TS6ouStazkz2qUH4B60aIMALvu4.roa
File: TS6ouStazkz2qUH4B60aIMALvu4.roa (raw, json)
Hash identifier: Eb778ceQ0g6BHaghze7m+n5RQVZ5PoDkf7mB4+Otn8s=
Subject key identifier: 4D:2E:A8:B9:2B:5A:CE:4C:F6:A9:41:F8:07:AD:1A:20:C0:0B:BE:EE
Certificate issuer: /CN=40662733bc873d13e1f9f66e8dff75c820d5d2f7
Certificate serial: 01856DCAEB26CFA548C99FB07F1287DD8E81
Authority key identifier: 40:66:27:33:BC:87:3D:13:E1:F9:F6:6E:8D:FF:75:C8:20:D5:D2:F7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QGYnM7yHPRPh-fZujf91yCDV0vc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/59/d910d1-94c6-4412-8506-9cb51e51ff77/1/TS6ouStazkz2qUH4B60aIMALvu4.roa
Signing time: Sun 01 Jan 2023 14:44:52 +0000
ROA not before: Sun 01 Jan 2023 14:44:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 56488
IP address blocks: 217.28.136.0/24 maxlen: 24
2a12:2540::/32 maxlen: 64
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:ca:eb:26:cf:a5:48:c9:9f:b0:7f:12:87:dd:8e:81
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=40662733bc873d13e1f9f66e8dff75c820d5d2f7
Validity
Not Before: Jan 1 14:44:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4d2ea8b92b5ace4cf6a941f807ad1a20c00bbeee
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:c7:3b:61:60:42:12:08:db:a5:46:5f:74:78:
33:e8:c4:e0:39:02:76:b5:6d:c0:3e:6d:08:ba:e9:
e2:25:e6:0b:fa:d0:10:3c:f9:44:ac:91:d4:b7:bb:
48:e3:24:aa:10:fe:b0:78:7c:79:7d:41:ea:c4:cc:
93:27:1d:71:26:c2:bd:11:4e:94:f8:c0:2f:06:bb:
e7:c1:b8:ba:4f:e4:e4:57:c9:c1:f2:9f:f5:32:cd:
9f:20:1a:d5:a9:3f:37:fc:75:69:63:c7:d2:33:07:
e0:11:38:cb:d0:84:dc:8e:38:d1:ba:21:b6:16:8b:
2f:72:2a:d2:af:ed:69:9c:ec:18:43:92:0f:18:26:
7a:ef:60:e7:f2:8d:d4:92:8f:b2:b5:32:e8:8e:14:
eb:0b:1e:95:96:1b:e9:7c:a6:93:7b:79:a4:26:b5:
32:cb:56:d9:b2:eb:82:4e:7f:84:8d:37:af:ea:ec:
de:55:f5:f4:b8:46:93:f8:11:d3:cc:f3:a1:0f:0f:
79:b5:54:f1:d4:23:ca:70:9f:c9:3d:0a:f1:3d:43:
29:84:d3:60:a2:f4:af:eb:4c:d2:52:b6:2f:75:2d:
c7:ca:8f:ff:7c:c0:72:0f:ac:78:5d:85:18:c6:16:
87:fc:de:f3:d4:93:ce:6f:85:f3:bc:36:6e:ac:8c:
68:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:2E:A8:B9:2B:5A:CE:4C:F6:A9:41:F8:07:AD:1A:20:C0:0B:BE:EE
X509v3 Authority Key Identifier:
keyid:40:66:27:33:BC:87:3D:13:E1:F9:F6:6E:8D:FF:75:C8:20:D5:D2:F7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QGYnM7yHPRPh-fZujf91yCDV0vc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/59/d910d1-94c6-4412-8506-9cb51e51ff77/1/TS6ouStazkz2qUH4B60aIMALvu4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/59/d910d1-94c6-4412-8506-9cb51e51ff77/1/QGYnM7yHPRPh-fZujf91yCDV0vc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.28.136.0/24
IPv6:
2a12:2540::/32
Signature Algorithm: sha256WithRSAEncryption
30:0d:3e:c9:80:bc:ed:0f:a1:1f:86:94:dc:96:dc:c9:fe:0a:
43:cb:53:dc:5b:41:74:4b:3a:d0:73:68:39:54:78:f0:0d:1c:
f7:f4:1b:cf:f3:66:34:ff:43:0e:fd:c1:17:a3:40:b9:92:5a:
f8:12:bd:79:40:83:72:4f:35:9b:10:1c:21:29:88:8e:44:b9:
24:78:bd:6d:5a:0e:0a:54:57:18:e3:9b:8a:4f:88:37:ac:61:
45:71:68:01:e0:24:66:4f:45:d5:1c:e9:19:48:3c:df:72:bf:
ae:19:9e:07:b3:76:75:a4:a0:3d:37:e8:bb:24:6b:78:12:08:
04:98:3b:4d:3a:00:d6:05:15:96:58:9f:1a:d5:9d:05:5a:ed:
03:61:61:dc:d8:47:10:6e:65:0d:6e:a6:85:75:cf:49:83:04:
fb:aa:c9:14:82:ab:8f:63:d2:ec:24:cd:9e:c4:ef:c6:73:17:
f5:62:67:b1:f9:f4:d3:cd:b3:a4:6a:7f:1f:34:cd:be:c0:f0:
c8:a9:0b:55:12:57:b6:4e:05:0a:cd:f0:73:5c:74:59:34:19:
26:5d:0f:96:5e:8b:52:55:57:11:18:2f:2b:e6:44:60:43:cb:
1f:1f:04:78:be:aa:cb:bf:9d:53:93:61:df:4c:c5:72:2f:c4:
82:87:4c:a1
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVtyusmz6VIyZ+wfxKH3Y6BMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQwNjYyNzMzYmM4NzNkMTNlMWY5ZjY2ZThkZmY3NWM4MjBk
NWQyZjcwHhcNMjMwMTAxMTQ0NDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZDJlYThiOTJiNWFjZTRjZjZhOTQxZjgwN2FkMWEyMGMwMGJiZWVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnsc7YWBCEgjbpUZfdHgz6MTgOQJ2
tW3APm0IuuniJeYL+tAQPPlErJHUt7tI4ySqEP6weHx5fUHqxMyTJx1xJsK9EU6U
+MAvBrvnwbi6T+TkV8nB8p/1Ms2fIBrVqT83/HVpY8fSMwfgETjL0ITcjjjRuiG2
FosvcirSr+1pnOwYQ5IPGCZ672Dn8o3Uko+ytTLojhTrCx6VlhvpfKaTe3mkJrUy
y1bZsuuCTn+EjTev6uzeVfX0uEaT+BHTzPOhDw95tVTx1CPKcJ/JPQrxPUMphNNg
ovSv60zSUrYvdS3Hyo//fMByD6x4XYUYxhaH/N7z1JPOb4XzvDZurIxoAwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFE0uqLkrWs5M9qlB+AetGiDAC77uMB8GA1UdIwQY
MBaAFEBmJzO8hz0T4fn2bo3/dcgg1dL3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUUdZbk03eUhQUlBoLWZadWpmOTF5Q0RWMHZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OS9kOTEwZDEtOTRjNi00NDEyLTg1MDYt
OWNiNTFlNTFmZjc3LzEvVFM2b3VTdGF6a3oycVVINEI2MGFJTUFMdnU0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OS9kOTEwZDEtOTRjNi00NDEyLTg1MDYtOWNiNTFlNTFmZjc3
LzEvUUdZbk03eUhQUlBoLWZadWpmOTF5Q0RWMHZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQA2RyIMA0E
AgACMAcDBQAqEiVAMA0GCSqGSIb3DQEBCwUAA4IBAQAwDT7JgLztD6EfhpTcltzJ
/gpDy1PcW0F0SzrQc2g5VHjwDRz39BvP82Y0/0MO/cEXo0C5klr4Er15QINyTzWb
EBwhKYiORLkkeL1tWg4KVFcY45uKT4g3rGFFcWgB4CRmT0XVHOkZSDzfcr+uGZ4H
s3Z1pKA9N+i7JGt4EggEmDtNOgDWBRWWWJ8a1Z0FWu0DYWHc2EcQbmUNbqaFdc9J
gwT7qskUgquPY9LsJM2exO/Gcxf1Ymex+fTTzbOkan8fNM2+wPDIqQtVEle2TgUK
zfBzXHRZNBkmXQ+WXotSVVcRGC8r5kRgQ8sfHwR4vqrLv51Tk2HfTMVyL8SCh0yh
-----END CERTIFICATE-----
Generated at Sun Apr 20 12:59:24 2025 by rpki-client