Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/18d6d5-6c86-42c1-84f1-99a0189888b5/1/TlMKvWV0DzbDbjXvAm4OPk47Oas.roa
File: TlMKvWV0DzbDbjXvAm4OPk47Oas.roa (raw, json)
Hash identifier: G3rteOQVrfuG71l3HixXy2r5ufYXUrMqFGgjzmmvMYg=
Subject key identifier: 4E:53:0A:BD:65:74:0F:36:C3:6E:35:EF:02:6E:0E:3E:4E:3B:39:AB
Certificate issuer: /CN=2588b1b560f998eccd3a6eff40543b59204d67b8
Certificate serial: 0187DB31BEA960CA1951CB590C8C28DC4BAE
Authority key identifier: 25:88:B1:B5:60:F9:98:EC:CD:3A:6E:FF:40:54:3B:59:20:4D:67:B8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JYixtWD5mOzNOm7_QFQ7WSBNZ7g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/18d6d5-6c86-42c1-84f1-99a0189888b5/1/TlMKvWV0DzbDbjXvAm4OPk47Oas.roa
Signing time: Tue 02 May 2023 06:41:23 +0000
ROA not before: Tue 02 May 2023 06:41:23 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 202371
IP address blocks: 94.185.120.0/24 maxlen: 24
94.185.121.0/24 maxlen: 24
94.185.122.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:db:31:be:a9:60:ca:19:51:cb:59:0c:8c:28:dc:4b:ae
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2588b1b560f998eccd3a6eff40543b59204d67b8
Validity
Not Before: May 2 06:41:23 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4e530abd65740f36c36e35ef026e0e3e4e3b39ab
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:b2:12:18:89:d1:9b:0d:31:ce:90:d1:07:d2:
9e:c1:50:07:07:5c:6e:aa:0d:a8:01:e7:eb:b9:a5:
cb:85:68:fb:0e:aa:ee:e9:92:68:e6:d7:c4:3b:8b:
16:0c:ab:03:c8:ff:7d:74:6c:e9:d3:f8:77:bb:bf:
e1:33:cc:ba:53:da:c5:6d:0c:4c:45:76:4b:a7:45:
ff:88:23:a5:18:a3:aa:ed:38:e5:5d:90:89:f6:68:
a6:20:4a:86:1f:9f:ef:01:1c:6e:f0:a6:67:83:c4:
be:bb:1a:09:a3:e7:60:66:f4:09:d9:46:6e:f5:9b:
3c:43:c5:c5:30:58:18:5c:75:db:31:14:23:a5:d4:
64:e8:04:f7:68:58:0b:f9:1c:d4:44:10:f0:1d:44:
a8:ae:1a:71:bd:fe:f8:d7:b0:4e:56:e2:63:d5:8c:
59:66:6c:63:14:41:89:1d:a6:11:a9:5c:6c:79:f2:
5f:c5:1c:2e:93:5f:bf:b5:12:d9:16:b1:af:02:b2:
67:c4:ea:45:24:e9:6d:68:66:0d:eb:e6:ee:c4:fe:
cb:fa:ff:79:54:cc:cf:1e:d1:96:77:a2:17:5b:e1:
42:0e:03:31:a5:62:a9:4a:76:85:f0:80:03:93:45:
a1:09:47:b4:f3:5a:d9:b2:ca:f6:da:71:9c:98:e7:
a0:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:53:0A:BD:65:74:0F:36:C3:6E:35:EF:02:6E:0E:3E:4E:3B:39:AB
X509v3 Authority Key Identifier:
keyid:25:88:B1:B5:60:F9:98:EC:CD:3A:6E:FF:40:54:3B:59:20:4D:67:B8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JYixtWD5mOzNOm7_QFQ7WSBNZ7g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/18d6d5-6c86-42c1-84f1-99a0189888b5/1/TlMKvWV0DzbDbjXvAm4OPk47Oas.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/18d6d5-6c86-42c1-84f1-99a0189888b5/1/JYixtWD5mOzNOm7_QFQ7WSBNZ7g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.185.120.0-94.185.122.255
Signature Algorithm: sha256WithRSAEncryption
3c:46:8e:27:a9:83:f3:b5:b8:2f:a7:b3:c7:e9:1f:c5:d9:1b:
ab:92:a3:f9:13:cf:ed:1b:d7:c6:e8:a8:e6:af:eb:95:52:51:
53:22:4f:4f:ce:3a:30:b7:a6:dd:7e:8b:97:dc:cd:ff:3c:4c:
ce:b0:a4:ff:09:6e:06:16:6a:cf:ba:45:c7:9a:5d:6c:35:60:
cc:8e:0c:d5:5b:e3:e4:05:6e:d7:8a:75:6e:6a:a7:07:1c:11:
8a:f8:fc:35:8e:7b:6f:bc:7c:76:cd:c7:01:93:ee:f3:71:56:
ab:34:be:a1:7a:da:0a:e9:ca:e9:37:6c:95:e5:b8:d7:03:a2:
63:3b:e2:2b:4a:98:3b:af:96:e7:09:54:53:87:35:e9:f4:23:
e6:21:e1:b1:8b:89:82:40:80:b6:b3:ab:57:6c:28:aa:5b:60:
d5:ec:ed:9a:d0:d4:b9:b4:03:03:4b:9e:2b:15:b2:e4:cb:8d:
40:8c:88:ff:b8:d1:54:6d:3d:4c:d0:02:0b:b1:1d:58:82:47:
de:64:00:9e:ae:1f:a0:8e:77:ed:bc:70:da:bc:4b:37:0c:34:
31:e3:91:4b:bb:8d:c7:8d:3e:ef:26:ca:da:86:41:db:97:5b:
3e:8b:8d:f4:17:fa:5a:a2:aa:1d:78:4a:58:13:65:ca:55:19:
21:e7:e6:d2
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYfbMb6pYMoZUctZDIwo3EuuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI1ODhiMWI1NjBmOTk4ZWNjZDNhNmVmZjQwNTQzYjU5MjA0
ZDY3YjgwHhcNMjMwNTAyMDY0MTIzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZTUzMGFiZDY1NzQwZjM2YzM2ZTM1ZWYwMjZlMGUzZTRlM2IzOWFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA07ISGInRmw0xzpDRB9KewVAHB1xu
qg2oAefruaXLhWj7Dqru6ZJo5tfEO4sWDKsDyP99dGzp0/h3u7/hM8y6U9rFbQxM
RXZLp0X/iCOlGKOq7TjlXZCJ9mimIEqGH5/vARxu8KZng8S+uxoJo+dgZvQJ2UZu
9Zs8Q8XFMFgYXHXbMRQjpdRk6AT3aFgL+RzURBDwHUSorhpxvf7417BOVuJj1YxZ
ZmxjFEGJHaYRqVxsefJfxRwuk1+/tRLZFrGvArJnxOpFJOltaGYN6+buxP7L+v95
VMzPHtGWd6IXW+FCDgMxpWKpSnaF8IADk0WhCUe081rZssr22nGcmOegOwIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFE5TCr1ldA82w2417wJuDj5OOzmrMB8GA1UdIwQY
MBaAFCWIsbVg+ZjszTpu/0BUO1kgTWe4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSllpeHRXRDVtT3pOT203X1FGUTdXU0JOWjdnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS8xOGQ2ZDUtNmM4Ni00MmMxLTg0ZjEt
OTlhMDE4OTg4OGI1LzEvVGxNS3ZXVjBEemJEYmpYdkFtNE9QazQ3T2FzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS8xOGQ2ZDUtNmM4Ni00MmMxLTg0ZjEtOTlhMDE4OTg4OGI1
LzEvSllpeHRXRDVtT3pOT203X1FGUTdXU0JOWjdnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBANeuXgD
BABeuXowDQYJKoZIhvcNAQELBQADggEBADxGjiepg/O1uC+ns8fpH8XZG6uSo/kT
z+0b18boqOav65VSUVMiT0/OOjC3pt1+i5fczf88TM6wpP8JbgYWas+6RceaXWw1
YMyODNVb4+QFbteKdW5qpwccEYr4/DWOe2+8fHbNxwGT7vNxVqs0vqF62grpyuk3
bJXluNcDomM74itKmDuvlucJVFOHNen0I+Yh4bGLiYJAgLazq1dsKKpbYNXs7ZrQ
1Lm0AwNLnisVsuTLjUCMiP+40VRtPUzQAguxHViCR95kAJ6uH6COd+28cNq8SzcM
NDHjkUu7jceNPu8mytqGQduXWz6LjfQX+lqiqh14SlgTZcpVGSHn5tI=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:26:45 2025 by rpki-client