Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/ca9cc3-7537-4c6a-a028-70af5f6573b5/1/TJwYy33Nj0KRMwEoSbM1L0OUUjo.roa
File: TJwYy33Nj0KRMwEoSbM1L0OUUjo.roa (raw, json)
Hash identifier: +h2fqF/OdFU/FXabDGUlqcBybCnEIsUUQoy9RY7rQgc=
Subject key identifier: 4C:9C:18:CB:7D:CD:8F:42:91:33:01:28:49:B3:35:2F:43:94:52:3A
Certificate issuer: /CN=41cede907492e50c951263957881bc3cc5ce30ae
Certificate serial: 018570C2BC8219E649E7589270F4D159DDB6
Authority key identifier: 41:CE:DE:90:74:92:E5:0C:95:12:63:95:78:81:BC:3C:C5:CE:30:AE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Qc7ekHSS5QyVEmOVeIG8PMXOMK4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/62/ca9cc3-7537-4c6a-a028-70af5f6573b5/1/TJwYy33Nj0KRMwEoSbM1L0OUUjo.roa
Signing time: Mon 02 Jan 2023 04:34:48 +0000
ROA not before: Mon 02 Jan 2023 04:34:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49892
IP address blocks: 94.143.128.0/24 maxlen: 24
94.143.128.0/21 maxlen: 21
94.143.129.0/24 maxlen: 24
94.143.130.0/24 maxlen: 24
94.143.131.0/24 maxlen: 24
94.143.132.0/24 maxlen: 24
94.143.133.0/24 maxlen: 24
94.143.134.0/24 maxlen: 24
94.143.135.0/24 maxlen: 24
185.169.216.0/24 maxlen: 24
185.169.216.0/22 maxlen: 22
185.169.217.0/24 maxlen: 24
185.169.218.0/24 maxlen: 24
185.169.219.0/24 maxlen: 24
2a04:6a40::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:c2:bc:82:19:e6:49:e7:58:92:70:f4:d1:59:dd:b6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=41cede907492e50c951263957881bc3cc5ce30ae
Validity
Not Before: Jan 2 04:34:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4c9c18cb7dcd8f429133012849b3352f4394523a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:2a:8f:60:8c:fe:9d:3f:9e:b5:2d:15:09:a9:
23:d7:ee:c7:b0:65:95:02:e6:a3:28:39:53:bd:05:
17:b8:3c:ef:a6:f9:09:ca:6b:d0:cf:bf:2f:2a:c6:
b4:18:94:8d:38:e3:54:c2:48:1a:da:f6:31:6b:9e:
d3:f2:65:09:11:28:b4:32:d7:94:90:ac:dc:55:9f:
02:3b:e4:bc:5c:21:26:9c:41:ed:54:9a:ea:90:63:
17:f2:f2:d9:5b:6b:39:c0:da:3a:71:9b:bf:4c:e8:
a3:5b:56:5a:c4:73:ed:1e:3c:5e:82:cd:07:4f:1a:
e6:22:c0:92:18:a5:cd:76:35:f3:33:b9:2d:39:50:
c9:e3:75:e6:82:28:07:7f:98:0e:a3:5c:14:39:85:
aa:3f:b2:7e:49:95:52:e0:78:dc:48:fa:13:ac:7b:
3f:ba:ca:29:06:72:eb:58:a5:f1:57:db:38:6f:d5:
ec:2c:2f:d0:3f:e4:41:0b:82:91:c4:64:00:ae:46:
d6:f5:6a:6e:c8:a5:fb:94:cd:a0:ab:51:29:30:fd:
86:c5:1e:89:66:c9:69:eb:37:22:08:75:94:89:18:
62:5d:75:e5:ca:3c:ec:bd:e7:cf:ba:a6:15:4a:50:
ab:9f:e5:2d:73:9c:e6:2b:2d:de:f0:af:5c:39:5e:
ee:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:9C:18:CB:7D:CD:8F:42:91:33:01:28:49:B3:35:2F:43:94:52:3A
X509v3 Authority Key Identifier:
keyid:41:CE:DE:90:74:92:E5:0C:95:12:63:95:78:81:BC:3C:C5:CE:30:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Qc7ekHSS5QyVEmOVeIG8PMXOMK4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/ca9cc3-7537-4c6a-a028-70af5f6573b5/1/TJwYy33Nj0KRMwEoSbM1L0OUUjo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/62/ca9cc3-7537-4c6a-a028-70af5f6573b5/1/Qc7ekHSS5QyVEmOVeIG8PMXOMK4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.143.128.0/21
185.169.216.0/22
IPv6:
2a04:6a40::/29
Signature Algorithm: sha256WithRSAEncryption
00:93:f0:96:9a:d4:b2:ad:8f:f9:bb:16:b4:a0:9e:51:bb:9c:
30:f3:54:ec:4e:a9:35:1e:4b:02:5e:3b:bf:8b:a5:78:98:9f:
ff:af:91:f5:88:b6:19:54:9d:88:a6:45:c6:7f:ca:42:cd:f6:
24:ef:a5:5d:18:f5:27:ed:09:c8:85:e4:94:18:23:26:18:fc:
25:b7:96:2a:e2:5a:76:97:f0:3e:d9:78:62:ad:dc:b1:7f:c7:
5a:c4:34:dd:be:2b:bd:15:e6:1c:66:ec:a5:f9:11:67:71:fd:
e6:40:d0:5b:9a:50:3c:8a:bd:c3:a4:d2:3c:47:ac:21:ea:cc:
0b:bb:6a:a9:20:47:d0:61:71:71:1d:a1:59:66:5e:fa:28:bd:
5b:19:2b:a6:a7:88:3f:cf:70:c4:50:fe:98:71:8b:36:c7:93:
17:3f:a5:35:cb:c9:98:8b:2b:81:af:13:00:a0:5c:f3:6e:c1:
7f:b8:25:e0:30:82:91:d8:20:28:31:55:a3:79:e3:0a:08:36:
7c:55:25:c7:71:b2:eb:92:54:4a:2e:cd:c6:ee:e0:0a:2e:a3:
e6:9c:4e:80:a6:00:88:59:ae:ad:2a:01:3a:d4:04:1d:d3:b5:
39:59:97:96:a5:d0:ad:7e:2a:96:0b:f9:7e:ab:82:60:0c:e5:
17:7e:c7:d9
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYVwwryCGeZJ51iScPTRWd22MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQxY2VkZTkwNzQ5MmU1MGM5NTEyNjM5NTc4ODFiYzNjYzVj
ZTMwYWUwHhcNMjMwMTAyMDQzNDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YzljMThjYjdkY2Q4ZjQyOTEzMzAxMjg0OWIzMzUyZjQzOTQ1MjNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoSqPYIz+nT+etS0VCakj1+7HsGWV
AuajKDlTvQUXuDzvpvkJymvQz78vKsa0GJSNOONUwkga2vYxa57T8mUJESi0MteU
kKzcVZ8CO+S8XCEmnEHtVJrqkGMX8vLZW2s5wNo6cZu/TOijW1ZaxHPtHjxegs0H
TxrmIsCSGKXNdjXzM7ktOVDJ43XmgigHf5gOo1wUOYWqP7J+SZVS4HjcSPoTrHs/
usopBnLrWKXxV9s4b9XsLC/QP+RBC4KRxGQArkbW9WpuyKX7lM2gq1EpMP2GxR6J
Zslp6zciCHWUiRhiXXXlyjzsvefPuqYVSlCrn+Utc5zmKy3e8K9cOV7ukwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFEycGMt9zY9CkTMBKEmzNS9DlFI6MB8GA1UdIwQY
MBaAFEHO3pB0kuUMlRJjlXiBvDzFzjCuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUWM3ZWtIU1M1UXlWRW1PVmVJRzhQTVhPTUs0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Mi9jYTljYzMtNzUzNy00YzZhLWEwMjgt
NzBhZjVmNjU3M2I1LzEvVEp3WXkzM05qMEtSTXdFb1NiTTFMME9VVWpvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Mi9jYTljYzMtNzUzNy00YzZhLWEwMjgtNzBhZjVmNjU3M2I1
LzEvUWM3ZWtIU1M1UXlWRW1PVmVJRzhQTVhPTUs0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQDXo+AAwQC
uanYMA0EAgACMAcDBQMqBGpAMA0GCSqGSIb3DQEBCwUAA4IBAQAAk/CWmtSyrY/5
uxa0oJ5Ru5ww81TsTqk1HksCXju/i6V4mJ//r5H1iLYZVJ2IpkXGf8pCzfYk76Vd
GPUn7QnIheSUGCMmGPwlt5Yq4lp2l/A+2Xhirdyxf8daxDTdviu9FeYcZuyl+RFn
cf3mQNBbmlA8ir3DpNI8R6wh6swLu2qpIEfQYXFxHaFZZl76KL1bGSump4g/z3DE
UP6YcYs2x5MXP6U1y8mYiyuBrxMAoFzzbsF/uCXgMIKR2CAoMVWjeeMKCDZ8VSXH
cbLrklRKLs3G7uAKLqPmnE6ApgCIWa6tKgE61AQd07U5WZeWpdCtfiqWC/l+q4Jg
DOUXfsfZ
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:11:45 2025 by rpki-client