Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/fb2411-485b-4143-9241-13839640a604/1/TofftAVr5dFW9RJEc-IjkqDWWzI.roa
File: TofftAVr5dFW9RJEc-IjkqDWWzI.roa (raw, json)
Hash identifier: McdQ+MMDgFNiiwY+rTJMEhzMZW2ta42I5qoQnxErixQ=
Subject key identifier: 4E:87:DF:B4:05:6B:E5:D1:56:F5:12:44:73:E2:23:92:A0:D6:5B:32
Certificate issuer: /CN=f84128146b7bec8bd1185bbe0c3b9340aaf5b714
Certificate serial: 01856B8A2DCECD0CD9790DA8C6A5B86E4F8B
Authority key identifier: F8:41:28:14:6B:7B:EC:8B:D1:18:5B:BE:0C:3B:93:40:AA:F5:B7:14
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-EEoFGt77IvRGFu-DDuTQKr1txQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/62/fb2411-485b-4143-9241-13839640a604/1/TofftAVr5dFW9RJEc-IjkqDWWzI.roa
Signing time: Sun 01 Jan 2023 04:14:55 +0000
ROA not before: Sun 01 Jan 2023 04:14:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 205673
IP address blocks: 185.210.84.0/22 maxlen: 23
185.244.168.0/22 maxlen: 23
185.235.132.0/22 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:8a:2d:ce:cd:0c:d9:79:0d:a8:c6:a5:b8:6e:4f:8b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f84128146b7bec8bd1185bbe0c3b9340aaf5b714
Validity
Not Before: Jan 1 04:14:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4e87dfb4056be5d156f5124473e22392a0d65b32
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f0:44:58:25:67:db:57:2b:09:16:fa:c4:98:ac:
62:1a:16:aa:9d:ec:fa:f3:5f:61:15:2b:bd:d9:2f:
b5:b0:fb:16:3d:76:42:16:b4:0b:9a:32:99:44:cf:
60:02:ef:3a:96:64:8c:32:85:b6:11:ae:c7:ba:0b:
cc:03:64:9e:bf:df:36:b7:97:3f:b2:fd:94:fa:a9:
b9:52:f5:dc:73:19:cd:09:f5:39:01:ad:67:3a:44:
8c:fd:08:76:81:e3:e8:14:7c:cd:bf:28:6a:b0:f1:
06:9d:a7:6f:3e:b5:ff:26:0d:5b:dd:ce:c4:a3:a2:
3d:63:47:54:6d:1a:99:e4:bc:f2:74:af:d4:88:70:
68:a3:ef:62:4b:6f:cf:62:19:1a:79:15:6a:1f:ec:
0c:a8:7f:d1:a6:3d:f8:67:db:06:29:e9:02:33:81:
5c:27:51:04:3c:f2:c6:20:9d:dd:98:21:3d:58:f7:
c0:2d:81:b9:ea:81:e0:aa:2a:d5:97:87:95:26:69:
d4:eb:6e:26:4e:04:09:53:6a:60:95:f3:eb:96:13:
2c:c2:fc:73:1b:27:62:d0:ea:d7:30:8d:1d:4f:95:
76:71:a6:ed:c9:f1:b9:2c:44:e4:47:76:bd:0d:98:
42:80:cc:8e:4a:0a:a0:44:af:b6:39:a5:0a:02:91:
2d:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:87:DF:B4:05:6B:E5:D1:56:F5:12:44:73:E2:23:92:A0:D6:5B:32
X509v3 Authority Key Identifier:
keyid:F8:41:28:14:6B:7B:EC:8B:D1:18:5B:BE:0C:3B:93:40:AA:F5:B7:14
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-EEoFGt77IvRGFu-DDuTQKr1txQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/fb2411-485b-4143-9241-13839640a604/1/TofftAVr5dFW9RJEc-IjkqDWWzI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/62/fb2411-485b-4143-9241-13839640a604/1/1-EEoFGt77IvRGFu-DDuTQKr1txQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.210.84.0/22
185.235.132.0/22
185.244.168.0/22
Signature Algorithm: sha256WithRSAEncryption
71:84:34:a6:a8:99:d4:78:49:f0:8c:0b:d2:cb:7a:f9:5a:df:
df:77:57:94:02:e3:5d:c0:01:b9:d9:c1:6e:45:32:39:08:77:
b5:1a:78:a6:28:ab:08:75:1a:ea:47:37:4e:c6:ec:48:5f:61:
ec:cf:de:62:a5:a6:0b:ff:d0:95:56:69:a4:f1:cf:fa:cb:00:
f7:29:8a:be:0b:23:54:50:8b:a7:4a:ba:3b:8f:6c:e2:5c:19:
e1:f2:b9:04:88:45:7c:a0:5f:6e:a8:c1:1b:da:e4:f0:a8:0c:
cc:92:80:70:d8:d7:0a:ad:0e:de:b8:f5:a2:99:bc:b0:83:42:
f1:d3:b8:b4:89:40:5f:a5:27:3b:e5:94:5f:0c:b9:4b:81:84:
7c:d9:23:f3:66:c4:eb:df:0c:1e:a4:9c:12:20:9f:30:7f:6e:
14:79:c1:8d:51:8f:8f:77:69:40:38:f9:af:42:08:2c:06:7a:
d9:7a:83:dc:37:02:fc:4c:ae:74:07:50:29:5e:f6:64:24:7d:
a0:e4:af:6a:6f:e0:70:2d:2d:9f:42:9b:0c:1d:18:dc:50:3c:
2e:74:08:c9:aa:8b:18:1f:31:53:d3:c3:b0:f3:d0:6a:f2:c0:
27:b1:7a:cf:83:77:ba:c3:f2:ca:65:98:a4:dc:33:2b:57:6a:
3d:b2:f6:e9
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYVrii3OzQzZeQ2oxqW4bk+LMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY4NDEyODE0NmI3YmVjOGJkMTE4NWJiZTBjM2I5MzQwYWFm
NWI3MTQwHhcNMjMwMTAxMDQxNDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZTg3ZGZiNDA1NmJlNWQxNTZmNTEyNDQ3M2UyMjM5MmEwZDY1YjMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8ERYJWfbVysJFvrEmKxiGhaqnez6
819hFSu92S+1sPsWPXZCFrQLmjKZRM9gAu86lmSMMoW2Ea7HugvMA2Sev982t5c/
sv2U+qm5UvXccxnNCfU5Aa1nOkSM/Qh2gePoFHzNvyhqsPEGnadvPrX/Jg1b3c7E
o6I9Y0dUbRqZ5LzydK/UiHBoo+9iS2/PYhkaeRVqH+wMqH/Rpj34Z9sGKekCM4Fc
J1EEPPLGIJ3dmCE9WPfALYG56oHgqirVl4eVJmnU624mTgQJU2pglfPrlhMswvxz
Gydi0OrXMI0dT5V2cabtyfG5LETkR3a9DZhCgMyOSgqgRK+2OaUKApEtlQIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFE6H37QFa+XRVvUSRHPiI5Kg1lsyMB8GA1UdIwQY
MBaAFPhBKBRre+yL0Rhbvgw7k0Cq9bcUMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1FRW9GR3Q3N0l2UkdGdS1ERHVUUUtyMXR4US5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNjIvZmIyNDExLTQ4NWItNDE0My05MjQx
LTEzODM5NjQwYTYwNC8xL1RvZmZ0QVZyNWRGVzlSSkVjLUlqa3FEV1d6SS5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNjIvZmIyNDExLTQ4NWItNDE0My05MjQxLTEzODM5NjQwYTYw
NC8xLzEtRUVvRkd0NzdJdlJHRnUtRER1VFFLcjF0eFEuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBIDBAK50lQD
BAK564QDBAK59KgwDQYJKoZIhvcNAQELBQADggEBAHGENKaomdR4SfCMC9LLevla
3993V5QC413AAbnZwW5FMjkId7UaeKYoqwh1GupHN07G7EhfYezP3mKlpgv/0JVW
aaTxz/rLAPcpir4LI1RQi6dKujuPbOJcGeHyuQSIRXygX26owRva5PCoDMySgHDY
1wqtDt649aKZvLCDQvHTuLSJQF+lJzvllF8MuUuBhHzZI/NmxOvfDB6knBIgnzB/
bhR5wY1Rj493aUA4+a9CCCwGetl6g9w3AvxMrnQHUCle9mQkfaDkr2pv4HAtLZ9C
mwwdGNxQPC50CMmqixgfMVPTw7Dz0GrywCexes+Dd7rD8splmKTcMytXaj2y9uk=
-----END CERTIFICATE-----
Generated at Thu Apr 17 00:34:00 2025 by rpki-client