Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/63/f2a66f-2b4a-4610-8da8-09dd4c28b1e4/1/tu0gAyPQmWA1vKDpW3TMNryVgO0.roa
File: tu0gAyPQmWA1vKDpW3TMNryVgO0.roa (raw, json)
Hash identifier: /de7EHkeDoRnop/xHfILY+z8AAe7lN6y7k8sXwLu3sQ=
Subject key identifier: B6:ED:20:03:23:D0:99:60:35:BC:A0:E9:5B:74:CC:36:BC:95:80:ED
Certificate issuer: /CN=5f75203151d3b23ecccb64f520fb42549860cff0
Certificate serial: 01F6111B
Authority key identifier: 5F:75:20:31:51:D3:B2:3E:CC:CB:64:F5:20:FB:42:54:98:60:CF:F0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/X3UgMVHTsj7My2T1IPtCVJhgz_A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/63/f2a66f-2b4a-4610-8da8-09dd4c28b1e4/1/tu0gAyPQmWA1vKDpW3TMNryVgO0.roa
Signing time: Sat 01 Jan 2022 15:01:31 +0000
ROA not before: Sat 01 Jan 2022 15:01:31 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 43532
IP address blocks: 185.191.48.0/22 maxlen: 22
2a0a:1540::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 32903451 (0x1f6111b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5f75203151d3b23ecccb64f520fb42549860cff0
Validity
Not Before: Jan 1 15:01:31 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=b6ed200323d0996035bca0e95b74cc36bc9580ed
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ea:e6:cd:69:7a:a7:ba:bb:ed:d6:6d:03:f2:c2:
dd:43:b3:88:3e:9b:8a:bc:79:37:4d:94:5a:57:dc:
f9:98:df:e4:3d:b5:f8:ac:ca:0e:96:8f:1c:ea:a5:
06:1a:d2:7a:55:db:eb:8a:54:a0:c9:df:29:5b:de:
52:2e:7f:b9:71:16:0b:d5:2f:a8:43:8e:e2:8a:63:
c6:76:5a:0b:c9:ca:7d:8d:6f:42:fa:4a:ff:b7:39:
44:d8:32:34:b5:d9:8a:94:82:f6:12:b1:d3:e8:cf:
5f:1d:71:29:76:15:62:82:2f:00:70:d9:8e:18:90:
70:f2:ff:e2:93:aa:67:e6:30:d0:2b:a0:4f:41:d8:
61:62:6e:7e:53:0f:01:8c:98:97:6d:5d:b3:a9:07:
67:7a:f3:05:39:98:a3:11:7a:04:b9:e4:d9:c9:14:
14:08:08:b0:3d:e3:4d:8e:23:ec:df:d9:50:75:a7:
39:9e:fa:2a:8b:8f:20:4e:07:b9:05:b1:bf:06:e6:
7f:05:61:37:a1:7f:98:ca:5f:35:45:40:98:fc:08:
c5:ad:b5:c7:25:ff:3a:05:fb:14:e8:94:ee:ff:10:
3f:0e:ed:13:5d:45:2f:31:18:56:d7:36:fc:04:ef:
2b:11:e5:bf:35:a0:74:6d:00:e1:e8:60:eb:4b:da:
39:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:ED:20:03:23:D0:99:60:35:BC:A0:E9:5B:74:CC:36:BC:95:80:ED
X509v3 Authority Key Identifier:
keyid:5F:75:20:31:51:D3:B2:3E:CC:CB:64:F5:20:FB:42:54:98:60:CF:F0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/X3UgMVHTsj7My2T1IPtCVJhgz_A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/63/f2a66f-2b4a-4610-8da8-09dd4c28b1e4/1/tu0gAyPQmWA1vKDpW3TMNryVgO0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/63/f2a66f-2b4a-4610-8da8-09dd4c28b1e4/1/X3UgMVHTsj7My2T1IPtCVJhgz_A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.191.48.0/22
IPv6:
2a0a:1540::/29
Signature Algorithm: sha256WithRSAEncryption
8d:3a:1b:f5:81:11:4c:a4:8f:34:fb:07:c8:6b:f1:bc:b0:38:
55:3b:b7:4c:3c:c0:d7:e2:21:e1:eb:ad:c9:4d:b4:9b:4b:c9:
25:57:e7:ea:30:0b:85:bc:25:c4:24:65:c3:f8:08:8b:2e:e5:
50:37:1b:fe:25:f0:10:b7:b1:db:81:17:a7:bb:af:03:ba:1d:
78:e7:0f:7c:9d:32:7a:d5:9a:72:05:5c:d0:92:2a:b9:a1:f9:
ab:65:9a:80:71:09:80:c6:b2:22:50:ea:6f:b2:d1:69:62:89:
44:01:a5:05:0a:13:52:77:5b:84:c8:0f:a1:89:e4:1b:2b:71:
4d:de:ee:fa:e7:32:51:f2:6b:81:b3:48:17:ea:a1:14:9c:fe:
7b:6d:12:38:ab:84:6d:b7:71:ae:cb:5c:e7:bd:10:a7:3b:5d:
35:9c:4c:8e:83:1b:de:25:56:ce:98:a9:b8:5f:03:78:8e:93:
6a:a7:6f:f0:2c:db:c8:df:d5:e6:0b:cf:ce:80:dd:0e:dd:39:
98:71:37:d3:46:05:87:e3:81:54:be:45:ed:a6:9c:b3:ec:64:
b8:ea:fe:28:4c:80:4e:5e:17:7e:ef:6d:9c:4e:ca:fd:00:45:
2e:26:18:3b:f6:71:7e:d1:6f:61:40:f1:7f:fd:4b:24:db:53:
4f:ad:f3:ec
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIEAfYRGzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg1
Zjc1MjAzMTUxZDNiMjNlY2NjYjY0ZjUyMGZiNDI1NDk4NjBjZmYwMB4XDTIyMDEw
MTE1MDEzMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYjZlZDIwMDMyM2Qw
OTk2MDM1YmNhMGU5NWI3NGNjMzZiYzk1ODBlZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOrmzWl6p7q77dZtA/LC3UOziD6birx5N02UWlfc+Zjf5D21
+KzKDpaPHOqlBhrSelXb64pUoMnfKVveUi5/uXEWC9UvqEOO4opjxnZaC8nKfY1v
QvpK/7c5RNgyNLXZipSC9hKx0+jPXx1xKXYVYoIvAHDZjhiQcPL/4pOqZ+Yw0Cug
T0HYYWJuflMPAYyYl21ds6kHZ3rzBTmYoxF6BLnk2ckUFAgIsD3jTY4j7N/ZUHWn
OZ76KouPIE4HuQWxvwbmfwVhN6F/mMpfNUVAmPwIxa21xyX/OgX7FOiU7v8QPw7t
E11FLzEYVtc2/ATvKxHlvzWgdG0A4ehg60vaOdsCAwEAAaOCAhgwggIUMB0GA1Ud
DgQWBBS27SADI9CZYDW8oOlbdMw2vJWA7TAfBgNVHSMEGDAWgBRfdSAxUdOyPszL
ZPUg+0JUmGDP8DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1gzVWdNVkhUc2o3TXkyVDFJUHRDVkpoZ3pfQS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNjMvZjJhNjZmLTJiNGEtNDYxMC04ZGE4LTA5ZGQ0YzI4YjFlNC8x
L3R1MGdBeVBRbVdBMXZLRHBXM1RNTnJ5VmdPMC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNjMv
ZjJhNjZmLTJiNGEtNDYxMC04ZGE4LTA5ZGQ0YzI4YjFlNC8xL1gzVWdNVkhUc2o3
TXkyVDFJUHRDVkpoZ3pfQS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAu
BggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEArm/MDANBAIAAjAHAwUDKgoVQDAN
BgkqhkiG9w0BAQsFAAOCAQEAjTob9YERTKSPNPsHyGvxvLA4VTu3TDzA1+Ih4eut
yU20m0vJJVfn6jALhbwlxCRlw/gIiy7lUDcb/iXwELex24EXp7uvA7odeOcPfJ0y
etWacgVc0JIquaH5q2WagHEJgMayIlDqb7LRaWKJRAGlBQoTUndbhMgPoYnkGytx
Td7u+ucyUfJrgbNIF+qhFJz+e20SOKuEbbdxrstc570QpztdNZxMjoMb3iVWzpip
uF8DeI6Taqdv8CzbyN/V5gvPzoDdDt05mHE300YFh+OBVL5F7aacs+xkuOr+KEyA
Tl4Xfu9tnE7K/QBFLiYYO/ZxftFvYUDxf/1LJNtTT63z7A==
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:07:43 2025 by rpki-client