Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/5ca752-14cf-4454-9041-e2bd03ffd58d/1/tjmE8ppNJKCWZu6rDKgfkh6slYs.roa
File: tjmE8ppNJKCWZu6rDKgfkh6slYs.roa (raw, json)
Hash identifier: cODCrbmdcRbAxMCHwWp2Xcs31/iHGZnHFyiZMluanXs=
Subject key identifier: B6:39:84:F2:9A:4D:24:A0:96:66:EE:AB:0C:A8:1F:92:1E:AC:95:8B
Certificate issuer: /CN=1530fbea2501495977d38815ad3c270826f063a0
Certificate serial: 01856D384F83BD44057F8F4F5BF101BA9123
Authority key identifier: 15:30:FB:EA:25:01:49:59:77:D3:88:15:AD:3C:27:08:26:F0:63:A0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FTD76iUBSVl304gVrTwnCCbwY6A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/5ca752-14cf-4454-9041-e2bd03ffd58d/1/tjmE8ppNJKCWZu6rDKgfkh6slYs.roa
Signing time: Sun 01 Jan 2023 12:04:44 +0000
ROA not before: Sun 01 Jan 2023 12:04:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 205783
IP address blocks: 185.200.49.0/24 maxlen: 24
185.200.48.128/25 maxlen: 25
185.200.48.0/25 maxlen: 25
185.200.48.0/24 maxlen: 24
185.200.51.0/24 maxlen: 24
185.200.50.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:38:4f:83:bd:44:05:7f:8f:4f:5b:f1:01:ba:91:23
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1530fbea2501495977d38815ad3c270826f063a0
Validity
Not Before: Jan 1 12:04:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b63984f29a4d24a09666eeab0ca81f921eac958b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:20:4c:a9:31:d6:2a:55:19:a1:90:72:64:f4:
af:a7:0e:9a:4a:45:35:92:8e:30:53:16:0b:b4:ae:
5e:35:83:32:b7:c2:71:28:5d:16:57:6a:9c:3b:cc:
48:34:e1:62:45:18:8b:ed:53:24:9f:82:c5:b6:53:
d3:5f:a6:56:f7:ed:76:7c:7f:85:7c:f1:97:ec:4d:
b9:bc:2c:8d:f1:8d:d7:e5:3a:fe:71:48:d4:87:5b:
fa:20:97:14:40:f5:de:32:ef:61:e3:7c:0d:50:48:
88:89:8e:41:36:c3:5c:6f:24:b9:0a:af:74:e1:f6:
fd:5a:48:7b:79:3d:89:50:6c:00:2f:fc:d9:3e:c8:
12:03:52:be:1a:de:91:f2:14:d6:b2:51:69:a7:ec:
15:b5:7c:80:86:90:ca:60:e1:74:c2:a2:7e:67:44:
21:cf:d9:47:fb:25:8b:9c:21:91:bb:f4:e5:27:7e:
dd:ff:59:37:f2:0e:0e:6d:80:8f:93:e8:2c:79:47:
82:b1:b3:e0:1a:39:01:90:f2:81:9a:68:86:3d:77:
8a:91:64:4d:21:c6:38:29:4d:6f:88:76:be:ff:ac:
c8:8e:fa:2f:b9:11:b4:bd:bf:27:1d:0e:e5:14:9d:
b9:91:7c:b0:5a:f0:e3:ab:e5:6f:86:5d:52:32:2a:
dd:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:39:84:F2:9A:4D:24:A0:96:66:EE:AB:0C:A8:1F:92:1E:AC:95:8B
X509v3 Authority Key Identifier:
keyid:15:30:FB:EA:25:01:49:59:77:D3:88:15:AD:3C:27:08:26:F0:63:A0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FTD76iUBSVl304gVrTwnCCbwY6A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/5ca752-14cf-4454-9041-e2bd03ffd58d/1/tjmE8ppNJKCWZu6rDKgfkh6slYs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/5ca752-14cf-4454-9041-e2bd03ffd58d/1/FTD76iUBSVl304gVrTwnCCbwY6A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.200.48.0/22
Signature Algorithm: sha256WithRSAEncryption
61:c0:a3:c2:df:c4:ee:5f:de:36:07:fd:69:c9:99:60:03:0e:
7e:ba:66:b4:10:09:c7:ad:e3:00:99:d1:a7:cb:86:2c:17:21:
79:b4:d3:28:af:38:8f:7c:bd:bb:f4:2f:88:c7:ac:7d:89:e7:
a0:8d:bf:66:de:0d:51:5f:68:6e:24:51:14:f3:02:4d:59:00:
7f:76:15:94:b6:4b:c0:cc:8c:56:3e:90:c0:94:33:ea:d8:db:
a4:d0:29:59:d9:e3:b1:92:36:83:97:a4:ec:a3:61:0d:9e:8c:
10:1b:de:46:5f:8e:e1:15:61:27:1d:64:e8:78:ac:0b:1d:b3:
79:83:e1:49:c0:c7:18:ef:bd:45:f7:0c:5f:fb:f1:b3:b3:04:
7a:68:64:91:59:74:06:cd:e2:d5:07:c8:a3:b9:48:ff:27:82:
57:e1:99:8e:d4:c5:fe:23:44:c8:9c:65:6e:18:08:67:b2:e1:
3b:70:8b:13:72:81:e5:b5:de:36:8c:d0:e8:85:7b:d1:ff:d0:
41:80:7e:a8:40:04:92:98:29:32:33:2f:d4:55:6e:34:24:e1:
dd:9b:b6:3c:45:aa:4b:ce:d2:da:b7:c6:26:b6:91:15:5f:5d:
50:0f:55:5e:05:3a:59:11:4d:7b:23:63:68:34:a5:42:e4:1a:
c2:9d:9c:fc
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVtOE+DvUQFf49PW/EBupEjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE1MzBmYmVhMjUwMTQ5NTk3N2QzODgxNWFkM2MyNzA4MjZm
MDYzYTAwHhcNMjMwMTAxMTIwNDQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNjM5ODRmMjlhNGQyNGEwOTY2NmVlYWIwY2E4MWY5MjFlYWM5NThiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtyBMqTHWKlUZoZByZPSvpw6aSkU1
ko4wUxYLtK5eNYMyt8JxKF0WV2qcO8xINOFiRRiL7VMkn4LFtlPTX6ZW9+12fH+F
fPGX7E25vCyN8Y3X5Tr+cUjUh1v6IJcUQPXeMu9h43wNUEiIiY5BNsNcbyS5Cq90
4fb9Wkh7eT2JUGwAL/zZPsgSA1K+Gt6R8hTWslFpp+wVtXyAhpDKYOF0wqJ+Z0Qh
z9lH+yWLnCGRu/TlJ37d/1k38g4ObYCPk+gseUeCsbPgGjkBkPKBmmiGPXeKkWRN
IcY4KU1viHa+/6zIjvovuRG0vb8nHQ7lFJ25kXywWvDjq+Vvhl1SMirdUwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLY5hPKaTSSglmbuqwyoH5IerJWLMB8GA1UdIwQY
MBaAFBUw++olAUlZd9OIFa08Jwgm8GOgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRlRENzZpVUJTVmwzMDRnVnJUd25DQ2J3WTZBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni81Y2E3NTItMTRjZi00NDU0LTkwNDEt
ZTJiZDAzZmZkNThkLzEvdGptRThwcE5KS0NXWnU2ckRLZ2ZraDZzbFlzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni81Y2E3NTItMTRjZi00NDU0LTkwNDEtZTJiZDAzZmZkNThk
LzEvRlRENzZpVUJTVmwzMDRnVnJUd25DQ2J3WTZBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCucgwMA0G
CSqGSIb3DQEBCwUAA4IBAQBhwKPC38TuX942B/1pyZlgAw5+uma0EAnHreMAmdGn
y4YsFyF5tNMorziPfL279C+Ix6x9ieegjb9m3g1RX2huJFEU8wJNWQB/dhWUtkvA
zIxWPpDAlDPq2Nuk0ClZ2eOxkjaDl6Tso2ENnowQG95GX47hFWEnHWToeKwLHbN5
g+FJwMcY771F9wxf+/GzswR6aGSRWXQGzeLVB8ijuUj/J4JX4ZmO1MX+I0TInGVu
GAhnsuE7cIsTcoHltd42jNDohXvR/9BBgH6oQASSmCkyMy/UVW40JOHdm7Y8RapL
ztLat8YmtpEVX11QD1VeBTpZEU17I2NoNKVC5BrCnZz8
-----END CERTIFICATE-----
Generated at Tue Apr 22 01:57:28 2025 by rpki-client