Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/93ce62-6f3d-493c-bf6f-5cd885489f82/1/tztrZzQVm7mW_NKe2ONCCV6DUu8.roa
File: tztrZzQVm7mW_NKe2ONCCV6DUu8.roa (raw, json)
Hash identifier: IlbTzqFxcNVeq7vAte+VJULP8KZ+zksXT89fPJUJ+V0=
Subject key identifier: B7:3B:6B:67:34:15:9B:B9:96:FC:D2:9E:D8:E3:42:09:5E:83:52:EF
Certificate issuer: /CN=f7d535083fb140ddab453abf821f5db3a6f461a4
Certificate serial: 01856FC2902539F7080008467DE4026AD42D
Authority key identifier: F7:D5:35:08:3F:B1:40:DD:AB:45:3A:BF:82:1F:5D:B3:A6:F4:61:A4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/99U1CD-xQN2rRTq_gh9ds6b0YaQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/93ce62-6f3d-493c-bf6f-5cd885489f82/1/tztrZzQVm7mW_NKe2ONCCV6DUu8.roa
Signing time: Sun 01 Jan 2023 23:54:59 +0000
ROA not before: Sun 01 Jan 2023 23:54:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 213299
IP address blocks: 185.155.116.0/24 maxlen: 24
2a10:40c0::/32 maxlen: 32
2a10:40c0:100::/48 maxlen: 48
2a10:40c0:1::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:c2:90:25:39:f7:08:00:08:46:7d:e4:02:6a:d4:2d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f7d535083fb140ddab453abf821f5db3a6f461a4
Validity
Not Before: Jan 1 23:54:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b73b6b6734159bb996fcd29ed8e342095e8352ef
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:97:13:49:d5:f7:85:e0:fd:d9:30:04:f6:b1:
0f:d2:6a:3e:fb:30:87:fa:ee:a5:8c:e6:27:84:c5:
a6:2b:42:34:60:cf:34:ac:1f:98:00:0f:7b:43:9d:
18:06:1f:7f:a8:89:33:0d:93:6e:29:a9:f5:96:6d:
25:06:86:59:11:00:a2:32:f5:71:8e:a7:ac:72:2c:
3b:5f:e8:91:6a:f9:90:c4:20:9d:dd:f6:ef:00:5b:
97:81:b0:36:3f:22:bd:b7:c6:be:44:2b:da:de:b5:
fb:aa:74:1e:9b:f8:c1:79:35:cd:f8:8e:77:f2:60:
60:a8:10:f2:f4:bb:84:7a:8d:2d:03:5f:28:c7:bb:
f6:0c:2e:2b:32:33:57:c9:5b:16:c8:69:5a:b5:cd:
12:d1:91:a2:19:10:e5:cb:56:db:79:79:b6:b3:56:
23:d7:0a:b1:76:f6:fc:b5:b9:f1:87:c1:dc:f9:2a:
bd:32:f1:c7:fa:cf:12:42:6e:3c:5e:d5:a0:5c:12:
28:1f:2b:65:49:2c:fa:77:b9:32:46:ae:2e:e5:24:
eb:9a:76:1a:35:e8:c1:10:5c:b1:5e:31:53:6c:7c:
37:6a:e2:d2:35:c0:41:68:68:a7:34:66:a3:ac:1a:
6c:20:e7:ec:56:59:e3:50:98:60:c5:da:d6:b7:b7:
a6:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:3B:6B:67:34:15:9B:B9:96:FC:D2:9E:D8:E3:42:09:5E:83:52:EF
X509v3 Authority Key Identifier:
keyid:F7:D5:35:08:3F:B1:40:DD:AB:45:3A:BF:82:1F:5D:B3:A6:F4:61:A4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/99U1CD-xQN2rRTq_gh9ds6b0YaQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/93ce62-6f3d-493c-bf6f-5cd885489f82/1/tztrZzQVm7mW_NKe2ONCCV6DUu8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/93ce62-6f3d-493c-bf6f-5cd885489f82/1/99U1CD-xQN2rRTq_gh9ds6b0YaQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.155.116.0/24
IPv6:
2a10:40c0::/32
Signature Algorithm: sha256WithRSAEncryption
4a:91:c1:f6:80:e6:74:62:71:aa:3c:99:2b:89:91:27:8b:83:
cb:d0:32:74:94:ec:ea:66:e8:e3:c2:1c:cc:5f:fc:14:77:e6:
95:7c:84:49:79:8a:1e:e4:66:fc:0e:86:44:c0:ca:b8:e0:2e:
29:22:59:a9:99:5a:2b:43:7c:6e:83:b8:43:10:5a:d3:49:05:
b5:21:0f:ab:cb:07:e1:b3:54:39:5e:f5:07:bb:cd:de:5d:1c:
c9:79:b1:3d:ec:2c:f3:9f:38:6d:7d:12:ae:cb:92:25:69:78:
3f:b5:52:e1:2f:c7:04:9b:d4:f3:01:ba:22:d3:e5:9f:bd:fc:
1d:c4:5f:65:cd:ad:f9:ca:07:db:9b:e8:61:a5:75:54:9d:eb:
c7:b0:8c:8f:ff:c2:2f:72:f4:6a:57:83:3c:d5:d0:57:a1:cb:
4d:8a:2d:e1:1b:bb:74:eb:65:67:6c:d4:f9:7b:2c:4f:98:ca:
58:58:8f:cb:52:1b:a9:eb:05:83:b8:74:e0:a6:46:3e:e8:a6:
9d:44:01:94:d6:6e:20:83:f5:6c:e0:8f:ca:43:c2:6a:ed:b7:
d1:23:a4:3c:2d:26:c5:d9:65:71:ac:55:d8:8c:05:0e:12:ea:
86:95:7d:0f:54:37:f9:2c:dd:0c:41:c8:c2:86:97:cc:93:f5:
ba:7c:8c:41
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVvwpAlOfcIAAhGfeQCatQtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY3ZDUzNTA4M2ZiMTQwZGRhYjQ1M2FiZjgyMWY1ZGIzYTZm
NDYxYTQwHhcNMjMwMTAxMjM1NDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNzNiNmI2NzM0MTU5YmI5OTZmY2QyOWVkOGUzNDIwOTVlODM1MmVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt5cTSdX3heD92TAE9rEP0mo++zCH
+u6ljOYnhMWmK0I0YM80rB+YAA97Q50YBh9/qIkzDZNuKan1lm0lBoZZEQCiMvVx
jqesciw7X+iRavmQxCCd3fbvAFuXgbA2PyK9t8a+RCva3rX7qnQem/jBeTXN+I53
8mBgqBDy9LuEeo0tA18ox7v2DC4rMjNXyVsWyGlatc0S0ZGiGRDly1bbeXm2s1Yj
1wqxdvb8tbnxh8Hc+Sq9MvHH+s8SQm48XtWgXBIoHytlSSz6d7kyRq4u5STrmnYa
NejBEFyxXjFTbHw3auLSNcBBaGinNGajrBpsIOfsVlnjUJhgxdrWt7emewIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFLc7a2c0FZu5lvzSntjjQgleg1LvMB8GA1UdIwQY
MBaAFPfVNQg/sUDdq0U6v4IfXbOm9GGkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOTlVMUNELXhRTjJyUlRxX2doOWRzNmIwWWFRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni85M2NlNjItNmYzZC00OTNjLWJmNmYt
NWNkODg1NDg5ZjgyLzEvdHp0clp6UVZtN21XX05LZTJPTkNDVjZEVXU4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni85M2NlNjItNmYzZC00OTNjLWJmNmYtNWNkODg1NDg5Zjgy
LzEvOTlVMUNELXhRTjJyUlRxX2doOWRzNmIwWWFRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAuZt0MA0E
AgACMAcDBQAqEEDAMA0GCSqGSIb3DQEBCwUAA4IBAQBKkcH2gOZ0YnGqPJkriZEn
i4PL0DJ0lOzqZujjwhzMX/wUd+aVfIRJeYoe5Gb8DoZEwMq44C4pIlmpmVorQ3xu
g7hDEFrTSQW1IQ+rywfhs1Q5XvUHu83eXRzJebE97CzznzhtfRKuy5IlaXg/tVLh
L8cEm9TzAboi0+WfvfwdxF9lza35ygfbm+hhpXVUnevHsIyP/8IvcvRqV4M81dBX
octNii3hG7t062VnbNT5eyxPmMpYWI/LUhup6wWDuHTgpkY+6KadRAGU1m4gg/Vs
4I/KQ8Jq7bfRI6Q8LSbF2WVxrFXYjAUOEuqGlX0PVDf5LN0MQcjChpfMk/W6fIxB
-----END CERTIFICATE-----
Generated at Tue Apr 22 12:37:06 2025 by rpki-client