Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/69/e61caa-2500-4388-a9fa-7324913975d5/1/tHdbpjcWUPx-1auaIMwSGnFBLbQ.roa
File: tHdbpjcWUPx-1auaIMwSGnFBLbQ.roa (raw, json)
Hash identifier: PGBlWMhxRZgW/HUNg9MUIKknQ8kihEfQVOdCBaA9gdQ=
Subject key identifier: B4:77:5B:A6:37:16:50:FC:7E:D5:AB:9A:20:CC:12:1A:71:41:2D:B4
Certificate issuer: /CN=3ee6cecffd9b8bba18d474e7b3993e0a1d14dbb3
Certificate serial: 3284054A
Authority key identifier: 3E:E6:CE:CF:FD:9B:8B:BA:18:D4:74:E7:B3:99:3E:0A:1D:14:DB:B3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PubOz_2bi7oY1HTns5k-Ch0U27M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/69/e61caa-2500-4388-a9fa-7324913975d5/1/tHdbpjcWUPx-1auaIMwSGnFBLbQ.roa
Signing time: Sat 01 Jan 2022 13:55:58 +0000
ROA not before: Sat 01 Jan 2022 13:55:58 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 59453
IP address blocks: 194.246.0.0/22 maxlen: 22
194.246.21.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 847512906 (0x3284054a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3ee6cecffd9b8bba18d474e7b3993e0a1d14dbb3
Validity
Not Before: Jan 1 13:55:58 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=b4775ba6371650fc7ed5ab9a20cc121a71412db4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:26:79:62:c3:21:32:7b:d2:fe:a1:67:be:ee:
e0:70:d4:c9:99:68:52:b2:fc:64:5b:49:7a:6a:91:
bf:af:22:03:93:b6:bd:32:18:9e:33:6b:9a:7e:e8:
8b:94:1d:74:7a:1e:8f:a3:08:e6:e1:c4:3a:59:1c:
f2:4c:08:2b:d0:db:77:a4:ad:92:a7:b8:76:84:14:
40:ad:cf:08:3b:c4:77:ef:eb:bf:ea:27:cf:59:41:
84:66:a2:07:a3:23:2d:2d:ea:f0:a8:a9:22:c4:20:
ad:fb:8c:32:e8:8c:ed:05:bc:28:5a:9c:5f:bd:63:
c6:bb:f1:81:f2:16:b1:d2:94:8c:ae:50:02:76:5e:
8f:83:33:a7:3f:39:e0:63:3d:7b:7b:37:43:72:f4:
b5:58:70:74:ae:35:88:39:c5:69:c3:7e:df:43:3c:
06:c5:3f:d5:3b:f2:ce:a2:f5:d3:56:fc:22:78:7f:
92:c9:c8:fd:73:c6:0c:cd:d8:14:37:f8:c3:87:9d:
ec:36:4c:25:d6:8d:60:c9:1b:c5:80:07:7e:cd:31:
c6:17:0d:e6:09:d7:8d:bc:1e:72:d3:ff:7d:44:ae:
db:54:d2:3c:64:54:55:68:62:ef:a1:3b:b1:03:c8:
58:61:9d:a9:6d:e9:4a:46:6c:8c:c7:df:43:4d:83:
c7:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:77:5B:A6:37:16:50:FC:7E:D5:AB:9A:20:CC:12:1A:71:41:2D:B4
X509v3 Authority Key Identifier:
keyid:3E:E6:CE:CF:FD:9B:8B:BA:18:D4:74:E7:B3:99:3E:0A:1D:14:DB:B3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PubOz_2bi7oY1HTns5k-Ch0U27M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/69/e61caa-2500-4388-a9fa-7324913975d5/1/tHdbpjcWUPx-1auaIMwSGnFBLbQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/69/e61caa-2500-4388-a9fa-7324913975d5/1/PubOz_2bi7oY1HTns5k-Ch0U27M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.246.0.0/22
194.246.21.0/24
Signature Algorithm: sha256WithRSAEncryption
57:7a:6a:c4:17:f6:50:d0:e5:7c:7b:6b:76:df:91:a9:81:7f:
d2:65:db:30:9a:be:fa:d1:1c:58:6b:56:ab:72:08:57:0a:25:
a5:ca:12:58:55:58:1d:4b:cc:84:0b:9b:66:0c:5e:55:76:15:
14:08:9c:a8:87:d9:58:d4:dc:3a:ef:b3:4a:8b:dd:24:87:e8:
01:32:8c:cd:04:6e:07:53:49:c1:cb:af:18:a5:8e:00:3e:8a:
ca:18:cb:67:38:ef:b4:a0:97:9e:31:37:f3:39:14:d1:74:f4:
da:92:ca:68:a6:cd:86:90:75:10:bf:20:47:62:10:69:1c:8d:
91:ce:ab:0f:bc:30:cb:8a:f9:8b:d0:ff:df:a6:44:a6:c6:f8:
a2:49:5c:00:03:15:fe:e6:cf:2e:a1:cc:44:93:e2:93:7b:ad:
91:67:3c:c3:fc:63:87:7a:cf:4a:33:51:0f:09:7e:5c:99:0d:
2b:58:19:33:bf:c0:fe:ae:96:54:f5:59:54:db:b6:94:cf:b5:
c9:be:4b:17:87:18:48:83:a4:5b:47:39:f2:64:7c:96:f1:2a:
b1:4f:9d:b0:c5:d7:ca:50:62:02:aa:bb:91:3c:03:24:37:a2:
b5:91:16:ee:37:36:d8:e9:0d:54:d5:62:45:f3:83:dd:97:b8:
4a:fc:09:e8
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIEMoQFSjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
ZWU2Y2VjZmZkOWI4YmJhMThkNDc0ZTdiMzk5M2UwYTFkMTRkYmIzMB4XDTIyMDEw
MTEzNTU1OFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYjQ3NzViYTYzNzE2
NTBmYzdlZDVhYjlhMjBjYzEyMWE3MTQxMmRiNDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALUmeWLDITJ70v6hZ77u4HDUyZloUrL8ZFtJemqRv68iA5O2
vTIYnjNrmn7oi5QddHoej6MI5uHEOlkc8kwIK9Dbd6Stkqe4doQUQK3PCDvEd+/r
v+onz1lBhGaiB6MjLS3q8KipIsQgrfuMMuiM7QW8KFqcX71jxrvxgfIWsdKUjK5Q
AnZej4Mzpz854GM9e3s3Q3L0tVhwdK41iDnFacN+30M8BsU/1TvyzqL101b8Inh/
ksnI/XPGDM3YFDf4w4ed7DZMJdaNYMkbxYAHfs0xxhcN5gnXjbwectP/fUSu21TS
PGRUVWhi76E7sQPIWGGdqW3pSkZsjMffQ02Dx0cCAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBS0d1umNxZQ/H7Vq5ogzBIacUEttDAfBgNVHSMEGDAWgBQ+5s7P/ZuLuhjU
dOezmT4KHRTbszAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1B1Yk96XzJiaTdvWTFIVG5zNWstQ2gwVTI3TS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNjkvZTYxY2FhLTI1MDAtNDM4OC1hOWZhLTczMjQ5MTM5NzVkNS8x
L3RIZGJwamNXVVB4LTFhdWFJTXdTR25GQkxiUS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNjkv
ZTYxY2FhLTI1MDAtNDM4OC1hOWZhLTczMjQ5MTM5NzVkNS8xL1B1Yk96XzJiaTdv
WTFIVG5zNWstQ2gwVTI3TS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEAsL2AAMEAML2FTANBgkqhkiG9w0B
AQsFAAOCAQEAV3pqxBf2UNDlfHtrdt+RqYF/0mXbMJq++tEcWGtWq3IIVwolpcoS
WFVYHUvMhAubZgxeVXYVFAicqIfZWNTcOu+zSovdJIfoATKMzQRuB1NJwcuvGKWO
AD6KyhjLZzjvtKCXnjE38zkU0XT02pLKaKbNhpB1EL8gR2IQaRyNkc6rD7wwy4r5
i9D/36ZEpsb4oklcAAMV/ubPLqHMRJPik3utkWc8w/xjh3rPSjNRDwl+XJkNK1gZ
M7/A/q6WVPVZVNu2lM+1yb5LF4cYSIOkW0c58mR8lvEqsU+dsMXXylBiAqq7kTwD
JDeitZEW7jc22OkNVNViRfOD3Ze4SvwJ6A==
-----END CERTIFICATE-----
Generated at Sat Apr 19 08:26:16 2025 by rpki-client