Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/79/c54f32-258e-4bb3-b8d5-71b709ef5f5b/1/TASONYhRxkOlY12FzjorbhMG010.roa
File: TASONYhRxkOlY12FzjorbhMG010.roa (raw, json)
Hash identifier: IJCYNse8L5xvFhLk+75BDrhnxmhP53I1pPZzs/ko+UI=
Subject key identifier: 4C:04:8E:35:88:51:C6:43:A5:63:5D:85:CE:3A:2B:6E:13:06:D3:5D
Certificate issuer: /CN=e684b451793f62418617bc934f5e82513fc36a89
Certificate serial: 052CE09C
Authority key identifier: E6:84:B4:51:79:3F:62:41:86:17:BC:93:4F:5E:82:51:3F:C3:6A:89
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5oS0UXk_YkGGF7yTT16CUT_Daok.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/79/c54f32-258e-4bb3-b8d5-71b709ef5f5b/1/TASONYhRxkOlY12FzjorbhMG010.roa
Signing time: Sat 01 Jan 2022 01:54:51 +0000
ROA not before: Sat 01 Jan 2022 01:54:51 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 204734
IP address blocks: 185.205.20.0/22 maxlen: 22
2a0c:1400::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 86827164 (0x52ce09c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e684b451793f62418617bc934f5e82513fc36a89
Validity
Not Before: Jan 1 01:54:51 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=4c048e358851c643a5635d85ce3a2b6e1306d35d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:b0:80:53:e0:b2:77:a4:52:02:42:98:b6:38:
04:19:60:2c:31:7d:89:71:fd:40:5f:96:18:e9:65:
f7:a8:ac:c8:f4:88:ca:29:d5:ba:fb:1e:c7:a4:c0:
80:0e:fa:a4:ac:7c:b2:65:11:ea:88:65:c1:de:91:
6a:88:4a:3a:b6:5d:92:ca:82:4f:26:ec:13:fb:1b:
7e:27:87:0f:1c:c1:8b:c5:9f:6b:27:07:fe:d1:b9:
dd:dd:11:4c:6f:e4:52:75:ea:70:08:3a:cc:93:cb:
af:0b:b1:42:74:48:e6:e5:2b:b7:27:d3:da:f9:cf:
a5:dd:ad:fc:ea:91:2c:66:c5:5d:45:dd:05:87:af:
54:ff:cf:af:9c:a8:8d:e5:ae:b2:cd:b7:16:dd:08:
ae:03:d3:50:fc:51:be:5a:3c:60:fc:50:08:20:a3:
c2:40:94:f4:a3:5c:ef:e8:17:43:8a:bd:d3:c4:45:
25:78:b2:19:6c:e1:10:06:6a:d0:89:19:81:60:22:
36:da:9f:e1:42:98:d0:8e:28:9e:47:c5:61:2c:2e:
4d:ae:7d:48:26:d4:43:f9:1e:55:89:ac:af:f4:66:
af:80:a4:38:94:0b:6d:c3:56:53:d3:44:26:fe:47:
22:03:05:af:5e:3f:66:d4:88:da:fc:da:80:b6:15:
01:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:04:8E:35:88:51:C6:43:A5:63:5D:85:CE:3A:2B:6E:13:06:D3:5D
X509v3 Authority Key Identifier:
keyid:E6:84:B4:51:79:3F:62:41:86:17:BC:93:4F:5E:82:51:3F:C3:6A:89
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5oS0UXk_YkGGF7yTT16CUT_Daok.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/79/c54f32-258e-4bb3-b8d5-71b709ef5f5b/1/TASONYhRxkOlY12FzjorbhMG010.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/79/c54f32-258e-4bb3-b8d5-71b709ef5f5b/1/5oS0UXk_YkGGF7yTT16CUT_Daok.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.205.20.0/22
IPv6:
2a0c:1400::/29
Signature Algorithm: sha256WithRSAEncryption
b4:7f:33:32:49:3b:52:58:53:f0:c8:8d:69:f1:79:7f:fa:50:
c2:e2:0f:c6:94:eb:95:16:4c:3f:00:22:45:7f:35:fa:07:0e:
c9:26:f3:f5:b7:8f:75:b7:36:d9:d7:77:b9:b5:bf:17:17:ef:
36:e9:14:16:d7:99:a9:4e:77:30:ae:2a:43:bc:17:25:dd:28:
7e:34:84:8d:c9:5f:a3:9f:00:12:e6:fd:0a:23:8b:3b:f3:77:
58:21:49:6f:a1:1a:ab:79:b3:4d:82:e9:16:1b:ef:57:9f:b4:
f0:0e:b9:77:5e:98:7b:3c:3f:29:b7:a6:72:1c:62:94:f3:c9:
65:3b:dd:10:84:89:92:5c:7e:eb:3e:e4:cb:1e:0b:98:7e:08:
4a:d6:18:9f:57:32:a5:30:fc:2c:a7:43:0a:57:d8:e5:35:ae:
9c:67:39:e8:f6:11:b1:18:3f:1b:d2:76:af:68:af:24:7e:8e:
25:12:68:ee:f6:2f:f1:1e:4c:da:3c:fa:1c:c0:36:0b:50:5c:
19:c7:4a:79:ae:b7:21:5e:97:af:8b:e9:cd:c4:a6:90:f7:e8:
a7:62:0a:ff:db:43:6d:d0:6c:da:29:3e:cd:a3:64:f9:78:d6:
f2:cb:d6:28:1f:c5:26:12:65:f6:5c:c9:8e:d2:d8:f0:c2:07:
8a:0f:09:65
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIEBSzgnDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhl
Njg0YjQ1MTc5M2Y2MjQxODYxN2JjOTM0ZjVlODI1MTNmYzM2YTg5MB4XDTIyMDEw
MTAxNTQ1MVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNGMwNDhlMzU4ODUx
YzY0M2E1NjM1ZDg1Y2UzYTJiNmUxMzA2ZDM1ZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALmwgFPgsnekUgJCmLY4BBlgLDF9iXH9QF+WGOll96isyPSI
yinVuvsex6TAgA76pKx8smUR6ohlwd6RaohKOrZdksqCTybsE/sbfieHDxzBi8Wf
aycH/tG53d0RTG/kUnXqcAg6zJPLrwuxQnRI5uUrtyfT2vnPpd2t/OqRLGbFXUXd
BYevVP/Pr5yojeWuss23Ft0IrgPTUPxRvlo8YPxQCCCjwkCU9KNc7+gXQ4q908RF
JXiyGWzhEAZq0IkZgWAiNtqf4UKY0I4onkfFYSwuTa59SCbUQ/keVYmsr/Rmr4Ck
OJQLbcNWU9NEJv5HIgMFr14/ZtSI2vzagLYVAZ8CAwEAAaOCAhgwggIUMB0GA1Ud
DgQWBBRMBI41iFHGQ6VjXYXOOituEwbTXTAfBgNVHSMEGDAWgBTmhLRReT9iQYYX
vJNPXoJRP8NqiTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzVvUzBVWGtfWWtHR0Y3eVRUMTZDVVRfRGFvay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNzkvYzU0ZjMyLTI1OGUtNGJiMy1iOGQ1LTcxYjcwOWVmNWY1Yi8x
L1RBU09OWWhSeGtPbFkxMkZ6am9yYmhNRzAxMC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzkv
YzU0ZjMyLTI1OGUtNGJiMy1iOGQ1LTcxYjcwOWVmNWY1Yi8xLzVvUzBVWGtfWWtH
R0Y3eVRUMTZDVVRfRGFvay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAu
BggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEArnNFDANBAIAAjAHAwUDKgwUADAN
BgkqhkiG9w0BAQsFAAOCAQEAtH8zMkk7UlhT8MiNafF5f/pQwuIPxpTrlRZMPwAi
RX81+gcOySbz9bePdbc22dd3ubW/FxfvNukUFteZqU53MK4qQ7wXJd0ofjSEjclf
o58AEub9CiOLO/N3WCFJb6Eaq3mzTYLpFhvvV5+08A65d16Yezw/KbemchxilPPJ
ZTvdEISJklx+6z7kyx4LmH4IStYYn1cypTD8LKdDClfY5TWunGc56PYRsRg/G9J2
r2ivJH6OJRJo7vYv8R5M2jz6HMA2C1BcGcdKea63IV6Xr4vpzcSmkPfop2IK/9tD
bdBs2ik+zaNk+XjW8svWKB/FJhJl9lzJjtLY8MIHig8JZQ==
-----END CERTIFICATE-----
Generated at Thu Apr 17 20:01:24 2025 by rpki-client