Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7e/0c0c37-b401-401b-aa65-2cc675726975/1/TIPOT3H9-zxojRHPyful8cKpX_4.roa
File: TIPOT3H9-zxojRHPyful8cKpX_4.roa (raw, json)
Hash identifier: zcPnKSDsVzEBhjW/B2J42Pc+z7RqZmIqoVL8eM+0xC8=
Subject key identifier: 4C:83:CE:4F:71:FD:FB:3C:68:8D:11:CF:C9:FB:A5:F1:C2:A9:5F:FE
Certificate issuer: /CN=5975d519de239cf164cb94a6660c2530ceaef254
Certificate serial: 018870E4D5538387D7BCF3E0ED248250CF65
Authority key identifier: 59:75:D5:19:DE:23:9C:F1:64:CB:94:A6:66:0C:25:30:CE:AE:F2:54
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WXXVGd4jnPFky5SmZgwlMM6u8lQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7e/0c0c37-b401-401b-aa65-2cc675726975/1/TIPOT3H9-zxojRHPyful8cKpX_4.roa
Signing time: Wed 31 May 2023 08:20:24 +0000
ROA not before: Wed 31 May 2023 08:20:24 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207144
IP address blocks: 85.11.172.0/24 maxlen: 24
85.11.176.0/24 maxlen: 24
85.11.175.0/24 maxlen: 24
85.11.184.0/24 maxlen: 24
85.11.188.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:70:e4:d5:53:83:87:d7:bc:f3:e0:ed:24:82:50:cf:65
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5975d519de239cf164cb94a6660c2530ceaef254
Validity
Not Before: May 31 08:20:24 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4c83ce4f71fdfb3c688d11cfc9fba5f1c2a95ffe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:f7:29:2e:30:93:e8:0f:10:49:79:07:53:e1:
a1:63:66:92:f7:6d:a3:14:63:a4:ab:18:e4:c3:2c:
e1:42:52:a6:71:07:26:ac:2c:54:9a:58:c0:a6:85:
85:e1:81:0a:b7:6e:0d:0c:38:aa:30:0b:bc:f1:cf:
34:4a:2f:0c:9f:62:32:70:1b:c8:09:fc:6c:30:12:
d9:c3:fa:f3:58:1b:26:0c:17:71:a3:02:34:02:2d:
91:fd:b3:ba:4d:bf:8e:9c:be:d0:21:c1:4a:5a:f3:
d3:ac:bc:dc:e1:e4:fc:ac:49:ad:78:b5:aa:e2:d0:
dd:92:60:0c:1c:8c:0f:0b:ef:78:a7:48:3a:82:47:
bd:c8:28:18:a9:fe:ab:5d:bb:d9:82:86:4a:c1:0c:
9a:8c:18:60:51:c3:1a:78:38:17:51:cf:6e:cd:d1:
07:fc:3e:87:98:ab:63:c5:fc:3b:d7:54:b4:71:6c:
64:6d:6b:c8:57:54:0d:b9:7a:9f:bf:05:e2:ae:e6:
bf:03:cf:85:f7:45:1d:93:b4:a6:43:ca:61:54:e2:
8b:4f:8e:59:d6:46:b4:87:7e:56:66:2d:94:81:23:
fe:13:58:f8:9c:96:52:fc:f6:cc:c2:1a:97:14:b2:
d8:ec:77:eb:a8:e3:d6:0f:00:22:e8:bf:78:a1:72:
d2:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:83:CE:4F:71:FD:FB:3C:68:8D:11:CF:C9:FB:A5:F1:C2:A9:5F:FE
X509v3 Authority Key Identifier:
keyid:59:75:D5:19:DE:23:9C:F1:64:CB:94:A6:66:0C:25:30:CE:AE:F2:54
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WXXVGd4jnPFky5SmZgwlMM6u8lQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/0c0c37-b401-401b-aa65-2cc675726975/1/TIPOT3H9-zxojRHPyful8cKpX_4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/0c0c37-b401-401b-aa65-2cc675726975/1/WXXVGd4jnPFky5SmZgwlMM6u8lQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.11.172.0/24
85.11.175.0-85.11.176.255
85.11.184.0/24
85.11.188.0/24
Signature Algorithm: sha256WithRSAEncryption
9f:fe:31:d3:dc:8c:d7:aa:47:61:ee:26:a0:1c:e5:c3:b3:b0:
c2:91:9c:9b:28:4d:22:d6:db:ef:64:3b:2f:f9:87:da:71:4d:
36:eb:b3:a0:b7:1d:b0:7c:b6:bc:fa:d9:72:54:77:24:72:af:
41:64:c2:35:74:d8:72:b7:5f:25:e3:ae:7a:1d:e5:b3:22:94:
e0:d5:1c:f1:0b:37:aa:31:d6:7e:e2:29:8f:4c:ca:8f:7e:8f:
64:b4:a0:49:f7:b8:4a:f5:63:da:c2:ce:59:04:6b:cc:d8:36:
ab:b4:97:f3:62:c2:ce:2b:76:9d:66:b8:09:3e:63:ce:f0:3c:
23:af:2a:af:5c:c2:05:32:16:b5:85:f7:69:d0:62:a1:25:ab:
16:c2:d9:ed:68:59:ea:20:34:c0:c6:22:b2:5d:97:40:f8:22:
c0:c4:08:eb:49:4c:28:ee:ac:6a:86:7f:02:92:92:e6:b9:0b:
ad:71:1e:cc:72:fe:fd:3e:be:af:a0:4f:4e:46:b1:48:27:5a:
7f:9a:2f:a5:2e:45:a9:0f:b9:22:1b:a8:48:3a:64:6c:e2:ac:
3c:76:7b:bc:1e:70:d4:8a:d4:22:ce:2f:3d:c0:3c:dd:77:e1:
a1:7b:c4:c3:23:e2:d0:e0:db:59:44:e8:05:25:db:3c:d8:cb:
e4:a9:05:f0
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAYhw5NVTg4fXvPPg7SSCUM9lMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU5NzVkNTE5ZGUyMzljZjE2NGNiOTRhNjY2MGMyNTMwY2Vh
ZWYyNTQwHhcNMjMwNTMxMDgyMDI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YzgzY2U0ZjcxZmRmYjNjNjg4ZDExY2ZjOWZiYTVmMWMyYTk1ZmZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmvcpLjCT6A8QSXkHU+GhY2aS922j
FGOkqxjkwyzhQlKmcQcmrCxUmljApoWF4YEKt24NDDiqMAu88c80Si8Mn2IycBvI
CfxsMBLZw/rzWBsmDBdxowI0Ai2R/bO6Tb+OnL7QIcFKWvPTrLzc4eT8rEmteLWq
4tDdkmAMHIwPC+94p0g6gke9yCgYqf6rXbvZgoZKwQyajBhgUcMaeDgXUc9uzdEH
/D6HmKtjxfw711S0cWxkbWvIV1QNuXqfvwXirua/A8+F90Udk7SmQ8phVOKLT45Z
1ka0h35WZi2UgSP+E1j4nJZS/PbMwhqXFLLY7HfrqOPWDwAi6L94oXLSSwIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFEyDzk9x/fs8aI0Rz8n7pfHCqV/+MB8GA1UdIwQY
MBaAFFl11RneI5zxZMuUpmYMJTDOrvJUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV1hYVkdkNGpuUEZreTVTbVpnd2xNTTZ1OGxRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZS8wYzBjMzctYjQwMS00MDFiLWFhNjUt
MmNjNjc1NzI2OTc1LzEvVElQT1QzSDktenhvalJIUHlmdWw4Y0twWF80LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZS8wYzBjMzctYjQwMS00MDFiLWFhNjUtMmNjNjc1NzI2OTc1
LzEvV1hYVkdkNGpuUEZreTVTbVpnd2xNTTZ1OGxRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQAVQusMAwD
BABVC68DBABVC7ADBABVC7gDBABVC7wwDQYJKoZIhvcNAQELBQADggEBAJ/+MdPc
jNeqR2HuJqAc5cOzsMKRnJsoTSLW2+9kOy/5h9pxTTbrs6C3HbB8trz62XJUdyRy
r0FkwjV02HK3XyXjrnod5bMilODVHPELN6ox1n7iKY9Myo9+j2S0oEn3uEr1Y9rC
zlkEa8zYNqu0l/Niws4rdp1muAk+Y87wPCOvKq9cwgUyFrWF92nQYqElqxbC2e1o
WeogNMDGIrJdl0D4IsDECOtJTCjurGqGfwKSkua5C61xHsxy/v0+vq+gT05GsUgn
Wn+aL6UuRakPuSIbqEg6ZGzirDx2e7wecNSK1CLOLz3APN134aF7xMMj4tDg21lE
6AUl2zzYy+SpBfA=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:17:04 2025 by rpki-client