Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/81/12b937-890d-47b5-a041-331d7fc77bd4/1/TbkcpBx4UgRWzNv0LOT1lAv3Gg8.roa
File: TbkcpBx4UgRWzNv0LOT1lAv3Gg8.roa (raw, json)
Hash identifier: fPK9Ye3up+yVtaz5Nj48dBFuWPjXh5lcimqwKCAQOKs=
Subject key identifier: 4D:B9:1C:A4:1C:78:52:04:56:CC:DB:F4:2C:E4:F5:94:0B:F7:1A:0F
Certificate issuer: /CN=3aca50858a1856ffa02e91356f14236e7c38b85a
Certificate serial: 01856F30107F41D5253C17D5629864C432C6
Authority key identifier: 3A:CA:50:85:8A:18:56:FF:A0:2E:91:35:6F:14:23:6E:7C:38:B8:5A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OspQhYoYVv-gLpE1bxQjbnw4uFo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/81/12b937-890d-47b5-a041-331d7fc77bd4/1/TbkcpBx4UgRWzNv0LOT1lAv3Gg8.roa
Signing time: Sun 01 Jan 2023 21:14:58 +0000
ROA not before: Sun 01 Jan 2023 21:14:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 51255
IP address blocks: 45.9.194.0/24 maxlen: 27
2a0e:1101::/44 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:30:10:7f:41:d5:25:3c:17:d5:62:98:64:c4:32:c6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3aca50858a1856ffa02e91356f14236e7c38b85a
Validity
Not Before: Jan 1 21:14:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4db91ca41c78520456ccdbf42ce4f5940bf71a0f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:4a:4b:6c:9e:71:24:b4:0b:70:9f:f7:22:c1:
71:20:a5:5f:87:3f:41:c8:2c:0b:35:d5:7f:c0:b9:
52:fc:6f:4a:83:92:77:11:05:5d:8d:af:9d:5f:6f:
69:76:06:bc:a9:38:50:dc:fc:96:5e:7a:42:00:a4:
70:14:5a:e5:62:ef:f6:72:a4:99:21:9e:9e:f5:f9:
25:23:a3:7a:7f:30:1b:60:60:ba:15:92:78:9f:0f:
9d:ab:64:59:b4:d3:95:ad:49:3c:2b:1f:88:3c:8c:
fe:a8:30:38:4c:fa:f0:c3:9b:b2:f6:25:cf:c7:65:
4a:89:b9:e9:8a:47:11:d3:26:42:32:30:51:86:92:
22:50:41:c8:5b:c4:1b:cf:5e:8d:85:5b:5d:86:23:
96:54:aa:34:e6:dd:07:2d:c3:52:2b:65:1f:1a:50:
9f:b8:a2:8e:0c:91:af:7f:c2:4b:e2:77:f3:16:6b:
a9:20:b5:cb:0d:3c:89:98:ef:57:7c:c5:88:8a:ee:
65:e2:71:61:36:cf:66:6f:35:84:86:5b:cb:a5:6c:
fe:79:be:6d:a6:c1:fe:ad:3e:3d:1c:5f:dd:c4:da:
73:aa:8a:ec:7f:73:ca:3a:9e:9a:3c:72:f1:e1:c8:
84:a9:d8:ec:ca:20:d3:ba:24:29:57:43:8d:7c:fe:
bf:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:B9:1C:A4:1C:78:52:04:56:CC:DB:F4:2C:E4:F5:94:0B:F7:1A:0F
X509v3 Authority Key Identifier:
keyid:3A:CA:50:85:8A:18:56:FF:A0:2E:91:35:6F:14:23:6E:7C:38:B8:5A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OspQhYoYVv-gLpE1bxQjbnw4uFo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/81/12b937-890d-47b5-a041-331d7fc77bd4/1/TbkcpBx4UgRWzNv0LOT1lAv3Gg8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/81/12b937-890d-47b5-a041-331d7fc77bd4/1/OspQhYoYVv-gLpE1bxQjbnw4uFo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.9.194.0/24
IPv6:
2a0e:1101::/44
Signature Algorithm: sha256WithRSAEncryption
58:82:0b:d1:7d:ef:25:5d:d7:ca:bf:9c:7c:ee:9e:f0:72:80:
13:e9:60:fb:7c:a7:6e:7d:f7:89:99:10:18:62:76:b1:1c:25:
e7:3f:7e:93:b6:d7:98:2a:b9:b7:cf:42:b3:6e:bf:0b:a7:c5:
0f:cd:33:3c:0b:38:4e:e3:05:05:e3:d4:34:1d:6f:83:1d:8a:
dc:42:a3:2e:61:1c:8a:a6:6d:7e:59:c4:4e:aa:ed:1f:90:4f:
77:f5:58:5d:70:6f:23:d7:6b:17:f7:81:b2:5a:29:4f:ea:45:
2d:55:23:57:b3:f2:e3:e2:a8:91:b6:52:d2:c3:30:fe:3b:5f:
ab:89:50:14:7e:dc:b3:c8:6e:33:08:bc:60:2c:c6:14:5d:78:
09:de:90:44:85:cc:26:ef:ee:69:a4:96:82:3f:aa:ca:b1:86:
2f:e8:3d:96:1b:83:db:61:47:f1:56:32:f9:75:b3:36:23:32:
fe:9e:52:3d:38:d8:5b:5e:5e:41:5c:2a:f8:2c:f5:53:dd:9f:
2c:05:c4:44:63:79:72:56:bc:01:70:ae:a3:53:c9:c9:fe:17:
a8:1c:e5:4f:9e:59:99:03:c7:f9:de:6c:06:a9:b0:5a:1b:1f:
81:8b:e7:8a:f5:8a:c5:28:d9:77:8e:00:d5:68:01:57:28:97:
1b:21:8f:96
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYVvMBB/QdUlPBfVYphkxDLGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhY2E1MDg1OGExODU2ZmZhMDJlOTEzNTZmMTQyMzZlN2Mz
OGI4NWEwHhcNMjMwMTAxMjExNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZGI5MWNhNDFjNzg1MjA0NTZjY2RiZjQyY2U0ZjU5NDBiZjcxYTBmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkEpLbJ5xJLQLcJ/3IsFxIKVfhz9B
yCwLNdV/wLlS/G9Kg5J3EQVdja+dX29pdga8qThQ3PyWXnpCAKRwFFrlYu/2cqSZ
IZ6e9fklI6N6fzAbYGC6FZJ4nw+dq2RZtNOVrUk8Kx+IPIz+qDA4TPrww5uy9iXP
x2VKibnpikcR0yZCMjBRhpIiUEHIW8Qbz16NhVtdhiOWVKo05t0HLcNSK2UfGlCf
uKKODJGvf8JL4nfzFmupILXLDTyJmO9XfMWIiu5l4nFhNs9mbzWEhlvLpWz+eb5t
psH+rT49HF/dxNpzqorsf3PKOp6aPHLx4ciEqdjsyiDTuiQpV0ONfP6/DwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFE25HKQceFIEVszb9Czk9ZQL9xoPMB8GA1UdIwQY
MBaAFDrKUIWKGFb/oC6RNW8UI258OLhaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT3NwUWhZb1lWdi1nTHBFMWJ4UWpibnc0dUZvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MS8xMmI5MzctODkwZC00N2I1LWEwNDEt
MzMxZDdmYzc3YmQ0LzEvVGJrY3BCeDRVZ1JXek52MExPVDFsQXYzR2c4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MS8xMmI5MzctODkwZC00N2I1LWEwNDEtMzMxZDdmYzc3YmQ0
LzEvT3NwUWhZb1lWdi1nTHBFMWJ4UWpibnc0dUZvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQALQnCMA8E
AgACMAkDBwQqDhEBAAAwDQYJKoZIhvcNAQELBQADggEBAFiCC9F97yVd18q/nHzu
nvBygBPpYPt8p25994mZEBhidrEcJec/fpO215gqubfPQrNuvwunxQ/NMzwLOE7j
BQXj1DQdb4MditxCoy5hHIqmbX5ZxE6q7R+QT3f1WF1wbyPXaxf3gbJaKU/qRS1V
I1ez8uPiqJG2UtLDMP47X6uJUBR+3LPIbjMIvGAsxhRdeAnekESFzCbv7mmkloI/
qsqxhi/oPZYbg9thR/FWMvl1szYjMv6eUj042FteXkFcKvgs9VPdnywFxERjeXJW
vAFwrqNTycn+F6gc5U+eWZkDx/nebAapsFobH4GL54r1isUo2XeOANVoAVcolxsh
j5Y=
-----END CERTIFICATE-----
Generated at Wed Mar 12 12:16:22 2025 by rpki-client