Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/84/f2640a-46e7-4650-83c5-cc55b81302cf/1/TlkZh71LDQ44n_zkOQ5X49-BRVY.roa
File: TlkZh71LDQ44n_zkOQ5X49-BRVY.roa (raw, json)
Hash identifier: sjSgghIM0qYiDTBztMFuBHwdvTWb5xiEczJG8DcK0Ok=
Subject key identifier: 4E:59:19:87:BD:4B:0D:0E:38:9F:FC:E4:39:0E:57:E3:DF:81:45:56
Certificate issuer: /CN=bbbe9612d1440bc6c704e0465f0ef5d6ca7397a6
Certificate serial: 0BB070BC
Authority key identifier: BB:BE:96:12:D1:44:0B:C6:C7:04:E0:46:5F:0E:F5:D6:CA:73:97:A6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/u76WEtFEC8bHBOBGXw711spzl6Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/84/f2640a-46e7-4650-83c5-cc55b81302cf/1/TlkZh71LDQ44n_zkOQ5X49-BRVY.roa
Signing time: Sat 01 Jan 2022 07:56:53 +0000
ROA not before: Sat 01 Jan 2022 07:56:53 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 31272
IP address blocks: 109.104.160.0/19 maxlen: 32
212.92.224.0/19 maxlen: 32
77.247.16.0/20 maxlen: 32
80.252.240.0/20 maxlen: 32
217.77.208.0/20 maxlen: 32
185.147.196.0/22 maxlen: 32
185.148.56.0/22 maxlen: 32
185.35.100.0/22 maxlen: 32
37.25.96.0/19 maxlen: 32
46.33.224.0/19 maxlen: 32
185.147.60.0/22 maxlen: 32
141.101.0.0/19 maxlen: 32
5.255.32.0/20 maxlen: 32
185.159.160.0/22 maxlen: 32
2a00:bc00::/32 maxlen: 128
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 196112572 (0xbb070bc)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bbbe9612d1440bc6c704e0465f0ef5d6ca7397a6
Validity
Not Before: Jan 1 07:56:53 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=4e591987bd4b0d0e389ffce4390e57e3df814556
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:d3:2e:2e:2a:c0:f6:4f:2e:c3:e8:ab:f1:c3:
ab:2a:3a:d1:06:b5:43:52:1b:3a:7c:b2:52:91:d1:
c0:00:54:26:b0:f1:b1:e9:2d:81:bd:c7:81:c6:58:
cc:42:93:f6:0d:bd:d6:6f:82:62:06:7f:99:f2:ac:
61:e8:12:26:b7:92:ea:4a:1c:0b:2d:c0:d6:cf:24:
06:8c:b7:cf:6f:8e:1f:fb:8e:74:5d:0b:26:56:6d:
ac:1c:78:0b:47:86:20:57:47:f0:a1:16:ad:15:f0:
d1:60:a1:e5:cc:f4:75:24:94:b1:61:1c:15:4f:cc:
e2:98:fe:46:53:70:62:99:04:e9:05:11:59:6c:e9:
0b:35:59:b2:34:71:b0:3f:02:c3:48:84:a1:39:2d:
a5:b8:cf:77:fd:6f:3d:b1:05:27:84:83:b4:71:ea:
d5:6d:a0:cb:84:19:bb:3e:bd:b4:06:96:2c:1e:11:
f1:27:38:4e:29:43:46:92:49:ff:62:8e:03:08:30:
dd:93:a0:7a:7b:d2:27:10:2d:88:65:d3:49:21:bb:
6d:4c:47:15:40:11:69:3d:2b:52:c2:63:8c:85:37:
0d:90:25:cd:e2:56:a5:cd:1e:7c:74:d0:c8:bb:91:
fb:e2:77:2a:a9:3d:8f:39:94:32:43:9c:7a:87:d0:
80:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:59:19:87:BD:4B:0D:0E:38:9F:FC:E4:39:0E:57:E3:DF:81:45:56
X509v3 Authority Key Identifier:
keyid:BB:BE:96:12:D1:44:0B:C6:C7:04:E0:46:5F:0E:F5:D6:CA:73:97:A6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/u76WEtFEC8bHBOBGXw711spzl6Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/84/f2640a-46e7-4650-83c5-cc55b81302cf/1/TlkZh71LDQ44n_zkOQ5X49-BRVY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/84/f2640a-46e7-4650-83c5-cc55b81302cf/1/u76WEtFEC8bHBOBGXw711spzl6Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.255.32.0/20
37.25.96.0/19
46.33.224.0/19
77.247.16.0/20
80.252.240.0/20
109.104.160.0/19
141.101.0.0/19
185.35.100.0/22
185.147.60.0/22
185.147.196.0/22
185.148.56.0/22
185.159.160.0/22
212.92.224.0/19
217.77.208.0/20
IPv6:
2a00:bc00::/32
Signature Algorithm: sha256WithRSAEncryption
59:cf:d5:db:a9:2e:ad:ef:de:e3:1b:a9:f1:85:4d:b8:9f:2c:
f6:26:76:36:86:54:b5:20:1d:97:7d:f8:da:b3:da:52:3f:aa:
93:30:0d:59:24:75:a3:ca:8a:bf:a5:1d:be:5d:89:2d:bd:5e:
b0:cf:63:5e:81:93:4d:9d:c3:f7:50:d1:b8:2b:4e:30:54:8b:
fa:f9:4c:88:26:4b:00:66:ff:77:09:c7:e8:46:90:49:d3:8c:
20:c8:ba:2b:3a:4d:db:5e:5e:2a:3d:a6:c6:2f:56:12:bc:2a:
75:5d:c5:54:03:93:a9:d7:c0:21:53:f1:0f:fe:be:17:d5:5b:
06:21:7b:fd:86:f9:3e:ae:c6:0f:da:74:b3:19:6b:1c:22:92:
9c:b0:8f:e1:f9:f8:45:66:40:ba:45:4e:e6:91:87:ab:49:51:
17:1d:f1:b6:7b:02:83:ef:52:b7:87:94:11:b7:5d:da:7b:99:
cf:8d:82:2c:bf:b5:ee:4d:6f:92:07:06:d5:c3:e7:be:0c:b9:
26:f5:0a:25:e9:d2:45:4e:e1:4b:f8:03:f8:9a:1b:ea:dc:bc:
35:b3:eb:5c:cf:e2:97:4b:2d:36:3d:a7:55:34:b4:88:e8:2e:
f1:68:18:f9:1a:4c:47:6c:91:5e:4e:ab:3c:e7:3a:4e:70:75:
77:7b:0c:46
-----BEGIN CERTIFICATE-----
MIIFTDCCBDSgAwIBAgIEC7BwvDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
YmJlOTYxMmQxNDQwYmM2YzcwNGUwNDY1ZjBlZjVkNmNhNzM5N2E2MB4XDTIyMDEw
MTA3NTY1M1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNGU1OTE5ODdiZDRi
MGQwZTM4OWZmY2U0MzkwZTU3ZTNkZjgxNDU1NjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKDTLi4qwPZPLsPoq/HDqyo60Qa1Q1IbOnyyUpHRwABUJrDx
sektgb3HgcZYzEKT9g291m+CYgZ/mfKsYegSJreS6kocCy3A1s8kBoy3z2+OH/uO
dF0LJlZtrBx4C0eGIFdH8KEWrRXw0WCh5cz0dSSUsWEcFU/M4pj+RlNwYpkE6QUR
WWzpCzVZsjRxsD8Cw0iEoTktpbjPd/1vPbEFJ4SDtHHq1W2gy4QZuz69tAaWLB4R
8Sc4TilDRpJJ/2KOAwgw3ZOgenvSJxAtiGXTSSG7bUxHFUARaT0rUsJjjIU3DZAl
zeJWpc0efHTQyLuR++J3Kqk9jzmUMkOceofQgDsCAwEAAaOCAmYwggJiMB0GA1Ud
DgQWBBROWRmHvUsNDjif/OQ5Dlfj34FFVjAfBgNVHSMEGDAWgBS7vpYS0UQLxscE
4EZfDvXWynOXpjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3U3NldFdEZFQzhiSEJPQkdYdzcxMXNwemw2WS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvODQvZjI2NDBhLTQ2ZTctNDY1MC04M2M1LWNjNTViODEzMDJjZi8x
L1Rsa1poNzFMRFE0NG5femtPUTVYNDktQlJWWS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvODQv
ZjI2NDBhLTQ2ZTctNDY1MC04M2M1LWNjNTViODEzMDJjZi8xL3U3NldFdEZFQzhi
SEJPQkdYdzcxMXNwemw2WS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjB8
BggrBgEFBQcBBwEB/wRtMGswWgQCAAEwVAMEBAX/IAMEBSUZYAMEBS4h4AMEBE33
EAMEBFD88AMEBW1ooAMEBY1lAAMEArkjZAMEArmTPAMEArmTxAMEArmUOAMEArmf
oAMEBdRc4AMEBNlN0DANBAIAAjAHAwUAKgC8ADANBgkqhkiG9w0BAQsFAAOCAQEA
Wc/V26kure/e4xup8YVNuJ8s9iZ2NoZUtSAdl3342rPaUj+qkzANWSR1o8qKv6Ud
vl2JLb1esM9jXoGTTZ3D91DRuCtOMFSL+vlMiCZLAGb/dwnH6EaQSdOMIMi6KzpN
215eKj2mxi9WErwqdV3FVAOTqdfAIVPxD/6+F9VbBiF7/Yb5Pq7GD9p0sxlrHCKS
nLCP4fn4RWZAukVO5pGHq0lRFx3xtnsCg+9St4eUEbdd2nuZz42CLL+17k1vkgcG
1cPnvgy5JvUKJenSRU7hS/gD+Job6ty8NbPrXM/il0stNj2nVTS0iOgu8WgY+RpM
R2yRXk6rPOc6TnB1d3sMRg==
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:29:27 2025 by rpki-client