Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/15a2c0-5c08-48bd-a8c3-3674a9010efd/1/Tq8G1F1PvZGi_YWbHL5cVDUmK4A.roa
File: Tq8G1F1PvZGi_YWbHL5cVDUmK4A.roa (raw, json)
Hash identifier: jrTetAStAAUYF0Ds/mRnnmvU9w+RjHWMBatB4OvAMIU=
Subject key identifier: 4E:AF:06:D4:5D:4F:BD:91:A2:FD:85:9B:1C:BE:5C:54:35:26:2B:80
Certificate issuer: /CN=b43342f17d54a8a3da0ce4d318b3b4c3fa0593e4
Certificate serial: 148703BA
Authority key identifier: B4:33:42:F1:7D:54:A8:A3:DA:0C:E4:D3:18:B3:B4:C3:FA:05:93:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tDNC8X1UqKPaDOTTGLO0w_oFk-Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/15a2c0-5c08-48bd-a8c3-3674a9010efd/1/Tq8G1F1PvZGi_YWbHL5cVDUmK4A.roa
Signing time: Sat 01 Jan 2022 16:01:12 +0000
ROA not before: Sat 01 Jan 2022 16:01:12 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 59827
IP address blocks: 185.70.72.0/22 maxlen: 24
2a05:2880::/29 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 344392634 (0x148703ba)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b43342f17d54a8a3da0ce4d318b3b4c3fa0593e4
Validity
Not Before: Jan 1 16:01:12 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=4eaf06d45d4fbd91a2fd859b1cbe5c5435262b80
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:00:0e:62:b5:93:d5:d3:d6:15:71:97:18:29:
73:31:32:29:7d:c6:6b:ee:79:f2:43:57:a5:86:84:
90:63:8f:41:3a:65:c9:79:69:e2:4f:03:e9:8f:a7:
a3:21:08:7a:88:a8:c4:9a:b9:57:6a:cf:cc:a5:f8:
96:3f:c0:80:a2:b0:5a:c3:f8:86:7d:33:93:d5:c0:
ed:c8:f0:33:0a:b1:8c:81:7f:f0:70:a8:e8:af:83:
dc:c2:59:a9:3e:52:f8:e7:e4:b6:45:18:7b:11:09:
5c:bc:e1:36:57:1f:17:f4:81:59:79:cb:67:fb:de:
a3:3e:17:db:f5:3e:21:20:e8:3e:d9:1b:ca:81:ad:
77:44:a5:41:0d:c3:4c:59:55:dd:7e:89:f5:94:86:
db:96:c6:7c:92:93:d3:e2:54:36:6e:ce:4a:0f:d5:
32:53:84:71:be:e7:b6:13:6f:a7:3f:28:7f:71:8b:
5b:51:c9:92:fd:d5:7c:ca:7c:ae:c1:9b:83:af:ae:
b5:9c:7d:b8:b2:be:87:b9:77:26:2b:b6:98:04:56:
88:3a:5a:34:43:f4:c3:f9:4a:a4:d5:24:40:a1:aa:
5e:0c:5a:bd:73:f5:3a:2e:1f:d3:bb:b5:53:34:b5:
f5:2d:02:d2:a1:d0:97:f5:e3:21:7c:99:9e:cb:67:
b3:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:AF:06:D4:5D:4F:BD:91:A2:FD:85:9B:1C:BE:5C:54:35:26:2B:80
X509v3 Authority Key Identifier:
keyid:B4:33:42:F1:7D:54:A8:A3:DA:0C:E4:D3:18:B3:B4:C3:FA:05:93:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tDNC8X1UqKPaDOTTGLO0w_oFk-Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/15a2c0-5c08-48bd-a8c3-3674a9010efd/1/Tq8G1F1PvZGi_YWbHL5cVDUmK4A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/15a2c0-5c08-48bd-a8c3-3674a9010efd/1/tDNC8X1UqKPaDOTTGLO0w_oFk-Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.70.72.0/22
IPv6:
2a05:2880::/29
Signature Algorithm: sha256WithRSAEncryption
a6:1b:f1:06:42:5b:7b:42:99:ea:8a:69:09:a9:e4:e1:61:00:
74:fa:bb:76:d6:cc:d7:4d:c4:a1:44:c9:7a:88:68:26:78:2e:
57:9b:9e:2e:ee:64:71:fc:44:81:7f:27:b8:4d:e9:16:8f:2e:
3d:5b:71:45:13:c0:7f:14:0a:ea:32:c1:ed:5d:c0:a3:4b:87:
5e:25:29:d7:b0:b9:ad:f3:5c:81:d5:2b:2f:f9:8e:ce:01:1d:
40:61:25:f2:ca:45:f1:ba:11:fb:cc:b9:31:13:02:e6:9b:ec:
34:39:94:c6:ae:74:64:29:e5:00:03:2c:ef:56:7a:d8:ed:84:
45:bb:6c:20:14:d1:bf:bf:5c:a6:0a:88:1c:ba:80:b0:8d:66:
29:4f:f4:c7:7e:06:16:be:c7:e3:72:cb:b9:56:89:25:58:70:
5c:9a:94:8c:36:ce:7c:9f:10:d3:35:de:32:9c:b0:e7:f5:a9:
60:38:ac:1e:62:06:38:8d:89:50:1e:e9:6b:27:95:b5:b7:2c:
ca:82:05:c2:ce:7d:d3:f9:14:86:93:e5:ec:b5:63:b9:46:02:
e9:89:6e:67:42:7f:ba:79:ba:af:2b:eb:99:23:cf:ea:6d:2e:
a5:f1:42:44:06:36:3d:34:a6:96:ff:d3:24:f3:88:a9:cb:49:
a7:03:30:9d
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIEFIcDujANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
NDMzNDJmMTdkNTRhOGEzZGEwY2U0ZDMxOGIzYjRjM2ZhMDU5M2U0MB4XDTIyMDEw
MTE2MDExMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNGVhZjA2ZDQ1ZDRm
YmQ5MWEyZmQ4NTliMWNiZTVjNTQzNTI2MmI4MDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALIADmK1k9XT1hVxlxgpczEyKX3Ga+558kNXpYaEkGOPQTpl
yXlp4k8D6Y+noyEIeoioxJq5V2rPzKX4lj/AgKKwWsP4hn0zk9XA7cjwMwqxjIF/
8HCo6K+D3MJZqT5S+OfktkUYexEJXLzhNlcfF/SBWXnLZ/veoz4X2/U+ISDoPtkb
yoGtd0SlQQ3DTFlV3X6J9ZSG25bGfJKT0+JUNm7OSg/VMlOEcb7nthNvpz8of3GL
W1HJkv3VfMp8rsGbg6+utZx9uLK+h7l3Jiu2mARWiDpaNEP0w/lKpNUkQKGqXgxa
vXP1Oi4f07u1UzS19S0C0qHQl/XjIXyZnstnsysCAwEAAaOCAhgwggIUMB0GA1Ud
DgQWBBROrwbUXU+9kaL9hZscvlxUNSYrgDAfBgNVHSMEGDAWgBS0M0LxfVSoo9oM
5NMYs7TD+gWT5DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3RETkM4WDFVcUtQYURPVFRHTE8wd19vRmstUS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOGEvMTVhMmMwLTVjMDgtNDhiZC1hOGMzLTM2NzRhOTAxMGVmZC8x
L1RxOEcxRjFQdlpHaV9ZV2JITDVjVkRVbUs0QS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOGEv
MTVhMmMwLTVjMDgtNDhiZC1hOGMzLTM2NzRhOTAxMGVmZC8xL3RETkM4WDFVcUtQ
YURPVFRHTE8wd19vRmstUS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAu
BggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEArlGSDANBAIAAjAHAwUDKgUogDAN
BgkqhkiG9w0BAQsFAAOCAQEAphvxBkJbe0KZ6oppCank4WEAdPq7dtbM103EoUTJ
eohoJnguV5ueLu5kcfxEgX8nuE3pFo8uPVtxRRPAfxQK6jLB7V3Ao0uHXiUp17C5
rfNcgdUrL/mOzgEdQGEl8spF8boR+8y5MRMC5pvsNDmUxq50ZCnlAAMs71Z62O2E
RbtsIBTRv79cpgqIHLqAsI1mKU/0x34GFr7H43LLuVaJJVhwXJqUjDbOfJ8Q0zXe
Mpyw5/WpYDisHmIGOI2JUB7payeVtbcsyoIFws590/kUhpPl7LVjuUYC6YluZ0J/
unm6ryvrmSPP6m0upfFCRAY2PTSmlv/TJPOIqctJpwMwnQ==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:51:05 2025 by rpki-client