Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/e4ccb1-ca25-4099-8273-3993aa324e1f/1/TdpojsoTvRJm_VJJ_1Xt5wL0OmQ.roa
File: TdpojsoTvRJm_VJJ_1Xt5wL0OmQ.roa (raw, json)
Hash identifier: 53QDUDgkZdn9e1ifNZ+gW2EFFtQAiFqFwaFnOguqCuw=
Subject key identifier: 4D:DA:68:8E:CA:13:BD:12:66:FD:52:49:FF:55:ED:E7:02:F4:3A:64
Certificate issuer: /CN=6ce97cf4d8d0bc17b3af1d62c4d71488661bd212
Certificate serial: 01856F8B8DD2164A371EFC3C9297B39CD4CE
Authority key identifier: 6C:E9:7C:F4:D8:D0:BC:17:B3:AF:1D:62:C4:D7:14:88:66:1B:D2:12
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bOl89NjQvBezrx1ixNcUiGYb0hI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/e4ccb1-ca25-4099-8273-3993aa324e1f/1/TdpojsoTvRJm_VJJ_1Xt5wL0OmQ.roa
Signing time: Sun 01 Jan 2023 22:54:54 +0000
ROA not before: Sun 01 Jan 2023 22:54:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 50956
IP address blocks: 194.28.103.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:8b:8d:d2:16:4a:37:1e:fc:3c:92:97:b3:9c:d4:ce
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ce97cf4d8d0bc17b3af1d62c4d71488661bd212
Validity
Not Before: Jan 1 22:54:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4dda688eca13bd1266fd5249ff55ede702f43a64
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:0b:8c:91:e8:fc:7b:5a:bd:62:83:3d:10:e6:
ff:f5:b3:33:e9:9b:11:5c:7b:66:ad:fb:a6:72:d2:
ad:95:83:c5:13:01:ae:1a:ca:6b:25:f7:7d:eb:78:
bb:f5:73:79:d2:24:f4:27:ee:40:85:a9:8b:8d:5f:
ce:85:91:79:10:dc:2e:46:18:c5:7c:eb:24:ab:59:
70:df:10:2e:ad:33:c5:c5:d4:2a:6b:f3:0d:bd:b5:
e3:39:6c:19:d3:f0:6e:6a:3f:dc:0d:92:29:33:cc:
89:7b:8a:53:ee:09:55:ef:f0:bc:32:c1:b0:0b:9b:
b5:f9:ab:e9:a6:c0:10:b7:df:8c:22:0d:a7:5e:59:
a2:af:e7:c9:1f:5e:2f:01:4e:c0:d2:8a:1c:94:a6:
8d:4d:6e:28:1c:c1:b0:96:43:fc:98:66:98:53:9a:
65:51:47:30:a2:b2:25:e4:a9:82:c3:37:e9:88:52:
ae:7d:9c:71:e0:ab:11:c4:0e:30:21:31:e1:ec:af:
0d:a4:1a:d5:9c:96:9d:2c:63:db:a2:39:bb:33:6c:
1b:2b:d3:a1:98:b1:6f:82:ce:b5:84:7b:8d:3f:5a:
a4:9b:bb:f6:8d:fc:07:c2:ef:6d:3f:51:52:90:be:
90:af:c3:19:26:c4:95:cc:19:e2:50:62:16:7e:f4:
9e:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:DA:68:8E:CA:13:BD:12:66:FD:52:49:FF:55:ED:E7:02:F4:3A:64
X509v3 Authority Key Identifier:
keyid:6C:E9:7C:F4:D8:D0:BC:17:B3:AF:1D:62:C4:D7:14:88:66:1B:D2:12
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bOl89NjQvBezrx1ixNcUiGYb0hI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/e4ccb1-ca25-4099-8273-3993aa324e1f/1/TdpojsoTvRJm_VJJ_1Xt5wL0OmQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/e4ccb1-ca25-4099-8273-3993aa324e1f/1/bOl89NjQvBezrx1ixNcUiGYb0hI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.28.103.0/24
Signature Algorithm: sha256WithRSAEncryption
26:b1:48:f5:c7:09:0a:34:08:fd:ad:ac:a9:4e:a8:ca:c4:9c:
3e:2c:e9:22:47:e3:d8:6f:05:b6:7e:23:81:c2:97:da:ed:5e:
23:9c:e8:12:41:0f:0a:e4:c1:bc:e5:eb:c7:5a:ca:84:53:0f:
da:76:b4:f9:63:f0:38:a4:c6:8a:7d:b0:16:04:ed:1b:43:e5:
b4:25:6d:64:6b:32:d0:34:df:b7:10:fa:46:9b:7e:29:43:28:
a7:6c:64:3d:cc:11:76:f0:13:36:55:de:83:0e:94:22:31:21:
57:f7:5a:22:19:e9:5a:d4:7b:5e:aa:5a:bb:93:92:07:65:9d:
ec:e1:12:a8:54:2b:20:4a:86:94:03:f8:1f:4f:50:89:78:19:
1e:92:ac:df:34:20:d0:37:c2:25:20:5f:08:bb:9a:80:89:95:
cf:36:6d:03:c8:fc:91:c1:e4:e7:1e:ec:b8:3a:1d:b9:fe:59:
0b:cb:60:14:0f:be:dc:38:14:42:3f:09:4d:a8:2a:df:2d:b6:
13:79:73:a0:8a:5b:2d:60:0d:f5:03:aa:97:2f:f3:eb:15:d6:
71:5b:c5:15:1d:96:cf:a1:33:0b:0e:45:6d:0a:4f:fa:cf:1d:
94:3b:ff:e0:c3:ec:b3:ce:d8:66:99:67:00:18:98:cd:71:01:
e7:a9:c7:34
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvi43SFko3Hvw8kpeznNTOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZjZTk3Y2Y0ZDhkMGJjMTdiM2FmMWQ2MmM0ZDcxNDg4NjYx
YmQyMTIwHhcNMjMwMTAxMjI1NDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZGRhNjg4ZWNhMTNiZDEyNjZmZDUyNDlmZjU1ZWRlNzAyZjQzYTY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgQuMkej8e1q9YoM9EOb/9bMz6ZsR
XHtmrfumctKtlYPFEwGuGsprJfd963i79XN50iT0J+5AhamLjV/OhZF5ENwuRhjF
fOskq1lw3xAurTPFxdQqa/MNvbXjOWwZ0/Buaj/cDZIpM8yJe4pT7glV7/C8MsGw
C5u1+avppsAQt9+MIg2nXlmir+fJH14vAU7A0ooclKaNTW4oHMGwlkP8mGaYU5pl
UUcworIl5KmCwzfpiFKufZxx4KsRxA4wITHh7K8NpBrVnJadLGPbojm7M2wbK9Oh
mLFvgs61hHuNP1qkm7v2jfwHwu9tP1FSkL6Qr8MZJsSVzBniUGIWfvSeaQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFE3aaI7KE70SZv1SSf9V7ecC9DpkMB8GA1UdIwQY
MBaAFGzpfPTY0LwXs68dYsTXFIhmG9ISMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYk9sODlOalF2QmV6cngxaXhOY1VpR1liMGhJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS9lNGNjYjEtY2EyNS00MDk5LTgyNzMt
Mzk5M2FhMzI0ZTFmLzEvVGRwb2pzb1R2UkptX1ZKSl8xWHQ1d0wwT21RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS9lNGNjYjEtY2EyNS00MDk5LTgyNzMtMzk5M2FhMzI0ZTFm
LzEvYk9sODlOalF2QmV6cngxaXhOY1VpR1liMGhJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwhxnMA0G
CSqGSIb3DQEBCwUAA4IBAQAmsUj1xwkKNAj9raypTqjKxJw+LOkiR+PYbwW2fiOB
wpfa7V4jnOgSQQ8K5MG85evHWsqEUw/adrT5Y/A4pMaKfbAWBO0bQ+W0JW1kazLQ
NN+3EPpGm34pQyinbGQ9zBF28BM2Vd6DDpQiMSFX91oiGela1Hteqlq7k5IHZZ3s
4RKoVCsgSoaUA/gfT1CJeBkekqzfNCDQN8IlIF8Iu5qAiZXPNm0DyPyRweTnHuy4
Oh25/lkLy2AUD77cOBRCPwlNqCrfLbYTeXOgilstYA31A6qXL/PrFdZxW8UVHZbP
oTMLDkVtCk/6zx2UO//gw+yzzthmmWcAGJjNcQHnqcc0
-----END CERTIFICATE-----
Generated at Tue Apr 22 20:47:03 2025 by rpki-client