Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/a1de44-86a9-4d29-b8e5-166fdd0b1822/1/TR-v4fo6w4OGjeTLdAU1aVDmoxM.roa
File: TR-v4fo6w4OGjeTLdAU1aVDmoxM.roa (raw, json)
Hash identifier: +bGZqZ+6mFYa6Kki7+kDGh5ipFq4XHblDGX6eXjGlKk=
Subject key identifier: 4D:1F:AF:E1:FA:3A:C3:83:86:8D:E4:CB:74:05:35:69:50:E6:A3:13
Certificate issuer: /CN=29275327a5e85f3c8c14c984036f493feb59b016
Certificate serial: 01856BA584260FB2AF20669E700C5241CFF0
Authority key identifier: 29:27:53:27:A5:E8:5F:3C:8C:14:C9:84:03:6F:49:3F:EB:59:B0:16
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KSdTJ6XoXzyMFMmEA29JP-tZsBY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/a1de44-86a9-4d29-b8e5-166fdd0b1822/1/TR-v4fo6w4OGjeTLdAU1aVDmoxM.roa
Signing time: Sun 01 Jan 2023 04:44:47 +0000
ROA not before: Sun 01 Jan 2023 04:44:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 51055
IP address blocks: 194.33.13.0/24 maxlen: 24
185.62.156.0/22 maxlen: 24
46.17.160.0/21 maxlen: 24
193.34.186.0/23 maxlen: 24
2a00:5f00::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:a5:84:26:0f:b2:af:20:66:9e:70:0c:52:41:cf:f0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=29275327a5e85f3c8c14c984036f493feb59b016
Validity
Not Before: Jan 1 04:44:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4d1fafe1fa3ac383868de4cb7405356950e6a313
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:40:f4:76:d6:5a:95:09:66:3a:da:86:27:3e:
df:12:67:21:e0:b5:0c:3e:81:c4:c0:24:f8:d1:7f:
ca:3e:c6:78:30:c3:cd:e4:95:14:9a:2c:d4:3e:82:
28:48:c2:67:78:94:7a:98:96:e4:ae:9f:64:96:46:
ee:a4:12:2c:b0:6a:cb:81:4d:94:69:6a:f3:b5:c4:
83:3a:63:c0:2b:04:85:cb:96:56:d7:5c:39:45:28:
68:77:d9:bf:0d:fa:1f:85:13:3a:0c:ba:b8:13:ff:
3f:63:d5:57:53:b9:31:22:1e:7a:eb:12:f7:0c:8c:
84:e5:27:6a:ff:9a:7f:d7:58:55:d3:ed:88:9a:c0:
e5:44:74:6f:a0:d1:7e:3f:d8:c0:c5:05:e8:56:24:
1b:4e:e1:02:6a:1d:c6:90:b6:ea:f6:33:41:f1:6c:
f5:c4:a4:b4:6f:51:24:3e:75:a8:75:38:4f:df:02:
ec:e7:61:86:28:fd:c9:24:7d:36:12:c5:ae:25:38:
a0:51:af:e5:dd:37:58:fe:3b:5b:ba:3b:2d:48:c3:
5b:1c:22:47:64:bb:7f:77:6c:40:4a:d4:7f:21:68:
68:ba:fd:52:3b:fe:3c:1b:ae:06:2d:c1:a7:47:20:
79:ad:8b:39:ae:8a:ac:b6:5e:72:da:67:0a:ad:3a:
03:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:1F:AF:E1:FA:3A:C3:83:86:8D:E4:CB:74:05:35:69:50:E6:A3:13
X509v3 Authority Key Identifier:
keyid:29:27:53:27:A5:E8:5F:3C:8C:14:C9:84:03:6F:49:3F:EB:59:B0:16
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KSdTJ6XoXzyMFMmEA29JP-tZsBY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/a1de44-86a9-4d29-b8e5-166fdd0b1822/1/TR-v4fo6w4OGjeTLdAU1aVDmoxM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/a1de44-86a9-4d29-b8e5-166fdd0b1822/1/KSdTJ6XoXzyMFMmEA29JP-tZsBY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.17.160.0/21
185.62.156.0/22
193.34.186.0/23
194.33.13.0/24
IPv6:
2a00:5f00::/32
Signature Algorithm: sha256WithRSAEncryption
c6:05:0d:f4:08:13:9b:e7:58:f1:79:03:b7:7a:03:25:f7:12:
90:99:97:8a:27:a8:dc:ee:bc:72:55:18:58:ec:fd:29:31:cd:
5b:e9:cf:15:6a:1b:c5:cf:61:9c:02:4b:1f:09:c4:2a:87:80:
f3:4b:03:32:cd:f1:17:81:07:87:59:ad:4d:12:75:34:9e:67:
72:2e:fb:7c:a1:f8:8c:a4:db:41:70:85:df:3c:ec:28:5d:c7:
95:97:32:5e:12:b6:5c:59:25:81:bc:05:ee:d7:1f:3e:41:e9:
5a:59:5c:d7:cd:61:5a:9c:bd:a7:7e:38:19:21:61:2b:ac:26:
7f:06:54:14:b7:17:ac:03:0a:de:9d:0b:ca:8a:9f:06:0a:a9:
1b:71:cd:d6:61:ab:12:47:e3:6f:8c:a1:2d:9d:be:5f:40:95:
b5:32:7b:67:31:ec:f0:2c:97:b3:30:47:24:d8:b2:4c:c8:cf:
8a:e9:c9:6a:7b:cc:4f:cb:79:2b:e9:07:74:bd:17:e0:2d:52:
ad:b5:d1:f6:83:b1:61:98:67:80:16:cd:8f:73:39:27:31:5f:
d5:28:fe:1f:cf:26:8c:39:c5:c3:0c:ee:7e:3b:bf:9d:32:34:
07:bd:06:ed:81:7b:19:2d:f7:39:c5:a7:24:b0:66:97:26:bf:
39:79:ca:9a
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYVrpYQmD7KvIGaecAxSQc/wMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5Mjc1MzI3YTVlODVmM2M4YzE0Yzk4NDAzNmY0OTNmZWI1
OWIwMTYwHhcNMjMwMTAxMDQ0NDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZDFmYWZlMWZhM2FjMzgzODY4ZGU0Y2I3NDA1MzU2OTUwZTZhMzEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo0D0dtZalQlmOtqGJz7fEmch4LUM
PoHEwCT40X/KPsZ4MMPN5JUUmizUPoIoSMJneJR6mJbkrp9klkbupBIssGrLgU2U
aWrztcSDOmPAKwSFy5ZW11w5RShod9m/DfofhRM6DLq4E/8/Y9VXU7kxIh566xL3
DIyE5Sdq/5p/11hV0+2ImsDlRHRvoNF+P9jAxQXoViQbTuECah3GkLbq9jNB8Wz1
xKS0b1EkPnWodThP3wLs52GGKP3JJH02EsWuJTigUa/l3TdY/jtbujstSMNbHCJH
ZLt/d2xAStR/IWhouv1SO/48G64GLcGnRyB5rYs5roqstl5y2mcKrToDrQIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFE0fr+H6OsODho3ky3QFNWlQ5qMTMB8GA1UdIwQY
MBaAFCknUyel6F88jBTJhANvST/rWbAWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1NkVEo2WG9YenlNRk1tRUEyOUpQLXRac0JZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9hMWRlNDQtODZhOS00ZDI5LWI4ZTUt
MTY2ZmRkMGIxODIyLzEvVFItdjRmbzZ3NE9HamVUTGRBVTFhVkRtb3hNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9hMWRlNDQtODZhOS00ZDI5LWI4ZTUtMTY2ZmRkMGIxODIy
LzEvS1NkVEo2WG9YenlNRk1tRUEyOUpQLXRac0JZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQDLhGgAwQC
uT6cAwQBwSK6AwQAwiENMA0EAgACMAcDBQAqAF8AMA0GCSqGSIb3DQEBCwUAA4IB
AQDGBQ30CBOb51jxeQO3egMl9xKQmZeKJ6jc7rxyVRhY7P0pMc1b6c8VahvFz2Gc
AksfCcQqh4DzSwMyzfEXgQeHWa1NEnU0nmdyLvt8ofiMpNtBcIXfPOwoXceVlzJe
ErZcWSWBvAXu1x8+QelaWVzXzWFanL2nfjgZIWErrCZ/BlQUtxesAwrenQvKip8G
Cqkbcc3WYasSR+NvjKEtnb5fQJW1MntnMezwLJezMEck2LJMyM+K6clqe8xPy3kr
6Qd0vRfgLVKttdH2g7FhmGeAFs2PczknMV/VKP4fzyaMOcXDDO5+O7+dMjQHvQbt
gXsZLfc5xacksGaXJr85ecqa
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:36:55 2025 by rpki-client