Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8f/863093-5ed6-43b2-bbda-14c6c5055f88/1/tjC1tOUfKA-5A_zOP_a0u10cKN0.roa
File: tjC1tOUfKA-5A_zOP_a0u10cKN0.roa (raw, json)
Hash identifier: VqVnv8weLz/JffQLfQBX0WtjkFzaN+ybzjKa8mYu8PA=
Subject key identifier: B6:30:B5:B4:E5:1F:28:0F:B9:03:FC:CE:3F:F6:B4:BB:5D:1C:28:DD
Certificate issuer: /CN=b262bf21de51385859416c4c608001e2025a5d25
Certificate serial: 01856B257ED8045B6A3C9B459D8DBDF57E18
Authority key identifier: B2:62:BF:21:DE:51:38:58:59:41:6C:4C:60:80:01:E2:02:5A:5D:25
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/smK_Id5ROFhZQWxMYIAB4gJaXSU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8f/863093-5ed6-43b2-bbda-14c6c5055f88/1/tjC1tOUfKA-5A_zOP_a0u10cKN0.roa
Signing time: Sun 01 Jan 2023 02:24:57 +0000
ROA not before: Sun 01 Jan 2023 02:24:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 60036
IP address blocks: 185.19.148.0/24 maxlen: 24
185.19.148.0/23 maxlen: 23
185.19.149.0/24 maxlen: 24
195.177.253.0/24 maxlen: 24
195.177.252.0/24 maxlen: 24
91.232.181.0/24 maxlen: 24
195.177.252.0/23 maxlen: 23
185.61.115.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:25:7e:d8:04:5b:6a:3c:9b:45:9d:8d:bd:f5:7e:18
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b262bf21de51385859416c4c608001e2025a5d25
Validity
Not Before: Jan 1 02:24:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b630b5b4e51f280fb903fcce3ff6b4bb5d1c28dd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:eb:1d:b0:e8:8e:68:64:85:05:59:e6:3b:fb:1a:
2a:52:62:06:a4:22:a3:03:c7:6b:02:b3:be:7e:3f:
8a:ef:20:6d:2c:9b:70:da:32:a5:4a:8b:b5:ab:03:
74:42:df:b7:6e:90:c0:c6:74:f7:89:8f:63:76:72:
94:9d:f8:05:ea:ad:a4:7b:a0:d9:83:6c:1d:4c:08:
57:12:7f:9b:16:5b:2f:e4:c1:c9:3d:b2:16:16:61:
03:7e:05:0a:ab:3c:1d:a8:33:98:20:f1:82:5f:25:
d9:da:ef:21:c7:dc:71:8f:72:e8:c7:03:e2:96:48:
8b:25:7e:30:bf:25:5d:f0:c7:8e:72:27:5e:11:8a:
97:dd:dc:e5:be:dc:c7:e9:4e:f1:c1:99:51:27:a2:
40:48:50:85:04:00:49:5c:55:dd:9d:c8:fe:26:27:
8c:47:2d:54:83:6c:e1:b0:fc:a8:6f:bb:cf:f1:74:
1e:d9:99:87:71:11:fc:55:0b:dc:7e:c3:01:73:78:
27:23:36:1f:13:41:17:f6:01:c0:48:29:f2:47:ae:
aa:72:18:11:be:1e:61:30:7e:b8:5f:7e:3e:34:60:
d7:e7:12:48:64:33:95:6b:08:2d:7c:db:0f:07:ea:
bf:2a:1e:59:c8:54:db:39:82:b2:f4:66:15:15:ea:
2b:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:30:B5:B4:E5:1F:28:0F:B9:03:FC:CE:3F:F6:B4:BB:5D:1C:28:DD
X509v3 Authority Key Identifier:
keyid:B2:62:BF:21:DE:51:38:58:59:41:6C:4C:60:80:01:E2:02:5A:5D:25
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/smK_Id5ROFhZQWxMYIAB4gJaXSU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/863093-5ed6-43b2-bbda-14c6c5055f88/1/tjC1tOUfKA-5A_zOP_a0u10cKN0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/863093-5ed6-43b2-bbda-14c6c5055f88/1/smK_Id5ROFhZQWxMYIAB4gJaXSU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.232.181.0/24
185.19.148.0/23
185.61.115.0/24
195.177.252.0/23
Signature Algorithm: sha256WithRSAEncryption
92:60:9b:24:9d:3b:6f:26:4d:1e:a3:5e:0f:ef:6e:0a:0f:12:
d2:57:d2:ef:c1:6f:06:52:3b:6a:b6:5b:e5:86:29:f5:dc:f1:
94:0c:f7:53:af:e6:cb:a8:11:f5:03:99:01:02:a2:86:c3:da:
53:73:67:a4:29:8b:3e:5d:3e:e8:fa:b3:2b:9a:fd:90:38:b7:
10:87:a1:d7:c8:c8:79:2a:ca:9e:58:58:f7:23:58:0f:4d:6e:
6e:01:7c:7a:5f:f6:2c:f0:a8:ee:17:52:21:c3:53:d4:52:fb:
f0:13:5e:ea:e1:95:53:e0:50:0e:c7:91:37:3b:21:10:71:cd:
32:3c:5a:7b:d0:28:0e:a6:a8:b0:ae:c6:df:b1:17:f8:20:16:
97:75:ef:18:7e:d5:68:4d:62:8d:52:18:1f:b1:5d:4b:91:d6:
43:88:2b:8f:72:94:2a:eb:c4:bd:e3:77:ab:df:1f:df:04:ea:
75:57:3d:81:78:25:62:c0:7d:cf:8f:2c:6c:da:43:7b:e1:f9:
5e:81:44:17:d4:54:8e:d4:b6:5a:34:71:9d:d4:67:1f:44:32:
a6:3e:55:17:a2:e0:2b:9e:54:2f:b3:72:59:41:fb:31:df:71:
ac:eb:76:e4:02:a4:bf:2d:da:c4:f5:19:54:c8:0c:97:f2:d8:
37:69:7d:e7
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYVrJX7YBFtqPJtFnY299X4YMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyNjJiZjIxZGU1MTM4NTg1OTQxNmM0YzYwODAwMWUyMDI1
YTVkMjUwHhcNMjMwMTAxMDIyNDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNjMwYjViNGU1MWYyODBmYjkwM2ZjY2UzZmY2YjRiYjVkMWMyOGRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6x2w6I5oZIUFWeY7+xoqUmIGpCKj
A8drArO+fj+K7yBtLJtw2jKlSou1qwN0Qt+3bpDAxnT3iY9jdnKUnfgF6q2ke6DZ
g2wdTAhXEn+bFlsv5MHJPbIWFmEDfgUKqzwdqDOYIPGCXyXZ2u8hx9xxj3LoxwPi
lkiLJX4wvyVd8MeOcideEYqX3dzlvtzH6U7xwZlRJ6JASFCFBABJXFXdncj+JieM
Ry1Ug2zhsPyob7vP8XQe2ZmHcRH8VQvcfsMBc3gnIzYfE0EX9gHASCnyR66qchgR
vh5hMH64X34+NGDX5xJIZDOVawgtfNsPB+q/Kh5ZyFTbOYKy9GYVFeorWQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFLYwtbTlHygPuQP8zj/2tLtdHCjdMB8GA1UdIwQY
MBaAFLJivyHeUThYWUFsTGCAAeICWl0lMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc21LX0lkNVJPRmhaUVd4TVlJQUI0Z0phWFNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Zi84NjMwOTMtNWVkNi00M2IyLWJiZGEt
MTRjNmM1MDU1Zjg4LzEvdGpDMXRPVWZLQS01QV96T1BfYTB1MTBjS04wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Zi84NjMwOTMtNWVkNi00M2IyLWJiZGEtMTRjNmM1MDU1Zjg4
LzEvc21LX0lkNVJPRmhaUVd4TVlJQUI0Z0phWFNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAW+i1AwQB
uROUAwQAuT1zAwQBw7H8MA0GCSqGSIb3DQEBCwUAA4IBAQCSYJsknTtvJk0eo14P
724KDxLSV9LvwW8GUjtqtlvlhin13PGUDPdTr+bLqBH1A5kBAqKGw9pTc2ekKYs+
XT7o+rMrmv2QOLcQh6HXyMh5KsqeWFj3I1gPTW5uAXx6X/Ys8KjuF1Ihw1PUUvvw
E17q4ZVT4FAOx5E3OyEQcc0yPFp70CgOpqiwrsbfsRf4IBaXde8YftVoTWKNUhgf
sV1LkdZDiCuPcpQq68S943er3x/fBOp1Vz2BeCViwH3Pjyxs2kN74flegUQX1FSO
1LZaNHGd1GcfRDKmPlUXouArnlQvs3JZQfsx33Gs63bkAqS/LdrE9RlUyAyX8tg3
aX3n
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:49:38 2025 by rpki-client