Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9b/9aa99d-be43-4d74-afc9-964425c18c6f/1/tlM8rSy3zPlx-sD6GeWLGjV_UZ8.roa
File: tlM8rSy3zPlx-sD6GeWLGjV_UZ8.roa (raw, json)
Hash identifier: B194kibWil8Ix/HVVnzoP/6Y0tiGQ7ZRnDjg+ONbkeU=
Subject key identifier: B6:53:3C:AD:2C:B7:CC:F9:71:FA:C0:FA:19:E5:8B:1A:35:7F:51:9F
Certificate issuer: /CN=fbcdd117eac757b6f8f39428653ae12508cc6989
Certificate serial: 04691D53
Authority key identifier: FB:CD:D1:17:EA:C7:57:B6:F8:F3:94:28:65:3A:E1:25:08:CC:69:89
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-83RF-rHV7b485QoZTrhJQjMaYk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9b/9aa99d-be43-4d74-afc9-964425c18c6f/1/tlM8rSy3zPlx-sD6GeWLGjV_UZ8.roa
Signing time: Sat 01 Jan 2022 12:03:58 +0000
ROA not before: Sat 01 Jan 2022 12:03:58 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 25581
IP address blocks: 185.170.216.0/21 maxlen: 21
185.34.149.0/24 maxlen: 24
185.34.148.0/22 maxlen: 22
2a00:da60::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 73997651 (0x4691d53)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fbcdd117eac757b6f8f39428653ae12508cc6989
Validity
Not Before: Jan 1 12:03:58 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=b6533cad2cb7ccf971fac0fa19e58b1a357f519f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:0f:9f:c9:34:31:7b:bb:99:76:29:9a:c4:5b:
f4:9e:11:a1:1a:96:9f:38:9d:bf:af:22:ed:c5:84:
2a:9f:90:ff:03:6f:fc:49:74:30:5c:78:cd:bf:28:
ea:0f:96:70:0b:e3:71:2b:77:80:35:b2:29:2c:12:
83:1c:59:06:fd:46:23:8d:e7:14:51:8b:5e:22:37:
aa:d9:ad:ed:cc:b8:2b:9f:a3:9d:19:03:c2:91:d4:
02:69:04:66:a1:d7:69:8d:d1:23:9a:f3:b6:fb:2a:
8a:c3:6f:e9:08:b0:5e:66:c5:d8:91:2e:ee:4c:0c:
88:9a:dd:49:a1:79:89:a1:54:7f:16:4e:eb:5b:1a:
d5:e8:82:85:d1:91:48:27:fb:cb:e9:66:22:ca:46:
4b:60:24:42:37:b9:40:44:0a:4c:bc:da:1e:3e:8a:
26:23:5d:73:18:72:25:bb:dd:09:61:ba:55:38:07:
fe:ab:15:12:f9:dd:db:0b:54:53:c2:ed:da:4a:f5:
f2:ed:59:88:62:8d:72:b8:36:b4:34:18:9c:4e:5d:
24:be:03:66:60:61:bb:4f:a7:1e:b6:a7:28:0b:75:
34:df:9c:4e:b3:29:87:52:dd:df:19:01:f5:41:15:
39:59:14:41:95:18:1c:6b:06:79:cd:f8:f5:1d:a7:
cd:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:53:3C:AD:2C:B7:CC:F9:71:FA:C0:FA:19:E5:8B:1A:35:7F:51:9F
X509v3 Authority Key Identifier:
keyid:FB:CD:D1:17:EA:C7:57:B6:F8:F3:94:28:65:3A:E1:25:08:CC:69:89
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-83RF-rHV7b485QoZTrhJQjMaYk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/9aa99d-be43-4d74-afc9-964425c18c6f/1/tlM8rSy3zPlx-sD6GeWLGjV_UZ8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/9aa99d-be43-4d74-afc9-964425c18c6f/1/1-83RF-rHV7b485QoZTrhJQjMaYk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.34.148.0/22
185.170.216.0/21
IPv6:
2a00:da60::/32
Signature Algorithm: sha256WithRSAEncryption
1c:23:25:ff:c2:4c:e7:63:fb:15:bc:2a:8e:99:af:0b:14:71:
bf:24:29:87:e0:c2:51:ea:4f:b9:70:66:91:9c:e1:d7:ad:35:
2b:02:8b:7a:4c:f2:ab:19:6f:83:a7:5a:fe:f6:de:83:c7:d1:
5f:5d:cf:18:1b:20:72:c8:56:c0:2a:8c:b9:0c:06:a8:05:8d:
b3:92:e3:6d:0a:58:ba:15:28:29:05:62:f8:69:fb:77:7e:d1:
c5:76:ba:90:a2:92:ab:d0:3b:4b:e9:c0:bb:6c:0e:0c:d2:2d:
64:cd:cc:94:a6:0d:b7:20:6c:0f:1d:ae:1b:17:7b:9c:f9:07:
c2:fb:17:29:1a:ed:f2:55:7d:05:6e:27:b3:63:30:da:49:77:
a6:90:6c:01:9a:23:eb:54:e9:95:0d:48:04:c5:fe:93:19:d5:
b1:6f:12:f8:28:0e:cb:4d:fc:57:e3:4b:9e:ef:8e:6b:66:ad:
8f:af:48:fc:2b:99:90:63:4e:c6:56:3d:84:2c:e5:dc:a8:bb:
03:9b:97:b3:62:bb:ac:b7:08:1e:f2:f0:24:bf:ca:e0:ce:37:
8b:ad:d7:a5:cd:8e:7a:b9:e5:ff:67:3b:64:05:80:b5:b1:a2:
f6:5e:14:d6:76:5b:a2:58:57:f2:ee:9a:0e:23:d7:06:68:32:
eb:b9:e5:67
-----BEGIN CERTIFICATE-----
MIIFBjCCA+6gAwIBAgIEBGkdUzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
YmNkZDExN2VhYzc1N2I2ZjhmMzk0Mjg2NTNhZTEyNTA4Y2M2OTg5MB4XDTIyMDEw
MTEyMDM1OFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYjY1MzNjYWQyY2I3
Y2NmOTcxZmFjMGZhMTllNThiMWEzNTdmNTE5ZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALAPn8k0MXu7mXYpmsRb9J4RoRqWnzidv68i7cWEKp+Q/wNv
/El0MFx4zb8o6g+WcAvjcSt3gDWyKSwSgxxZBv1GI43nFFGLXiI3qtmt7cy4K5+j
nRkDwpHUAmkEZqHXaY3RI5rztvsqisNv6QiwXmbF2JEu7kwMiJrdSaF5iaFUfxZO
61sa1eiChdGRSCf7y+lmIspGS2AkQje5QEQKTLzaHj6KJiNdcxhyJbvdCWG6VTgH
/qsVEvnd2wtUU8Lt2kr18u1ZiGKNcrg2tDQYnE5dJL4DZmBhu0+nHranKAt1NN+c
TrMph1Ld3xkB9UEVOVkUQZUYHGsGec349R2nzRkCAwEAAaOCAiAwggIcMB0GA1Ud
DgQWBBS2UzytLLfM+XH6wPoZ5YsaNX9RnzAfBgNVHSMEGDAWgBT7zdEX6sdXtvjz
lChlOuElCMxpiTAOBgNVHQ8BAf8EBAMCB4AwZQYIKwYBBQUHAQEEWTBXMFUGCCsG
AQUFBzAChklyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzEtODNSRi1ySFY3YjQ4NVFvWlRyaEpRak1hWWsuY2VyMIGNBggrBgEFBQcBCwSB
gDB+MHwGCCsGAQUFBzALhnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS9ERUZBVUxULzliLzlhYTk5ZC1iZTQzLTRkNzQtYWZjOS05NjQ0MjVjMThjNmYv
MS90bE04clN5M3pQbHgtc0Q2R2VXTEdqVl9VWjgucm9hMIGCBgNVHR8EezB5MHeg
daBzhnFyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzli
LzlhYTk5ZC1iZTQzLTRkNzQtYWZjOS05NjQ0MjVjMThjNmYvMS8xLTgzUkYtckhW
N2I0ODVRb1pUcmhKUWpNYVlrLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4C
MDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCuSKUAwQDuarYMA0EAgACMAcD
BQAqANpgMA0GCSqGSIb3DQEBCwUAA4IBAQAcIyX/wkznY/sVvCqOma8LFHG/JCmH
4MJR6k+5cGaRnOHXrTUrAot6TPKrGW+Dp1r+9t6Dx9FfXc8YGyByyFbAKoy5DAao
BY2zkuNtCli6FSgpBWL4aft3ftHFdrqQopKr0DtL6cC7bA4M0i1kzcyUpg23IGwP
Ha4bF3uc+QfC+xcpGu3yVX0FbiezYzDaSXemkGwBmiPrVOmVDUgExf6TGdWxbxL4
KA7LTfxX40ue745rZq2Pr0j8K5mQY07GVj2ELOXcqLsDm5ezYrustwge8vAkv8rg
zjeLrdelzY56ueX/ZztkBYC1saL2XhTWdluiWFfy7poOI9cGaDLrueVn
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:49:48 2025 by rpki-client