Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a2/04b162-7099-404d-8391-3b0b4b8a2983/1/TUgr9XEmX1WhlrFkGS68AWc4oI8.roa
File: TUgr9XEmX1WhlrFkGS68AWc4oI8.roa (raw, json)
Hash identifier: fCPhm2BkWtt60ZEim/sJ65dmMiPzFbQ3BR+HRnUbBjc=
Subject key identifier: 4D:48:2B:F5:71:26:5F:55:A1:96:B1:64:19:2E:BC:01:67:38:A0:8F
Certificate issuer: /CN=90f25e6a6893f466d2695e90670c047443643701
Certificate serial: 0185720C5CA7F9CBE70DFBDBA0BB084FD4E8
Authority key identifier: 90:F2:5E:6A:68:93:F4:66:D2:69:5E:90:67:0C:04:74:43:64:37:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kPJeamiT9GbSaV6QZwwEdENkNwE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a2/04b162-7099-404d-8391-3b0b4b8a2983/1/TUgr9XEmX1WhlrFkGS68AWc4oI8.roa
Signing time: Mon 02 Jan 2023 10:34:50 +0000
ROA not before: Mon 02 Jan 2023 10:34:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 31079
IP address blocks: 195.20.106.0/24 maxlen: 24
2001:678:2e4::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:0c:5c:a7:f9:cb:e7:0d:fb:db:a0:bb:08:4f:d4:e8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=90f25e6a6893f466d2695e90670c047443643701
Validity
Not Before: Jan 2 10:34:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4d482bf571265f55a196b164192ebc016738a08f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:85:9f:a8:c4:d1:46:38:9c:d5:5e:bd:66:eb:
15:75:09:eb:0b:e1:38:89:6e:0a:f8:c6:0e:d7:f9:
d1:4f:f3:1e:9c:27:ce:7b:0d:4c:8b:08:e9:9f:ae:
e1:2d:31:40:30:70:15:a3:5a:46:dd:9b:b6:62:1d:
1f:de:07:00:41:f0:02:48:cb:d7:03:5f:a1:47:83:
ed:bb:9b:8e:f1:17:5a:b0:77:92:1d:b3:6b:7f:3f:
1d:18:68:15:f5:50:ad:ff:db:04:cc:31:b0:4e:89:
a2:b0:50:ea:09:76:2b:5d:67:be:b7:17:58:48:b9:
d9:14:88:da:6a:92:d4:67:a0:d1:1a:e3:30:74:31:
e9:6d:52:90:b3:5c:02:a4:8f:c6:a6:f4:21:66:62:
ed:3b:5b:a2:ef:7e:bd:73:3d:a0:5b:5b:42:f5:12:
3d:c4:64:de:f6:6e:98:e5:38:bd:88:52:2b:4d:81:
1f:bd:05:2c:92:03:1a:12:3a:aa:11:92:3e:ec:bd:
f8:e9:5a:e4:29:1c:2c:bc:e0:db:bb:d9:c6:10:5e:
87:b4:fd:a3:51:8d:35:b6:a5:ff:ba:ee:16:df:66:
28:3d:24:6d:9f:df:fb:31:6e:6b:fb:d4:3e:b3:df:
d3:b0:71:29:84:bb:f2:0b:7a:c3:0f:71:83:6d:f3:
88:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:48:2B:F5:71:26:5F:55:A1:96:B1:64:19:2E:BC:01:67:38:A0:8F
X509v3 Authority Key Identifier:
keyid:90:F2:5E:6A:68:93:F4:66:D2:69:5E:90:67:0C:04:74:43:64:37:01
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kPJeamiT9GbSaV6QZwwEdENkNwE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/04b162-7099-404d-8391-3b0b4b8a2983/1/TUgr9XEmX1WhlrFkGS68AWc4oI8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/04b162-7099-404d-8391-3b0b4b8a2983/1/kPJeamiT9GbSaV6QZwwEdENkNwE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.20.106.0/24
IPv6:
2001:678:2e4::/48
Signature Algorithm: sha256WithRSAEncryption
33:26:e2:c1:35:bb:cf:fd:d6:7e:47:d6:90:a1:a6:8c:80:39:
df:eb:68:31:ad:dd:53:27:5f:ee:ed:72:05:80:41:60:23:df:
dc:da:70:08:96:1b:89:c9:41:32:f0:b0:f7:83:43:6a:c4:ea:
29:af:cb:0f:c7:ac:12:b0:e8:12:4d:c9:54:1e:97:37:1f:39:
00:e2:b1:80:1b:c7:88:a6:70:81:9f:00:c0:a1:a1:22:41:db:
7c:05:33:43:88:74:4f:b1:a0:9d:b5:fd:37:3a:d3:98:a8:99:
64:12:e4:b8:f0:6e:25:9e:3a:44:41:a6:3c:fe:4b:b9:93:64:
4f:c5:1c:87:88:fe:42:0a:2a:f1:28:82:d8:8e:7d:c2:3a:6c:
a2:d0:58:f1:64:93:15:39:fc:1c:c9:69:e0:e0:e2:2b:be:ed:
2c:7f:23:e2:05:df:61:0b:ac:24:3c:bd:c3:b0:a5:ee:d7:bb:
e2:17:40:cf:9a:e9:76:26:93:bf:03:f5:a3:b6:6e:9e:90:4d:
75:39:98:0d:75:e2:87:6c:cf:d9:92:99:58:15:da:1a:40:cc:
4b:b9:29:f0:10:4a:ff:a4:8d:62:f4:d8:49:59:76:85:16:e0:
ff:33:fb:93:2f:82:16:34:7e:a8:66:bf:83:97:6c:54:b1:18:
03:5f:60:69
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYVyDFyn+cvnDfvboLsIT9ToMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkwZjI1ZTZhNjg5M2Y0NjZkMjY5NWU5MDY3MGMwNDc0NDM2
NDM3MDEwHhcNMjMwMTAyMTAzNDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZDQ4MmJmNTcxMjY1ZjU1YTE5NmIxNjQxOTJlYmMwMTY3MzhhMDhmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqoWfqMTRRjic1V69ZusVdQnrC+E4
iW4K+MYO1/nRT/MenCfOew1Miwjpn67hLTFAMHAVo1pG3Zu2Yh0f3gcAQfACSMvX
A1+hR4Ptu5uO8RdasHeSHbNrfz8dGGgV9VCt/9sEzDGwTomisFDqCXYrXWe+txdY
SLnZFIjaapLUZ6DRGuMwdDHpbVKQs1wCpI/GpvQhZmLtO1ui7369cz2gW1tC9RI9
xGTe9m6Y5Ti9iFIrTYEfvQUskgMaEjqqEZI+7L346VrkKRwsvODbu9nGEF6HtP2j
UY01tqX/uu4W32YoPSRtn9/7MW5r+9Q+s9/TsHEphLvyC3rDD3GDbfOIVQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFE1IK/VxJl9VoZaxZBkuvAFnOKCPMB8GA1UdIwQY
MBaAFJDyXmpok/Rm0mlekGcMBHRDZDcBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva1BKZWFtaVQ5R2JTYVY2UVp3d0VkRU5rTndFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMi8wNGIxNjItNzA5OS00MDRkLTgzOTEt
M2IwYjRiOGEyOTgzLzEvVFVncjlYRW1YMVdobHJGa0dTNjhBV2M0b0k4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMi8wNGIxNjItNzA5OS00MDRkLTgzOTEtM2IwYjRiOGEyOTgz
LzEva1BKZWFtaVQ5R2JTYVY2UVp3d0VkRU5rTndFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAwxRqMA8E
AgACMAkDBwAgAQZ4AuQwDQYJKoZIhvcNAQELBQADggEBADMm4sE1u8/91n5H1pCh
poyAOd/raDGt3VMnX+7tcgWAQWAj39zacAiWG4nJQTLwsPeDQ2rE6imvyw/HrBKw
6BJNyVQelzcfOQDisYAbx4imcIGfAMChoSJB23wFM0OIdE+xoJ21/Tc605iomWQS
5LjwbiWeOkRBpjz+S7mTZE/FHIeI/kIKKvEogtiOfcI6bKLQWPFkkxU5/BzJaeDg
4iu+7Sx/I+IF32ELrCQ8vcOwpe7Xu+IXQM+a6XYmk78D9aO2bp6QTXU5mA114ods
z9mSmVgV2hpAzEu5KfAQSv+kjWL02ElZdoUW4P8z+5MvghY0fqhmv4OXbFSxGANf
YGk=
-----END CERTIFICATE-----
Generated at Wed Feb 19 21:59:59 2025 by rpki-client