Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a7/2b99a3-dd5f-4ffe-82ef-bf3b21a270f2/1/tFCdjbjS8vHkE6Up_2Nm99Gi0uQ.roa
File: tFCdjbjS8vHkE6Up_2Nm99Gi0uQ.roa (raw, json)
Hash identifier: f80wYnP+fdOrTsZqILZisLVk/hh7TBVFzKtYBo+WT6A=
Subject key identifier: B4:50:9D:8D:B8:D2:F2:F1:E4:13:A5:29:FF:63:66:F7:D1:A2:D2:E4
Certificate issuer: /CN=6f3030a4b67f95c2fed902d56657faa2494b5129
Certificate serial: 0185718326443CF1A10AF4F0C41744C185C7
Authority key identifier: 6F:30:30:A4:B6:7F:95:C2:FE:D9:02:D5:66:57:FA:A2:49:4B:51:29
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bzAwpLZ_lcL-2QLVZlf6oklLUSk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a7/2b99a3-dd5f-4ffe-82ef-bf3b21a270f2/1/tFCdjbjS8vHkE6Up_2Nm99Gi0uQ.roa
Signing time: Mon 02 Jan 2023 08:04:58 +0000
ROA not before: Mon 02 Jan 2023 08:04:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 59628
IP address blocks: 46.100.144.0/21 maxlen: 21
91.92.172.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:83:26:44:3c:f1:a1:0a:f4:f0:c4:17:44:c1:85:c7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6f3030a4b67f95c2fed902d56657faa2494b5129
Validity
Not Before: Jan 2 08:04:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b4509d8db8d2f2f1e413a529ff6366f7d1a2d2e4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:e6:e8:91:d1:b6:fa:e1:80:86:b5:da:06:31:
40:59:a4:64:dc:6c:03:69:af:09:bd:a2:a4:6a:b7:
14:5d:a0:4d:85:90:a2:68:fa:de:a8:65:c8:54:f1:
8e:66:d6:8b:bc:f2:8e:ca:d5:50:e1:52:93:b1:97:
98:b1:f0:f1:4f:2d:2a:c4:19:ce:48:aa:fa:94:b5:
c7:26:e1:c2:75:90:c8:ce:86:f4:83:b8:33:f3:1a:
3a:8a:ca:94:7d:9c:15:92:46:df:61:a8:b8:1c:45:
5b:0b:e5:9b:ff:c0:53:5a:4a:c9:96:c2:8e:3e:61:
cb:b9:e3:7f:d8:63:d4:ee:13:c5:06:b1:0d:d9:5a:
27:7c:ba:f4:30:58:fd:b8:9f:90:a3:c8:29:4c:63:
44:4c:a4:56:bb:85:0f:8d:5b:0f:ef:6a:44:07:70:
e1:c7:1c:4f:3c:b2:52:73:fe:14:f0:20:50:de:34:
d1:f7:89:0c:d8:9d:9f:7d:34:96:26:f4:88:44:9f:
4d:c7:83:fb:76:87:20:36:38:de:dd:15:07:82:df:
df:20:e2:27:25:1e:cb:24:7c:87:7f:68:ad:60:f0:
c8:53:b8:8c:c5:39:da:99:ff:26:8a:8d:f1:aa:e9:
84:92:50:41:52:79:6f:c2:35:e2:1a:66:25:06:fa:
bd:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:50:9D:8D:B8:D2:F2:F1:E4:13:A5:29:FF:63:66:F7:D1:A2:D2:E4
X509v3 Authority Key Identifier:
keyid:6F:30:30:A4:B6:7F:95:C2:FE:D9:02:D5:66:57:FA:A2:49:4B:51:29
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bzAwpLZ_lcL-2QLVZlf6oklLUSk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/2b99a3-dd5f-4ffe-82ef-bf3b21a270f2/1/tFCdjbjS8vHkE6Up_2Nm99Gi0uQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/2b99a3-dd5f-4ffe-82ef-bf3b21a270f2/1/bzAwpLZ_lcL-2QLVZlf6oklLUSk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.100.144.0/21
91.92.172.0/22
Signature Algorithm: sha256WithRSAEncryption
55:11:51:f8:93:53:32:8f:c0:f8:9b:d2:0c:59:4b:25:4f:a6:
d8:d1:0a:3f:7a:0c:d2:80:21:9d:60:57:c4:82:0c:08:6e:0c:
08:5c:1a:a5:b9:d2:84:02:8a:80:55:2c:60:c4:8a:d0:16:92:
55:9a:d5:b8:21:57:5d:53:50:19:27:4c:5a:47:44:c5:57:e0:
37:5e:74:a7:b8:9b:c0:9e:dc:ef:c2:cb:6d:1a:ab:63:31:2a:
bd:8d:9c:18:63:32:0e:ca:61:55:21:c7:e3:f2:a0:93:aa:d5:
c9:50:6a:5b:c3:f7:87:76:32:be:32:a9:2a:17:28:cb:51:4f:
1f:9b:02:8e:5e:00:8b:13:28:22:d8:fc:3a:c6:51:cc:e7:81:
f1:3c:a5:61:53:30:2d:45:34:a3:c5:cb:03:29:eb:ca:aa:1c:
a1:47:4e:8a:f6:24:7f:92:21:a1:5d:73:b4:63:19:93:d9:10:
1a:4b:00:73:9c:3d:1f:46:b7:03:bd:21:fd:ed:18:69:48:fd:
bd:4e:cc:c2:56:b8:44:c8:2d:49:56:a8:36:bd:b0:52:36:bf:
20:90:f6:fc:7a:d4:ff:b1:a9:1d:01:46:09:ad:e8:92:01:ea:
eb:25:49:20:be:a3:28:ef:a4:96:22:81:03:c2:dd:e7:18:5e:
d9:1a:8d:b0
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVxgyZEPPGhCvTwxBdEwYXHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmMzAzMGE0YjY3Zjk1YzJmZWQ5MDJkNTY2NTdmYWEyNDk0
YjUxMjkwHhcNMjMwMTAyMDgwNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNDUwOWQ4ZGI4ZDJmMmYxZTQxM2E1MjlmZjYzNjZmN2QxYTJkMmU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtebokdG2+uGAhrXaBjFAWaRk3GwD
aa8JvaKkarcUXaBNhZCiaPreqGXIVPGOZtaLvPKOytVQ4VKTsZeYsfDxTy0qxBnO
SKr6lLXHJuHCdZDIzob0g7gz8xo6isqUfZwVkkbfYai4HEVbC+Wb/8BTWkrJlsKO
PmHLueN/2GPU7hPFBrEN2VonfLr0MFj9uJ+Qo8gpTGNETKRWu4UPjVsP72pEB3Dh
xxxPPLJSc/4U8CBQ3jTR94kM2J2ffTSWJvSIRJ9Nx4P7docgNjje3RUHgt/fIOIn
JR7LJHyHf2itYPDIU7iMxTnamf8mio3xqumEklBBUnlvwjXiGmYlBvq9tQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFLRQnY240vLx5BOlKf9jZvfRotLkMB8GA1UdIwQY
MBaAFG8wMKS2f5XC/tkC1WZX+qJJS1EpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYnpBd3BMWl9sY0wtMlFMVlpsZjZva2xMVVNrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNy8yYjk5YTMtZGQ1Zi00ZmZlLTgyZWYt
YmYzYjIxYTI3MGYyLzEvdEZDZGpialM4dkhrRTZVcF8yTm05OUdpMHVRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNy8yYjk5YTMtZGQ1Zi00ZmZlLTgyZWYtYmYzYjIxYTI3MGYy
LzEvYnpBd3BMWl9sY0wtMlFMVlpsZjZva2xMVVNrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQDLmSQAwQC
W1ysMA0GCSqGSIb3DQEBCwUAA4IBAQBVEVH4k1Myj8D4m9IMWUslT6bY0Qo/egzS
gCGdYFfEggwIbgwIXBqludKEAoqAVSxgxIrQFpJVmtW4IVddU1AZJ0xaR0TFV+A3
XnSnuJvAntzvwsttGqtjMSq9jZwYYzIOymFVIcfj8qCTqtXJUGpbw/eHdjK+Mqkq
FyjLUU8fmwKOXgCLEygi2Pw6xlHM54HxPKVhUzAtRTSjxcsDKevKqhyhR06K9iR/
kiGhXXO0YxmT2RAaSwBznD0fRrcDvSH97RhpSP29TszCVrhEyC1JVqg2vbBSNr8g
kPb8etT/sakdAUYJreiSAerrJUkgvqMo76SWIoEDwt3nGF7ZGo2w
-----END CERTIFICATE-----
Generated at Mon Apr 7 19:52:45 2025 by rpki-client