Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/7a5b44-6b18-42d3-a8d5-dc6554fd1235/1/TF7lq7IaNKIOj-nA3Tn0pERJkiI.roa
File: TF7lq7IaNKIOj-nA3Tn0pERJkiI.roa (raw, json)
Hash identifier: CRNcYP+fZ9XdP7+nZJg3AqXOoQmc075Hiji8spDie9I=
Subject key identifier: 4C:5E:E5:AB:B2:1A:34:A2:0E:8F:E9:C0:DD:39:F4:A4:44:49:92:22
Certificate issuer: /CN=5b52634a2eb03f8565b5e33dc2b9f49041f7cfb0
Certificate serial: 43AC5278
Authority key identifier: 5B:52:63:4A:2E:B0:3F:85:65:B5:E3:3D:C2:B9:F4:90:41:F7:CF:B0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/W1JjSi6wP4VlteM9wrn0kEH3z7A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/7a5b44-6b18-42d3-a8d5-dc6554fd1235/1/TF7lq7IaNKIOj-nA3Tn0pERJkiI.roa
Signing time: Sat 01 Jan 2022 14:00:59 +0000
ROA not before: Sat 01 Jan 2022 14:00:59 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 58224
IP address blocks: 37.156.12.0/22 maxlen: 32
77.238.108.0/22 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1135366776 (0x43ac5278)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5b52634a2eb03f8565b5e33dc2b9f49041f7cfb0
Validity
Not Before: Jan 1 14:00:59 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=4c5ee5abb21a34a20e8fe9c0dd39f4a444499222
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:71:83:d1:94:dd:90:ea:bc:61:13:79:ee:28:
e9:a3:bc:8e:d4:79:0b:da:b9:66:ef:de:e2:84:39:
87:7e:cd:4a:ee:87:2e:04:53:51:10:0c:34:62:83:
6e:24:db:15:3a:75:2d:fe:08:45:ec:9c:a4:43:4e:
05:ec:6a:29:59:ad:da:f3:5c:eb:3c:7e:35:e4:69:
6e:fa:31:65:d7:f8:c7:42:1c:17:4a:eb:a6:5a:26:
43:cb:e5:ea:e4:c4:38:f2:80:d7:6e:df:d3:53:45:
78:1e:da:88:72:ca:09:b2:ef:f5:1e:a4:b5:49:0c:
83:52:08:ba:33:08:ca:d5:21:78:d1:e9:61:d0:b9:
7a:42:ad:29:d4:24:a1:48:92:e3:8e:1b:d7:67:a8:
e2:d4:d7:70:da:9a:87:e5:d0:ca:d4:fe:a5:24:81:
3e:7e:93:15:47:65:b9:02:38:96:6c:2c:fd:c1:6b:
b0:20:56:e3:96:f1:c0:f1:85:3b:8f:f4:45:8a:4c:
b0:63:29:5b:f6:1d:e3:ea:96:7b:cb:9a:00:79:94:
ba:1e:a3:48:f0:fc:76:88:8b:77:0d:1d:92:dc:c0:
06:e0:ca:19:a2:9e:d0:61:1c:b4:27:83:c1:76:20:
ee:e7:d2:b8:08:74:e5:e0:9c:e3:d6:32:82:a4:eb:
14:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:5E:E5:AB:B2:1A:34:A2:0E:8F:E9:C0:DD:39:F4:A4:44:49:92:22
X509v3 Authority Key Identifier:
keyid:5B:52:63:4A:2E:B0:3F:85:65:B5:E3:3D:C2:B9:F4:90:41:F7:CF:B0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/W1JjSi6wP4VlteM9wrn0kEH3z7A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/7a5b44-6b18-42d3-a8d5-dc6554fd1235/1/TF7lq7IaNKIOj-nA3Tn0pERJkiI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/7a5b44-6b18-42d3-a8d5-dc6554fd1235/1/W1JjSi6wP4VlteM9wrn0kEH3z7A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.156.12.0/22
77.238.108.0/22
Signature Algorithm: sha256WithRSAEncryption
a8:c7:e8:c3:5b:5b:d5:84:47:f6:81:2d:7a:02:73:29:1c:b5:
de:3b:ad:6f:f2:d0:bc:07:48:63:ed:9f:09:a1:94:1e:c0:09:
17:8f:77:dc:b1:7d:de:bd:d6:41:3b:3a:41:cf:8f:fa:52:2b:
22:60:81:f0:f0:2c:89:47:bd:c6:01:d6:13:6a:c1:f7:4f:fc:
da:8b:4a:43:ee:ab:63:5b:79:89:fc:b4:a3:00:49:70:81:e8:
36:41:83:d3:e4:da:86:e1:3c:6a:1f:42:f3:92:6a:30:2d:fb:
c9:4e:26:6c:08:ed:a5:d0:4c:dd:8a:2a:44:68:b4:25:9f:f1:
26:4c:a0:b6:13:1a:fe:6d:66:52:1d:8d:df:ab:56:69:a6:0c:
14:48:cc:b5:8a:d9:a6:3c:60:48:53:dc:3d:1a:82:cb:50:35:
2b:ba:f7:c0:04:5b:c4:f7:23:ad:d9:0c:13:aa:2a:51:9d:cf:
39:3c:0e:d3:3e:bb:5a:12:dc:5a:b0:9e:13:66:42:e5:57:26:
bf:4b:95:90:fb:fc:fe:53:fb:49:19:30:c3:73:cd:a1:fd:6f:
f7:9b:e7:df:c4:af:8b:6f:69:c9:f0:4a:ea:42:50:17:62:4e:
3e:6a:ef:ed:d6:c5:05:40:82:de:2a:10:b0:a2:97:a8:6e:b9:
a7:e9:53:dd
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIEQ6xSeDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg1
YjUyNjM0YTJlYjAzZjg1NjViNWUzM2RjMmI5ZjQ5MDQxZjdjZmIwMB4XDTIyMDEw
MTE0MDA1OVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNGM1ZWU1YWJiMjFh
MzRhMjBlOGZlOWMwZGQzOWY0YTQ0NDQ5OTIyMjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALlxg9GU3ZDqvGETee4o6aO8jtR5C9q5Zu/e4oQ5h37NSu6H
LgRTURAMNGKDbiTbFTp1Lf4IReycpENOBexqKVmt2vNc6zx+NeRpbvoxZdf4x0Ic
F0rrplomQ8vl6uTEOPKA127f01NFeB7aiHLKCbLv9R6ktUkMg1IIujMIytUheNHp
YdC5ekKtKdQkoUiS444b12eo4tTXcNqah+XQytT+pSSBPn6TFUdluQI4lmws/cFr
sCBW45bxwPGFO4/0RYpMsGMpW/Yd4+qWe8uaAHmUuh6jSPD8doiLdw0dktzABuDK
GaKe0GEctCeDwXYg7ufSuAh05eCc49YygqTrFIcCAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBRMXuWrsho0og6P6cDdOfSkREmSIjAfBgNVHSMEGDAWgBRbUmNKLrA/hWW1
4z3CufSQQffPsDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1cxSmpTaTZ3UDRWbHRlTTl3cm4wa0VIM3o3QS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYjAvN2E1YjQ0LTZiMTgtNDJkMy1hOGQ1LWRjNjU1NGZkMTIzNS8x
L1RGN2xxN0lhTktJT2otbkEzVG4wcEVSSmtpSS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjAv
N2E1YjQ0LTZiMTgtNDJkMy1hOGQ1LWRjNjU1NGZkMTIzNS8xL1cxSmpTaTZ3UDRW
bHRlTTl3cm4wa0VIM3o3QS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEAiWcDAMEAk3ubDANBgkqhkiG9w0B
AQsFAAOCAQEAqMfow1tb1YRH9oEtegJzKRy13jutb/LQvAdIY+2fCaGUHsAJF493
3LF93r3WQTs6Qc+P+lIrImCB8PAsiUe9xgHWE2rB90/82otKQ+6rY1t5ify0owBJ
cIHoNkGD0+TahuE8ah9C85JqMC37yU4mbAjtpdBM3YoqRGi0JZ/xJkygthMa/m1m
Uh2N36tWaaYMFEjMtYrZpjxgSFPcPRqCy1A1K7r3wARbxPcjrdkME6oqUZ3POTwO
0z67WhLcWrCeE2ZC5Vcmv0uVkPv8/lP7SRkww3PNof1v95vn38Svi29pyfBK6kJQ
F2JOPmrv7dbFBUCC3ioQsKKXqG65p+lT3Q==
-----END CERTIFICATE-----
Generated at Thu Apr 17 14:11:13 2025 by rpki-client