Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/74aee8-41a8-4ee7-ae4c-2183bc3844d2/1/TlFvGMTLzGzD0rC8UCO6e0gxv1g.roa
File: TlFvGMTLzGzD0rC8UCO6e0gxv1g.roa (raw, json)
Hash identifier: HfovXsioImnez1h6qMlURXfdGlwbm5Wfo6FncypxRAU=
Subject key identifier: 4E:51:6F:18:C4:CB:CC:6C:C3:D2:B0:BC:50:23:BA:7B:48:31:BF:58
Certificate issuer: /CN=95b85e5ac055a12188ae50cdb007fa488b6aa88b
Certificate serial: 01838D41451E1BF189E7A0DEB07F0CEEB080
Authority key identifier: 95:B8:5E:5A:C0:55:A1:21:88:AE:50:CD:B0:07:FA:48:8B:6A:A8:8B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lbheWsBVoSGIrlDNsAf6SItqqIs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/74aee8-41a8-4ee7-ae4c-2183bc3844d2/1/TlFvGMTLzGzD0rC8UCO6e0gxv1g.roa
Signing time: Fri 30 Sep 2022 07:16:48 +0000
ROA not before: Fri 30 Sep 2022 07:16:48 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 39637
IP address blocks: 37.203.56.0/21 maxlen: 21
94.124.136.0/21 maxlen: 21
91.201.164.0/22 maxlen: 22
185.215.252.0/22 maxlen: 22
195.246.236.0/23 maxlen: 23
2a00:dc8::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:8d:41:45:1e:1b:f1:89:e7:a0:de:b0:7f:0c:ee:b0:80
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=95b85e5ac055a12188ae50cdb007fa488b6aa88b
Validity
Not Before: Sep 30 07:16:48 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=4e516f18c4cbcc6cc3d2b0bc5023ba7b4831bf58
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:68:78:4b:c8:50:be:0c:bd:e5:53:92:be:81:
8f:d8:16:9a:e5:c4:70:7a:28:d4:bd:87:2e:d7:f0:
3a:35:dc:60:6e:2b:e5:68:dc:3e:ed:fc:a7:9f:13:
1a:2c:77:58:2e:98:ef:11:6f:65:5e:72:6a:b1:63:
b7:1c:71:5b:bb:16:8d:1e:7a:01:9f:ab:43:e3:6b:
6b:19:f1:49:e3:11:ad:d4:41:0e:20:44:83:58:27:
9b:6e:5f:d9:65:65:8a:0c:e2:db:d3:4d:23:4e:cd:
95:ed:df:00:23:82:3a:d5:ac:7d:a4:2e:ac:5c:cb:
e9:df:e6:21:71:0d:0b:17:f1:74:0f:a3:a2:84:01:
7e:2c:27:c3:6d:7e:7a:dd:be:e4:9d:db:81:8f:d7:
50:31:82:1e:0d:1b:31:f0:c1:d4:2b:09:f5:a8:8a:
5c:ec:1a:1b:50:e2:8c:36:47:b0:0d:91:c6:2a:a6:
02:39:4c:60:df:30:57:61:09:53:f0:10:fc:cd:d5:
49:f0:91:b7:45:bc:78:d5:45:68:32:a9:67:01:36:
22:22:00:8c:c9:13:b3:76:06:c9:7a:70:a0:80:d1:
7a:01:41:35:b3:82:85:8a:57:e7:7f:73:73:c9:4e:
bf:1f:6d:59:39:d5:ec:4f:15:4e:f9:7a:af:30:8b:
79:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:51:6F:18:C4:CB:CC:6C:C3:D2:B0:BC:50:23:BA:7B:48:31:BF:58
X509v3 Authority Key Identifier:
keyid:95:B8:5E:5A:C0:55:A1:21:88:AE:50:CD:B0:07:FA:48:8B:6A:A8:8B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lbheWsBVoSGIrlDNsAf6SItqqIs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/74aee8-41a8-4ee7-ae4c-2183bc3844d2/1/TlFvGMTLzGzD0rC8UCO6e0gxv1g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/74aee8-41a8-4ee7-ae4c-2183bc3844d2/1/lbheWsBVoSGIrlDNsAf6SItqqIs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.203.56.0/21
91.201.164.0/22
94.124.136.0/21
185.215.252.0/22
195.246.236.0/23
IPv6:
2a00:dc8::/32
Signature Algorithm: sha256WithRSAEncryption
15:24:74:0d:b5:96:4e:fd:5a:a1:a3:e6:70:c3:c1:48:1a:68:
d4:a7:3a:8d:a6:91:a0:9b:3a:fa:c9:da:2b:e3:e5:59:02:26:
9b:5d:99:fb:a7:2d:c5:60:e0:6b:4b:a9:69:ea:6d:34:7e:24:
59:6e:19:1e:58:9b:cf:b2:03:e2:d9:15:a7:0b:ab:5a:6d:cb:
10:67:75:71:0b:7e:c2:a8:1b:37:48:31:c1:d8:ce:08:76:37:
18:95:52:4b:6c:94:d5:3a:98:74:25:af:bb:72:80:b4:6b:67:
31:b0:0c:af:c9:3e:4c:8f:de:55:c9:38:40:d9:31:a9:89:55:
11:0a:23:09:d3:74:6e:11:02:7c:b3:4b:46:58:e4:02:a2:85:
c6:fa:a4:38:7d:7f:1d:46:27:81:ed:7c:b2:c3:10:52:ca:26:
ad:d7:db:df:9e:0f:56:a2:5a:52:28:c5:ce:a3:09:7e:71:1f:
b1:0b:51:0a:21:9c:49:bf:88:44:4b:87:5e:f2:5b:80:48:94:
4e:74:80:17:39:58:14:2b:a5:cf:d2:97:a1:9e:a2:4b:96:1a:
48:63:72:53:b7:0a:c5:d8:83:cf:d9:c8:80:c0:db:96:92:18:
5b:5c:a5:4a:e9:73:26:99:6c:92:fe:64:3b:9a:0c:64:49:ff:
36:32:68:94
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAYONQUUeG/GJ56DesH8M7rCAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk1Yjg1ZTVhYzA1NWExMjE4OGFlNTBjZGIwMDdmYTQ4OGI2
YWE4OGIwHhcNMjIwOTMwMDcxNjQ4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZTUxNmYxOGM0Y2JjYzZjYzNkMmIwYmM1MDIzYmE3YjQ4MzFiZjU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg2h4S8hQvgy95VOSvoGP2Baa5cRw
eijUvYcu1/A6NdxgbivlaNw+7fynnxMaLHdYLpjvEW9lXnJqsWO3HHFbuxaNHnoB
n6tD42trGfFJ4xGt1EEOIESDWCebbl/ZZWWKDOLb000jTs2V7d8AI4I61ax9pC6s
XMvp3+YhcQ0LF/F0D6OihAF+LCfDbX563b7knduBj9dQMYIeDRsx8MHUKwn1qIpc
7BobUOKMNkewDZHGKqYCOUxg3zBXYQlT8BD8zdVJ8JG3Rbx41UVoMqlnATYiIgCM
yROzdgbJenCggNF6AUE1s4KFilfnf3NzyU6/H21ZOdXsTxVO+XqvMIt5JwIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFE5RbxjEy8xsw9KwvFAjuntIMb9YMB8GA1UdIwQY
MBaAFJW4XlrAVaEhiK5QzbAH+kiLaqiLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbGJoZVdzQlZvU0dJcmxETnNBZjZTSXRxcUlzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS83NGFlZTgtNDFhOC00ZWU3LWFlNGMt
MjE4M2JjMzg0NGQyLzEvVGxGdkdNVEx6R3pEMHJDOFVDTzZlMGd4djFnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS83NGFlZTgtNDFhOC00ZWU3LWFlNGMtMjE4M2JjMzg0NGQy
LzEvbGJoZVdzQlZvU0dJcmxETnNBZjZTSXRxcUlzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQDJcs4AwQC
W8mkAwQDXnyIAwQCudf8AwQBw/bsMA0EAgACMAcDBQAqAA3IMA0GCSqGSIb3DQEB
CwUAA4IBAQAVJHQNtZZO/Vqho+Zww8FIGmjUpzqNppGgmzr6ydor4+VZAiabXZn7
py3FYOBrS6lp6m00fiRZbhkeWJvPsgPi2RWnC6tabcsQZ3VxC37CqBs3SDHB2M4I
djcYlVJLbJTVOph0Ja+7coC0a2cxsAyvyT5Mj95VyThA2TGpiVURCiMJ03RuEQJ8
s0tGWOQCooXG+qQ4fX8dRieB7XyywxBSyiat19vfng9WolpSKMXOowl+cR+xC1EK
IZxJv4hES4de8luASJROdIAXOVgUK6XP0pehnqJLlhpIY3JTtwrF2IPP2ciAwNuW
khhbXKVK6XMmmWyS/mQ7mgxkSf82MmiU
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:34:23 2025 by rpki-client