Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/b5d809-2db0-4fbf-8a0d-9d3167831934/1/tlVh686sNKIXnYqjOi7UsV9P244.roa
File: tlVh686sNKIXnYqjOi7UsV9P244.roa (raw, json)
Hash identifier: yZwUUNGIcT+ZWmpmBUBLKf5gRjONLO9CXbsAOPzyGo8=
Subject key identifier: B6:55:61:EB:CE:AC:34:A2:17:9D:8A:A3:3A:2E:D4:B1:5F:4F:DB:8E
Certificate issuer: /CN=f050a20e30ec915ded1df20055af6b5f26672ea9
Certificate serial: 368ADAC0
Authority key identifier: F0:50:A2:0E:30:EC:91:5D:ED:1D:F2:00:55:AF:6B:5F:26:67:2E:A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8FCiDjDskV3tHfIAVa9rXyZnLqk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/b5d809-2db0-4fbf-8a0d-9d3167831934/1/tlVh686sNKIXnYqjOi7UsV9P244.roa
Signing time: Mon 20 Jun 2022 09:31:44 +0000
ROA not before: Mon 20 Jun 2022 09:31:44 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 8478
IP address blocks: 185.90.212.0/22 maxlen: 22
109.74.176.0/20 maxlen: 20
2a00:17a8::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 915069632 (0x368adac0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f050a20e30ec915ded1df20055af6b5f26672ea9
Validity
Not Before: Jun 20 09:31:44 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=b65561ebceac34a2179d8aa33a2ed4b15f4fdb8e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:b1:5f:df:45:88:14:0b:4a:a7:b1:2e:97:d9:
70:b9:6b:d4:7a:6d:d7:d0:be:86:cf:5d:76:04:d2:
58:77:a5:72:a0:7c:0e:3d:85:0a:18:d9:92:8a:f3:
05:28:aa:a4:c3:ca:1c:27:24:c5:fe:b5:4e:f3:90:
9a:59:e8:a6:a0:f1:c5:f7:13:bc:70:7e:a8:19:8d:
9d:bf:93:c4:68:39:46:70:af:20:79:06:4b:b9:e7:
d1:0a:65:a9:68:ec:0a:bf:76:c3:f1:bc:6f:a9:5c:
79:e5:96:0e:bd:81:0f:fd:31:f3:b0:a4:4a:cf:ee:
de:92:53:7f:5e:c2:62:cd:19:0b:37:78:e0:9a:7b:
21:ca:b5:e2:ba:05:c1:e9:f4:fd:1e:69:ef:da:6f:
03:52:54:61:25:44:64:8e:19:2e:44:03:5c:66:12:
2b:13:05:d5:11:40:44:07:e8:36:57:36:22:52:55:
da:93:fd:a0:17:38:08:c3:f0:56:b3:ca:8a:80:1f:
b2:2c:36:f7:26:52:ff:7e:e7:08:1d:6c:30:08:d8:
14:83:f1:29:0c:8c:b3:ce:b7:9e:57:ea:4b:fe:10:
f0:ab:3e:5b:1f:01:04:51:28:ae:39:b1:65:d1:8d:
a1:80:67:19:74:d8:12:b2:67:61:55:c4:26:ce:96:
8d:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:55:61:EB:CE:AC:34:A2:17:9D:8A:A3:3A:2E:D4:B1:5F:4F:DB:8E
X509v3 Authority Key Identifier:
keyid:F0:50:A2:0E:30:EC:91:5D:ED:1D:F2:00:55:AF:6B:5F:26:67:2E:A9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8FCiDjDskV3tHfIAVa9rXyZnLqk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/b5d809-2db0-4fbf-8a0d-9d3167831934/1/tlVh686sNKIXnYqjOi7UsV9P244.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/b5d809-2db0-4fbf-8a0d-9d3167831934/1/8FCiDjDskV3tHfIAVa9rXyZnLqk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.74.176.0/20
185.90.212.0/22
IPv6:
2a00:17a8::/32
Signature Algorithm: sha256WithRSAEncryption
83:23:4c:0e:4b:b1:cd:79:d2:17:80:2c:b0:69:1e:a9:9c:95:
4b:84:87:9c:d4:97:83:da:83:89:83:b1:83:26:b7:f4:cd:b4:
b4:1e:a4:60:87:aa:88:b0:52:d8:02:a1:a2:26:12:ee:9b:4b:
f8:6e:a0:42:cd:e4:49:cb:ca:43:a6:b8:ca:a1:dd:c1:d9:ae:
5a:b9:e2:29:c3:43:03:71:90:1c:14:c6:74:87:67:a4:d0:68:
70:4b:fd:97:5c:58:54:2e:9b:e7:58:88:04:97:eb:2d:bd:30:
a6:c2:64:e1:38:70:28:81:e2:b6:9d:a9:b9:11:6d:79:af:55:
4a:6d:70:4e:4a:7e:bb:be:b9:c0:ff:d6:3a:9d:29:21:61:11:
e9:ca:ba:df:c5:ae:ef:d0:63:3e:5b:06:b8:10:d5:0d:62:63:
c2:ab:c7:71:01:e3:fb:d0:a9:44:56:15:41:d6:98:c4:12:90:
5b:8d:21:57:6a:fe:a2:7e:77:0d:3f:1c:4e:5a:0c:5c:72:be:
40:a5:56:bc:9d:73:44:59:3c:81:ef:51:a0:f1:b4:31:cf:67:
47:a9:33:76:be:53:3c:02:d6:66:56:80:7f:c9:79:14:18:8c:
dc:51:57:5a:95:4f:72:ab:a0:b0:29:81:90:e6:3a:06:78:58:
9d:94:e8:56
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgIENorawDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
MDUwYTIwZTMwZWM5MTVkZWQxZGYyMDA1NWFmNmI1ZjI2NjcyZWE5MB4XDTIyMDYy
MDA5MzE0NFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYjY1NTYxZWJjZWFj
MzRhMjE3OWQ4YWEzM2EyZWQ0YjE1ZjRmZGI4ZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMixX99FiBQLSqexLpfZcLlr1Hpt19C+hs9ddgTSWHelcqB8
Dj2FChjZkorzBSiqpMPKHCckxf61TvOQmlnopqDxxfcTvHB+qBmNnb+TxGg5RnCv
IHkGS7nn0QplqWjsCr92w/G8b6lceeWWDr2BD/0x87CkSs/u3pJTf17CYs0ZCzd4
4Jp7Icq14roFwen0/R5p79pvA1JUYSVEZI4ZLkQDXGYSKxMF1RFARAfoNlc2IlJV
2pP9oBc4CMPwVrPKioAfsiw29yZS/37nCB1sMAjYFIPxKQyMs863nlfqS/4Q8Ks+
Wx8BBFEorjmxZdGNoYBnGXTYErJnYVXEJs6WjTUCAwEAAaOCAh4wggIaMB0GA1Ud
DgQWBBS2VWHrzqw0ohediqM6LtSxX0/bjjAfBgNVHSMEGDAWgBTwUKIOMOyRXe0d
8gBVr2tfJmcuqTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzhGQ2lEakRza1YzdEhmSUFWYTlyWHlabkxxay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYjEvYjVkODA5LTJkYjAtNGZiZi04YTBkLTlkMzE2NzgzMTkzNC8x
L3RsVmg2ODZzTktJWG5ZcWpPaTdVc1Y5UDI0NC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjEv
YjVkODA5LTJkYjAtNGZiZi04YTBkLTlkMzE2NzgzMTkzNC8xLzhGQ2lEakRza1Yz
dEhmSUFWYTlyWHlabkxxay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA0
BggrBgEFBQcBBwEB/wQlMCMwEgQCAAEwDAMEBG1KsAMEArla1DANBAIAAjAHAwUA
KgAXqDANBgkqhkiG9w0BAQsFAAOCAQEAgyNMDkuxzXnSF4AssGkeqZyVS4SHnNSX
g9qDiYOxgya39M20tB6kYIeqiLBS2AKhoiYS7ptL+G6gQs3kScvKQ6a4yqHdwdmu
WrniKcNDA3GQHBTGdIdnpNBocEv9l1xYVC6b51iIBJfrLb0wpsJk4ThwKIHitp2p
uRFtea9VSm1wTkp+u765wP/WOp0pIWER6cq638Wu79BjPlsGuBDVDWJjwqvHcQHj
+9CpRFYVQdaYxBKQW40hV2r+on53DT8cTloMXHK+QKVWvJ1zRFk8ge9RoPG0Mc9n
R6kzdr5TPALWZlaAf8l5FBiM3FFXWpVPcqugsCmBkOY6BnhYnZToVg==
-----END CERTIFICATE-----
Generated at Sun Apr 13 04:46:02 2025 by rpki-client