Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/e96877-1133-4b29-a6ba-8453c0f135d6/1/tpkTBwc-yylqTqEpVEgP37yeA9I.roa
File: tpkTBwc-yylqTqEpVEgP37yeA9I.roa (raw, json)
Hash identifier: lfG/RtOEjiiAiAzy5Q40QCrQKteIfyp+uhljC1LxvAY=
Subject key identifier: B6:99:13:07:07:3E:CB:29:6A:4E:A1:29:54:48:0F:DF:BC:9E:03:D2
Certificate issuer: /CN=b0cc95fc42f3d81920f464b0f20c8a5203f21e30
Certificate serial: 01898CD6FEE1A7844DE03A2DE6BBEF493591
Authority key identifier: B0:CC:95:FC:42:F3:D8:19:20:F4:64:B0:F2:0C:8A:52:03:F2:1E:30
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sMyV_ELz2Bkg9GSw8gyKUgPyHjA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/e96877-1133-4b29-a6ba-8453c0f135d6/1/tpkTBwc-yylqTqEpVEgP37yeA9I.roa
Signing time: Tue 25 Jul 2023 11:37:27 +0000
ROA not before: Tue 25 Jul 2023 11:37:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 9030
IP address blocks: 212.8.192.0/19 maxlen: 24
212.15.192.0/19 maxlen: 24
2001:ae0::/31 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:8c:d6:fe:e1:a7:84:4d:e0:3a:2d:e6:bb:ef:49:35:91
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b0cc95fc42f3d81920f464b0f20c8a5203f21e30
Validity
Not Before: Jul 25 11:37:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b6991307073ecb296a4ea12954480fdfbc9e03d2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:8c:ca:55:11:cd:aa:dc:16:01:96:13:d2:3b:
c5:52:c5:dc:fe:69:7b:22:21:f9:94:ce:02:d1:90:
c4:dd:8c:9c:07:e5:ab:a2:4f:2c:42:99:a4:95:3a:
57:80:71:4c:af:3e:bc:fe:d5:82:04:17:33:88:09:
1c:1c:1b:1e:38:0b:fb:d8:f3:b2:d8:70:75:6b:b8:
c9:6e:13:3d:16:07:52:e7:93:6a:a8:b1:44:b6:9b:
a3:de:37:30:fd:60:ea:4b:f7:d9:61:9a:53:4c:74:
da:ca:a9:10:b8:ce:20:a6:d4:14:9c:50:98:9f:85:
77:a3:ba:ac:48:cc:2b:1e:d0:75:28:66:4b:b6:9a:
96:7a:fc:d5:c1:9d:87:d7:ac:94:34:79:5f:ec:11:
c2:75:18:6c:18:bd:3d:f1:ae:30:04:07:78:70:f5:
92:ff:97:d1:46:4b:ec:bf:d1:15:58:c1:89:81:9f:
db:8f:95:fa:44:81:7a:17:05:45:29:6d:20:3f:52:
ba:76:26:d1:8f:5b:9b:28:83:cc:5a:d6:f0:8e:0c:
53:f9:3b:78:29:6e:03:b2:28:1a:a2:65:8f:93:24:
cb:94:98:bf:0a:f3:78:b1:94:b2:fc:35:2f:f9:64:
d6:ec:92:6d:c6:59:48:1b:f4:ac:c7:7c:4e:20:af:
8e:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:99:13:07:07:3E:CB:29:6A:4E:A1:29:54:48:0F:DF:BC:9E:03:D2
X509v3 Authority Key Identifier:
keyid:B0:CC:95:FC:42:F3:D8:19:20:F4:64:B0:F2:0C:8A:52:03:F2:1E:30
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sMyV_ELz2Bkg9GSw8gyKUgPyHjA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/e96877-1133-4b29-a6ba-8453c0f135d6/1/tpkTBwc-yylqTqEpVEgP37yeA9I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/e96877-1133-4b29-a6ba-8453c0f135d6/1/sMyV_ELz2Bkg9GSw8gyKUgPyHjA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.8.192.0/19
212.15.192.0/19
IPv6:
2001:ae0::/31
Signature Algorithm: sha256WithRSAEncryption
c6:d5:99:b3:27:4b:ae:20:08:1d:97:d1:8e:1f:bb:f8:25:96:
08:2a:5a:24:1c:38:55:d4:15:ac:d1:03:4e:c0:9b:fc:7b:e2:
2e:e1:58:e8:3c:50:42:f4:70:69:5e:a9:90:7b:0a:8d:4a:c5:
9a:be:f4:93:ae:95:2e:f3:c3:83:b8:f6:3f:83:04:9c:64:6f:
0d:4c:4f:15:4b:3d:25:7a:c6:68:69:ca:85:62:66:71:e3:f4:
67:9a:f3:c6:b6:51:1e:18:ad:00:75:ed:75:9d:3e:a9:88:c8:
44:94:79:eb:fa:8e:74:b1:6e:63:af:77:06:b9:49:bf:4f:02:
85:13:df:e6:64:dd:44:39:ff:e7:2f:be:c0:1b:b9:7d:f3:ae:
93:cc:20:d6:d3:b5:d3:79:5d:1f:5d:78:2a:6e:6a:7b:5d:cd:
c7:22:45:7f:e3:e5:d6:67:dc:6a:75:79:20:fd:9a:0f:18:b9:
aa:bc:28:5f:d9:84:24:af:18:35:02:ee:ec:57:7e:93:2c:22:
f2:d3:bd:27:75:42:80:ca:ef:c4:fd:84:2b:e8:f9:d1:d1:c2:
91:eb:b4:62:61:3f:61:6c:78:1d:4d:23:32:04:13:d3:99:10:
26:6b:4b:9a:9b:4e:db:12:dd:74:7e:69:e5:6c:21:02:bc:3a:
5a:63:0b:21
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYmM1v7hp4RN4Dot5rvvSTWRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIwY2M5NWZjNDJmM2Q4MTkyMGY0NjRiMGYyMGM4YTUyMDNm
MjFlMzAwHhcNMjMwNzI1MTEzNzI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNjk5MTMwNzA3M2VjYjI5NmE0ZWExMjk1NDQ4MGZkZmJjOWUwM2QyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxIzKVRHNqtwWAZYT0jvFUsXc/ml7
IiH5lM4C0ZDE3YycB+Wrok8sQpmklTpXgHFMrz68/tWCBBcziAkcHBseOAv72POy
2HB1a7jJbhM9FgdS55NqqLFEtpuj3jcw/WDqS/fZYZpTTHTayqkQuM4gptQUnFCY
n4V3o7qsSMwrHtB1KGZLtpqWevzVwZ2H16yUNHlf7BHCdRhsGL098a4wBAd4cPWS
/5fRRkvsv9EVWMGJgZ/bj5X6RIF6FwVFKW0gP1K6dibRj1ubKIPMWtbwjgxT+Tt4
KW4DsigaomWPkyTLlJi/CvN4sZSy/DUv+WTW7JJtxllIG/Ssx3xOIK+OiQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFLaZEwcHPsspak6hKVRID9+8ngPSMB8GA1UdIwQY
MBaAFLDMlfxC89gZIPRksPIMilID8h4wMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc015Vl9FTHoyQmtnOUdTdzhneUtVZ1B5SGpBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS9lOTY4NzctMTEzMy00YjI5LWE2YmEt
ODQ1M2MwZjEzNWQ2LzEvdHBrVEJ3Yy15eWxxVHFFcFZFZ1AzN3llQTlJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS9lOTY4NzctMTEzMy00YjI5LWE2YmEtODQ1M2MwZjEzNWQ2
LzEvc015Vl9FTHoyQmtnOUdTdzhneUtVZ1B5SGpBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQF1AjAAwQF
1A/AMA0EAgACMAcDBQEgAQrgMA0GCSqGSIb3DQEBCwUAA4IBAQDG1ZmzJ0uuIAgd
l9GOH7v4JZYIKlokHDhV1BWs0QNOwJv8e+Iu4VjoPFBC9HBpXqmQewqNSsWavvST
rpUu88ODuPY/gwScZG8NTE8VSz0lesZoacqFYmZx4/RnmvPGtlEeGK0Ade11nT6p
iMhElHnr+o50sW5jr3cGuUm/TwKFE9/mZN1EOf/nL77AG7l9866TzCDW07XTeV0f
XXgqbmp7Xc3HIkV/4+XWZ9xqdXkg/ZoPGLmqvChf2YQkrxg1Au7sV36TLCLy070n
dUKAyu/E/YQr6PnR0cKR67RiYT9hbHgdTSMyBBPTmRAma0uam07bEt10fmnlbCEC
vDpaYwsh
-----END CERTIFICATE-----
Generated at Sun Apr 13 01:29:28 2025 by rpki-client