Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bb/c383cb-33ea-43cf-8e2e-14d07bd1889c/1/Tv1ymrz006cJcRqtzaTtFAykVcY.roa
File: Tv1ymrz006cJcRqtzaTtFAykVcY.roa (raw, json)
Hash identifier: FsE3+KUFTsm61uWOhMocEOgieqlSZpNR8ljbD2oxyNU=
Subject key identifier: 4E:FD:72:9A:BC:F4:D3:A7:09:71:1A:AD:CD:A4:ED:14:0C:A4:55:C6
Certificate issuer: /CN=07733fc63b8f1880e5c0af6b4643d1e32181d7a5
Certificate serial: 099404E8
Authority key identifier: 07:73:3F:C6:3B:8F:18:80:E5:C0:AF:6B:46:43:D1:E3:21:81:D7:A5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/B3M_xjuPGIDlwK9rRkPR4yGB16U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bb/c383cb-33ea-43cf-8e2e-14d07bd1889c/1/Tv1ymrz006cJcRqtzaTtFAykVcY.roa
Signing time: Sat 01 Jan 2022 07:01:03 +0000
ROA not before: Sat 01 Jan 2022 07:01:03 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 28932
IP address blocks: 195.238.162.0/24 maxlen: 32
195.238.163.0/24 maxlen: 32
195.238.160.0/24 maxlen: 32
195.238.161.0/24 maxlen: 32
194.113.177.0/24 maxlen: 32
194.113.176.0/24 maxlen: 32
194.113.178.0/24 maxlen: 32
194.113.179.0/24 maxlen: 32
195.22.136.0/24 maxlen: 32
195.22.137.0/24 maxlen: 32
195.49.156.0/24 maxlen: 32
195.49.159.0/24 maxlen: 32
195.49.157.0/24 maxlen: 32
195.49.158.0/24 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 160695528 (0x99404e8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=07733fc63b8f1880e5c0af6b4643d1e32181d7a5
Validity
Not Before: Jan 1 07:01:03 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=4efd729abcf4d3a709711aadcda4ed140ca455c6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:fb:76:32:3a:93:73:49:3d:c7:ae:44:7f:bb:
b7:f8:3a:76:a3:5c:1a:31:8f:12:ad:34:d5:e1:13:
59:5b:e5:4e:27:a9:08:a9:01:95:58:ca:d4:78:57:
8f:78:b2:2f:64:19:11:f8:88:b9:78:7d:1b:7d:69:
7e:cf:ea:06:d5:ae:36:80:6a:f0:53:80:68:ac:15:
36:ab:71:d4:5d:54:44:f4:fa:86:c4:6c:b8:0b:ed:
d9:44:d5:dc:02:c6:7f:dd:53:95:43:7e:f8:a8:a7:
9d:1f:44:ab:0c:35:3a:5f:ce:4a:7d:98:22:27:19:
3a:53:2f:7e:94:45:fc:86:54:bf:44:ae:d3:ae:09:
e8:a2:53:36:3b:fd:18:0b:01:dd:f1:b2:d9:9c:a7:
3d:d3:a6:31:70:14:0a:fd:98:72:e8:3d:c7:16:f7:
a2:7b:b0:94:7d:2f:ee:63:93:a3:e3:ed:2e:11:e3:
06:31:c6:71:65:9f:eb:cb:d6:35:b3:56:bb:8e:8c:
08:0e:7d:04:15:82:81:57:e3:ec:ff:9e:21:58:c7:
09:55:3f:e2:da:16:fb:a2:2f:8e:2c:48:f2:b3:47:
c8:f9:b5:62:b5:e7:7a:d1:1a:79:9c:77:53:49:7c:
f1:98:9f:74:66:b7:57:69:73:03:ce:4e:8f:32:28:
3a:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:FD:72:9A:BC:F4:D3:A7:09:71:1A:AD:CD:A4:ED:14:0C:A4:55:C6
X509v3 Authority Key Identifier:
keyid:07:73:3F:C6:3B:8F:18:80:E5:C0:AF:6B:46:43:D1:E3:21:81:D7:A5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/B3M_xjuPGIDlwK9rRkPR4yGB16U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/c383cb-33ea-43cf-8e2e-14d07bd1889c/1/Tv1ymrz006cJcRqtzaTtFAykVcY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/c383cb-33ea-43cf-8e2e-14d07bd1889c/1/B3M_xjuPGIDlwK9rRkPR4yGB16U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.113.176.0/22
195.22.136.0/23
195.49.156.0/22
195.238.160.0/22
Signature Algorithm: sha256WithRSAEncryption
55:fa:78:8f:e2:b8:33:34:a4:2b:da:cb:60:65:2e:a9:5c:83:
7d:99:a6:92:49:5d:73:1b:83:a4:d5:9a:fe:e5:d5:03:f3:2f:
02:20:c2:e2:df:3b:94:be:47:18:16:4e:47:27:45:f0:4e:95:
22:1f:4c:7c:cf:bd:f1:6d:3c:b7:bb:f6:28:9d:3a:a6:d8:48:
19:22:a3:5c:c8:8c:b7:8d:13:be:7e:8f:b6:e3:c9:aa:3d:50:
68:a0:95:eb:96:2f:09:43:44:4c:60:29:19:65:cc:1c:26:4a:
55:a4:61:66:4b:27:53:1a:4b:b5:2b:af:89:82:c3:29:bc:f6:
48:18:9c:d9:5a:e8:a1:7f:b2:20:3f:29:c7:93:b2:66:a0:e4:
47:6e:c8:b7:f3:39:b5:d9:ea:36:4e:30:96:9b:75:f6:dc:ea:
5c:28:09:1c:dd:16:bf:bb:47:02:5c:e0:3e:9a:1d:5b:ac:03:
8b:49:37:dc:db:59:87:c5:f4:e5:0a:06:cd:20:0a:24:ad:b0:
d1:b6:6b:f5:5d:62:ab:b3:d7:51:e5:c8:c4:7e:66:c9:86:76:
34:27:66:5c:d1:57:6b:23:8b:1f:fd:54:41:2b:ee:11:a2:e1:
d3:54:d5:e4:6b:7b:38:a2:a0:dd:ac:40:63:2b:23:a2:39:fb:
a5:f5:f6:2b
-----BEGIN CERTIFICATE-----
MIIFATCCA+mgAwIBAgIECZQE6DANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
NzczM2ZjNjNiOGYxODgwZTVjMGFmNmI0NjQzZDFlMzIxODFkN2E1MB4XDTIyMDEw
MTA3MDEwM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNGVmZDcyOWFiY2Y0
ZDNhNzA5NzExYWFkY2RhNGVkMTQwY2E0NTVjNjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKX7djI6k3NJPceuRH+7t/g6dqNcGjGPEq001eETWVvlTiep
CKkBlVjK1HhXj3iyL2QZEfiIuXh9G31pfs/qBtWuNoBq8FOAaKwVNqtx1F1URPT6
hsRsuAvt2UTV3ALGf91TlUN++KinnR9Eqww1Ol/OSn2YIicZOlMvfpRF/IZUv0Su
064J6KJTNjv9GAsB3fGy2ZynPdOmMXAUCv2Ycug9xxb3onuwlH0v7mOTo+PtLhHj
BjHGcWWf68vWNbNWu46MCA59BBWCgVfj7P+eIVjHCVU/4toW+6IvjixI8rNHyPm1
YrXnetEaeZx3U0l88ZifdGa3V2lzA85OjzIoOpMCAwEAAaOCAhswggIXMB0GA1Ud
DgQWBBRO/XKavPTTpwlxGq3NpO0UDKRVxjAfBgNVHSMEGDAWgBQHcz/GO48YgOXA
r2tGQ9HjIYHXpTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0IzTV94anVQR0lEbHdLOXJSa1BSNHlHQjE2VS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYmIvYzM4M2NiLTMzZWEtNDNjZi04ZTJlLTE0ZDA3YmQxODg5Yy8x
L1R2MXltcnowMDZjSmNScXR6YVR0RkF5a1ZjWS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYmIv
YzM4M2NiLTMzZWEtNDNjZi04ZTJlLTE0ZDA3YmQxODg5Yy8xL0IzTV94anVQR0lE
bHdLOXJSa1BSNHlHQjE2VS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAx
BggrBgEFBQcBBwEB/wQiMCAwHgQCAAEwGAMEAsJxsAMEAcMWiAMEAsMxnAMEAsPu
oDANBgkqhkiG9w0BAQsFAAOCAQEAVfp4j+K4MzSkK9rLYGUuqVyDfZmmkkldcxuD
pNWa/uXVA/MvAiDC4t87lL5HGBZORydF8E6VIh9MfM+98W08t7v2KJ06pthIGSKj
XMiMt40Tvn6PtuPJqj1QaKCV65YvCUNETGApGWXMHCZKVaRhZksnUxpLtSuviYLD
Kbz2SBic2VrooX+yID8px5OyZqDkR27It/M5tdnqNk4wlpt19tzqXCgJHN0Wv7tH
AlzgPpodW6wDi0k33NtZh8X05QoGzSAKJK2w0bZr9V1iq7PXUeXIxH5myYZ2NCdm
XNFXayOLH/1UQSvuEaLh01TV5Gt7OKKg3axAYysjojn7pfX2Kw==
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:28:36 2025 by rpki-client