Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/6fef03-0670-41ab-a6c9-43adb605f68a/1/TyTMClWdqqODKtvVUXWz7w8yBD0.roa
File: TyTMClWdqqODKtvVUXWz7w8yBD0.roa (raw, json)
Hash identifier: pEv+kQDnVcVR5CJbUz8BNjoAOjsEzAcIbtRWTi2hHvg=
Subject key identifier: 4F:24:CC:0A:55:9D:AA:A3:83:2A:DB:D5:51:75:B3:EF:0F:32:04:3D
Certificate issuer: /CN=7a1ff702726e75b3a68f1182e47ffbcdcae515e5
Certificate serial: 064AB449
Authority key identifier: 7A:1F:F7:02:72:6E:75:B3:A6:8F:11:82:E4:7F:FB:CD:CA:E5:15:E5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/eh_3AnJudbOmjxGC5H_7zcrlFeU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/6fef03-0670-41ab-a6c9-43adb605f68a/1/TyTMClWdqqODKtvVUXWz7w8yBD0.roa
Signing time: Tue 14 Jun 2022 16:29:44 +0000
ROA not before: Tue 14 Jun 2022 16:29:44 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 213260
IP address blocks: 87.238.28.0/22 maxlen: 22
80.249.32.0/20 maxlen: 20
89.249.176.0/21 maxlen: 21
87.238.0.0/20 maxlen: 20
46.232.144.0/21 maxlen: 21
87.238.16.0/21 maxlen: 21
87.238.24.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 105559113 (0x64ab449)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7a1ff702726e75b3a68f1182e47ffbcdcae515e5
Validity
Not Before: Jun 14 16:29:44 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=4f24cc0a559daaa3832adbd55175b3ef0f32043d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:c0:e3:bd:1f:f0:bc:8e:97:a4:59:da:75:7f:
54:6b:3d:de:ab:25:bd:d8:9f:06:44:f4:5e:59:0e:
a1:22:42:44:a5:9b:b9:c5:3f:4a:46:0e:61:46:6c:
47:01:ac:fa:25:98:dc:2c:d1:32:20:55:45:d3:94:
c9:57:96:2a:ad:22:3c:f9:1a:4f:2f:7c:55:16:4b:
b7:d6:24:07:29:cc:06:30:72:b0:33:53:a8:c1:b9:
df:90:af:54:a6:5a:a2:69:ae:63:ea:15:23:da:40:
f4:b1:9c:a5:ca:1b:9d:77:35:95:16:0e:bc:9f:22:
91:f0:83:06:97:9f:ab:3f:ed:dc:a1:e3:fe:11:49:
d4:da:4e:fa:68:72:d2:9c:16:ca:0a:9c:43:bd:8d:
aa:b0:39:28:d2:46:86:2d:f0:ac:35:e5:63:84:e7:
6e:5d:9f:71:0e:f9:50:c8:80:eb:ac:f2:18:6c:30:
6d:c9:66:49:d2:ef:c3:90:fd:3d:85:fd:d9:18:99:
d2:49:02:8f:a6:f2:a1:e1:91:01:ad:2b:8d:d7:12:
7a:e5:8d:62:26:a2:60:7b:ad:c2:e2:6f:ae:20:d2:
b9:f9:02:df:ba:85:34:62:f6:2b:c6:e0:3f:63:a5:
d3:7e:cc:99:d0:91:ef:af:42:15:23:2b:46:5c:c3:
d0:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4F:24:CC:0A:55:9D:AA:A3:83:2A:DB:D5:51:75:B3:EF:0F:32:04:3D
X509v3 Authority Key Identifier:
keyid:7A:1F:F7:02:72:6E:75:B3:A6:8F:11:82:E4:7F:FB:CD:CA:E5:15:E5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eh_3AnJudbOmjxGC5H_7zcrlFeU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/6fef03-0670-41ab-a6c9-43adb605f68a/1/TyTMClWdqqODKtvVUXWz7w8yBD0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/6fef03-0670-41ab-a6c9-43adb605f68a/1/eh_3AnJudbOmjxGC5H_7zcrlFeU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.232.144.0/21
80.249.32.0/20
87.238.0.0/19
89.249.176.0/21
Signature Algorithm: sha256WithRSAEncryption
08:fb:d5:40:3f:3a:d4:55:0a:05:a7:4e:8e:f3:dd:48:68:0d:
37:95:6c:fd:37:64:9b:7e:36:d0:9a:46:ea:c7:cd:9e:3f:d8:
97:4b:a0:23:27:b3:2d:49:54:9a:30:b3:8d:dc:64:ed:4c:88:
3e:ba:55:62:08:ac:b8:a7:a9:0b:09:2f:2d:1f:39:a3:79:b6:
ff:8e:91:65:0b:2d:bc:14:df:be:30:b7:d5:51:5d:b1:59:ac:
ea:9d:3a:5b:80:f3:ed:f9:d9:5b:67:38:4c:91:43:ac:a7:ef:
a6:d5:a2:49:24:52:82:ff:5a:41:af:a5:d4:e8:9e:83:c0:36:
71:1c:33:e4:8f:d8:c9:2b:00:23:27:f9:b6:b9:97:55:3a:9a:
a8:2c:87:cd:ed:3a:b6:f4:9a:c7:75:2d:2e:cf:4e:05:b7:4e:
e8:d9:c8:66:34:db:94:eb:01:5e:60:1f:d4:da:c4:6a:02:ef:
57:89:ca:6d:a0:c1:ca:2d:17:76:06:a0:bc:24:e7:4d:21:65:
0d:d0:1e:02:a6:e2:68:0c:42:f0:6b:9d:90:e0:18:21:35:69:
ba:91:09:44:b6:a5:c1:76:d9:f4:5a:a2:96:fd:ba:c8:fa:68:
d2:3b:90:de:92:30:b7:ad:87:da:20:06:75:c9:f2:16:b0:e0:
36:9b:4a:40
-----BEGIN CERTIFICATE-----
MIIFATCCA+mgAwIBAgIEBkq0STANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
YTFmZjcwMjcyNmU3NWIzYTY4ZjExODJlNDdmZmJjZGNhZTUxNWU1MB4XDTIyMDYx
NDE2Mjk0NFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNGYyNGNjMGE1NTlk
YWFhMzgzMmFkYmQ1NTE3NWIzZWYwZjMyMDQzZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAK3A470f8LyOl6RZ2nV/VGs93qslvdifBkT0XlkOoSJCRKWb
ucU/SkYOYUZsRwGs+iWY3CzRMiBVRdOUyVeWKq0iPPkaTy98VRZLt9YkBynMBjBy
sDNTqMG535CvVKZaommuY+oVI9pA9LGcpcobnXc1lRYOvJ8ikfCDBpefqz/t3KHj
/hFJ1NpO+mhy0pwWygqcQ72NqrA5KNJGhi3wrDXlY4Tnbl2fcQ75UMiA66zyGGww
bclmSdLvw5D9PYX92RiZ0kkCj6byoeGRAa0rjdcSeuWNYiaiYHutwuJvriDSufkC
37qFNGL2K8bgP2Ol037MmdCR769CFSMrRlzD0LUCAwEAAaOCAhswggIXMB0GA1Ud
DgQWBBRPJMwKVZ2qo4Mq29VRdbPvDzIEPTAfBgNVHSMEGDAWgBR6H/cCcm51s6aP
EYLkf/vNyuUV5TAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2VoXzNBbkp1ZGJPbWp4R0M1SF83emNybEZlVS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYzAvNmZlZjAzLTA2NzAtNDFhYi1hNmM5LTQzYWRiNjA1ZjY4YS8x
L1R5VE1DbFdkcXFPREt0dlZVWFd6N3c4eUJEMC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYzAv
NmZlZjAzLTA2NzAtNDFhYi1hNmM5LTQzYWRiNjA1ZjY4YS8xL2VoXzNBbkp1ZGJP
bWp4R0M1SF83emNybEZlVS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAx
BggrBgEFBQcBBwEB/wQiMCAwHgQCAAEwGAMEAy7okAMEBFD5IAMEBVfuAAMEA1n5
sDANBgkqhkiG9w0BAQsFAAOCAQEACPvVQD861FUKBadOjvPdSGgNN5Vs/Tdkm342
0JpG6sfNnj/Yl0ugIyezLUlUmjCzjdxk7UyIPrpVYgisuKepCwkvLR85o3m2/46R
ZQstvBTfvjC31VFdsVms6p06W4Dz7fnZW2c4TJFDrKfvptWiSSRSgv9aQa+l1Oie
g8A2cRwz5I/YySsAIyf5trmXVTqaqCyHze06tvSax3UtLs9OBbdO6NnIZjTblOsB
XmAf1NrEagLvV4nKbaDByi0XdgagvCTnTSFlDdAeAqbiaAxC8GudkOAYITVpupEJ
RLalwXbZ9Fqilv26yPpo0juQ3pIwt62H2iAGdcnyFrDgNptKQA==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:22:15 2025 by rpki-client