Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/46c20c-f166-4041-a01b-0efec6ea77c6/1/TD8JU6Tj0zKKRfH6y8-kZUsSOTE.roa
File: TD8JU6Tj0zKKRfH6y8-kZUsSOTE.roa (raw, json)
Hash identifier: UCo7qY2r/aY+S5ilp0ysbg41ynnIevhlqEb/1BjG3JE=
Subject key identifier: 4C:3F:09:53:A4:E3:D3:32:8A:45:F1:FA:CB:CF:A4:65:4B:12:39:31
Certificate issuer: /CN=d3acd2b7b7473af4350ea1aba83d177585ceedad
Certificate serial: 018572B3FF8B26BA92E014C0027D0061C5C0
Authority key identifier: D3:AC:D2:B7:B7:47:3A:F4:35:0E:A1:AB:A8:3D:17:75:85:CE:ED:AD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/06zSt7dHOvQ1DqGrqD0XdYXO7a0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c5/46c20c-f166-4041-a01b-0efec6ea77c6/1/TD8JU6Tj0zKKRfH6y8-kZUsSOTE.roa
Signing time: Mon 02 Jan 2023 13:37:56 +0000
ROA not before: Mon 02 Jan 2023 13:37:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 205360
IP address blocks: 185.221.4.0/22 maxlen: 22
2a0b:fec0::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:b3:ff:8b:26:ba:92:e0:14:c0:02:7d:00:61:c5:c0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3acd2b7b7473af4350ea1aba83d177585ceedad
Validity
Not Before: Jan 2 13:37:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4c3f0953a4e3d3328a45f1facbcfa4654b123931
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:6e:ee:a3:04:1d:05:0d:d8:5a:2a:92:30:9b:
41:90:45:ba:0a:4d:09:6f:e6:37:44:dc:0f:a3:d0:
39:8b:63:4d:0d:46:7b:a5:07:46:1f:fa:02:27:81:
2a:d5:3a:a3:ba:f2:55:8d:0f:34:e4:44:93:35:1d:
c2:da:a7:17:39:12:31:3b:af:6d:80:39:aa:b5:3a:
22:dc:13:b5:6c:1e:70:9f:93:d7:24:6a:6d:0f:86:
00:b2:7d:13:53:df:9c:68:2c:5d:1c:08:aa:8f:0e:
de:da:15:57:4b:82:99:c6:0b:68:e3:4d:d1:d5:c3:
67:20:4f:6b:4b:38:6e:6c:cf:63:69:91:93:77:08:
1d:0c:58:a1:88:5a:4a:b7:99:24:46:1e:f8:90:62:
36:f9:16:6d:1e:14:1c:7a:9d:5d:f2:ab:da:5c:83:
09:61:fe:26:58:45:bf:6d:2f:24:c1:68:84:15:74:
b3:b7:08:0e:f2:b3:07:a8:b0:c9:21:83:87:26:43:
fd:66:84:7a:65:25:83:2f:c2:f9:f2:fd:5f:2c:f3:
2f:8a:c4:2f:f2:6a:d8:0c:37:86:fd:89:8f:40:40:
8a:d8:3d:72:29:27:8e:a0:55:1f:15:64:bb:14:87:
07:00:35:af:20:4d:aa:22:fb:29:35:e3:26:58:a7:
c1:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:3F:09:53:A4:E3:D3:32:8A:45:F1:FA:CB:CF:A4:65:4B:12:39:31
X509v3 Authority Key Identifier:
keyid:D3:AC:D2:B7:B7:47:3A:F4:35:0E:A1:AB:A8:3D:17:75:85:CE:ED:AD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/06zSt7dHOvQ1DqGrqD0XdYXO7a0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/46c20c-f166-4041-a01b-0efec6ea77c6/1/TD8JU6Tj0zKKRfH6y8-kZUsSOTE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/46c20c-f166-4041-a01b-0efec6ea77c6/1/06zSt7dHOvQ1DqGrqD0XdYXO7a0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.221.4.0/22
IPv6:
2a0b:fec0::/29
Signature Algorithm: sha256WithRSAEncryption
a5:1f:96:5c:26:10:b4:9c:5f:d1:00:f5:cb:1d:05:3f:c7:35:
71:7e:d9:58:5f:4e:4d:1d:36:17:d4:56:f0:00:a0:4f:e5:20:
f2:12:82:67:bd:b2:1f:9e:56:8e:ff:25:fb:66:13:06:da:ad:
66:02:5c:6d:c6:9a:08:d8:6a:88:06:75:d0:56:c2:a7:0d:05:
4d:ba:5e:3d:b1:30:f2:15:9c:0e:f8:85:30:ba:ce:fc:ab:5b:
38:62:f2:3a:c3:15:4e:eb:7d:ee:ce:54:80:da:88:73:f6:35:
2b:b7:59:64:55:d9:6b:27:01:0d:7e:11:5b:b0:9c:b2:68:e0:
da:fb:d0:13:76:8e:95:b5:bf:df:7a:80:db:74:aa:d2:8e:fe:
03:48:c9:1d:c9:29:12:67:72:de:33:59:95:8b:e7:0e:c8:ad:
07:08:70:6c:e8:58:82:d0:d9:6e:28:48:27:a8:8b:a9:93:e5:
dd:d8:72:4c:4b:68:76:b9:02:c0:97:12:18:63:e8:c5:e4:08:
37:7b:a0:03:a5:84:16:5f:54:12:3a:e6:6b:e3:d8:32:47:02:
46:91:66:f2:6e:0e:97:42:cb:bc:9a:3a:c9:d3:b9:0c:d8:9b:
6b:36:06:c5:02:5a:38:05:1f:1f:c0:fe:d1:b6:45:0b:d2:ae:
ef:f2:bf:ca
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVys/+LJrqS4BTAAn0AYcXAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYWNkMmI3Yjc0NzNhZjQzNTBlYTFhYmE4M2QxNzc1ODVj
ZWVkYWQwHhcNMjMwMTAyMTMzNzU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YzNmMDk1M2E0ZTNkMzMyOGE0NWYxZmFjYmNmYTQ2NTRiMTIzOTMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlG7uowQdBQ3YWiqSMJtBkEW6Ck0J
b+Y3RNwPo9A5i2NNDUZ7pQdGH/oCJ4Eq1TqjuvJVjQ805ESTNR3C2qcXORIxO69t
gDmqtToi3BO1bB5wn5PXJGptD4YAsn0TU9+caCxdHAiqjw7e2hVXS4KZxgto403R
1cNnIE9rSzhubM9jaZGTdwgdDFihiFpKt5kkRh74kGI2+RZtHhQcep1d8qvaXIMJ
Yf4mWEW/bS8kwWiEFXSztwgO8rMHqLDJIYOHJkP9ZoR6ZSWDL8L58v1fLPMvisQv
8mrYDDeG/YmPQECK2D1yKSeOoFUfFWS7FIcHADWvIE2qIvspNeMmWKfBSwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFEw/CVOk49MyikXx+svPpGVLEjkxMB8GA1UdIwQY
MBaAFNOs0re3Rzr0NQ6hq6g9F3WFzu2tMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDZ6U3Q3ZEhPdlExRHFHcnFEMFhkWVhPN2EwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNS80NmMyMGMtZjE2Ni00MDQxLWEwMWIt
MGVmZWM2ZWE3N2M2LzEvVEQ4SlU2VGowektLUmZINnk4LWtaVXNTT1RFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNS80NmMyMGMtZjE2Ni00MDQxLWEwMWItMGVmZWM2ZWE3N2M2
LzEvMDZ6U3Q3ZEhPdlExRHFHcnFEMFhkWVhPN2EwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCud0EMA0E
AgACMAcDBQMqC/7AMA0GCSqGSIb3DQEBCwUAA4IBAQClH5ZcJhC0nF/RAPXLHQU/
xzVxftlYX05NHTYX1FbwAKBP5SDyEoJnvbIfnlaO/yX7ZhMG2q1mAlxtxpoI2GqI
BnXQVsKnDQVNul49sTDyFZwO+IUwus78q1s4YvI6wxVO633uzlSA2ohz9jUrt1lk
VdlrJwENfhFbsJyyaODa+9ATdo6Vtb/feoDbdKrSjv4DSMkdySkSZ3LeM1mVi+cO
yK0HCHBs6FiC0NluKEgnqIupk+Xd2HJMS2h2uQLAlxIYY+jF5Ag3e6ADpYQWX1QS
OuZr49gyRwJGkWbybg6XQsu8mjrJ07kM2JtrNgbFAlo4BR8fwP7RtkUL0q7v8r/K
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:54:33 2025 by rpki-client