Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/TMFuxfTrG8r25OfWps6hTSrj5iw.roa
File: TMFuxfTrG8r25OfWps6hTSrj5iw.roa (raw, json)
Hash identifier: V41/BNw3C2qZEGGARg/EX/OAnY1aftKsn7ndmrdG+1U=
Subject key identifier: 4C:C1:6E:C5:F4:EB:1B:CA:F6:E4:E7:D6:A6:CE:A1:4D:2A:E3:E6:2C
Certificate issuer: /CN=92d7c2a1072d73507adbf6507de68aaac01785c0
Certificate serial: 018505AE356A36C949480275296513F28740
Authority key identifier: 92:D7:C2:A1:07:2D:73:50:7A:DB:F6:50:7D:E6:8A:AA:C0:17:85:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ktfCoQctc1B62_ZQfeaKqsAXhcA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/TMFuxfTrG8r25OfWps6hTSrj5iw.roa
Signing time: Mon 12 Dec 2022 09:33:01 +0000
ROA not before: Mon 12 Dec 2022 09:33:01 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 20663
IP address blocks: 195.16.96.0/19 maxlen: 24
213.154.187.0/24 maxlen: 24
213.154.190.0/23 maxlen: 23
193.201.228.0/22 maxlen: 24
213.154.189.0/24 maxlen: 24
213.154.188.0/24 maxlen: 24
213.154.163.0/24 maxlen: 24
213.154.162.0/24 maxlen: 24
213.154.166.0/24 maxlen: 24
213.154.161.0/24 maxlen: 24
213.154.165.0/24 maxlen: 24
213.154.160.0/24 maxlen: 24
213.154.164.0/24 maxlen: 24
213.154.160.0/21 maxlen: 21
213.154.167.0/24 maxlen: 24
213.154.171.0/24 maxlen: 24
213.154.172.0/23 maxlen: 23
213.154.169.0/24 maxlen: 24
213.154.168.0/24 maxlen: 24
213.154.176.0/23 maxlen: 23
213.154.179.0/24 maxlen: 24
213.154.174.0/24 maxlen: 24
213.154.178.0/24 maxlen: 24
213.154.178.0/23 maxlen: 23
213.154.186.0/24 maxlen: 24
213.154.181.0/24 maxlen: 24
213.154.185.0/24 maxlen: 24
213.154.180.0/24 maxlen: 24
188.162.0.0/16 maxlen: 24
195.5.128.0/19 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:05:ae:35:6a:36:c9:49:48:02:75:29:65:13:f2:87:40
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=92d7c2a1072d73507adbf6507de68aaac01785c0
Validity
Not Before: Dec 12 09:33:01 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=4cc16ec5f4eb1bcaf6e4e7d6a6cea14d2ae3e62c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:b7:63:96:d8:ad:99:96:2c:00:6b:27:6c:d0:
f7:5e:7e:b1:bd:5f:31:ef:bd:14:d1:cf:1e:49:2b:
81:b2:3c:4a:3d:e1:28:f4:f6:0c:c5:4f:45:cf:9f:
74:d6:d8:e7:9a:35:70:2c:a2:32:46:e2:25:f7:2f:
79:03:41:c1:a3:04:69:dc:56:8e:84:d2:42:ec:04:
19:d9:35:47:e9:ea:76:3b:d2:31:14:d7:ee:ef:13:
81:45:62:46:db:eb:0d:2f:49:62:1d:c9:9e:27:5b:
55:2f:b2:82:3e:eb:d1:ca:dd:e9:a8:b6:b9:84:8d:
ca:15:dc:f7:59:b9:93:72:dd:c2:ee:48:64:78:65:
30:40:22:fa:57:6a:93:39:4c:7c:7d:6c:21:90:c5:
5f:a4:a9:c1:68:e7:86:d6:d3:f3:57:f2:70:df:b8:
c9:f3:f8:6b:61:9d:87:b4:7a:dc:7c:dc:7a:8d:95:
c1:f7:ae:14:2b:ae:4a:3c:d1:85:f2:b2:bd:ac:4d:
67:67:71:d6:60:20:72:98:e7:07:4a:38:e2:d9:bf:
0c:83:b8:a3:b3:9c:ea:76:02:81:76:34:e6:9e:7d:
d2:6e:49:42:24:19:42:77:af:62:cc:f6:c7:53:e4:
47:52:1b:a2:ff:37:22:3b:fa:e9:6f:cc:42:4e:40:
ba:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:C1:6E:C5:F4:EB:1B:CA:F6:E4:E7:D6:A6:CE:A1:4D:2A:E3:E6:2C
X509v3 Authority Key Identifier:
keyid:92:D7:C2:A1:07:2D:73:50:7A:DB:F6:50:7D:E6:8A:AA:C0:17:85:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ktfCoQctc1B62_ZQfeaKqsAXhcA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/TMFuxfTrG8r25OfWps6hTSrj5iw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/ktfCoQctc1B62_ZQfeaKqsAXhcA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.162.0.0/16
193.201.228.0/22
195.5.128.0/19
195.16.96.0/19
213.154.160.0-213.154.169.255
213.154.171.0-213.154.174.255
213.154.176.0-213.154.181.255
213.154.185.0-213.154.191.255
Signature Algorithm: sha256WithRSAEncryption
94:02:f4:d8:ec:99:bd:ae:2c:c9:59:be:60:a0:d6:a4:99:c1:
0b:60:1b:f6:d0:5e:0b:a0:8a:23:c0:40:81:26:cd:48:41:41:
84:7d:cc:57:9a:5d:5c:75:83:f6:d8:ac:2e:47:4b:07:da:7d:
28:11:80:c4:6c:4c:b6:d3:e3:df:6c:aa:78:70:66:03:b8:21:
ff:76:57:1b:8e:94:1f:d9:83:d8:0d:39:3d:e5:88:59:38:7f:
ba:d6:d2:f4:ba:20:1b:ce:79:ca:3d:10:97:f0:fd:27:03:7d:
72:08:4d:e0:de:c2:69:a6:00:b7:00:25:63:8c:ba:fb:8d:4d:
7b:3d:ea:4e:fe:32:69:29:d3:44:67:46:40:32:f4:8d:55:23:
31:f1:5e:00:0d:51:1b:05:be:21:e8:03:f1:90:cf:e0:50:9c:
93:8a:ae:8c:32:d4:6c:68:ee:2a:e3:e1:5c:9c:62:15:9b:5b:
20:e7:dd:52:30:2d:e0:b8:34:73:89:73:00:5e:45:e8:dc:5f:
50:b6:33:f2:8c:9f:f2:a0:a2:8d:da:b1:29:8a:a4:b2:bf:e5:
57:1a:4a:00:de:b3:51:e1:a2:58:c5:c2:3f:fa:62:ff:03:cd:
df:6c:6a:9f:13:5c:76:5a:19:d7:71:8e:f5:90:1c:6a:32:25:
95:de:03:30
-----BEGIN CERTIFICATE-----
MIIFRjCCBC6gAwIBAgISAYUFrjVqNslJSAJ1KWUT8odAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyZDdjMmExMDcyZDczNTA3YWRiZjY1MDdkZTY4YWFhYzAx
Nzg1YzAwHhcNMjIxMjEyMDkzMzAxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0Y2MxNmVjNWY0ZWIxYmNhZjZlNGU3ZDZhNmNlYTE0ZDJhZTNlNjJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAordjltitmZYsAGsnbND3Xn6xvV8x
770U0c8eSSuBsjxKPeEo9PYMxU9Fz5901tjnmjVwLKIyRuIl9y95A0HBowRp3FaO
hNJC7AQZ2TVH6ep2O9IxFNfu7xOBRWJG2+sNL0liHcmeJ1tVL7KCPuvRyt3pqLa5
hI3KFdz3WbmTct3C7khkeGUwQCL6V2qTOUx8fWwhkMVfpKnBaOeG1tPzV/Jw37jJ
8/hrYZ2HtHrcfNx6jZXB964UK65KPNGF8rK9rE1nZ3HWYCBymOcHSjji2b8Mg7ij
s5zqdgKBdjTmnn3SbklCJBlCd69izPbHU+RHUhui/zciO/rpb8xCTkC6YQIDAQAB
o4ICUjCCAk4wHQYDVR0OBBYEFEzBbsX06xvK9uTn1qbOoU0q4+YsMB8GA1UdIwQY
MBaAFJLXwqEHLXNQetv2UH3miqrAF4XAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva3RmQ29RY3RjMUI2Ml9aUWZlYUtxc0FYaGNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy85Y2ZmN2MtZjA1YS00ZTAyLWJlYTct
ODllNTZjODBkMWQwLzEvVE1GdXhmVHJHOHIyNU9mV3BzNmhUU3JqNWl3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy85Y2ZmN2MtZjA1YS00ZTAyLWJlYTctODllNTZjODBkMWQw
LzEva3RmQ29RY3RjMUI2Ml9aUWZlYUtxc0FYaGNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGgGCCsGAQUFBwEHAQH/BFkwVzBVBAIAATBPAwMAvKIDBALB
yeQDBAXDBYADBAXDEGAwDAMEBdWaoAMEAdWaqDAMAwQA1ZqrAwQA1ZquMAwDBATV
mrADBAHVmrQwDAMEANWauQMEBtWagDANBgkqhkiG9w0BAQsFAAOCAQEAlAL02OyZ
va4syVm+YKDWpJnBC2Ab9tBeC6CKI8BAgSbNSEFBhH3MV5pdXHWD9tisLkdLB9p9
KBGAxGxMttPj32yqeHBmA7gh/3ZXG46UH9mD2A05PeWIWTh/utbS9LogG855yj0Q
l/D9JwN9cghN4N7CaaYAtwAlY4y6+41Nez3qTv4yaSnTRGdGQDL0jVUjMfFeAA1R
GwW+IegD8ZDP4FCck4qujDLUbGjuKuPhXJxiFZtbIOfdUjAt4Lg0c4lzAF5F6Nxf
ULYz8oyf8qCijdqxKYqksr/lVxpKAN6zUeGiWMXCP/pi/wPN32xqnxNcdloZ13GO
9ZAcajIlld4DMA==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:19:02 2025 by rpki-client