Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/tGh2-NR6TaApRFk2pbdz3LtLmQ0.roa
File: tGh2-NR6TaApRFk2pbdz3LtLmQ0.roa (raw, json)
Hash identifier: yWkeG96eIdHo0bl2VYR3CgFIInvgsPl5RsC/1Y0j+Es=
Subject key identifier: B4:68:76:F8:D4:7A:4D:A0:29:44:59:36:A5:B7:73:DC:BB:4B:99:0D
Certificate issuer: /CN=92d7c2a1072d73507adbf6507de68aaac01785c0
Certificate serial: 01856ED4FAD5C069747160F12993F3F3B5CC
Authority key identifier: 92:D7:C2:A1:07:2D:73:50:7A:DB:F6:50:7D:E6:8A:AA:C0:17:85:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ktfCoQctc1B62_ZQfeaKqsAXhcA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/tGh2-NR6TaApRFk2pbdz3LtLmQ0.roa
Signing time: Sun 01 Jan 2023 19:35:29 +0000
ROA not before: Sun 01 Jan 2023 19:35:29 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 204357
IP address blocks: 188.164.211.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:d4:fa:d5:c0:69:74:71:60:f1:29:93:f3:f3:b5:cc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=92d7c2a1072d73507adbf6507de68aaac01785c0
Validity
Not Before: Jan 1 19:35:29 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b46876f8d47a4da029445936a5b773dcbb4b990d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:c1:8d:8f:d3:2f:20:74:0c:30:58:7b:b4:6e:
b9:fc:58:3c:ec:86:04:00:c9:00:dd:4f:47:d7:0b:
59:bb:c8:2a:a4:42:af:b4:46:6c:f7:de:9c:77:a5:
1f:dc:c4:ac:ba:e4:53:bf:98:33:72:63:ef:03:87:
a3:1c:94:43:c7:4d:f2:41:7f:6d:a4:2d:75:eb:b8:
ea:6d:bd:a5:c2:9c:b2:fb:75:0f:33:f3:5f:d4:ed:
13:4e:ff:a4:0a:ba:2f:a0:0e:45:c4:81:6f:1f:b8:
ef:6a:55:db:8b:ae:60:d8:87:82:6d:3a:46:a7:77:
05:48:03:ca:36:94:2d:1c:32:c0:7d:9c:dc:cb:bd:
08:ae:8e:5d:48:f2:c3:4e:49:29:9e:78:d2:01:48:
09:89:6f:fc:3f:94:03:b0:b6:8d:ed:29:4b:33:a0:
38:e2:cb:3c:49:b3:5d:a7:c2:0d:58:6a:b4:ea:51:
23:7d:87:2a:04:6a:c1:9a:93:2e:a6:1b:14:09:4a:
be:b9:3b:39:8c:60:10:54:26:e3:04:43:b1:25:78:
24:02:59:26:89:84:8d:d9:08:e5:da:cb:42:9b:49:
e9:bc:79:7e:17:5a:dc:29:21:cc:00:80:ef:a5:fd:
e0:06:47:03:fb:25:38:df:6d:41:f6:83:01:39:a7:
b6:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:68:76:F8:D4:7A:4D:A0:29:44:59:36:A5:B7:73:DC:BB:4B:99:0D
X509v3 Authority Key Identifier:
keyid:92:D7:C2:A1:07:2D:73:50:7A:DB:F6:50:7D:E6:8A:AA:C0:17:85:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ktfCoQctc1B62_ZQfeaKqsAXhcA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/tGh2-NR6TaApRFk2pbdz3LtLmQ0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/ktfCoQctc1B62_ZQfeaKqsAXhcA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.164.211.0/24
Signature Algorithm: sha256WithRSAEncryption
4d:0c:73:60:6c:b6:49:21:41:00:f5:cc:1d:9a:96:a6:c8:49:
7a:47:50:ed:4d:5e:68:9c:9f:7c:f7:b7:11:31:00:b1:5a:67:
66:a4:8c:c2:43:11:5d:fa:18:d0:ad:fc:a2:71:3e:ed:0f:3f:
86:84:c2:47:c9:98:35:56:d3:8f:a3:9b:33:b1:b0:df:7c:6a:
de:08:c7:2d:4c:60:8c:d5:f9:fc:da:d1:b1:ce:9d:f9:55:d0:
32:09:f9:5d:f0:69:87:b9:37:4c:63:76:97:b3:80:b5:5a:97:
fd:2b:8d:ed:8b:f6:c3:57:4a:76:b2:c4:6d:d0:24:6a:70:42:
01:4a:d4:b6:63:6e:52:71:77:79:2d:37:b0:3c:7f:75:dc:bc:
90:cd:21:9a:cd:a5:7f:c3:de:e4:40:a8:07:f7:78:19:44:99:
67:ab:fb:34:fd:d0:3c:2f:3f:c1:6e:b0:34:4b:50:ff:90:ff:
51:e3:f4:a9:9f:b8:e7:ea:04:1c:dc:a6:2c:e9:67:5a:7c:a1:
38:eb:4f:b6:80:3d:5f:83:ef:94:14:35:fd:1e:09:a0:ad:8f:
cf:b9:68:2a:68:ce:bd:f9:07:5d:d3:4e:8d:93:a2:56:4e:0f:
11:5e:06:73:9e:e2:a5:94:9d:bb:b3:fb:0e:13:eb:26:a1:a3:
cf:aa:7b:e3
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVu1PrVwGl0cWDxKZPz87XMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyZDdjMmExMDcyZDczNTA3YWRiZjY1MDdkZTY4YWFhYzAx
Nzg1YzAwHhcNMjMwMTAxMTkzNTI5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNDY4NzZmOGQ0N2E0ZGEwMjk0NDU5MzZhNWI3NzNkY2JiNGI5OTBkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArcGNj9MvIHQMMFh7tG65/Fg87IYE
AMkA3U9H1wtZu8gqpEKvtEZs996cd6Uf3MSsuuRTv5gzcmPvA4ejHJRDx03yQX9t
pC1167jqbb2lwpyy+3UPM/Nf1O0TTv+kCrovoA5FxIFvH7jvalXbi65g2IeCbTpG
p3cFSAPKNpQtHDLAfZzcy70Iro5dSPLDTkkpnnjSAUgJiW/8P5QDsLaN7SlLM6A4
4ss8SbNdp8INWGq06lEjfYcqBGrBmpMuphsUCUq+uTs5jGAQVCbjBEOxJXgkAlkm
iYSN2Qjl2stCm0npvHl+F1rcKSHMAIDvpf3gBkcD+yU4321B9oMBOae2OQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLRodvjUek2gKURZNqW3c9y7S5kNMB8GA1UdIwQY
MBaAFJLXwqEHLXNQetv2UH3miqrAF4XAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva3RmQ29RY3RjMUI2Ml9aUWZlYUtxc0FYaGNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy85Y2ZmN2MtZjA1YS00ZTAyLWJlYTct
ODllNTZjODBkMWQwLzEvdEdoMi1OUjZUYUFwUkZrMnBiZHozTHRMbVEwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy85Y2ZmN2MtZjA1YS00ZTAyLWJlYTctODllNTZjODBkMWQw
LzEva3RmQ29RY3RjMUI2Ml9aUWZlYUtxc0FYaGNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAvKTTMA0G
CSqGSIb3DQEBCwUAA4IBAQBNDHNgbLZJIUEA9cwdmpamyEl6R1DtTV5onJ9897cR
MQCxWmdmpIzCQxFd+hjQrfyicT7tDz+GhMJHyZg1VtOPo5szsbDffGreCMctTGCM
1fn82tGxzp35VdAyCfld8GmHuTdMY3aXs4C1Wpf9K43ti/bDV0p2ssRt0CRqcEIB
StS2Y25ScXd5LTewPH913LyQzSGazaV/w97kQKgH93gZRJlnq/s0/dA8Lz/BbrA0
S1D/kP9R4/Spn7jn6gQc3KYs6WdafKE460+2gD1fg++UFDX9HgmgrY/PuWgqaM69
+Qdd006Nk6JWTg8RXgZznuKllJ27s/sOE+smoaPPqnvj
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:20:00 2025 by rpki-client