Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/dc318b-9240-4775-a4ab-7d4266cf822a/1/tS23sux-7OrxGNeDlwrHqTgX5q8.roa
File: tS23sux-7OrxGNeDlwrHqTgX5q8.roa (raw, json)
Hash identifier: RNywvf9l/1xZc4YKQMwFYXd4oZiKLRTRuv/iFA6X0QA=
Subject key identifier: B5:2D:B7:B2:EC:7E:EC:EA:F1:18:D7:83:97:0A:C7:A9:38:17:E6:AF
Certificate issuer: /CN=9f26ac9eeb3a2cfa2f6ca3f413efb9cdffe9724e
Certificate serial: 0185EEE4779E25B0A5393CC41ED078184F85
Authority key identifier: 9F:26:AC:9E:EB:3A:2C:FA:2F:6C:A3:F4:13:EF:B9:CD:FF:E9:72:4E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nyasnus6LPovbKP0E--5zf_pck4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/dc318b-9240-4775-a4ab-7d4266cf822a/1/tS23sux-7OrxGNeDlwrHqTgX5q8.roa
Signing time: Thu 26 Jan 2023 16:23:48 +0000
ROA not before: Thu 26 Jan 2023 16:23:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 43915
IP address blocks: 87.117.68.0/23 maxlen: 23
194.105.134.0/23 maxlen: 24
194.145.242.0/23 maxlen: 24
195.206.172.0/22 maxlen: 24
185.147.184.0/22 maxlen: 22
217.14.184.0/21 maxlen: 21
109.224.226.0/23 maxlen: 24
178.248.128.0/21 maxlen: 21
109.224.234.0/23 maxlen: 24
109.224.240.0/23 maxlen: 24
147.189.156.0/22 maxlen: 24
185.161.4.0/22 maxlen: 22
87.117.64.0/22 maxlen: 22
144.178.104.0/23 maxlen: 23
144.178.118.0/23 maxlen: 23
94.154.184.0/22 maxlen: 22
193.35.146.0/23 maxlen: 23
194.146.160.0/22 maxlen: 24
213.225.224.0/22 maxlen: 24
217.20.244.0/22 maxlen: 24
79.135.122.0/23 maxlen: 24
185.231.136.0/22 maxlen: 22
185.23.254.0/23 maxlen: 24
45.66.36.0/22 maxlen: 22
144.178.252.0/23 maxlen: 23
2a07:5940::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:ee:e4:77:9e:25:b0:a5:39:3c:c4:1e:d0:78:18:4f:85
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9f26ac9eeb3a2cfa2f6ca3f413efb9cdffe9724e
Validity
Not Before: Jan 26 16:23:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b52db7b2ec7eeceaf118d783970ac7a93817e6af
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:0d:4b:b7:96:1e:1e:08:85:ee:88:e0:60:80:
30:7f:00:40:c6:d2:17:f4:49:ce:1e:79:d3:0a:9d:
a2:f3:5c:e5:56:fd:66:d8:45:0a:d0:bf:b3:40:21:
1a:e8:c2:38:0d:3b:28:90:d2:68:6c:ea:20:0d:73:
31:7d:2b:37:9c:fd:a9:05:05:bc:97:9d:8b:f8:eb:
ff:63:59:64:fc:07:33:22:32:df:85:44:1b:34:0c:
80:9f:7a:ea:51:00:89:88:f5:4a:b3:07:9e:6f:b9:
45:eb:90:8d:c0:8c:ea:4a:a4:29:0a:22:50:4c:c6:
8b:1d:3d:6e:f2:ef:c5:51:44:2b:30:aa:e2:bd:3c:
36:9f:44:12:58:b9:56:ae:32:43:29:b1:62:86:36:
50:7a:08:a6:0e:35:16:54:fd:4f:97:ba:de:e1:39:
93:56:38:6b:38:4a:68:29:ed:0a:7e:35:d3:a0:e4:
a5:8d:2a:88:51:5f:d6:07:8f:f2:85:7c:b7:af:c2:
b9:d9:7b:12:1e:c1:9b:fa:74:85:34:fc:1e:71:fe:
06:e6:e6:dc:fb:19:73:8c:40:40:ff:53:26:21:a0:
5e:2c:77:0b:43:9a:5f:9f:2b:da:0f:e0:97:c7:c5:
36:23:93:85:bd:78:04:2e:7c:13:b3:f9:b8:bf:69:
76:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:2D:B7:B2:EC:7E:EC:EA:F1:18:D7:83:97:0A:C7:A9:38:17:E6:AF
X509v3 Authority Key Identifier:
keyid:9F:26:AC:9E:EB:3A:2C:FA:2F:6C:A3:F4:13:EF:B9:CD:FF:E9:72:4E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nyasnus6LPovbKP0E--5zf_pck4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/dc318b-9240-4775-a4ab-7d4266cf822a/1/tS23sux-7OrxGNeDlwrHqTgX5q8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/dc318b-9240-4775-a4ab-7d4266cf822a/1/nyasnus6LPovbKP0E--5zf_pck4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.66.36.0/22
79.135.122.0/23
87.117.64.0-87.117.69.255
94.154.184.0/22
109.224.226.0/23
109.224.234.0/23
109.224.240.0/23
144.178.104.0/23
144.178.118.0/23
144.178.252.0/23
147.189.156.0/22
178.248.128.0/21
185.23.254.0/23
185.147.184.0/22
185.161.4.0/22
185.231.136.0/22
193.35.146.0/23
194.105.134.0/23
194.145.242.0/23
194.146.160.0/22
195.206.172.0/22
213.225.224.0/22
217.14.184.0/21
217.20.244.0/22
IPv6:
2a07:5940::/32
Signature Algorithm: sha256WithRSAEncryption
83:d5:0b:35:b4:2a:23:d0:bb:21:d2:44:80:e0:41:a3:1d:10:
4e:6c:25:5b:eb:2c:7e:78:90:ae:a3:23:ea:4f:5b:6c:ab:00:
f8:56:c3:a6:4b:82:47:71:52:e5:c0:f0:93:33:ad:44:37:22:
f3:9f:f1:eb:dc:01:86:80:39:fe:0c:5a:8a:16:6f:ce:a9:8b:
ad:dd:55:45:d8:ba:be:15:3a:70:c2:e6:fe:85:b6:ca:0f:2b:
0c:da:3b:d3:2f:14:12:15:22:86:98:88:c8:f1:20:f0:33:8d:
cf:a7:5a:d8:42:83:c2:cf:22:8f:69:aa:1f:06:e0:86:d7:22:
d7:e1:f6:1d:5f:85:af:e9:ec:05:54:1c:f6:0f:46:b3:57:92:
ec:76:10:8a:36:aa:42:94:a6:6d:3f:0a:8e:dc:86:c2:7f:2b:
5f:29:31:a7:2b:10:f7:8c:3b:c5:e4:26:45:6c:42:f0:75:72:
d7:0f:3a:f5:ce:cb:24:c7:2b:38:32:c5:f1:46:66:98:76:6b:
8a:e6:08:2d:dd:91:31:bd:ad:d2:e3:75:d8:ed:4b:ea:5c:96:
c4:1a:cc:ad:d1:e2:03:70:22:82:d9:cf:16:79:44:9d:dc:ee:
9e:d9:e6:ed:e6:b5:e8:68:d7:e6:98:91:67:09:24:65:83:43:
20:ac:e1:cb
-----BEGIN CERTIFICATE-----
MIIFozCCBIugAwIBAgISAYXu5HeeJbClOTzEHtB4GE+FMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlmMjZhYzllZWIzYTJjZmEyZjZjYTNmNDEzZWZiOWNkZmZl
OTcyNGUwHhcNMjMwMTI2MTYyMzQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNTJkYjdiMmVjN2VlY2VhZjExOGQ3ODM5NzBhYzdhOTM4MTdlNmFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiQ1Lt5YeHgiF7ojgYIAwfwBAxtIX
9EnOHnnTCp2i81zlVv1m2EUK0L+zQCEa6MI4DTsokNJobOogDXMxfSs3nP2pBQW8
l52L+Ov/Y1lk/AczIjLfhUQbNAyAn3rqUQCJiPVKsweeb7lF65CNwIzqSqQpCiJQ
TMaLHT1u8u/FUUQrMKrivTw2n0QSWLlWrjJDKbFihjZQegimDjUWVP1Pl7re4TmT
VjhrOEpoKe0KfjXToOSljSqIUV/WB4/yhXy3r8K52XsSHsGb+nSFNPwecf4G5ubc
+xlzjEBA/1MmIaBeLHcLQ5pfnyvaD+CXx8U2I5OFvXgELnwTs/m4v2l23wIDAQAB
o4ICrzCCAqswHQYDVR0OBBYEFLUtt7Lsfuzq8RjXg5cKx6k4F+avMB8GA1UdIwQY
MBaAFJ8mrJ7rOiz6L2yj9BPvuc3/6XJOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbnlhc251czZMUG92YktQMEUtLTV6Zl9wY2s0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy9kYzMxOGItOTI0MC00Nzc1LWE0YWIt
N2Q0MjY2Y2Y4MjJhLzEvdFMyM3N1eC03T3J4R05lRGx3ckhxVGdYNXE4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy9kYzMxOGItOTI0MC00Nzc1LWE0YWItN2Q0MjY2Y2Y4MjJh
LzEvbnlhc251czZMUG92YktQMEUtLTV6Zl9wY2s0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHEBggrBgEFBQcBBwEB/wSBtDCBsTCBnwQCAAEwgZgDBAIt
QiQDBAFPh3owDAMEBld1QAMEAVd1RAMEAl6auAMEAW3g4gMEAW3g6gMEAW3g8AME
AZCyaAMEAZCydgMEAZCy/AMEApO9nAMEA7L4gAMEAbkX/gMEArmTuAMEArmhBAME
ArnniAMEAcEjkgMEAcJphgMEAcKR8gMEAsKSoAMEAsPOrAMEAtXh4AMEA9kOuAME
AtkU9DANBAIAAjAHAwUAKgdZQDANBgkqhkiG9w0BAQsFAAOCAQEAg9ULNbQqI9C7
IdJEgOBBox0QTmwlW+ssfniQrqMj6k9bbKsA+FbDpkuCR3FS5cDwkzOtRDci85/x
69wBhoA5/gxaihZvzqmLrd1VRdi6vhU6cMLm/oW2yg8rDNo70y8UEhUihpiIyPEg
8DONz6da2EKDws8ij2mqHwbghtci1+H2HV+Fr+nsBVQc9g9Gs1eS7HYQijaqQpSm
bT8KjtyGwn8rXykxpysQ94w7xeQmRWxC8HVy1w869c7LJMcrODLF8UZmmHZriuYI
Ld2RMb2t0uN12O1L6lyWxBrMrdHiA3AigtnPFnlEndzuntnm7ea16GjX5piRZwkk
ZYNDIKzhyw==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:17:30 2025 by rpki-client