Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/tZUpCxEuPnWJ4AnbuBi3XsVlKy4.roa
File: tZUpCxEuPnWJ4AnbuBi3XsVlKy4.roa (raw, json)
Hash identifier: Ra2j8dWg/kLVG5gwwLPcDvIDUEDykEItz/6AnghZN30=
Subject key identifier: B5:95:29:0B:11:2E:3E:75:89:E0:09:DB:B8:18:B7:5E:C5:65:2B:2E
Certificate issuer: /CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Certificate serial: 0182FD2687F9B1189E4035A1A47BAF63FF99
Authority key identifier: 21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/tZUpCxEuPnWJ4AnbuBi3XsVlKy4.roa
Signing time: Fri 02 Sep 2022 07:42:16 +0000
ROA not before: Fri 02 Sep 2022 07:42:16 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 57630
IP address blocks: 194.71.0.0/23 maxlen: 23
192.71.0.0/24 maxlen: 24
194.103.16.0/23 maxlen: 24
193.234.116.0/22 maxlen: 22
193.183.20.0/24 maxlen: 24
193.181.34.0/24 maxlen: 24
194.103.197.0/24 maxlen: 24
194.103.95.0/24 maxlen: 24
194.14.57.0/24 maxlen: 24
193.234.3.0/24 maxlen: 24
192.165.3.0/24 maxlen: 24
194.103.145.0/24 maxlen: 24
194.132.166.0/24 maxlen: 24
194.132.164.0/24 maxlen: 24
193.234.144.0/24 maxlen: 24
192.165.134.0/23 maxlen: 23
194.132.186.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:fd:26:87:f9:b1:18:9e:40:35:a1:a4:7b:af:63:ff:99
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Validity
Not Before: Sep 2 07:42:16 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=b595290b112e3e7589e009dbb818b75ec5652b2e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:2b:dc:95:51:08:ed:57:be:08:aa:a2:7b:62:
2e:66:9d:ba:da:85:a3:dc:c5:6f:95:4a:5f:14:20:
ce:fe:8c:31:0e:25:cc:71:5c:a0:5a:28:da:95:04:
be:08:98:24:e5:17:be:10:d6:54:50:03:0f:8a:68:
f2:a6:df:7d:d0:e1:d5:55:eb:fa:c4:2d:66:33:93:
34:81:e3:43:ae:5e:46:63:49:68:cf:3c:90:9f:b0:
c0:26:9d:96:8e:8d:db:2d:e5:b6:ac:20:13:3b:12:
a2:7c:17:2f:b5:f6:fe:37:49:b5:21:69:af:49:43:
15:b7:aa:03:02:32:bc:e1:7a:bb:f7:f5:ec:76:6f:
da:20:36:74:2b:88:5b:9a:6e:61:4b:b2:b6:8d:ae:
ff:39:26:31:22:d8:51:2b:74:30:46:08:b8:46:d5:
75:bd:f5:63:4e:95:d2:ff:14:48:4c:38:fa:74:6c:
99:2e:2b:ea:fc:79:11:d0:0a:f7:b1:b9:71:1f:be:
48:41:dd:24:ec:71:49:ce:90:6d:b6:c2:85:04:0c:
d9:a8:4a:b2:cc:ec:6a:a0:13:4d:5f:4a:5f:78:5b:
e3:03:a5:65:04:34:a6:2d:63:5a:b8:d6:9e:e4:82:
2d:35:03:84:9e:2a:28:fe:e9:ed:3a:09:c9:2a:6e:
18:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:95:29:0B:11:2E:3E:75:89:E0:09:DB:B8:18:B7:5E:C5:65:2B:2E
X509v3 Authority Key Identifier:
keyid:21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/tZUpCxEuPnWJ4AnbuBi3XsVlKy4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.71.0.0/24
192.165.3.0/24
192.165.134.0/23
193.181.34.0/24
193.183.20.0/24
193.234.3.0/24
193.234.116.0/22
193.234.144.0/24
194.14.57.0/24
194.71.0.0/23
194.103.16.0/23
194.103.95.0/24
194.103.145.0/24
194.103.197.0/24
194.132.164.0/24
194.132.166.0/24
194.132.186.0/24
Signature Algorithm: sha256WithRSAEncryption
36:e5:94:73:20:85:08:a1:5c:0b:d2:b5:9d:5d:a5:18:07:f6:
20:82:78:ba:26:19:d7:8c:a9:d5:9c:f7:54:ec:7a:a3:a8:bd:
d8:fd:a7:f3:d1:15:71:ce:a5:b4:a4:59:b7:4a:98:ea:da:a0:
c1:e6:94:c3:07:bd:0b:b4:08:37:c8:d0:9e:12:e1:a8:44:ec:
88:f6:5b:ed:c4:85:16:79:8d:8e:51:bd:a6:c7:e3:87:cf:a8:
68:95:55:09:60:b7:21:73:43:82:47:e0:a6:82:30:5b:2b:9c:
d5:0c:68:da:3a:b1:23:7f:78:e6:6f:a6:74:78:d9:73:a0:44:
1b:79:ba:c1:ac:1a:a9:b2:f6:eb:25:f8:95:6c:e0:30:15:be:
f2:0d:f3:61:58:d1:ce:8a:74:0c:0f:fd:a0:9f:cc:e9:94:31:
a9:f0:73:4d:cd:e7:a3:98:8d:44:ca:8a:76:3a:95:80:e5:16:
ab:90:36:4a:e0:54:eb:4b:90:ec:2f:50:95:2d:3f:e6:ff:1d:
50:6c:ee:28:bb:5d:65:e0:f8:b3:b1:f5:c9:5c:10:a6:78:59:
7e:d5:94:21:0d:68:ec:84:5a:78:dd:97:d9:96:7b:5b:da:fe:
d8:17:76:91:13:f7:30:80:9b:7b:b6:ce:e6:8a:65:a3:28:4c:
46:a5:4c:ad
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgISAYL9Jof5sRieQDWhpHuvY/+ZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxMzVjN2Y1NzFlZWZlYjY3NDA0YWI2YzQ1ZmQ0NzU1NTFh
ZGFmMWIwHhcNMjIwOTAyMDc0MjE2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNTk1MjkwYjExMmUzZTc1ODllMDA5ZGJiODE4Yjc1ZWM1NjUyYjJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuyvclVEI7Ve+CKqie2IuZp262oWj
3MVvlUpfFCDO/owxDiXMcVygWijalQS+CJgk5Re+ENZUUAMPimjypt990OHVVev6
xC1mM5M0geNDrl5GY0lozzyQn7DAJp2Wjo3bLeW2rCATOxKifBcvtfb+N0m1IWmv
SUMVt6oDAjK84Xq79/Xsdm/aIDZ0K4hbmm5hS7K2ja7/OSYxIthRK3QwRgi4RtV1
vfVjTpXS/xRITDj6dGyZLivq/HkR0Ar3sblxH75IQd0k7HFJzpBttsKFBAzZqEqy
zOxqoBNNX0pfeFvjA6VlBDSmLWNauNae5IItNQOEnioo/untOgnJKm4YawIDAQAB
o4ICaTCCAmUwHQYDVR0OBBYEFLWVKQsRLj51ieAJ27gYt17FZSsuMB8GA1UdIwQY
MBaAFCE1x/Vx7v62dASrbEX9R1VRra8bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDIt
OTQzZDAzMzIxMzI2LzEvdFpVcEN4RXVQbldKNEFuYnVCaTNYc1ZsS3k0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDItOTQzZDAzMzIxMzI2
LzEvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMH8GCCsGAQUFBwEHAQH/BHAwbjBsBAIAATBmAwQAwEcAAwQA
wKUDAwQBwKWGAwQAwbUiAwQAwbcUAwQAweoDAwQCwep0AwQAweqQAwQAwg45AwQB
wkcAAwQBwmcQAwQAwmdfAwQAwmeRAwQAwmfFAwQAwoSkAwQAwoSmAwQAwoS6MA0G
CSqGSIb3DQEBCwUAA4IBAQA25ZRzIIUIoVwL0rWdXaUYB/Yggni6JhnXjKnVnPdU
7HqjqL3Y/afz0RVxzqW0pFm3Spjq2qDB5pTDB70LtAg3yNCeEuGoROyI9lvtxIUW
eY2OUb2mx+OHz6holVUJYLchc0OCR+CmgjBbK5zVDGjaOrEjf3jmb6Z0eNlzoEQb
ebrBrBqpsvbrJfiVbOAwFb7yDfNhWNHOinQMD/2gn8zplDGp8HNNzeejmI1Eyop2
OpWA5RarkDZK4FTrS5DsL1CVLT/m/x1QbO4ou11l4PizsfXJXBCmeFl+1ZQhDWjs
hFp43ZfZlntb2v7YF3aRE/cwgJt7ts7mimWjKExGpUyt
-----END CERTIFICATE-----
Generated at Wed Feb 19 21:55:56 2025 by rpki-client