Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/8e07dd-4fe5-4820-bcbe-5dd6e22ebab0/1/Tv5q6K6xxdz3_1I3WrzFUqOJMeo.roa
File: Tv5q6K6xxdz3_1I3WrzFUqOJMeo.roa (raw, json)
Hash identifier: V6xxVp4/1aTIg7i56b/PndqQ0q5JF+4QQ3BG0Sxc5o8=
Subject key identifier: 4E:FE:6A:E8:AE:B1:C5:DC:F7:FF:52:37:5A:BC:C5:52:A3:89:31:EA
Certificate issuer: /CN=4805f17c2d7133d2dad3a8df7e35315e37ef5daf
Certificate serial: 01849EAE57F23DE7C9E160D8782C3E758211
Authority key identifier: 48:05:F1:7C:2D:71:33:D2:DA:D3:A8:DF:7E:35:31:5E:37:EF:5D:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SAXxfC1xM9La06jffjUxXjfvXa8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/db/8e07dd-4fe5-4820-bcbe-5dd6e22ebab0/1/Tv5q6K6xxdz3_1I3WrzFUqOJMeo.roa
Signing time: Tue 22 Nov 2022 09:32:16 +0000
ROA not before: Tue 22 Nov 2022 09:32:16 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 209737
IP address blocks: 194.116.229.0/24 maxlen: 24
194.116.237.0/24 maxlen: 24
194.116.236.0/24 maxlen: 24
77.83.201.0/24 maxlen: 24
77.83.202.0/24 maxlen: 24
77.83.200.0/24 maxlen: 24
77.83.203.0/24 maxlen: 24
194.146.36.0/24 maxlen: 24
194.146.47.0/24 maxlen: 24
2a09:8780::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:9e:ae:57:f2:3d:e7:c9:e1:60:d8:78:2c:3e:75:82:11
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4805f17c2d7133d2dad3a8df7e35315e37ef5daf
Validity
Not Before: Nov 22 09:32:16 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=4efe6ae8aeb1c5dcf7ff52375abcc552a38931ea
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:f8:1c:fb:b1:52:11:e4:c0:53:71:ce:91:7f:
87:5d:5e:1a:54:48:e3:46:f8:14:e6:af:5d:90:83:
5a:5b:81:74:5d:4d:95:9b:b1:f3:59:6e:9f:f6:52:
4e:17:0e:bb:10:24:7f:75:ab:ad:86:ea:e5:84:4c:
e9:1c:cb:72:93:9f:bd:2d:16:0e:f2:46:8b:00:31:
d3:49:3a:89:7f:cc:65:f9:eb:4c:d3:98:cd:ef:56:
5d:07:8a:6a:ad:d3:09:17:7d:ec:2e:66:fa:17:58:
aa:14:3a:84:60:42:ac:ee:11:5f:80:66:fc:8c:52:
a2:12:1f:10:ee:7f:3a:b4:b8:79:ff:ba:96:aa:3f:
e9:c0:29:56:75:35:65:cd:e8:cd:2c:63:2e:3c:2a:
c4:47:2d:9e:64:a9:2e:77:81:97:6f:f4:37:8d:4e:
c2:f2:9b:e3:29:e8:4d:32:71:45:3f:7e:94:39:cb:
e9:52:a1:b8:55:14:0f:9c:c1:f6:83:0b:69:d7:b3:
c4:1a:c6:dc:b4:85:d1:48:f1:8c:5d:41:9b:a0:93:
8b:90:66:93:3c:01:c4:8b:45:bb:c5:39:92:bf:cb:
b0:2f:32:dc:c4:a4:91:58:95:fd:96:29:79:ab:bb:
1c:d2:4e:53:4a:ff:b3:8e:c5:16:27:d2:14:15:8e:
1b:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:FE:6A:E8:AE:B1:C5:DC:F7:FF:52:37:5A:BC:C5:52:A3:89:31:EA
X509v3 Authority Key Identifier:
keyid:48:05:F1:7C:2D:71:33:D2:DA:D3:A8:DF:7E:35:31:5E:37:EF:5D:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SAXxfC1xM9La06jffjUxXjfvXa8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/8e07dd-4fe5-4820-bcbe-5dd6e22ebab0/1/Tv5q6K6xxdz3_1I3WrzFUqOJMeo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/db/8e07dd-4fe5-4820-bcbe-5dd6e22ebab0/1/SAXxfC1xM9La06jffjUxXjfvXa8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.83.200.0/22
194.116.229.0/24
194.116.236.0/23
194.146.36.0/24
194.146.47.0/24
IPv6:
2a09:8780::/29
Signature Algorithm: sha256WithRSAEncryption
0d:8f:22:d3:79:d4:2f:80:33:2a:3e:f5:00:d5:85:26:61:08:
c4:d8:54:11:42:f8:78:24:46:16:a6:91:23:33:0e:53:fd:af:
06:01:3b:f0:88:88:db:84:3d:bb:ba:e1:12:35:0a:e1:ef:50:
e1:4c:7f:b3:50:ae:9a:a8:00:d9:6c:3a:63:a5:8c:db:31:32:
f3:d6:82:bf:15:31:4d:7c:18:d1:21:af:b2:c9:9f:4c:c6:6f:
c5:87:29:d9:3e:ad:37:1d:36:37:83:ab:59:83:74:34:b0:47:
07:00:a8:ee:c2:5c:a8:f3:63:fb:d2:b7:fc:64:69:02:35:d4:
0e:c4:f0:fe:0c:49:b7:02:a8:a3:37:d8:5e:92:e4:75:3e:69:
d5:84:b5:98:c9:c3:6b:ab:b6:df:92:e7:8b:e6:36:33:57:67:
2e:7f:d9:b1:9b:2f:a7:5f:70:31:d6:26:f3:47:00:b6:52:fe:
52:cc:4c:bc:d4:4d:2b:6d:de:b6:e7:b1:83:66:40:f6:e5:d6:
bb:f5:4b:8f:0b:f9:64:81:f1:1b:47:65:37:6a:2d:c3:4a:e2:
78:f5:b5:c5:fc:6c:05:0b:ef:76:a7:4c:ed:6b:91:b4:5c:85:
e9:69:12:89:7d:4f:c6:c8:61:88:64:fd:69:0f:3b:25:b6:27:
f7:42:47:fb
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAYSerlfyPefJ4WDYeCw+dYIRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ4MDVmMTdjMmQ3MTMzZDJkYWQzYThkZjdlMzUzMTVlMzdl
ZjVkYWYwHhcNMjIxMTIyMDkzMjE2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZWZlNmFlOGFlYjFjNWRjZjdmZjUyMzc1YWJjYzU1MmEzODkzMWVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi/gc+7FSEeTAU3HOkX+HXV4aVEjj
RvgU5q9dkINaW4F0XU2Vm7HzWW6f9lJOFw67ECR/dauthurlhEzpHMtyk5+9LRYO
8kaLADHTSTqJf8xl+etM05jN71ZdB4pqrdMJF33sLmb6F1iqFDqEYEKs7hFfgGb8
jFKiEh8Q7n86tLh5/7qWqj/pwClWdTVlzejNLGMuPCrERy2eZKkud4GXb/Q3jU7C
8pvjKehNMnFFP36UOcvpUqG4VRQPnMH2gwtp17PEGsbctIXRSPGMXUGboJOLkGaT
PAHEi0W7xTmSv8uwLzLcxKSRWJX9lil5q7sc0k5TSv+zjsUWJ9IUFY4bDwIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFE7+auiuscXc9/9SN1q8xVKjiTHqMB8GA1UdIwQY
MBaAFEgF8XwtcTPS2tOo3341MV43712vMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU0FYeGZDMXhNOUxhMDZqZmZqVXhYamZ2WGE4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi84ZTA3ZGQtNGZlNS00ODIwLWJjYmUt
NWRkNmUyMmViYWIwLzEvVHY1cTZLNnh4ZHozXzFJM1dyekZVcU9KTWVvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYi84ZTA3ZGQtNGZlNS00ODIwLWJjYmUtNWRkNmUyMmViYWIw
LzEvU0FYeGZDMXhNOUxhMDZqZmZqVXhYamZ2WGE4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQCTVPIAwQA
wnTlAwQBwnTsAwQAwpIkAwQAwpIvMA0EAgACMAcDBQMqCYeAMA0GCSqGSIb3DQEB
CwUAA4IBAQANjyLTedQvgDMqPvUA1YUmYQjE2FQRQvh4JEYWppEjMw5T/a8GATvw
iIjbhD27uuESNQrh71DhTH+zUK6aqADZbDpjpYzbMTLz1oK/FTFNfBjRIa+yyZ9M
xm/FhynZPq03HTY3g6tZg3Q0sEcHAKjuwlyo82P70rf8ZGkCNdQOxPD+DEm3Aqij
N9hekuR1PmnVhLWYycNrq7bfkueL5jYzV2cuf9mxmy+nX3Ax1ibzRwC2Uv5SzEy8
1E0rbd6257GDZkD25da79UuPC/lkgfEbR2U3ai3DSuJ49bXF/GwFC+92p0zta5G0
XIXpaRKJfU/GyGGIZP1pDzsltif3Qkf7
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:31:05 2025 by rpki-client