Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dc/327952-4c66-4b95-b6de-43118e496d40/1/Tscr6_ke0xhL2tokTiCHYrd9LbQ.roa
File: Tscr6_ke0xhL2tokTiCHYrd9LbQ.roa (raw, json)
Hash identifier: CNZ6Y20qAYgMICGoi54LAlCAKRBgs5wtIWLSEtK51iE=
Subject key identifier: 4E:C7:2B:EB:F9:1E:D3:18:4B:DA:DA:24:4E:20:87:62:B7:7D:2D:B4
Certificate issuer: /CN=c2d82ccf0c8dea7d7f6ad72e8e62462d7be20d56
Certificate serial: 018CB4EC5CDFA47C8FC5F0A55135D350A4FA
Authority key identifier: C2:D8:2C:CF:0C:8D:EA:7D:7F:6A:D7:2E:8E:62:46:2D:7B:E2:0D:56
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wtgszwyN6n1_atcujmJGLXviDVY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dc/327952-4c66-4b95-b6de-43118e496d40/1/Tscr6_ke0xhL2tokTiCHYrd9LbQ.roa
Signing time: Fri 29 Dec 2023 09:33:58 +0000
ROA not before: Fri 29 Dec 2023 09:33:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 61438
IP address blocks: 194.93.76.0/23 maxlen: 24
45.84.144.0/22 maxlen: 22
146.19.235.0/24 maxlen: 24
2a04:d200::/32 maxlen: 32
2a04:d201::/32 maxlen: 32
2a04:d200::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:b4:ec:5c:df:a4:7c:8f:c5:f0:a5:51:35:d3:50:a4:fa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c2d82ccf0c8dea7d7f6ad72e8e62462d7be20d56
Validity
Not Before: Dec 29 09:33:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4ec72bebf91ed3184bdada244e208762b77d2db4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:7b:08:f3:af:76:0d:9c:c2:58:2d:64:5e:f2:
73:5a:bf:6a:ed:41:6b:1b:c4:44:66:7c:71:4a:79:
a1:ec:4c:f9:52:5e:a2:45:46:8b:aa:66:b8:f0:35:
9a:00:14:02:8e:69:62:be:6d:88:a6:04:42:24:84:
12:33:33:c9:28:02:62:3c:20:22:cd:ab:07:b4:e4:
06:43:14:a7:a7:95:47:dd:d1:e1:ce:9f:21:10:f4:
cd:f2:eb:ad:b6:8c:37:47:8e:57:9a:ab:a5:f6:40:
66:7a:14:52:16:87:4d:c0:9c:b2:9e:ee:d9:4d:84:
c0:b7:41:05:5a:e8:7e:a3:1d:52:a9:da:65:ec:83:
cb:56:ec:d2:85:92:82:76:d9:89:a3:c0:5d:82:45:
76:3a:d3:21:55:19:2d:28:c1:3e:0a:c2:42:36:6b:
9c:77:54:ce:9c:90:7b:b4:c7:4f:6f:96:f2:b5:b5:
28:89:45:b7:0c:7a:7f:88:f4:25:8b:2e:a1:22:95:
bb:af:71:e6:93:63:e1:2c:46:15:f3:4f:50:cf:6c:
13:63:ea:f4:58:b3:12:3d:84:be:08:3c:41:57:81:
6e:fa:08:d1:24:a9:10:40:2c:ff:2d:81:95:bb:35:
69:36:85:ee:3c:03:b9:21:0d:40:f6:e0:08:69:39:
3e:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:C7:2B:EB:F9:1E:D3:18:4B:DA:DA:24:4E:20:87:62:B7:7D:2D:B4
X509v3 Authority Key Identifier:
keyid:C2:D8:2C:CF:0C:8D:EA:7D:7F:6A:D7:2E:8E:62:46:2D:7B:E2:0D:56
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wtgszwyN6n1_atcujmJGLXviDVY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/327952-4c66-4b95-b6de-43118e496d40/1/Tscr6_ke0xhL2tokTiCHYrd9LbQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/327952-4c66-4b95-b6de-43118e496d40/1/wtgszwyN6n1_atcujmJGLXviDVY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.84.144.0/22
146.19.235.0/24
194.93.76.0/23
IPv6:
2a04:d200::/29
Signature Algorithm: sha256WithRSAEncryption
0e:e3:46:e0:33:52:ba:61:31:1c:2e:66:72:0a:c4:82:f7:aa:
56:55:17:56:82:5e:d7:5d:fb:53:84:28:32:03:bc:7e:c0:51:
6a:0e:7c:40:5e:ad:09:16:57:24:c1:1b:09:aa:dd:83:0c:95:
65:30:11:05:f0:e8:7e:05:a5:88:14:ef:18:cb:59:0f:f0:f0:
57:08:78:dd:fa:e2:f2:01:24:0b:97:77:c8:87:70:97:90:ca:
9a:e2:3e:a4:58:5a:51:22:06:d0:b9:24:35:16:86:a8:f7:1b:
bf:25:52:5e:cf:49:19:d4:b0:80:73:5f:bd:08:e1:24:02:4d:
6c:5c:ae:a7:23:fc:c9:ad:69:c5:61:70:72:fc:93:4e:29:8f:
b0:e6:03:0b:0e:7f:3b:57:2a:97:3e:c1:62:6c:2d:8c:29:f9:
dd:cc:93:71:93:a0:ad:09:22:68:16:da:40:44:a4:c5:21:de:
a6:bd:b0:bd:39:82:5c:0e:23:ae:ee:ca:c1:6e:8b:75:19:a5:
f7:f7:7a:0e:12:3e:53:90:38:de:24:0a:ec:4e:c4:d4:db:9e:
d8:53:c8:1c:dd:05:c3:9d:75:05:42:60:a8:4b:a3:a1:0b:3e:
90:b9:10:b8:70:38:12:2e:91:3e:3a:6a:4d:bd:73:c2:90:76:
41:b7:56:88
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYy07FzfpHyPxfClUTXTUKT6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMyZDgyY2NmMGM4ZGVhN2Q3ZjZhZDcyZThlNjI0NjJkN2Jl
MjBkNTYwHhcNMjMxMjI5MDkzMzU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZWM3MmJlYmY5MWVkMzE4NGJkYWRhMjQ0ZTIwODc2MmI3N2QyZGI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjnsI8692DZzCWC1kXvJzWr9q7UFr
G8REZnxxSnmh7Ez5Ul6iRUaLqma48DWaABQCjmlivm2IpgRCJIQSMzPJKAJiPCAi
zasHtOQGQxSnp5VH3dHhzp8hEPTN8uuttow3R45Xmqul9kBmehRSFodNwJyynu7Z
TYTAt0EFWuh+ox1Sqdpl7IPLVuzShZKCdtmJo8BdgkV2OtMhVRktKME+CsJCNmuc
d1TOnJB7tMdPb5bytbUoiUW3DHp/iPQliy6hIpW7r3Hmk2PhLEYV809Qz2wTY+r0
WLMSPYS+CDxBV4Fu+gjRJKkQQCz/LYGVuzVpNoXuPAO5IQ1A9uAIaTk+HwIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFE7HK+v5HtMYS9raJE4gh2K3fS20MB8GA1UdIwQY
MBaAFMLYLM8Mjep9f2rXLo5iRi174g1WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd3Rnc3p3eU42bjFfYXRjdWptSkdMWHZpRFZZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYy8zMjc5NTItNGM2Ni00Yjk1LWI2ZGUt
NDMxMThlNDk2ZDQwLzEvVHNjcjZfa2UweGhMMnRva1RpQ0hZcmQ5TGJRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYy8zMjc5NTItNGM2Ni00Yjk1LWI2ZGUtNDMxMThlNDk2ZDQw
LzEvd3Rnc3p3eU42bjFfYXRjdWptSkdMWHZpRFZZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQCLVSQAwQA
khPrAwQBwl1MMA0EAgACMAcDBQMqBNIAMA0GCSqGSIb3DQEBCwUAA4IBAQAO40bg
M1K6YTEcLmZyCsSC96pWVRdWgl7XXftThCgyA7x+wFFqDnxAXq0JFlckwRsJqt2D
DJVlMBEF8Oh+BaWIFO8Yy1kP8PBXCHjd+uLyASQLl3fIh3CXkMqa4j6kWFpRIgbQ
uSQ1Foao9xu/JVJez0kZ1LCAc1+9COEkAk1sXK6nI/zJrWnFYXBy/JNOKY+w5gML
Dn87VyqXPsFibC2MKfndzJNxk6CtCSJoFtpARKTFId6mvbC9OYJcDiOu7srBbot1
GaX393oOEj5TkDjeJArsTsTU257YU8gc3QXDnXUFQmCoS6OhCz6QuRC4cDgSLpE+
OmpNvXPCkHZBt1aI
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:08:33 2025 by rpki-client