Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/de/7edbcf-b90f-4707-b289-a3d377c6feef/1/TwV0k79K9gU36kbMY4oAXQigvDY.roa
File: TwV0k79K9gU36kbMY4oAXQigvDY.roa (raw, json)
Hash identifier: CaynMCBTcxuk1vf2ZsaOHam5Xy2lqV9FUYq1sku3Q1w=
Subject key identifier: 4F:05:74:93:BF:4A:F6:05:37:EA:46:CC:63:8A:00:5D:08:A0:BC:36
Certificate issuer: /CN=b6fe63ee8a23f4916e4053531e6950db6c31e805
Certificate serial: 01856BDC92CDAFC2B4490ECA34D527989F00
Authority key identifier: B6:FE:63:EE:8A:23:F4:91:6E:40:53:53:1E:69:50:DB:6C:31:E8:05
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tv5j7ooj9JFuQFNTHmlQ22wx6AU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/de/7edbcf-b90f-4707-b289-a3d377c6feef/1/TwV0k79K9gU36kbMY4oAXQigvDY.roa
Signing time: Sun 01 Jan 2023 05:44:55 +0000
ROA not before: Sun 01 Jan 2023 05:44:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 199434
IP address blocks: 5.57.24.0/21 maxlen: 21
5.57.24.0/24 maxlen: 24
5.57.26.0/24 maxlen: 24
5.57.28.0/22 maxlen: 22
5.57.27.0/24 maxlen: 24
5.57.25.0/24 maxlen: 24
185.197.48.0/22 maxlen: 22
2a0a:6280::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:dc:92:cd:af:c2:b4:49:0e:ca:34:d5:27:98:9f:00
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b6fe63ee8a23f4916e4053531e6950db6c31e805
Validity
Not Before: Jan 1 05:44:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4f057493bf4af60537ea46cc638a005d08a0bc36
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:13:ce:a6:e8:9d:9a:a8:c4:03:63:c5:4a:42:
c2:4d:09:0d:75:f9:c1:45:6c:48:c2:42:e8:de:e0:
54:0c:f8:6a:16:04:df:20:96:19:e5:b4:82:fd:c3:
ae:02:1a:8c:37:9f:d5:37:45:4b:64:d5:71:9b:48:
f2:f9:4a:e9:02:ce:06:b2:53:51:30:ef:76:2f:f6:
9a:a7:a0:fc:a2:73:fd:79:0c:21:4f:92:ab:e3:a3:
d3:b4:7b:00:76:36:8b:d6:1e:7b:58:b3:03:3b:2a:
80:10:b2:01:d6:15:74:c5:05:ad:8f:ba:dc:38:2f:
a4:2c:8b:99:d9:0c:bd:31:27:65:0d:b9:1d:56:af:
0d:85:cb:42:6f:2f:a9:9d:99:e2:61:09:67:0d:ee:
fa:96:ac:b9:c1:22:46:7f:97:28:41:cc:b9:e8:7b:
45:20:c2:2d:68:d8:bc:ae:10:f3:e3:c5:b3:3d:f1:
23:cd:f5:a9:7c:73:3f:d4:9b:52:77:0b:15:55:cf:
f1:f5:57:a6:5d:aa:00:f3:d1:67:37:44:2b:8f:3d:
91:ba:ac:a9:3b:b3:fc:d0:d8:91:04:dc:ef:8c:35:
a5:08:72:e9:49:62:40:8f:9a:db:a2:17:57:fb:a8:
76:b6:1b:52:6b:3f:f6:1f:1d:0c:44:5e:83:47:db:
14:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4F:05:74:93:BF:4A:F6:05:37:EA:46:CC:63:8A:00:5D:08:A0:BC:36
X509v3 Authority Key Identifier:
keyid:B6:FE:63:EE:8A:23:F4:91:6E:40:53:53:1E:69:50:DB:6C:31:E8:05
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tv5j7ooj9JFuQFNTHmlQ22wx6AU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/de/7edbcf-b90f-4707-b289-a3d377c6feef/1/TwV0k79K9gU36kbMY4oAXQigvDY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/de/7edbcf-b90f-4707-b289-a3d377c6feef/1/tv5j7ooj9JFuQFNTHmlQ22wx6AU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.57.24.0/21
185.197.48.0/22
IPv6:
2a0a:6280::/29
Signature Algorithm: sha256WithRSAEncryption
15:24:8d:1e:ce:f3:01:31:24:92:b7:3e:82:36:65:33:cc:ad:
b0:88:d8:e1:e2:68:5e:07:3f:b5:94:6a:8f:46:1f:42:68:e5:
99:7d:79:f9:fd:98:ab:be:e5:59:4c:ca:90:43:bd:6d:52:d1:
1d:97:81:e9:56:6e:a4:f4:71:97:22:48:84:a2:ab:71:2e:d1:
e8:3d:d5:bd:15:40:3f:6c:18:b9:0b:5c:72:33:49:79:be:c8:
f6:ae:09:f6:76:37:1b:57:fd:6c:30:48:6d:94:bb:87:7d:d5:
c5:e0:7d:1f:37:8f:dd:9a:9f:28:0e:5f:fe:56:e3:80:11:9e:
87:97:7c:76:e0:ce:2b:5e:95:5e:9c:c2:78:f1:78:03:9a:d8:
dd:e4:49:f3:67:82:4d:ab:62:3a:cc:bc:e1:b3:e9:fe:97:3b:
77:ed:a2:07:0b:a5:89:ad:ea:ca:79:8e:f3:49:d6:aa:26:b1:
e1:6b:3c:bf:a2:fa:0c:51:ee:29:f4:4c:f9:eb:69:67:82:25:
8c:49:6f:9b:ca:e2:70:2a:97:a5:49:a2:74:55:0a:17:1c:39:
58:db:e2:9c:b6:69:5e:72:ee:f5:9d:01:a7:ed:63:98:87:31:
69:d7:b8:dc:cf:e7:a4:a2:4f:01:fc:2b:e3:dd:e9:62:a4:cb:
b4:a6:84:f3
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYVr3JLNr8K0SQ7KNNUnmJ8AMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI2ZmU2M2VlOGEyM2Y0OTE2ZTQwNTM1MzFlNjk1MGRiNmMz
MWU4MDUwHhcNMjMwMTAxMDU0NDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZjA1NzQ5M2JmNGFmNjA1MzdlYTQ2Y2M2MzhhMDA1ZDA4YTBiYzM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4RPOpuidmqjEA2PFSkLCTQkNdfnB
RWxIwkLo3uBUDPhqFgTfIJYZ5bSC/cOuAhqMN5/VN0VLZNVxm0jy+UrpAs4GslNR
MO92L/aap6D8onP9eQwhT5Kr46PTtHsAdjaL1h57WLMDOyqAELIB1hV0xQWtj7rc
OC+kLIuZ2Qy9MSdlDbkdVq8NhctCby+pnZniYQlnDe76lqy5wSJGf5coQcy56HtF
IMItaNi8rhDz48WzPfEjzfWpfHM/1JtSdwsVVc/x9VemXaoA89FnN0Qrjz2Ruqyp
O7P80NiRBNzvjDWlCHLpSWJAj5rbohdX+6h2thtSaz/2Hx0MRF6DR9sU9wIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFE8FdJO/SvYFN+pGzGOKAF0IoLw2MB8GA1UdIwQY
MBaAFLb+Y+6KI/SRbkBTUx5pUNtsMegFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdHY1ajdvb2o5SkZ1UUZOVEhtbFEyMnd4NkFVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZS83ZWRiY2YtYjkwZi00NzA3LWIyODkt
YTNkMzc3YzZmZWVmLzEvVHdWMGs3OUs5Z1UzNmtiTVk0b0FYUWlndkRZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZS83ZWRiY2YtYjkwZi00NzA3LWIyODktYTNkMzc3YzZmZWVm
LzEvdHY1ajdvb2o5SkZ1UUZOVEhtbFEyMnd4NkFVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQDBTkYAwQC
ucUwMA0EAgACMAcDBQMqCmKAMA0GCSqGSIb3DQEBCwUAA4IBAQAVJI0ezvMBMSSS
tz6CNmUzzK2wiNjh4mheBz+1lGqPRh9CaOWZfXn5/ZirvuVZTMqQQ71tUtEdl4Hp
Vm6k9HGXIkiEoqtxLtHoPdW9FUA/bBi5C1xyM0l5vsj2rgn2djcbV/1sMEhtlLuH
fdXF4H0fN4/dmp8oDl/+VuOAEZ6Hl3x24M4rXpVenMJ48XgDmtjd5EnzZ4JNq2I6
zLzhs+n+lzt37aIHC6WJrerKeY7zSdaqJrHhazy/ovoMUe4p9Ez562lngiWMSW+b
yuJwKpelSaJ0VQoXHDlY2+Kctmlecu71nQGn7WOYhzFp17jcz+ekok8B/Cvj3eli
pMu0poTz
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:53:32 2025 by rpki-client