Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e5/eb70a3-17e1-4d86-8b9e-6080952f0e04/1/t1SUWOXmgh9gG2lrGRiqezNeQIE.roa
File: t1SUWOXmgh9gG2lrGRiqezNeQIE.roa (raw, json)
Hash identifier: 863B01G1ym0+Z+bkxY7d4rDlGl0H82Z9hK5kPKcf22c=
Subject key identifier: B7:54:94:58:E5:E6:82:1F:60:1B:69:6B:19:18:AA:7B:33:5E:40:81
Certificate issuer: /CN=4f8aea2f025f495beacee7ce5a8820519dda1370
Certificate serial: 08BC0BF0
Authority key identifier: 4F:8A:EA:2F:02:5F:49:5B:EA:CE:E7:CE:5A:88:20:51:9D:DA:13:70
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T4rqLwJfSVvqzufOWoggUZ3aE3A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e5/eb70a3-17e1-4d86-8b9e-6080952f0e04/1/t1SUWOXmgh9gG2lrGRiqezNeQIE.roa
Signing time: Sat 01 Jan 2022 07:04:27 +0000
ROA not before: Sat 01 Jan 2022 07:04:27 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2856
IP address blocks: 194.110.172.0/23 maxlen: 23
85.117.241.0/24 maxlen: 24
192.144.32.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 146541552 (0x8bc0bf0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f8aea2f025f495beacee7ce5a8820519dda1370
Validity
Not Before: Jan 1 07:04:27 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=b7549458e5e6821f601b696b1918aa7b335e4081
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:7e:4d:97:b1:fb:1d:a6:ac:0c:f8:82:4e:68:
49:62:c3:6d:72:fe:a0:91:a3:79:73:77:71:9e:60:
f3:89:bc:5e:dc:a7:12:1c:37:b8:da:34:66:32:86:
b9:9c:2c:27:de:07:a1:2b:d6:8d:0a:d3:8f:55:10:
31:a7:24:7d:cc:0e:ab:05:69:ce:73:c5:0b:af:43:
ec:99:c8:cf:a7:f1:07:19:e0:78:e3:88:af:68:db:
1d:de:ee:e8:5e:d5:59:f6:00:f9:74:25:3d:2c:f2:
33:3a:c3:2b:e3:6a:21:a1:43:c9:a0:bb:e1:25:5f:
2d:3f:ba:eb:61:ae:17:ac:f0:ad:1b:b3:16:8b:c2:
9d:2b:93:b9:f4:3e:6a:74:b3:e7:3f:48:5c:f6:df:
7e:84:77:79:1f:8f:24:e0:91:89:dd:d6:91:75:c7:
79:63:bf:dc:57:01:4c:d9:c1:69:66:5b:39:d7:0c:
d4:21:06:0f:c1:72:9e:95:ea:58:a2:64:03:79:21:
bc:1d:1e:13:c2:a7:07:cd:ca:e9:93:34:08:a8:85:
5d:bc:29:49:dd:c9:76:03:a8:a3:20:9b:8b:be:e6:
25:51:29:35:a7:93:01:bf:f0:2e:f0:84:5d:5b:c3:
a3:16:5a:f3:62:e6:38:79:ab:7e:ac:88:82:14:42:
88:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:54:94:58:E5:E6:82:1F:60:1B:69:6B:19:18:AA:7B:33:5E:40:81
X509v3 Authority Key Identifier:
keyid:4F:8A:EA:2F:02:5F:49:5B:EA:CE:E7:CE:5A:88:20:51:9D:DA:13:70
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T4rqLwJfSVvqzufOWoggUZ3aE3A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/eb70a3-17e1-4d86-8b9e-6080952f0e04/1/t1SUWOXmgh9gG2lrGRiqezNeQIE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/eb70a3-17e1-4d86-8b9e-6080952f0e04/1/T4rqLwJfSVvqzufOWoggUZ3aE3A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.117.241.0/24
192.144.32.0/24
194.110.172.0/23
Signature Algorithm: sha256WithRSAEncryption
92:85:3a:de:47:82:ec:b7:5f:7c:19:b1:ba:f9:43:33:43:32:
20:3d:11:07:60:61:dc:9b:b8:75:83:2b:e6:17:2e:04:d8:0c:
f2:2d:d9:50:dc:99:b5:6b:ca:80:67:c5:6e:4c:2c:0d:17:17:
03:15:c2:eb:8c:61:c3:f3:ac:f1:ea:e4:14:3b:5a:7c:3d:7d:
b3:c1:04:79:bf:44:f1:29:4f:c4:19:89:81:83:08:de:12:7d:
ef:35:09:f0:8d:79:7e:11:24:b2:bc:0e:5f:5d:86:49:2a:00:
47:b3:c4:83:da:79:40:18:8b:5a:01:97:13:c9:06:ec:92:42:
9a:8d:65:16:f6:a2:a8:36:f0:79:57:19:e1:01:a5:a9:d7:c2:
27:af:e7:8f:5e:d1:85:f6:d9:90:a9:3e:03:b7:2c:a7:7f:d0:
48:8b:93:f3:0f:db:61:64:69:64:2b:c4:44:5f:f5:e7:46:12:
ff:96:7a:af:39:1b:65:ee:3b:64:1c:d3:a8:52:78:91:e2:5b:
79:64:d2:b0:9b:28:d8:cb:ff:52:7d:5e:55:eb:23:dc:5a:d0:
10:8a:40:e0:ac:dd:2b:9d:b4:10:61:22:26:10:14:9c:59:97:
1d:42:45:6b:6d:0e:e0:8e:99:3e:4b:fd:d9:04:e8:69:02:f1:
a9:a8:82:0a
-----BEGIN CERTIFICATE-----
MIIE+zCCA+OgAwIBAgIECLwL8DANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0
ZjhhZWEyZjAyNWY0OTViZWFjZWU3Y2U1YTg4MjA1MTlkZGExMzcwMB4XDTIyMDEw
MTA3MDQyN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYjc1NDk0NThlNWU2
ODIxZjYwMWI2OTZiMTkxOGFhN2IzMzVlNDA4MTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJ1+TZex+x2mrAz4gk5oSWLDbXL+oJGjeXN3cZ5g84m8Xtyn
Ehw3uNo0ZjKGuZwsJ94HoSvWjQrTj1UQMackfcwOqwVpznPFC69D7JnIz6fxBxng
eOOIr2jbHd7u6F7VWfYA+XQlPSzyMzrDK+NqIaFDyaC74SVfLT+662GuF6zwrRuz
FovCnSuTufQ+anSz5z9IXPbffoR3eR+PJOCRid3WkXXHeWO/3FcBTNnBaWZbOdcM
1CEGD8FynpXqWKJkA3khvB0eE8KnB83K6ZM0CKiFXbwpSd3JdgOooyCbi77mJVEp
NaeTAb/wLvCEXVvDoxZa82LmOHmrfqyIghRCiDsCAwEAAaOCAhUwggIRMB0GA1Ud
DgQWBBS3VJRY5eaCH2AbaWsZGKp7M15AgTAfBgNVHSMEGDAWgBRPiuovAl9JW+rO
585aiCBRndoTcDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1Q0cnFMd0pmU1Z2cXp1Zk9Xb2dnVVozYUUzQS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZTUvZWI3MGEzLTE3ZTEtNGQ4Ni04YjllLTYwODA5NTJmMGUwNC8x
L3QxU1VXT1htZ2g5Z0cybHJHUmlxZXpOZVFJRS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZTUv
ZWI3MGEzLTE3ZTEtNGQ4Ni04YjllLTYwODA5NTJmMGUwNC8xL1Q0cnFMd0pmU1Z2
cXp1Zk9Xb2dnVVozYUUzQS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAr
BggrBgEFBQcBBwEB/wQcMBowGAQCAAEwEgMEAFV18QMEAMCQIAMEAcJurDANBgkq
hkiG9w0BAQsFAAOCAQEAkoU63keC7LdffBmxuvlDM0MyID0RB2Bh3Ju4dYMr5hcu
BNgM8i3ZUNyZtWvKgGfFbkwsDRcXAxXC64xhw/Os8erkFDtafD19s8EEeb9E8SlP
xBmJgYMI3hJ97zUJ8I15fhEksrwOX12GSSoAR7PEg9p5QBiLWgGXE8kG7JJCmo1l
FvaiqDbweVcZ4QGlqdfCJ6/nj17RhfbZkKk+A7csp3/QSIuT8w/bYWRpZCvERF/1
50YS/5Z6rzkbZe47ZBzTqFJ4keJbeWTSsJso2Mv/Un1eVesj3FrQEIpA4KzdK520
EGEiJhAUnFmXHUJFa20O4I6ZPkv92QToaQLxqaiCCg==
-----END CERTIFICATE-----
Generated at Mon Apr 7 02:46:57 2025 by rpki-client