Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/8976ed-da0a-49a5-a751-a871ecc212a6/1/TMqXgLfb3CuyLcDmgvFF4Zg9NVk.roa
File: TMqXgLfb3CuyLcDmgvFF4Zg9NVk.roa (raw, json)
Hash identifier: eiY0xZCgSpBoGKfyd6w6ec6x1I7ymmCBCx8QBZxy3/8=
Subject key identifier: 4C:CA:97:80:B7:DB:DC:2B:B2:2D:C0:E6:82:F1:45:E1:98:3D:35:59
Certificate issuer: /CN=e8403b5e45cd58be5f6c5d33fa565ab49223e3db
Certificate serial: 01880BB59532F770D08221C960EAE66C860E
Authority key identifier: E8:40:3B:5E:45:CD:58:BE:5F:6C:5D:33:FA:56:5A:B4:92:23:E3:DB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6EA7XkXNWL5fbF0z-lZatJIj49s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e7/8976ed-da0a-49a5-a751-a871ecc212a6/1/TMqXgLfb3CuyLcDmgvFF4Zg9NVk.roa
Signing time: Thu 11 May 2023 16:47:09 +0000
ROA not before: Thu 11 May 2023 16:47:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 12462
IP address blocks: 212.80.160.0/19 maxlen: 24
213.170.32.0/19 maxlen: 24
212.66.160.0/24 maxlen: 24
185.123.120.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:0b:b5:95:32:f7:70:d0:82:21:c9:60:ea:e6:6c:86:0e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e8403b5e45cd58be5f6c5d33fa565ab49223e3db
Validity
Not Before: May 11 16:47:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4cca9780b7dbdc2bb22dc0e682f145e1983d3559
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:c5:c6:88:83:8c:74:10:49:b0:fd:be:e3:c2:
3d:38:0a:0d:43:25:58:8b:5a:e7:c1:c1:d5:b0:b6:
f6:ab:1b:26:02:15:d7:fb:34:35:7a:5c:04:5b:a5:
c4:0c:90:b2:11:78:c4:e7:a8:f2:d2:41:13:54:0d:
3d:80:c7:2e:3b:57:50:45:cc:2d:a1:54:61:ab:d9:
44:03:ad:aa:71:86:f3:49:c6:62:33:0e:da:a0:12:
58:8d:d8:7a:81:32:cf:4a:0d:2f:a9:33:25:fe:6b:
a8:f4:05:5b:73:c8:9e:0a:9c:23:2a:7c:42:f8:a8:
7e:5b:10:3d:a9:3a:70:c8:f1:6b:61:55:35:a5:f6:
d2:d8:ba:48:6c:db:73:80:b0:f6:17:a3:83:93:a4:
0f:97:c8:87:1a:f7:ce:05:35:f7:ae:20:6f:86:50:
77:e2:16:40:82:ec:bc:0a:d3:15:9c:f0:0f:b6:7d:
51:40:3f:9f:9e:74:74:39:5b:72:5b:27:d2:7f:e4:
a4:04:09:8d:f7:c7:a5:c6:d1:3b:80:81:ee:69:85:
e4:f8:ec:5d:12:75:99:56:c8:3f:88:59:f3:df:81:
28:23:bf:c9:26:3f:47:d9:af:a3:3e:d6:10:71:ea:
55:3e:f0:ec:86:c0:1c:5d:ff:25:6b:c4:9a:86:73:
56:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:CA:97:80:B7:DB:DC:2B:B2:2D:C0:E6:82:F1:45:E1:98:3D:35:59
X509v3 Authority Key Identifier:
keyid:E8:40:3B:5E:45:CD:58:BE:5F:6C:5D:33:FA:56:5A:B4:92:23:E3:DB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6EA7XkXNWL5fbF0z-lZatJIj49s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/8976ed-da0a-49a5-a751-a871ecc212a6/1/TMqXgLfb3CuyLcDmgvFF4Zg9NVk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/8976ed-da0a-49a5-a751-a871ecc212a6/1/6EA7XkXNWL5fbF0z-lZatJIj49s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.123.120.0/22
212.66.160.0/24
212.80.160.0/19
213.170.32.0/19
Signature Algorithm: sha256WithRSAEncryption
c9:0c:58:8b:f6:83:4c:ca:ed:25:d1:a8:07:07:d4:e3:74:f1:
be:cc:41:f3:8e:ec:86:93:42:23:b4:ed:b4:97:07:03:f8:50:
40:09:d1:90:cb:ce:f1:00:46:11:2c:7d:e2:87:8b:fc:d5:8b:
34:bb:64:f5:c6:25:14:29:d2:e5:a5:6c:65:ee:60:f8:b0:9e:
ed:38:da:af:1b:88:c6:18:b1:38:6a:ce:2c:a2:92:1b:14:45:
e7:01:72:78:d0:42:ce:12:9a:a3:0f:c5:f0:42:d3:e8:11:1a:
15:f7:ae:3c:14:6d:ed:8f:8a:9a:e3:e2:bc:b3:0a:06:4f:2a:
dd:68:0d:ca:ee:04:46:d9:d7:8b:f9:c6:27:95:69:a1:46:d0:
92:87:17:1d:d7:d9:6a:06:29:ed:8d:7a:21:81:e6:4e:13:5a:
04:f8:1e:de:e6:41:9c:77:ba:46:a4:fc:42:e6:2f:ad:0b:4e:
07:37:6c:84:d5:4a:81:d5:23:84:04:65:ef:87:c1:8c:20:cb:
88:b0:75:01:3e:c5:48:ea:eb:26:5c:32:d1:80:01:c3:83:18:
7f:12:35:b2:15:c7:18:13:d8:89:e4:80:c7:36:26:26:97:de:
da:0a:ae:c0:9f:79:fd:e2:48:1d:05:ba:bc:a9:5e:34:1c:af:
22:e5:27:25
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYgLtZUy93DQgiHJYOrmbIYOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU4NDAzYjVlNDVjZDU4YmU1ZjZjNWQzM2ZhNTY1YWI0OTIy
M2UzZGIwHhcNMjMwNTExMTY0NzA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0Y2NhOTc4MGI3ZGJkYzJiYjIyZGMwZTY4MmYxNDVlMTk4M2QzNTU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmsXGiIOMdBBJsP2+48I9OAoNQyVY
i1rnwcHVsLb2qxsmAhXX+zQ1elwEW6XEDJCyEXjE56jy0kETVA09gMcuO1dQRcwt
oVRhq9lEA62qcYbzScZiMw7aoBJYjdh6gTLPSg0vqTMl/muo9AVbc8ieCpwjKnxC
+Kh+WxA9qTpwyPFrYVU1pfbS2LpIbNtzgLD2F6ODk6QPl8iHGvfOBTX3riBvhlB3
4hZAguy8CtMVnPAPtn1RQD+fnnR0OVtyWyfSf+SkBAmN98elxtE7gIHuaYXk+Oxd
EnWZVsg/iFnz34EoI7/JJj9H2a+jPtYQcepVPvDshsAcXf8la8SahnNW6QIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFEzKl4C329wrsi3A5oLxReGYPTVZMB8GA1UdIwQY
MBaAFOhAO15FzVi+X2xdM/pWWrSSI+PbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNkVBN1hrWE5XTDVmYkYwei1sWmF0SklqNDlzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNy84OTc2ZWQtZGEwYS00OWE1LWE3NTEt
YTg3MWVjYzIxMmE2LzEvVE1xWGdMZmIzQ3V5TGNEbWd2RkY0Wmc5TlZrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNy84OTc2ZWQtZGEwYS00OWE1LWE3NTEtYTg3MWVjYzIxMmE2
LzEvNkVBN1hrWE5XTDVmYkYwei1sWmF0SklqNDlzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQCuXt4AwQA
1EKgAwQF1FCgAwQF1aogMA0GCSqGSIb3DQEBCwUAA4IBAQDJDFiL9oNMyu0l0agH
B9TjdPG+zEHzjuyGk0IjtO20lwcD+FBACdGQy87xAEYRLH3ih4v81Ys0u2T1xiUU
KdLlpWxl7mD4sJ7tONqvG4jGGLE4as4sopIbFEXnAXJ40ELOEpqjD8XwQtPoERoV
9648FG3tj4qa4+K8swoGTyrdaA3K7gRG2deL+cYnlWmhRtCShxcd19lqBintjXoh
geZOE1oE+B7e5kGcd7pGpPxC5i+tC04HN2yE1UqB1SOEBGXvh8GMIMuIsHUBPsVI
6usmXDLRgAHDgxh/EjWyFccYE9iJ5IDHNiYml97aCq7An3n94kgdBbq8qV40HK8i
5Scl
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:26:44 2025 by rpki-client