Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ed/6c8c31-f999-4056-aa1b-234d0754239d/1/Tq7z9ZWFGxuYpfRpNQp3zVsLH14.roa
File: Tq7z9ZWFGxuYpfRpNQp3zVsLH14.roa (raw, json)
Hash identifier: 67GDszytt4bKb6hoPDc14XwRvxrzhl2dYwEL+xG/P3s=
Subject key identifier: 4E:AE:F3:F5:95:85:1B:1B:98:A5:F4:69:35:0A:77:CD:5B:0B:1F:5E
Certificate issuer: /CN=075dc3f225722b809abe98778c3bfd7009e1cf4f
Certificate serial: 01884E50983D2FC76825ACAB28551CC1A026
Authority key identifier: 07:5D:C3:F2:25:72:2B:80:9A:BE:98:77:8C:3B:FD:70:09:E1:CF:4F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/B13D8iVyK4Cavph3jDv9cAnhz08.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ed/6c8c31-f999-4056-aa1b-234d0754239d/1/Tq7z9ZWFGxuYpfRpNQp3zVsLH14.roa
Signing time: Wed 24 May 2023 15:11:24 +0000
ROA not before: Wed 24 May 2023 15:11:24 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 48298
IP address blocks: 94.199.43.0/24 maxlen: 24
94.199.40.0/21 maxlen: 21
94.199.44.0/24 maxlen: 24
94.199.41.0/24 maxlen: 24
94.199.42.0/24 maxlen: 24
94.199.46.0/24 maxlen: 24
94.199.47.0/24 maxlen: 24
94.199.45.0/24 maxlen: 24
185.17.212.0/22 maxlen: 22
2a01:5bc0::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:4e:50:98:3d:2f:c7:68:25:ac:ab:28:55:1c:c1:a0:26
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=075dc3f225722b809abe98778c3bfd7009e1cf4f
Validity
Not Before: May 24 15:11:24 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4eaef3f595851b1b98a5f469350a77cd5b0b1f5e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:64:92:6f:09:c9:f1:85:80:8f:05:b4:dd:51:
84:4d:cb:a3:7f:7c:b4:5a:d5:bb:94:f5:20:f1:db:
0a:1e:7d:2d:ce:34:14:a8:b1:60:bf:25:fe:0c:df:
6e:64:e7:18:25:2d:f9:94:ad:f7:27:11:30:d7:4f:
27:09:39:54:4e:c6:31:18:e3:19:6d:a3:6e:1c:b4:
b9:d9:b3:8c:62:6b:ec:8c:d4:af:85:9d:90:f2:22:
2a:bc:aa:8e:7d:a3:49:a8:cf:e4:6a:79:e1:6c:66:
2f:f4:0e:43:3b:dc:36:c6:06:e3:cb:de:47:6a:af:
ec:87:56:77:fb:f0:62:b8:67:05:c1:43:81:2a:1c:
a3:d4:d0:e1:51:2e:5a:ec:8e:97:2f:ec:81:04:44:
8c:9a:5c:7f:be:46:85:bc:86:cd:d6:81:c0:c6:c9:
3f:2a:3c:a0:c6:53:f6:fe:28:a1:1f:94:77:53:43:
5f:9a:36:0a:21:33:59:7e:9e:94:20:b5:9b:e4:70:
17:63:0e:35:12:ee:bf:fa:9b:74:49:ec:c0:ea:ae:
d8:af:66:38:35:b4:3d:95:9b:d1:f8:45:d8:26:3e:
b0:3e:4c:e7:16:b1:96:3c:0f:56:10:00:ca:55:9f:
3c:59:95:d6:ff:b1:0a:00:3b:17:7a:26:e8:b5:d5:
fe:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:AE:F3:F5:95:85:1B:1B:98:A5:F4:69:35:0A:77:CD:5B:0B:1F:5E
X509v3 Authority Key Identifier:
keyid:07:5D:C3:F2:25:72:2B:80:9A:BE:98:77:8C:3B:FD:70:09:E1:CF:4F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/B13D8iVyK4Cavph3jDv9cAnhz08.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/6c8c31-f999-4056-aa1b-234d0754239d/1/Tq7z9ZWFGxuYpfRpNQp3zVsLH14.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/6c8c31-f999-4056-aa1b-234d0754239d/1/B13D8iVyK4Cavph3jDv9cAnhz08.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.199.40.0/21
185.17.212.0/22
IPv6:
2a01:5bc0::/32
Signature Algorithm: sha256WithRSAEncryption
5b:b9:5d:0d:82:6d:49:cf:be:54:5a:17:4d:df:1c:df:1f:90:
14:e7:44:1e:7c:ab:8c:1f:a6:25:b6:d1:5b:f5:87:08:40:c4:
7a:76:35:03:be:ee:59:3d:62:db:1a:a8:f5:27:59:65:cb:b7:
8f:3f:a4:6b:51:bd:7b:3b:42:72:8d:0a:8a:4e:e9:e9:c1:84:
23:e8:68:39:00:ca:da:2e:48:be:53:8e:25:6f:3a:1a:85:ce:
9a:0f:48:17:50:5b:37:24:3f:e0:d8:35:83:ab:46:aa:ba:ad:
c4:d5:6e:2e:77:8c:bf:48:38:33:96:a6:19:74:80:c9:49:6a:
6f:d1:5b:0e:2b:97:3b:a1:ab:3f:c7:00:d3:cb:fe:25:de:05:
70:b5:ed:83:41:e4:0e:73:ab:8c:09:c5:cf:19:46:4c:67:cc:
73:d8:b5:87:b3:24:ba:31:5d:8f:d8:c8:98:fc:4c:98:fc:60:
ef:c4:1d:df:b8:77:27:4a:b0:31:a3:bc:6d:87:c3:6d:c6:a4:
c3:9f:cc:da:71:cb:1c:d6:7b:e3:fd:4f:52:d9:bd:64:c9:8c:
c7:21:93:dc:a9:9c:8e:be:5a:24:a8:b5:40:ec:dc:6c:0c:1b:
16:b2:8b:01:e9:6f:ea:31:43:fb:a2:b1:fa:6d:33:e8:b4:f6:
4a:d4:79:e5
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYhOUJg9L8doJayrKFUcwaAmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA3NWRjM2YyMjU3MjJiODA5YWJlOTg3NzhjM2JmZDcwMDll
MWNmNGYwHhcNMjMwNTI0MTUxMTI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZWFlZjNmNTk1ODUxYjFiOThhNWY0NjkzNTBhNzdjZDViMGIxZjVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0mSSbwnJ8YWAjwW03VGETcujf3y0
WtW7lPUg8dsKHn0tzjQUqLFgvyX+DN9uZOcYJS35lK33JxEw108nCTlUTsYxGOMZ
baNuHLS52bOMYmvsjNSvhZ2Q8iIqvKqOfaNJqM/kannhbGYv9A5DO9w2xgbjy95H
aq/sh1Z3+/BiuGcFwUOBKhyj1NDhUS5a7I6XL+yBBESMmlx/vkaFvIbN1oHAxsk/
KjygxlP2/iihH5R3U0NfmjYKITNZfp6UILWb5HAXYw41Eu6/+pt0SezA6q7Yr2Y4
NbQ9lZvR+EXYJj6wPkznFrGWPA9WEADKVZ88WZXW/7EKADsXeibotdX+5QIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFE6u8/WVhRsbmKX0aTUKd81bCx9eMB8GA1UdIwQY
MBaAFAddw/IlciuAmr6Yd4w7/XAJ4c9PMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQjEzRDhpVnlLNENhdnBoM2pEdjljQW5oejA4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZC82YzhjMzEtZjk5OS00MDU2LWFhMWIt
MjM0ZDA3NTQyMzlkLzEvVHE3ejlaV0ZHeHVZcGZScE5RcDN6VnNMSDE0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZC82YzhjMzEtZjk5OS00MDU2LWFhMWItMjM0ZDA3NTQyMzlk
LzEvQjEzRDhpVnlLNENhdnBoM2pEdjljQW5oejA4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQDXscoAwQC
uRHUMA0EAgACMAcDBQAqAVvAMA0GCSqGSIb3DQEBCwUAA4IBAQBbuV0Ngm1Jz75U
WhdN3xzfH5AU50QefKuMH6YlttFb9YcIQMR6djUDvu5ZPWLbGqj1J1lly7ePP6Rr
Ub17O0JyjQqKTunpwYQj6Gg5AMraLki+U44lbzoahc6aD0gXUFs3JD/g2DWDq0aq
uq3E1W4ud4y/SDgzlqYZdIDJSWpv0VsOK5c7oas/xwDTy/4l3gVwte2DQeQOc6uM
CcXPGUZMZ8xz2LWHsyS6MV2P2MiY/EyY/GDvxB3fuHcnSrAxo7xth8NtxqTDn8za
ccsc1nvj/U9S2b1kyYzHIZPcqZyOvlokqLVA7NxsDBsWsosB6W/qMUP7orH6bTPo
tPZK1Hnl
-----END CERTIFICATE-----
Generated at Sat Apr 19 08:22:08 2025 by rpki-client