Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/3f04c9-e6e1-4506-b8fa-40d1911fa7f3/1/TDH2BlzsrrpTOkdXO0Jk5GpXBus.roa
File: TDH2BlzsrrpTOkdXO0Jk5GpXBus.roa (raw, json)
Hash identifier: /Nr/FiHCXYYCTv1TFeWcE1U1w1jtKxou6WUWKRJdpLA=
Subject key identifier: 4C:31:F6:06:5C:EC:AE:BA:53:3A:47:57:3B:42:64:E4:6A:57:06:EB
Certificate issuer: /CN=d0a38542cfdb1ee6e075eae6b101e7bb5b14c436
Certificate serial: 0A4E4312
Authority key identifier: D0:A3:85:42:CF:DB:1E:E6:E0:75:EA:E6:B1:01:E7:BB:5B:14:C4:36
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0KOFQs_bHubgdermsQHnu1sUxDY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/3f04c9-e6e1-4506-b8fa-40d1911fa7f3/1/TDH2BlzsrrpTOkdXO0Jk5GpXBus.roa
Signing time: Sat 01 Jan 2022 04:03:37 +0000
ROA not before: Sat 01 Jan 2022 04:03:37 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 137457
IP address blocks: 145.34.152.0/24 maxlen: 24
145.34.152.0/21 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 172901138 (0xa4e4312)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d0a38542cfdb1ee6e075eae6b101e7bb5b14c436
Validity
Not Before: Jan 1 04:03:37 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=4c31f6065cecaeba533a47573b4264e46a5706eb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:f1:c0:01:c9:b0:94:83:cf:09:86:15:63:01:
87:d3:df:ff:a3:b4:f3:00:b2:a1:d1:d6:7d:24:b4:
69:65:78:6a:8f:2a:74:4f:88:f8:13:fd:ae:4b:63:
32:28:82:77:29:f2:73:45:bf:cf:69:37:01:a8:2c:
f7:3b:a2:0f:54:96:81:3c:b8:1e:c1:30:8d:66:41:
9d:06:ad:23:ef:da:6b:93:16:a2:ea:d2:4a:32:b0:
e0:6c:1c:88:e5:0e:ee:a1:9c:9b:0b:11:d5:06:13:
bb:72:3f:96:9f:2e:4f:ee:c0:39:3d:65:36:01:14:
ed:e5:f2:6c:67:e6:67:d5:a2:19:48:1c:68:e4:2f:
fa:4c:4c:f0:f3:d9:0c:24:f5:07:e4:12:e5:13:44:
86:c2:60:92:ce:3a:eb:9e:3b:67:06:13:a9:6e:83:
61:e8:0a:27:0c:c3:aa:ed:17:53:d6:7b:a9:ab:bb:
df:df:20:1a:e4:57:44:2e:b5:92:85:8f:cb:81:c4:
5d:eb:65:6c:c4:0a:02:5f:69:bf:26:e7:12:9f:d5:
da:c9:e5:8e:21:c3:2b:03:4d:9f:52:04:28:cd:c5:
70:00:2e:c7:be:05:e5:c0:be:0f:39:2b:04:7b:b5:
7e:0c:ad:79:b6:0a:a8:87:7c:75:50:b2:c9:82:37:
0e:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:31:F6:06:5C:EC:AE:BA:53:3A:47:57:3B:42:64:E4:6A:57:06:EB
X509v3 Authority Key Identifier:
keyid:D0:A3:85:42:CF:DB:1E:E6:E0:75:EA:E6:B1:01:E7:BB:5B:14:C4:36
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0KOFQs_bHubgdermsQHnu1sUxDY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/3f04c9-e6e1-4506-b8fa-40d1911fa7f3/1/TDH2BlzsrrpTOkdXO0Jk5GpXBus.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/3f04c9-e6e1-4506-b8fa-40d1911fa7f3/1/0KOFQs_bHubgdermsQHnu1sUxDY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
145.34.152.0/21
Signature Algorithm: sha256WithRSAEncryption
5a:63:7c:d4:9d:df:42:ef:09:5a:04:67:9e:fb:97:65:58:79:
86:e2:ce:d0:52:16:a4:7e:2e:ed:9e:8d:fe:75:ca:84:9c:82:
fb:e6:cd:de:57:9c:83:b5:1c:53:f6:e6:49:d2:d0:bd:16:be:
56:20:7c:f0:ea:79:56:86:93:bc:6b:d3:36:2e:fe:34:48:f0:
04:0f:55:c7:04:81:e2:69:8c:71:d2:0a:53:38:b3:c4:1f:b0:
9a:90:4c:d9:b6:03:c8:a2:c1:10:70:ce:28:75:6d:8d:c9:55:
d5:11:5a:98:2f:5f:26:19:8a:7f:21:e6:cb:81:76:b1:37:e7:
45:3f:a6:3b:38:cf:7a:11:a9:18:fe:33:40:80:3e:cd:bb:cb:
3a:09:99:cb:94:b1:9b:98:46:a4:e5:27:a0:7c:a3:26:80:a1:
7c:8e:cd:b0:a5:b4:de:68:69:5c:be:05:e3:69:02:ea:ff:cc:
5a:e1:fd:a3:01:91:35:a1:fe:e3:9f:8c:c7:be:16:75:50:bd:
0f:e5:e1:17:52:0c:33:c7:c0:5a:40:df:4d:35:7c:da:53:99:
e3:9a:8c:96:8e:06:91:f1:88:4b:32:6c:79:11:07:2e:9d:05:
7f:e8:7f:0e:74:b2:a0:d5:ae:cd:a3:2b:61:9e:e6:c7:1f:4b:
e5:66:c2:1b
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIECk5DEjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
MGEzODU0MmNmZGIxZWU2ZTA3NWVhZTZiMTAxZTdiYjViMTRjNDM2MB4XDTIyMDEw
MTA0MDMzN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNGMzMWY2MDY1Y2Vj
YWViYTUzM2E0NzU3M2I0MjY0ZTQ2YTU3MDZlYjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAK7xwAHJsJSDzwmGFWMBh9Pf/6O08wCyodHWfSS0aWV4ao8q
dE+I+BP9rktjMiiCdynyc0W/z2k3Aags9zuiD1SWgTy4HsEwjWZBnQatI+/aa5MW
ourSSjKw4GwciOUO7qGcmwsR1QYTu3I/lp8uT+7AOT1lNgEU7eXybGfmZ9WiGUgc
aOQv+kxM8PPZDCT1B+QS5RNEhsJgks466547ZwYTqW6DYegKJwzDqu0XU9Z7qau7
398gGuRXRC61koWPy4HEXetlbMQKAl9pvybnEp/V2snljiHDKwNNn1IEKM3FcAAu
x74F5cC+DzkrBHu1fgytebYKqId8dVCyyYI3DgkCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRMMfYGXOyuulM6R1c7QmTkalcG6zAfBgNVHSMEGDAWgBTQo4VCz9se5uB1
6uaxAee7WxTENjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzBLT0ZRc19iSHViZ2Rlcm1zUUhudTFzVXhEWS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZjAvM2YwNGM5LWU2ZTEtNDUwNi1iOGZhLTQwZDE5MTFmYTdmMy8x
L1RESDJCbHpzcnJwVE9rZFhPMEprNUdwWEJ1cy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZjAv
M2YwNGM5LWU2ZTEtNDUwNi1iOGZhLTQwZDE5MTFmYTdmMy8xLzBLT0ZRc19iSHVi
Z2Rlcm1zUUhudTFzVXhEWS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEA5EimDANBgkqhkiG9w0BAQsFAAOC
AQEAWmN81J3fQu8JWgRnnvuXZVh5huLO0FIWpH4u7Z6N/nXKhJyC++bN3lecg7Uc
U/bmSdLQvRa+ViB88Op5VoaTvGvTNi7+NEjwBA9VxwSB4mmMcdIKUzizxB+wmpBM
2bYDyKLBEHDOKHVtjclV1RFamC9fJhmKfyHmy4F2sTfnRT+mOzjPehGpGP4zQIA+
zbvLOgmZy5Sxm5hGpOUnoHyjJoChfI7NsKW03mhpXL4F42kC6v/MWuH9owGRNaH+
45+Mx74WdVC9D+XhF1IMM8fAWkDfTTV82lOZ45qMlo4GkfGISzJseREHLp0Ff+h/
DnSyoNWuzaMrYZ7mxx9L5WbCGw==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:49:48 2025 by rpki-client