Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f9/63299a-86b2-49ff-b6e2-241eab61483f/1/TyCPmqg2LiagEwtDuq5-4hrmLwA.roa
File: TyCPmqg2LiagEwtDuq5-4hrmLwA.roa (raw, json)
Hash identifier: kaSoRh31GfuRhrDFfLwEfbLn/8ODpRvBshA0wlMLBy0=
Subject key identifier: 4F:20:8F:9A:A8:36:2E:26:A0:13:0B:43:BA:AE:7E:E2:1A:E6:2F:00
Certificate issuer: /CN=e479af1716dc461e5bb3f876215bcb94e8808ba0
Certificate serial: 4466B179
Authority key identifier: E4:79:AF:17:16:DC:46:1E:5B:B3:F8:76:21:5B:CB:94:E8:80:8B:A0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5HmvFxbcRh5bs_h2IVvLlOiAi6A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f9/63299a-86b2-49ff-b6e2-241eab61483f/1/TyCPmqg2LiagEwtDuq5-4hrmLwA.roa
Signing time: Sat 01 Jan 2022 08:03:06 +0000
ROA not before: Sat 01 Jan 2022 08:03:06 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 8218
IP address blocks: 158.255.96.0/19 maxlen: 19
91.194.208.0/23 maxlen: 24
195.216.192.0/23 maxlen: 24
141.255.136.0/21 maxlen: 21
83.167.32.0/19 maxlen: 19
94.103.128.0/20 maxlen: 20
213.179.76.0/22 maxlen: 22
193.34.130.0/23 maxlen: 24
185.110.192.0/22 maxlen: 22
213.152.0.0/19 maxlen: 19
46.255.176.0/21 maxlen: 21
212.69.160.0/19 maxlen: 19
193.227.248.0/23 maxlen: 24
2001:1b48::/32 maxlen: 32
2a00:1f60::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1147580793 (0x4466b179)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e479af1716dc461e5bb3f876215bcb94e8808ba0
Validity
Not Before: Jan 1 08:03:06 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=4f208f9aa8362e26a0130b43baae7ee21ae62f00
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:28:6d:60:11:ec:42:5d:2e:19:ae:26:e8:38:
4e:a6:63:a0:db:40:c1:57:7f:c5:06:1d:8a:6e:ca:
86:ce:a2:85:0b:cc:29:a0:96:6e:3d:e8:1a:1c:e7:
bc:be:14:af:2d:e0:85:60:c6:16:a6:9b:d9:e4:00:
2b:31:7c:25:f3:c3:2a:ad:c6:84:6f:ab:4e:bb:f2:
86:20:fa:06:4f:18:83:a0:68:e5:77:ea:49:e8:96:
cd:e5:4d:01:11:65:bd:3a:ce:08:0f:9a:b9:b7:3f:
a9:53:20:58:b2:e0:a9:43:0e:04:33:f6:4a:8b:7a:
9a:93:8d:be:c9:50:dd:d5:87:14:be:ac:86:28:bb:
ec:a2:b8:a7:5b:26:77:94:4c:78:46:f0:45:f6:cb:
52:af:6e:88:55:39:9e:24:6b:0a:fc:43:a6:24:97:
e4:b2:93:ac:53:bc:8a:ae:3e:de:bd:73:12:dc:e9:
a9:75:a6:78:74:d0:4e:ce:5e:1f:9a:3c:b0:63:2d:
71:fc:21:e5:12:b6:60:55:4b:3a:9e:4d:0f:72:d7:
a3:31:b9:4f:9d:31:0c:10:00:84:47:df:47:a7:34:
bf:bd:63:42:03:52:51:b5:24:fa:16:bd:b4:62:82:
a5:eb:8a:7a:a4:9b:7c:56:ff:d8:fd:1b:54:1f:d7:
d6:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4F:20:8F:9A:A8:36:2E:26:A0:13:0B:43:BA:AE:7E:E2:1A:E6:2F:00
X509v3 Authority Key Identifier:
keyid:E4:79:AF:17:16:DC:46:1E:5B:B3:F8:76:21:5B:CB:94:E8:80:8B:A0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5HmvFxbcRh5bs_h2IVvLlOiAi6A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/63299a-86b2-49ff-b6e2-241eab61483f/1/TyCPmqg2LiagEwtDuq5-4hrmLwA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/63299a-86b2-49ff-b6e2-241eab61483f/1/5HmvFxbcRh5bs_h2IVvLlOiAi6A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.255.176.0/21
83.167.32.0/19
91.194.208.0/23
94.103.128.0/20
141.255.136.0/21
158.255.96.0/19
185.110.192.0/22
193.34.130.0/23
193.227.248.0/23
195.216.192.0/23
212.69.160.0/19
213.152.0.0/19
213.179.76.0/22
IPv6:
2001:1b48::/32
2a00:1f60::/32
Signature Algorithm: sha256WithRSAEncryption
87:ca:7c:dc:21:0d:f3:e4:f6:b7:59:e7:a4:5c:4e:fa:0e:90:
e2:ec:82:bc:19:8b:15:34:1a:c3:7a:9f:99:70:a4:a7:57:d6:
ec:9e:fe:9c:e8:48:35:77:56:50:47:e0:fc:82:e9:b2:b1:95:
fe:5a:f1:ae:6a:62:39:fd:c4:99:10:62:4c:41:53:c1:6f:57:
1b:78:73:1b:fd:73:c9:c7:a1:d5:9d:89:11:97:88:61:ef:26:
5b:36:80:56:64:0a:ad:1d:6c:f7:a9:a8:cc:f6:23:11:72:c7:
02:84:ec:f1:68:0f:9f:f9:93:41:c6:33:11:49:c5:b6:59:bf:
9a:bd:49:44:63:dc:69:d3:e0:af:d8:3a:46:65:99:48:b7:72:
4c:4a:51:76:41:14:d1:3e:fc:70:8d:7c:84:dc:e5:e8:1c:85:
62:de:d5:af:11:a5:44:66:b8:4a:4e:98:76:31:ab:db:34:c8:
c1:c1:2c:37:b4:d6:4a:f8:28:9c:f6:a5:71:b7:6b:25:16:04:
82:6e:2c:1d:c7:69:80:70:0d:fd:9a:f7:e0:34:b8:09:18:4b:
2d:19:a8:72:27:4e:bf:c7:0a:2e:62:fe:3b:c1:18:13:ec:af:
1b:23:b1:15:e1:03:4c:0d:c5:57:82:06:d4:81:b0:81:7c:7b:
d9:f8:30:ca
-----BEGIN CERTIFICATE-----
MIIFTTCCBDWgAwIBAgIERGaxeTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhl
NDc5YWYxNzE2ZGM0NjFlNWJiM2Y4NzYyMTViY2I5NGU4ODA4YmEwMB4XDTIyMDEw
MTA4MDMwNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNGYyMDhmOWFhODM2
MmUyNmEwMTMwYjQzYmFhZTdlZTIxYWU2MmYwMDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJUobWAR7EJdLhmuJug4TqZjoNtAwVd/xQYdim7Khs6ihQvM
KaCWbj3oGhznvL4Ury3ghWDGFqab2eQAKzF8JfPDKq3GhG+rTrvyhiD6Bk8Yg6Bo
5XfqSeiWzeVNARFlvTrOCA+aubc/qVMgWLLgqUMOBDP2Sot6mpONvslQ3dWHFL6s
hii77KK4p1smd5RMeEbwRfbLUq9uiFU5niRrCvxDpiSX5LKTrFO8iq4+3r1zEtzp
qXWmeHTQTs5eH5o8sGMtcfwh5RK2YFVLOp5ND3LXozG5T50xDBAAhEffR6c0v71j
QgNSUbUk+ha9tGKCpeuKeqSbfFb/2P0bVB/X1uECAwEAAaOCAmcwggJjMB0GA1Ud
DgQWBBRPII+aqDYuJqATC0O6rn7iGuYvADAfBgNVHSMEGDAWgBTkea8XFtxGHluz
+HYhW8uU6ICLoDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzVIbXZGeGJjUmg1YnNfaDJJVnZMbE9pQWk2QS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZjkvNjMyOTlhLTg2YjItNDlmZi1iNmUyLTI0MWVhYjYxNDgzZi8x
L1R5Q1BtcWcyTGlhZ0V3dER1cTUtNGhybUx3QS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZjkv
NjMyOTlhLTg2YjItNDlmZi1iNmUyLTI0MWVhYjYxNDgzZi8xLzVIbXZGeGJjUmg1
YnNfaDJJVnZMbE9pQWk2QS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjB9
BggrBgEFBQcBBwEB/wRuMGwwVAQCAAEwTgMEAy7/sAMEBVOnIAMEAVvC0AMEBF5n
gAMEA43/iAMEBZ7/YAMEArluwAMEAcEiggMEAcHj+AMEAcPYwAMEBdRFoAMEBdWY
AAMEAtWzTDAUBAIAAjAOAwUAIAEbSAMFACoAH2AwDQYJKoZIhvcNAQELBQADggEB
AIfKfNwhDfPk9rdZ56RcTvoOkOLsgrwZixU0GsN6n5lwpKdX1uye/pzoSDV3VlBH
4PyC6bKxlf5a8a5qYjn9xJkQYkxBU8FvVxt4cxv9c8nHodWdiRGXiGHvJls2gFZk
Cq0dbPepqMz2IxFyxwKE7PFoD5/5k0HGMxFJxbZZv5q9SURj3GnT4K/YOkZlmUi3
ckxKUXZBFNE+/HCNfITc5egchWLe1a8RpURmuEpOmHYxq9s0yMHBLDe01kr4KJz2
pXG3ayUWBIJuLB3HaYBwDf2a9+A0uAkYSy0ZqHInTr/HCi5i/jvBGBPsrxsjsRXh
A0wNxVeCBtSBsIF8e9n4MMo=
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:05:59 2025 by rpki-client