Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/1ccd9a-c30e-4e8a-894a-fd71667a2b5f/1/tIaGWK4RgL4LOS4wJh_0vFbxxWs.roa
File: tIaGWK4RgL4LOS4wJh_0vFbxxWs.roa (raw, json)
Hash identifier: lAWxYmPpAYNOXbzsjlNYmgnzrheEiKc/3grQklYaFe4=
Subject key identifier: B4:86:86:58:AE:11:80:BE:0B:39:2E:30:26:1F:F4:BC:56:F1:C5:6B
Certificate issuer: /CN=e5a27555c1a5c5ddf7f7acc839fa577aa7ee7a9c
Certificate serial: 0B82A8CA
Authority key identifier: E5:A2:75:55:C1:A5:C5:DD:F7:F7:AC:C8:39:FA:57:7A:A7:EE:7A:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5aJ1VcGlxd3396zIOfpXeqfuepw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fd/1ccd9a-c30e-4e8a-894a-fd71667a2b5f/1/tIaGWK4RgL4LOS4wJh_0vFbxxWs.roa
Signing time: Fri 11 Mar 2022 05:42:14 +0000
ROA not before: Fri 11 Mar 2022 05:42:14 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 33907
IP address blocks: 193.26.17.0/24 maxlen: 24
194.145.172.0/24 maxlen: 24
194.145.173.0/24 maxlen: 24
194.145.174.0/24 maxlen: 24
194.145.175.0/24 maxlen: 24
2001:67c:2968::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 193112266 (0xb82a8ca)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e5a27555c1a5c5ddf7f7acc839fa577aa7ee7a9c
Validity
Not Before: Mar 11 05:42:14 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=b4868658ae1180be0b392e30261ff4bc56f1c56b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:cd:c0:ca:b0:13:03:fa:cf:06:94:1a:6b:e0:
a5:d0:5e:a6:07:52:f9:c8:41:cb:3f:77:36:44:3e:
ea:20:71:6c:01:87:21:50:6e:37:64:56:85:49:ba:
18:30:1b:8b:36:ee:b5:6f:70:81:24:5e:85:fd:42:
61:2b:ef:ac:1e:46:21:c5:17:3c:a8:78:62:47:1e:
37:d6:b5:94:9f:35:4c:1d:8f:1e:95:94:d2:97:40:
5f:f1:51:8b:10:b2:b8:e0:4d:92:ac:2c:3c:68:b1:
52:27:c2:65:f3:b6:68:2a:30:b4:e9:b9:ef:2d:ee:
6a:e2:80:44:cd:b4:7e:6d:39:73:b2:b7:24:c9:ed:
30:a5:1b:ad:99:3b:fb:87:cc:74:f0:73:58:39:b3:
0a:a2:ce:88:36:27:3f:a1:80:36:f6:9c:34:d7:cc:
4c:85:49:68:c0:91:d8:8d:aa:3e:3c:77:db:05:0f:
3a:96:0a:26:8b:7c:29:cd:01:17:8f:79:88:47:6d:
e8:55:4a:9c:fe:b5:70:c5:e2:63:de:72:46:0a:08:
32:b4:84:9a:ae:f1:ff:1f:f8:01:61:20:77:81:fd:
3e:01:62:81:73:a7:e9:98:9b:a3:a6:e9:2b:fb:51:
cc:14:df:c1:2f:1e:6c:30:bd:13:55:d7:35:5b:f7:
e7:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:86:86:58:AE:11:80:BE:0B:39:2E:30:26:1F:F4:BC:56:F1:C5:6B
X509v3 Authority Key Identifier:
keyid:E5:A2:75:55:C1:A5:C5:DD:F7:F7:AC:C8:39:FA:57:7A:A7:EE:7A:9C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5aJ1VcGlxd3396zIOfpXeqfuepw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/1ccd9a-c30e-4e8a-894a-fd71667a2b5f/1/tIaGWK4RgL4LOS4wJh_0vFbxxWs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/1ccd9a-c30e-4e8a-894a-fd71667a2b5f/1/5aJ1VcGlxd3396zIOfpXeqfuepw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.26.17.0/24
194.145.172.0/22
IPv6:
2001:67c:2968::/48
Signature Algorithm: sha256WithRSAEncryption
1c:f5:a3:37:8a:78:bf:ce:37:78:28:b1:4f:4c:55:66:5d:58:
9e:16:b3:a1:0a:16:65:b8:5c:30:bf:69:34:a7:b0:ad:c3:d7:
21:cc:24:c6:77:e2:59:1c:1c:19:ca:23:9b:a7:17:d8:07:60:
ff:fd:2a:e1:82:c1:43:2f:48:2e:27:44:1a:9e:36:b1:f5:21:
65:c6:9b:58:55:94:52:97:8c:03:c6:ae:ea:2e:bc:27:7b:53:
ac:58:3e:83:56:d8:54:c2:81:43:fe:d0:1f:a4:a0:9e:68:9f:
2b:ab:13:60:cd:4a:21:a2:7e:9f:fd:8f:29:7a:85:f6:62:28:
24:69:97:f4:ca:86:63:87:16:6b:c5:dd:1e:ea:94:07:23:2c:
9d:94:47:37:35:f7:03:43:c8:86:bd:29:f2:d3:f8:3b:91:fb:
99:b9:1b:4a:2f:38:67:40:9a:7a:4c:df:5e:af:6f:ac:81:c9:
13:89:00:22:ee:7e:ce:9e:e9:a5:c0:37:0b:6c:78:42:33:0f:
8f:5c:ef:9f:b4:3a:f8:ca:9c:83:7e:b3:ca:9f:a7:06:cd:44:
6c:df:9d:4f:84:93:f3:6b:83:bf:84:41:06:c7:b8:b9:c5:c2:
62:67:88:c8:7e:50:bb:b9:18:a4:e2:7e:52:75:2a:46:ad:8e:
32:0f:2e:40
-----BEGIN CERTIFICATE-----
MIIFBjCCA+6gAwIBAgIEC4KoyjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhl
NWEyNzU1NWMxYTVjNWRkZjdmN2FjYzgzOWZhNTc3YWE3ZWU3YTljMB4XDTIyMDMx
MTA1NDIxNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYjQ4Njg2NThhZTEx
ODBiZTBiMzkyZTMwMjYxZmY0YmM1NmYxYzU2YjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJLNwMqwEwP6zwaUGmvgpdBepgdS+chByz93NkQ+6iBxbAGH
IVBuN2RWhUm6GDAbizbutW9wgSRehf1CYSvvrB5GIcUXPKh4YkceN9a1lJ81TB2P
HpWU0pdAX/FRixCyuOBNkqwsPGixUifCZfO2aCowtOm57y3uauKARM20fm05c7K3
JMntMKUbrZk7+4fMdPBzWDmzCqLOiDYnP6GANvacNNfMTIVJaMCR2I2qPjx32wUP
OpYKJot8Kc0BF495iEdt6FVKnP61cMXiY95yRgoIMrSEmq7x/x/4AWEgd4H9PgFi
gXOn6Zibo6bpK/tRzBTfwS8ebDC9E1XXNVv3570CAwEAAaOCAiAwggIcMB0GA1Ud
DgQWBBS0hoZYrhGAvgs5LjAmH/S8VvHFazAfBgNVHSMEGDAWgBTlonVVwaXF3ff3
rMg5+ld6p+56nDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzVhSjFWY0dseGQzMzk2eklPZnBYZXFmdWVwdy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZmQvMWNjZDlhLWMzMGUtNGU4YS04OTRhLWZkNzE2NjdhMmI1Zi8x
L3RJYUdXSzRSZ0w0TE9TNHdKaF8wdkZieHhXcy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZmQv
MWNjZDlhLWMzMGUtNGU4YS04OTRhLWZkNzE2NjdhMmI1Zi8xLzVhSjFWY0dseGQz
Mzk2eklPZnBYZXFmdWVwdy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA2
BggrBgEFBQcBBwEB/wQnMCUwEgQCAAEwDAMEAMEaEQMEAsKRrDAPBAIAAjAJAwcA
IAEGfCloMA0GCSqGSIb3DQEBCwUAA4IBAQAc9aM3ini/zjd4KLFPTFVmXVieFrOh
ChZluFwwv2k0p7Ctw9chzCTGd+JZHBwZyiObpxfYB2D//SrhgsFDL0guJ0Qanjax
9SFlxptYVZRSl4wDxq7qLrwne1OsWD6DVthUwoFD/tAfpKCeaJ8rqxNgzUohon6f
/Y8peoX2YigkaZf0yoZjhxZrxd0e6pQHIyydlEc3NfcDQ8iGvSny0/g7kfuZuRtK
LzhnQJp6TN9er2+sgckTiQAi7n7OnumlwDcLbHhCMw+PXO+ftDr4ypyDfrPKn6cG
zURs351PhJPza4O/hEEGx7i5xcJiZ4jIflC7uRik4n5SdSpGrY4yDy5A
-----END CERTIFICATE-----
Generated at Thu Apr 17 14:49:38 2025 by rpki-client