Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/674abb-221a-4454-acfc-965a34180136/1/Tnyy8XnPIhZQu6Xj-WvB42-4v7Y.roa
File: Tnyy8XnPIhZQu6Xj-WvB42-4v7Y.roa (raw, json)
Hash identifier: Or8jarFoflYFu+7GCHKS8fO0f9+sVLUxfBzMIRiNGHM=
Subject key identifier: 4E:7C:B2:F1:79:CF:22:16:50:BB:A5:E3:F9:6B:C1:E3:6F:B8:BF:B6
Certificate issuer: /CN=b1168d062a0c2e6166a8262c4d7298d76dedd04f
Certificate serial: 018572B43A81F702E7C42CBB2DA0B7641909
Authority key identifier: B1:16:8D:06:2A:0C:2E:61:66:A8:26:2C:4D:72:98:D7:6D:ED:D0:4F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sRaNBioMLmFmqCYsTXKY123t0E8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/674abb-221a-4454-acfc-965a34180136/1/Tnyy8XnPIhZQu6Xj-WvB42-4v7Y.roa
Signing time: Mon 02 Jan 2023 13:38:12 +0000
ROA not before: Mon 02 Jan 2023 13:38:12 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 201343
IP address blocks: 185.67.208.0/23 maxlen: 23
185.102.208.0/23 maxlen: 23
185.102.211.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:b4:3a:81:f7:02:e7:c4:2c:bb:2d:a0:b7:64:19:09
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b1168d062a0c2e6166a8262c4d7298d76dedd04f
Validity
Not Before: Jan 2 13:38:12 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4e7cb2f179cf221650bba5e3f96bc1e36fb8bfb6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:17:ab:9e:82:ae:95:a6:b5:73:00:b2:c7:14:
29:0f:64:1c:e5:da:2c:b9:6e:09:d6:58:75:26:1c:
ef:7c:19:ea:90:16:2b:ab:94:2d:8b:d0:76:da:cf:
60:6b:4b:12:e2:0b:0c:61:75:ea:4c:a3:f1:ee:4f:
f3:8e:da:35:13:a2:b0:91:af:3c:97:10:25:a1:d4:
f2:6c:52:0b:ce:84:d1:b0:73:ae:89:2b:c2:5a:8f:
c5:de:89:c1:7f:82:44:9f:3b:37:58:d5:a3:bc:22:
77:42:8b:1a:87:2f:4a:50:52:73:49:da:a9:6e:d7:
13:cd:32:6e:5a:66:32:70:15:2b:e9:6f:ad:86:93:
c5:d4:53:ee:a0:cd:f0:22:42:c4:eb:e9:10:29:65:
a1:fc:aa:11:b9:d9:f1:dd:14:0c:aa:04:aa:df:b3:
a9:ff:1d:4c:ba:59:5f:54:a6:22:09:5e:20:2a:ef:
dd:88:10:0a:fc:b7:8b:7e:92:02:d5:9d:e9:55:b5:
15:db:f6:dd:54:1c:a3:e2:7c:4d:51:ea:6c:c2:01:
78:3c:4e:d3:6d:e0:04:d4:b7:5d:7e:fb:23:78:fe:
fa:9a:57:38:9b:25:a1:ba:7b:ae:94:a9:5c:11:b9:
93:8e:b4:df:92:f7:e5:c8:53:94:65:25:c7:d7:9a:
04:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:7C:B2:F1:79:CF:22:16:50:BB:A5:E3:F9:6B:C1:E3:6F:B8:BF:B6
X509v3 Authority Key Identifier:
keyid:B1:16:8D:06:2A:0C:2E:61:66:A8:26:2C:4D:72:98:D7:6D:ED:D0:4F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sRaNBioMLmFmqCYsTXKY123t0E8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/674abb-221a-4454-acfc-965a34180136/1/Tnyy8XnPIhZQu6Xj-WvB42-4v7Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/674abb-221a-4454-acfc-965a34180136/1/sRaNBioMLmFmqCYsTXKY123t0E8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.67.208.0/23
185.102.208.0/23
185.102.211.0/24
Signature Algorithm: sha256WithRSAEncryption
95:cd:1e:15:5d:a7:93:7e:c3:82:71:0e:a4:cb:9c:3d:7a:4b:
67:bd:95:40:c4:ef:83:63:bb:b9:80:fc:3e:9e:c9:3f:75:4a:
2f:84:d0:ca:8e:ee:8e:36:e4:62:26:88:03:0a:5c:d8:c5:61:
95:27:73:77:68:65:dd:74:7b:ed:5e:58:80:b0:2f:49:e9:1d:
52:c0:9d:50:5e:8a:35:93:08:f9:d5:73:34:64:79:62:ae:a5:
69:80:81:d6:ca:9b:d3:2a:fe:6f:ae:bc:94:29:fc:8b:5e:16:
5b:f3:81:f0:c6:9d:f2:2b:ba:15:ef:b5:dd:58:4e:21:d3:c6:
88:d4:38:86:31:26:77:8b:87:1b:4b:57:98:5a:87:7a:f5:42:
e6:a5:f8:18:c3:18:94:97:e1:57:b9:bc:0d:2d:55:0a:a3:db:
20:aa:69:2f:47:6c:ae:b3:2a:3c:eb:8c:2b:42:38:9d:53:c0:
37:4f:45:8d:9e:91:a2:9e:73:1c:4a:a6:2e:0c:36:78:e4:bb:
ba:90:84:8d:57:1f:76:f3:d7:48:aa:7f:4f:51:63:b0:81:ec:
10:9c:1a:fc:0f:b5:27:07:d8:b5:0d:c7:00:da:73:ed:a7:70:
46:34:7a:d9:09:1c:51:cb:08:85:d3:ae:f3:7b:d5:3f:6c:44:
6c:da:7c:6e
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVytDqB9wLnxCy7LaC3ZBkJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxMTY4ZDA2MmEwYzJlNjE2NmE4MjYyYzRkNzI5OGQ3NmRl
ZGQwNGYwHhcNMjMwMTAyMTMzODEyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZTdjYjJmMTc5Y2YyMjE2NTBiYmE1ZTNmOTZiYzFlMzZmYjhiZmI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkhernoKulaa1cwCyxxQpD2Qc5dos
uW4J1lh1JhzvfBnqkBYrq5Qti9B22s9ga0sS4gsMYXXqTKPx7k/zjto1E6Kwka88
lxAlodTybFILzoTRsHOuiSvCWo/F3onBf4JEnzs3WNWjvCJ3Qosahy9KUFJzSdqp
btcTzTJuWmYycBUr6W+thpPF1FPuoM3wIkLE6+kQKWWh/KoRudnx3RQMqgSq37Op
/x1MullfVKYiCV4gKu/diBAK/LeLfpIC1Z3pVbUV2/bdVByj4nxNUepswgF4PE7T
beAE1LddfvsjeP76mlc4myWhunuulKlcEbmTjrTfkvflyFOUZSXH15oEEQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFE58svF5zyIWULul4/lrweNvuL+2MB8GA1UdIwQY
MBaAFLEWjQYqDC5hZqgmLE1ymNdt7dBPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc1JhTkJpb01MbUZtcUNZc1RYS1kxMjN0MEU4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC82NzRhYmItMjIxYS00NDU0LWFjZmMt
OTY1YTM0MTgwMTM2LzEvVG55eThYblBJaFpRdTZYai1XdkI0Mi00djdZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC82NzRhYmItMjIxYS00NDU0LWFjZmMtOTY1YTM0MTgwMTM2
LzEvc1JhTkJpb01MbUZtcUNZc1RYS1kxMjN0MEU4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBuUPQAwQB
uWbQAwQAuWbTMA0GCSqGSIb3DQEBCwUAA4IBAQCVzR4VXaeTfsOCcQ6ky5w9ektn
vZVAxO+DY7u5gPw+nsk/dUovhNDKju6ONuRiJogDClzYxWGVJ3N3aGXddHvtXliA
sC9J6R1SwJ1QXoo1kwj51XM0ZHlirqVpgIHWypvTKv5vrryUKfyLXhZb84Hwxp3y
K7oV77XdWE4h08aI1DiGMSZ3i4cbS1eYWod69ULmpfgYwxiUl+FXubwNLVUKo9sg
qmkvR2yusyo864wrQjidU8A3T0WNnpGinnMcSqYuDDZ45Lu6kISNVx9289dIqn9P
UWOwgewQnBr8D7UnB9i1DccA2nPtp3BGNHrZCRxRywiF067ze9U/bERs2nxu
-----END CERTIFICATE-----
Generated at Sat May 3 04:40:19 2025 by rpki-client