Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5d/1433ea-1080-46e5-b612-297e282d66a8/1/TZH5kxxn6rxloh12ekREUoiWyOU.roa
File: TZH5kxxn6rxloh12ekREUoiWyOU.roa (raw, json)
Hash identifier: deR6CFIFi+ceWr/hhgUUTV61rqU70Pvb4M75UhJr/2M=
Subject key identifier: 4D:91:F9:93:1C:67:EA:BC:65:A2:1D:76:7A:44:44:52:88:96:C8:E5
Certificate issuer: /CN=26a5aa918cbfeb3e12997f33890feb258907b343
Certificate serial: 04DA8311
Authority key identifier: 26:A5:AA:91:8C:BF:EB:3E:12:99:7F:33:89:0F:EB:25:89:07:B3:43
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JqWqkYy_6z4SmX8ziQ_rJYkHs0M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5d/1433ea-1080-46e5-b612-297e282d66a8/1/TZH5kxxn6rxloh12ekREUoiWyOU.roa
Signing time: Tue 07 Jun 2022 03:16:21 +0000
ROA not before: Tue 07 Jun 2022 03:16:21 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 198414
IP address blocks: 185.25.148.0/22 maxlen: 24
185.5.96.0/22 maxlen: 24
193.17.184.0/24 maxlen: 24
91.234.146.0/24 maxlen: 24
91.239.66.0/23 maxlen: 24
91.228.196.0/22 maxlen: 24
185.180.204.0/22 maxlen: 24
185.201.112.0/22 maxlen: 24
91.237.52.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 81429265 (0x4da8311)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=26a5aa918cbfeb3e12997f33890feb258907b343
Validity
Not Before: Jun 7 03:16:21 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=4d91f9931c67eabc65a21d767a4444528896c8e5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:7f:89:a3:77:ee:65:4f:2f:ee:e5:48:9d:2c:
4f:a1:ca:7f:a4:2e:c2:f0:7a:31:a1:b0:79:08:e3:
9b:7a:93:f0:d9:85:9f:84:34:c1:c5:96:c4:da:7e:
9e:5a:62:d6:20:09:93:f2:b5:f8:29:d2:a4:d7:8f:
1b:0b:95:47:a2:2b:35:46:85:2c:3e:c3:40:96:c2:
89:ab:25:30:f1:b9:78:03:90:9d:8b:13:f6:82:a1:
d7:55:02:3a:db:9c:a0:8c:93:69:0a:fd:f6:90:e3:
c2:1f:21:fd:54:eb:a2:93:c0:a6:6b:70:e0:e1:a9:
8e:dd:c4:1f:5c:b6:62:26:7d:86:b3:4f:95:e4:55:
13:9e:46:55:be:5a:39:be:99:0f:ee:75:b1:08:85:
66:1d:9a:a6:24:58:e4:81:8b:2a:32:c5:2d:61:b1:
63:35:41:bb:ca:8f:43:37:db:67:27:25:65:6e:4a:
7b:54:43:95:85:16:1d:46:a7:b5:be:58:48:3d:8e:
af:d4:28:f4:35:77:af:4e:24:d8:d6:f5:32:dc:1b:
66:8f:24:bf:a1:e7:b2:37:8d:57:65:44:87:ff:11:
f6:c4:f3:da:67:2b:e6:0f:db:6f:21:a3:78:7e:94:
06:08:ce:1a:86:09:e6:71:72:2a:66:f8:f4:d7:ab:
d3:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:91:F9:93:1C:67:EA:BC:65:A2:1D:76:7A:44:44:52:88:96:C8:E5
X509v3 Authority Key Identifier:
keyid:26:A5:AA:91:8C:BF:EB:3E:12:99:7F:33:89:0F:EB:25:89:07:B3:43
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JqWqkYy_6z4SmX8ziQ_rJYkHs0M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/1433ea-1080-46e5-b612-297e282d66a8/1/TZH5kxxn6rxloh12ekREUoiWyOU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/1433ea-1080-46e5-b612-297e282d66a8/1/JqWqkYy_6z4SmX8ziQ_rJYkHs0M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.228.196.0/22
91.234.146.0/24
91.237.52.0/24
91.239.66.0/23
185.5.96.0/22
185.25.148.0/22
185.180.204.0/22
185.201.112.0/22
193.17.184.0/24
Signature Algorithm: sha256WithRSAEncryption
0b:be:9f:5d:d4:81:a6:a8:a3:8c:ca:67:f9:cf:09:cb:17:b5:
e3:57:c3:7a:43:bd:d7:c7:03:41:96:07:c6:4d:ee:3e:8e:b7:
90:d3:a5:76:3b:67:aa:3b:a2:aa:bd:3b:93:6f:08:6c:a2:19:
6b:bc:10:ff:21:0d:46:4e:07:e7:03:df:a2:39:5e:d5:ca:b5:
81:ee:74:91:1c:4f:48:bf:a2:98:1e:2b:ca:82:eb:16:f8:2d:
b9:aa:c4:99:56:84:fd:24:e5:17:eb:22:e8:12:f4:43:7f:b4:
84:84:7c:0f:6a:e3:bf:05:c0:2d:7f:60:ba:b9:6b:37:33:8e:
ba:1f:df:a5:9b:11:b7:33:ae:b9:e4:ef:cd:8f:4a:c1:5a:ca:
e4:8e:a8:e7:96:d4:71:41:fc:73:dc:23:37:20:9e:c8:c7:59:
57:1b:07:07:9d:f6:61:5c:ed:65:24:5f:29:b9:31:af:40:e1:
6e:6f:90:61:34:d3:04:c5:52:26:4f:10:81:4b:f2:b9:2b:72:
2b:6e:70:aa:d8:39:46:32:8c:cb:21:f4:35:ae:cf:b9:15:8c:
02:ea:52:4a:fc:e8:24:2e:5d:24:d1:dd:84:d8:23:a7:2e:cd:
f9:de:40:71:94:f1:ad:8b:5b:a1:65:f0:e0:07:0e:14:d7:1e:
d7:e4:98:8d
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgIEBNqDETANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
NmE1YWE5MThjYmZlYjNlMTI5OTdmMzM4OTBmZWIyNTg5MDdiMzQzMB4XDTIyMDYw
NzAzMTYyMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNGQ5MWY5OTMxYzY3
ZWFiYzY1YTIxZDc2N2E0NDQ0NTI4ODk2YzhlNTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKh/iaN37mVPL+7lSJ0sT6HKf6QuwvB6MaGweQjjm3qT8NmF
n4Q0wcWWxNp+nlpi1iAJk/K1+CnSpNePGwuVR6IrNUaFLD7DQJbCiaslMPG5eAOQ
nYsT9oKh11UCOtucoIyTaQr99pDjwh8h/VTropPApmtw4OGpjt3EH1y2YiZ9hrNP
leRVE55GVb5aOb6ZD+51sQiFZh2apiRY5IGLKjLFLWGxYzVBu8qPQzfbZyclZW5K
e1RDlYUWHUantb5YSD2Or9Qo9DV3r04k2Nb1MtwbZo8kv6HnsjeNV2VEh/8R9sTz
2mcr5g/bbyGjeH6UBgjOGoYJ5nFyKmb49Ner07cCAwEAAaOCAjkwggI1MB0GA1Ud
DgQWBBRNkfmTHGfqvGWiHXZ6RERSiJbI5TAfBgNVHSMEGDAWgBQmpaqRjL/rPhKZ
fzOJD+sliQezQzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0pxV3FrWXlfNno0U21YOHppUV9ySllrSHMwTS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNWQvMTQzM2VhLTEwODAtNDZlNS1iNjEyLTI5N2UyODJkNjZhOC8x
L1RaSDVreHhuNnJ4bG9oMTJla1JFVW9pV3lPVS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNWQv
MTQzM2VhLTEwODAtNDZlNS1iNjEyLTI5N2UyODJkNjZhOC8xL0pxV3FrWXlfNno0
U21YOHppUV9ySllrSHMwTS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBP
BggrBgEFBQcBBwEB/wRAMD4wPAQCAAEwNgMEAlvkxAMEAFvqkgMEAFvtNAMEAVvv
QgMEArkFYAMEArkZlAMEArm0zAMEArnJcAMEAMERuDANBgkqhkiG9w0BAQsFAAOC
AQEAC76fXdSBpqijjMpn+c8Jyxe141fDekO918cDQZYHxk3uPo63kNOldjtnqjui
qr07k28IbKIZa7wQ/yENRk4H5wPfojle1cq1ge50kRxPSL+imB4ryoLrFvgtuarE
mVaE/STlF+si6BL0Q3+0hIR8D2rjvwXALX9gurlrNzOOuh/fpZsRtzOuueTvzY9K
wVrK5I6o55bUcUH8c9wjNyCeyMdZVxsHB532YVztZSRfKbkxr0Dhbm+QYTTTBMVS
Jk8QgUvyuStyK25wqtg5RjKMyyH0Na7PuRWMAupSSvzoJC5dJNHdhNgjpy7N+d5A
cZTxrYtboWXw4AcOFNce1+SYjQ==
-----END CERTIFICATE-----
Generated at Sat May 3 09:56:15 2025 by rpki-client