Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c9/c68d4d-8b64-4e75-9e54-57309df69642/1/bt20TlvwxF6PjXfk-Inrhx7XVu8.roa
File: bt20TlvwxF6PjXfk-Inrhx7XVu8.roa (raw, json)
Hash identifier: 6SpN2Vgkjrivuyd6S9Q0tFjGnuzJE2x3/m/lblTvSdU=
Subject key identifier: 6E:DD:B4:4E:5B:F0:C4:5E:8F:8D:77:E4:F8:89:EB:87:1E:D7:56:EF
Certificate issuer: /CN=8dc91c50bff9ca059e6e38b2e0c7eb852a630bba
Certificate serial: 0185709508450A383336F58EF0C7815DF50E
Authority key identifier: 8D:C9:1C:50:BF:F9:CA:05:9E:6E:38:B2:E0:C7:EB:85:2A:63:0B:BA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jckcUL_5ygWebjiy4MfrhSpjC7o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c9/c68d4d-8b64-4e75-9e54-57309df69642/1/bt20TlvwxF6PjXfk-Inrhx7XVu8.roa
Signing time: Mon 02 Jan 2023 03:44:53 +0000
ROA not before: Mon 02 Jan 2023 03:44:53 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 61134
IP address blocks: 194.169.126.0/24 maxlen: 24
195.20.212.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:95:08:45:0a:38:33:36:f5:8e:f0:c7:81:5d:f5:0e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8dc91c50bff9ca059e6e38b2e0c7eb852a630bba
Validity
Not Before: Jan 2 03:44:53 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6eddb44e5bf0c45e8f8d77e4f889eb871ed756ef
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:5e:bb:8f:e8:5c:60:4c:a1:d6:5a:5b:88:e6:
11:3d:95:dc:6a:a9:23:85:5d:57:66:7a:8f:6f:bb:
b0:2f:bc:ee:87:0f:03:22:22:e9:5a:6f:6f:45:96:
09:94:c8:4d:d5:fd:76:18:bf:9c:a1:2b:1c:d3:9b:
2e:02:f5:c1:09:65:a2:10:ba:4c:3e:a7:74:b9:66:
65:a0:61:db:22:87:82:5f:c0:ed:7e:86:9c:e4:98:
64:25:c1:fa:cc:9e:ff:73:58:bb:f9:62:02:ec:51:
78:d5:d7:ac:32:82:3a:6b:58:8a:3a:39:50:ee:76:
6a:d8:8d:80:6d:cd:0e:00:4f:96:8d:f2:2e:02:82:
a2:04:30:e9:70:aa:2f:c0:43:72:bf:9c:55:8b:dd:
a5:b1:2b:9a:a7:ce:99:c6:ea:17:d6:0e:08:1a:45:
e6:85:b0:6a:e3:01:3b:62:15:5c:e8:a5:03:12:f9:
aa:5f:ba:36:d3:39:49:9b:68:63:59:b7:2c:4b:a8:
0e:fe:cb:8f:cd:97:bc:49:48:e8:86:15:36:a6:22:
f3:3f:2b:9a:22:8a:6c:ea:12:64:84:13:1f:53:e0:
ee:6f:99:ae:3b:24:a6:5c:d7:b9:8d:34:6d:88:98:
a2:a8:ff:45:0e:d4:19:37:3b:cd:52:ff:fb:94:e4:
75:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:DD:B4:4E:5B:F0:C4:5E:8F:8D:77:E4:F8:89:EB:87:1E:D7:56:EF
X509v3 Authority Key Identifier:
keyid:8D:C9:1C:50:BF:F9:CA:05:9E:6E:38:B2:E0:C7:EB:85:2A:63:0B:BA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jckcUL_5ygWebjiy4MfrhSpjC7o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c9/c68d4d-8b64-4e75-9e54-57309df69642/1/bt20TlvwxF6PjXfk-Inrhx7XVu8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c9/c68d4d-8b64-4e75-9e54-57309df69642/1/jckcUL_5ygWebjiy4MfrhSpjC7o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.169.126.0/24
195.20.212.0/23
Signature Algorithm: sha256WithRSAEncryption
29:97:e3:de:fa:60:5d:23:08:29:a9:b5:88:88:42:3e:d5:2b:
0e:e8:7a:3d:21:91:bb:16:54:1d:b2:b1:68:98:19:a6:f8:1a:
af:3c:18:fe:11:4d:e9:77:14:1d:52:dd:9d:d5:b2:9f:cb:35:
d6:9a:c6:0c:c3:f9:cb:d2:c6:46:48:a8:b8:9b:b2:c5:fe:3e:
39:65:b6:99:96:48:95:79:1c:2d:92:1e:a8:3a:64:c4:1a:f5:
47:c2:c1:92:49:35:6c:7f:99:45:5c:f3:e4:9e:39:ef:01:42:
de:ee:10:8e:45:6c:70:8f:b0:0b:49:e8:6a:69:cb:e8:62:b9:
30:22:76:e9:87:fa:ea:02:28:3a:30:5b:cd:b7:61:f3:29:62:
5f:23:a5:62:3a:1b:6c:f1:a9:19:9d:fe:77:cc:07:03:c5:66:
95:4b:0c:d6:ef:c4:40:1b:d5:12:df:79:96:fd:e1:b7:ef:fb:
65:f4:ec:dd:f4:e9:8f:99:2b:bf:ee:20:3d:7c:cd:2e:71:ce:
aa:18:e7:cd:30:b6:c7:67:88:2b:f2:bd:65:99:87:b5:2a:0b:
9b:18:b5:87:ed:c4:b4:7d:5e:88:5b:9f:50:b7:fd:0f:05:d2:
c8:78:ef:69:5d:39:db:b3:89:ea:56:46:d5:cc:9d:66:c1:a0:
03:0a:b4:62
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVwlQhFCjgzNvWO8MeBXfUOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhkYzkxYzUwYmZmOWNhMDU5ZTZlMzhiMmUwYzdlYjg1MmE2
MzBiYmEwHhcNMjMwMTAyMDM0NDUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZWRkYjQ0ZTViZjBjNDVlOGY4ZDc3ZTRmODg5ZWI4NzFlZDc1NmVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxl67j+hcYEyh1lpbiOYRPZXcaqkj
hV1XZnqPb7uwL7zuhw8DIiLpWm9vRZYJlMhN1f12GL+coSsc05suAvXBCWWiELpM
Pqd0uWZloGHbIoeCX8Dtfoac5JhkJcH6zJ7/c1i7+WIC7FF41desMoI6a1iKOjlQ
7nZq2I2Abc0OAE+WjfIuAoKiBDDpcKovwENyv5xVi92lsSuap86ZxuoX1g4IGkXm
hbBq4wE7YhVc6KUDEvmqX7o20zlJm2hjWbcsS6gO/suPzZe8SUjohhU2piLzPyua
Iops6hJkhBMfU+Dub5muOySmXNe5jTRtiJiiqP9FDtQZNzvNUv/7lOR1yQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFG7dtE5b8MRej4135PiJ64ce11bvMB8GA1UdIwQY
MBaAFI3JHFC/+coFnm44suDH64UqYwu6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvamNrY1VMXzV5Z1dlYmppeTRNZnJoU3BqQzdvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOS9jNjhkNGQtOGI2NC00ZTc1LTllNTQt
NTczMDlkZjY5NjQyLzEvYnQyMFRsdnd4RjZQalhmay1JbnJoeDdYVnU4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOS9jNjhkNGQtOGI2NC00ZTc1LTllNTQtNTczMDlkZjY5NjQy
LzEvamNrY1VMXzV5Z1dlYmppeTRNZnJoU3BqQzdvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAwql+AwQB
wxTUMA0GCSqGSIb3DQEBCwUAA4IBAQApl+Pe+mBdIwgpqbWIiEI+1SsO6Ho9IZG7
FlQdsrFomBmm+BqvPBj+EU3pdxQdUt2d1bKfyzXWmsYMw/nL0sZGSKi4m7LF/j45
ZbaZlkiVeRwtkh6oOmTEGvVHwsGSSTVsf5lFXPPknjnvAULe7hCORWxwj7ALSehq
acvoYrkwInbph/rqAig6MFvNt2HzKWJfI6ViOhts8akZnf53zAcDxWaVSwzW78RA
G9US33mW/eG37/tl9Ozd9OmPmSu/7iA9fM0ucc6qGOfNMLbHZ4gr8r1lmYe1Kgub
GLWH7cS0fV6IW59Qt/0PBdLIeO9pXTnbs4nqVkbVzJ1mwaADCrRi
-----END CERTIFICATE-----
Generated at Fri May 2 05:24:54 2025 by rpki-client