Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fc/6877ba-4e6c-4f5a-9cc2-af7da2b6edc5/1/ttPoGenF4g04uAlM4XBiJYM20WQ.roa
File: ttPoGenF4g04uAlM4XBiJYM20WQ.roa (raw, json)
Hash identifier: V4eBl5pSNp8SLrflrD1mx8VjXs3ktVBjHtYqToGciLs=
Subject key identifier: B6:D3:E8:19:E9:C5:E2:0D:38:B8:09:4C:E1:70:62:25:83:36:D1:64
Certificate issuer: /CN=f4c9baa4429da786591b72525852e6d97b32c1e8
Certificate serial: 01857270FA84BEAB4CD64026960869D36E2D
Authority key identifier: F4:C9:BA:A4:42:9D:A7:86:59:1B:72:52:58:52:E6:D9:7B:32:C1:E8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9Mm6pEKdp4ZZG3JSWFLm2Xsyweg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fc/6877ba-4e6c-4f5a-9cc2-af7da2b6edc5/1/ttPoGenF4g04uAlM4XBiJYM20WQ.roa
Signing time: Mon 02 Jan 2023 12:24:44 +0000
ROA not before: Mon 02 Jan 2023 12:24:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 202672
IP address blocks: 185.157.182.0/24 maxlen: 24
185.157.181.0/24 maxlen: 24
185.157.180.0/24 maxlen: 24
185.157.183.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:70:fa:84:be:ab:4c:d6:40:26:96:08:69:d3:6e:2d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f4c9baa4429da786591b72525852e6d97b32c1e8
Validity
Not Before: Jan 2 12:24:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b6d3e819e9c5e20d38b8094ce17062258336d164
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:41:d8:f6:4a:91:9f:63:e1:0c:6a:dd:da:dd:
38:b5:31:2a:f8:e5:ad:b4:eb:1f:a3:db:d7:12:cd:
b2:a5:03:de:91:a2:c2:e3:2e:ad:52:25:d3:6c:0b:
61:94:d8:1f:f4:7b:4f:72:71:ed:16:89:37:02:f2:
ee:9e:fa:f2:53:ef:6a:f4:31:9c:c1:a4:09:c3:94:
6d:54:de:53:7a:a3:ed:d0:12:43:d2:f2:1d:c5:93:
26:9b:65:2d:77:46:db:8f:cb:d0:4b:0c:04:70:05:
56:49:3f:11:29:61:bf:c2:d2:39:8c:f6:5c:f2:3b:
03:37:b2:60:8b:fa:9c:fe:f8:b5:6d:ce:3d:dd:4c:
6d:53:78:38:35:14:21:44:c4:a6:ed:ed:3b:5c:b7:
88:45:b8:27:e7:98:ca:b2:ca:ca:e3:1c:26:75:59:
41:6c:da:75:dc:a7:64:c1:63:7e:b4:d8:43:63:7b:
94:df:fc:66:f2:1b:56:26:94:8d:a7:9c:24:c9:00:
58:c2:b2:02:fe:59:ad:a8:d2:37:b0:77:11:53:fd:
51:49:b8:6b:58:83:82:c3:11:b8:9f:1f:d8:9c:e9:
ea:df:d4:c6:2d:b0:be:95:e9:e3:1a:1c:1b:44:8b:
6c:56:ac:a8:48:f8:e9:07:f8:1b:b3:c2:f5:df:c8:
c0:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:D3:E8:19:E9:C5:E2:0D:38:B8:09:4C:E1:70:62:25:83:36:D1:64
X509v3 Authority Key Identifier:
keyid:F4:C9:BA:A4:42:9D:A7:86:59:1B:72:52:58:52:E6:D9:7B:32:C1:E8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9Mm6pEKdp4ZZG3JSWFLm2Xsyweg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fc/6877ba-4e6c-4f5a-9cc2-af7da2b6edc5/1/ttPoGenF4g04uAlM4XBiJYM20WQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fc/6877ba-4e6c-4f5a-9cc2-af7da2b6edc5/1/9Mm6pEKdp4ZZG3JSWFLm2Xsyweg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.157.180.0/22
Signature Algorithm: sha256WithRSAEncryption
87:4f:16:b8:ca:2e:6b:5a:74:a0:0e:87:62:d7:b7:da:d6:22:
36:37:a1:a8:67:7f:ac:52:75:32:3a:1b:48:8c:9e:1c:0d:29:
f2:9c:45:90:c0:7f:77:17:72:27:98:60:bf:c0:5f:89:98:9e:
15:c8:71:c2:26:17:92:79:d4:a6:c4:10:dc:ae:c0:e5:fe:7e:
09:83:9b:d9:6e:0a:c0:d5:b4:75:5d:86:b4:28:e8:2c:e8:fc:
bf:e5:9b:79:d3:10:1f:2f:28:74:59:99:27:8a:6f:64:29:e7:
5c:6b:ea:ee:8f:fc:3a:60:69:9a:e2:51:11:c1:89:43:5b:9c:
54:8b:49:c5:2a:18:b7:df:06:13:ea:aa:7d:64:2f:4e:05:40:
9f:1c:10:43:11:80:27:25:70:19:43:12:04:5d:99:9a:19:0c:
32:57:22:93:9a:17:78:7e:a2:f3:3c:62:39:4f:a7:ef:74:25:
a9:5d:1e:9b:88:53:23:35:2b:7e:f8:20:ce:14:96:e8:f1:7c:
a2:67:af:76:0b:91:55:96:f8:37:c1:9a:43:68:74:bb:db:12:
e6:4e:25:b5:a9:52:dc:85:22:1f:0c:a0:59:51:f0:af:55:fb:
e8:4c:d4:8a:3f:27:13:75:ef:8c:8f:a9:39:aa:58:f9:b1:63:
3c:27:c7:0e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVycPqEvqtM1kAmlghp024tMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY0YzliYWE0NDI5ZGE3ODY1OTFiNzI1MjU4NTJlNmQ5N2Iz
MmMxZTgwHhcNMjMwMTAyMTIyNDQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNmQzZTgxOWU5YzVlMjBkMzhiODA5NGNlMTcwNjIyNTgzMzZkMTY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg0HY9kqRn2PhDGrd2t04tTEq+OWt
tOsfo9vXEs2ypQPekaLC4y6tUiXTbAthlNgf9HtPcnHtFok3AvLunvryU+9q9DGc
waQJw5RtVN5TeqPt0BJD0vIdxZMmm2Utd0bbj8vQSwwEcAVWST8RKWG/wtI5jPZc
8jsDN7Jgi/qc/vi1bc493UxtU3g4NRQhRMSm7e07XLeIRbgn55jKssrK4xwmdVlB
bNp13KdkwWN+tNhDY3uU3/xm8htWJpSNp5wkyQBYwrIC/lmtqNI3sHcRU/1RSbhr
WIOCwxG4nx/YnOnq39TGLbC+lenjGhwbRItsVqyoSPjpB/gbs8L138jAqwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLbT6BnpxeINOLgJTOFwYiWDNtFkMB8GA1UdIwQY
MBaAFPTJuqRCnaeGWRtyUlhS5tl7MsHoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOU1tNnBFS2RwNFpaRzNKU1dGTG0yWHN5d2VnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYy82ODc3YmEtNGU2Yy00ZjVhLTljYzIt
YWY3ZGEyYjZlZGM1LzEvdHRQb0dlbkY0ZzA0dUFsTTRYQmlKWU0yMFdRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYy82ODc3YmEtNGU2Yy00ZjVhLTljYzItYWY3ZGEyYjZlZGM1
LzEvOU1tNnBFS2RwNFpaRzNKU1dGTG0yWHN5d2VnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuZ20MA0G
CSqGSIb3DQEBCwUAA4IBAQCHTxa4yi5rWnSgDodi17fa1iI2N6GoZ3+sUnUyOhtI
jJ4cDSnynEWQwH93F3InmGC/wF+JmJ4VyHHCJheSedSmxBDcrsDl/n4Jg5vZbgrA
1bR1XYa0KOgs6Py/5Zt50xAfLyh0WZknim9kKedca+ruj/w6YGma4lERwYlDW5xU
i0nFKhi33wYT6qp9ZC9OBUCfHBBDEYAnJXAZQxIEXZmaGQwyVyKTmhd4fqLzPGI5
T6fvdCWpXR6biFMjNSt++CDOFJbo8XyiZ692C5FVlvg3wZpDaHS72xLmTiW1qVLc
hSIfDKBZUfCvVfvoTNSKPycTde+Mj6k5qlj5sWM8J8cO
-----END CERTIFICATE-----
Generated at Sun Apr 27 21:24:58 2025 by rpki-client