Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/tHYZf0OZrDDPRMzJHa1x1cRx7_I.roa
File: tHYZf0OZrDDPRMzJHa1x1cRx7_I.roa (raw, json)
Hash identifier: q8q0wj8plEZqRYqGzSo1xZeB0/gvcEcecuif8T64tSU=
Subject key identifier: B4:76:19:7F:43:99:AC:30:CF:44:CC:C9:1D:AD:71:D5:C4:71:EF:F2
Certificate issuer: /CN=62fdb67654df6184e7d60c4150ea9533c2cf9704
Certificate serial: 01888BAD05C899BADE210B3AE8DB8CABA87D
Authority key identifier: 62:FD:B6:76:54:DF:61:84:E7:D6:0C:41:50:EA:95:33:C2:CF:97:04
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/tHYZf0OZrDDPRMzJHa1x1cRx7_I.roa
Signing time: Mon 05 Jun 2023 13:09:12 +0000
ROA not before: Mon 05 Jun 2023 13:09:12 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 43260
IP address blocks: 5.180.234.0/24 maxlen: 24
85.208.106.0/24 maxlen: 24
45.9.2.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:8b:ad:05:c8:99:ba:de:21:0b:3a:e8:db:8c:ab:a8:7d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=62fdb67654df6184e7d60c4150ea9533c2cf9704
Validity
Not Before: Jun 5 13:09:12 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b476197f4399ac30cf44ccc91dad71d5c471eff2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:28:b7:dc:a3:87:f6:4e:d5:ee:aa:a6:ee:69:
b4:6b:ff:23:8a:d5:22:fb:38:f8:e1:64:9b:14:c9:
d2:5b:d0:c9:e1:2f:f8:fd:58:33:28:a3:d8:95:50:
91:2e:80:8b:46:fd:56:0f:a6:d2:7c:2f:6e:dc:e4:
35:eb:d9:7a:48:22:d2:da:e3:51:b6:26:63:25:40:
42:85:20:75:68:af:9a:40:63:8c:71:4c:4f:ce:09:
6b:2e:af:ce:18:58:73:77:b2:40:5d:5e:58:c9:82:
98:34:e0:b6:e2:cf:3c:b0:47:e2:28:a4:a5:c7:a0:
b2:d9:1b:ca:12:a3:d6:73:b5:4c:7d:cf:e5:dd:93:
72:72:68:81:a1:8d:91:b6:8f:a0:ac:82:74:7b:cd:
fd:62:3f:d0:6a:5a:aa:61:7c:f8:9c:f1:7b:39:f4:
46:1f:67:a8:c7:58:b9:46:70:ec:c7:7c:91:3c:31:
f7:1d:f0:c5:b2:9c:58:21:bb:42:d3:7e:6e:72:2c:
a4:18:ae:25:02:26:83:c7:22:9f:ca:32:cc:4a:59:
0c:c8:b7:a4:60:79:7a:96:6b:2a:e0:7e:c6:69:c2:
10:3d:df:27:20:12:41:23:17:16:9f:83:18:11:24:
55:9c:e9:43:a8:2a:99:46:fc:bf:4f:91:b5:c9:92:
6c:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:76:19:7F:43:99:AC:30:CF:44:CC:C9:1D:AD:71:D5:C4:71:EF:F2
X509v3 Authority Key Identifier:
keyid:62:FD:B6:76:54:DF:61:84:E7:D6:0C:41:50:EA:95:33:C2:CF:97:04
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/tHYZf0OZrDDPRMzJHa1x1cRx7_I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.180.234.0/24
45.9.2.0/24
85.208.106.0/24
Signature Algorithm: sha256WithRSAEncryption
0b:12:f5:a9:0a:a4:d2:1f:c9:46:89:f9:86:fe:ec:81:09:fc:
4c:f3:d3:73:78:0d:a9:3e:76:b7:40:c4:24:c4:0e:8d:bb:c0:
7c:e2:d7:31:4b:b9:c4:45:f0:7f:fd:5b:b0:96:f6:61:a0:c0:
45:07:d7:6d:7f:f3:29:0d:97:3f:61:d6:30:2c:d8:23:0f:5e:
ba:ce:6c:25:b9:6f:8c:73:24:07:10:fb:61:93:97:d8:f9:86:
bd:70:6a:7a:0e:43:50:e9:1d:ae:87:49:f9:65:bd:a0:a4:ca:
81:16:43:1e:db:8e:a1:81:93:b4:51:1c:97:91:ef:7f:5a:73:
10:d7:07:19:19:20:b1:24:a3:52:66:7b:dc:4c:65:0a:0d:e9:
45:aa:c6:01:87:18:40:f7:4e:50:ff:72:f3:2b:27:c9:69:1f:
cd:51:4b:14:84:99:86:94:ee:96:9c:28:ad:3d:6b:51:21:b0:
66:53:b5:de:61:0d:53:9f:0a:37:f2:91:6f:c7:d5:e7:fb:8b:
f4:55:52:d8:fb:8b:f7:14:db:db:a8:db:45:8c:68:06:0a:6d:
32:5e:c2:28:56:56:8a:f1:95:59:32:bb:7a:bf:23:49:0d:da:
02:14:bf:7c:2d:b0:cb:91:06:db:32:6f:75:3d:bb:8f:8e:b2:
56:6a:3b:1a
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYiLrQXImbreIQs66NuMq6h9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyZmRiNjc2NTRkZjYxODRlN2Q2MGM0MTUwZWE5NTMzYzJj
Zjk3MDQwHhcNMjMwNjA1MTMwOTEyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNDc2MTk3ZjQzOTlhYzMwY2Y0NGNjYzkxZGFkNzFkNWM0NzFlZmYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4yi33KOH9k7V7qqm7mm0a/8jitUi
+zj44WSbFMnSW9DJ4S/4/VgzKKPYlVCRLoCLRv1WD6bSfC9u3OQ169l6SCLS2uNR
tiZjJUBChSB1aK+aQGOMcUxPzglrLq/OGFhzd7JAXV5YyYKYNOC24s88sEfiKKSl
x6Cy2RvKEqPWc7VMfc/l3ZNycmiBoY2Rto+grIJ0e839Yj/QalqqYXz4nPF7OfRG
H2eox1i5RnDsx3yRPDH3HfDFspxYIbtC035uciykGK4lAiaDxyKfyjLMSlkMyLek
YHl6lmsq4H7GacIQPd8nIBJBIxcWn4MYESRVnOlDqCqZRvy/T5G1yZJsiwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFLR2GX9Dmawwz0TMyR2tcdXEce/yMB8GA1UdIwQY
MBaAFGL9tnZU32GE59YMQVDqlTPCz5cEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWXYyMmRsVGZZWVRuMWd4QlVPcVZNOExQbHdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMi83MDQwNzEtOGRjMC00ZWQ2LTk0NTct
ZTg2MTIxYzU5NGRmLzEvdEhZWmYwT1pyRERQUk16SkhhMXgxY1J4N19JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMi83MDQwNzEtOGRjMC00ZWQ2LTk0NTctZTg2MTIxYzU5NGRm
LzEvWXYyMmRsVGZZWVRuMWd4QlVPcVZNOExQbHdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQABbTqAwQA
LQkCAwQAVdBqMA0GCSqGSIb3DQEBCwUAA4IBAQALEvWpCqTSH8lGifmG/uyBCfxM
89NzeA2pPna3QMQkxA6Nu8B84tcxS7nERfB//VuwlvZhoMBFB9dtf/MpDZc/YdYw
LNgjD166zmwluW+McyQHEPthk5fY+Ya9cGp6DkNQ6R2uh0n5Zb2gpMqBFkMe246h
gZO0URyXke9/WnMQ1wcZGSCxJKNSZnvcTGUKDelFqsYBhxhA905Q/3LzKyfJaR/N
UUsUhJmGlO6WnCitPWtRIbBmU7XeYQ1Tnwo38pFvx9Xn+4v0VVLY+4v3FNvbqNtF
jGgGCm0yXsIoVlaK8ZVZMrt6vyNJDdoCFL98LbDLkQbbMm91PbuPjrJWajsa
-----END CERTIFICATE-----
Generated at Sat May 10 17:49:42 2025 by rpki-client