Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e6/c5bef7-25b3-4463-b3bf-57a951f49930/1/taz2T33tM0x6FU0YGMfscl3OaQE.roa
File: taz2T33tM0x6FU0YGMfscl3OaQE.roa (raw, json)
Hash identifier: 9xJelvm0gzT7hWq0MlYqlnRhH76zlqjsmJ/zdCjh8uQ=
Subject key identifier: B5:AC:F6:4F:7D:ED:33:4C:7A:15:4D:18:18:C7:EC:72:5D:CE:69:01
Certificate issuer: /CN=1c233eee624c192c6c7dada1432de0b9e78b09ba
Certificate serial: 01856F66FF012F96A612D0563C3273A9813E
Authority key identifier: 1C:23:3E:EE:62:4C:19:2C:6C:7D:AD:A1:43:2D:E0:B9:E7:8B:09:BA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HCM-7mJMGSxsfa2hQy3gueeLCbo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e6/c5bef7-25b3-4463-b3bf-57a951f49930/1/taz2T33tM0x6FU0YGMfscl3OaQE.roa
Signing time: Sun 01 Jan 2023 22:14:58 +0000
ROA not before: Sun 01 Jan 2023 22:14:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 209551
IP address blocks: 185.146.204.0/22 maxlen: 32
185.74.216.0/22 maxlen: 32
5.154.160.0/21 maxlen: 32
185.192.28.0/22 maxlen: 32
2a11:8040::/29 maxlen: 64
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:66:ff:01:2f:96:a6:12:d0:56:3c:32:73:a9:81:3e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1c233eee624c192c6c7dada1432de0b9e78b09ba
Validity
Not Before: Jan 1 22:14:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b5acf64f7ded334c7a154d1818c7ec725dce6901
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:f6:2c:42:17:e1:8d:22:be:b7:8c:80:68:92:
2c:30:7b:4d:4f:19:1d:72:1e:6d:e5:0c:2c:76:d2:
1e:db:1c:22:96:98:ba:37:20:56:41:33:fa:0e:ab:
c9:74:0f:70:ff:e5:c7:9c:11:9f:7f:de:9c:88:2b:
34:e3:49:db:74:e5:e2:56:a8:00:c0:bd:91:62:f6:
60:b4:9b:c7:75:49:d5:7d:1c:8d:3c:ba:0e:4c:f7:
4a:54:bf:e0:d0:c0:b6:ec:06:6a:b3:45:6a:ec:bb:
79:7d:c0:c9:8c:07:9c:73:68:3b:c4:fe:ce:8e:2c:
9e:2d:8a:2f:a9:59:23:f3:27:54:1a:7d:42:d6:51:
47:1a:bf:f6:95:d9:80:47:16:28:9a:69:a4:93:a1:
eb:2f:b5:f1:a6:6d:4e:74:10:2d:ec:9d:9a:a8:58:
d2:ff:2f:8b:55:f3:16:c9:ae:46:4b:c6:b4:0e:ac:
80:8b:50:8d:d6:b3:f4:69:f8:de:a7:ce:2d:8a:bb:
5a:61:d4:a1:84:78:1b:8f:b8:96:32:50:14:87:d2:
22:2c:15:c7:23:09:11:35:19:60:ea:10:81:7b:7a:
78:e4:f4:3f:8b:10:88:b2:fd:d6:9e:8e:27:4c:30:
82:3b:a2:11:b9:1a:8f:84:46:4f:de:3c:6d:1b:e5:
d9:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:AC:F6:4F:7D:ED:33:4C:7A:15:4D:18:18:C7:EC:72:5D:CE:69:01
X509v3 Authority Key Identifier:
keyid:1C:23:3E:EE:62:4C:19:2C:6C:7D:AD:A1:43:2D:E0:B9:E7:8B:09:BA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HCM-7mJMGSxsfa2hQy3gueeLCbo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/c5bef7-25b3-4463-b3bf-57a951f49930/1/taz2T33tM0x6FU0YGMfscl3OaQE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/c5bef7-25b3-4463-b3bf-57a951f49930/1/HCM-7mJMGSxsfa2hQy3gueeLCbo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.154.160.0/21
185.74.216.0/22
185.146.204.0/22
185.192.28.0/22
IPv6:
2a11:8040::/29
Signature Algorithm: sha256WithRSAEncryption
b4:76:ce:76:61:fc:2b:3c:0c:09:76:a5:13:b0:9e:c3:7a:9e:
6d:a8:4b:66:be:a7:de:d1:d3:b2:91:da:5f:0b:34:a9:2c:ea:
8e:38:ad:9a:70:81:85:f2:3d:70:e9:97:f9:86:8a:3a:44:e7:
77:74:da:52:c8:bb:1c:0a:56:24:05:b9:39:34:53:4a:20:fa:
8b:20:f3:cc:2a:a0:2e:aa:78:fc:75:cd:ad:92:c2:fe:39:8b:
29:38:a8:81:0e:a2:64:98:0c:60:9c:0a:ff:fb:a3:3e:16:f0:
0d:9d:d2:93:76:b5:a9:b6:aa:6a:23:81:d7:51:ac:8e:55:68:
bf:b8:fa:f9:a3:71:09:f6:d5:02:b4:a9:03:3a:b9:d1:38:8d:
23:a7:e9:55:74:60:79:c3:6d:34:11:02:0c:31:ec:9e:f7:0f:
a2:b7:a1:9d:10:a2:92:61:a3:b6:a5:22:5e:9a:01:78:6a:12:
1d:f1:b0:3c:af:ea:42:67:4e:13:66:ac:01:19:f3:c4:28:d0:
07:b4:dc:81:f0:44:b2:13:b7:50:39:06:fc:84:54:e6:a0:38:
4e:15:b7:81:2a:62:d7:c4:52:3b:06:5f:a5:d5:96:4b:2a:24:
34:6c:0e:1a:d7:98:55:db:9e:f8:8d:f2:e4:dd:73:71:57:e4:
2c:a1:63:a7
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYVvZv8BL5amEtBWPDJzqYE+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjMjMzZWVlNjI0YzE5MmM2YzdkYWRhMTQzMmRlMGI5ZTc4
YjA5YmEwHhcNMjMwMTAxMjIxNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNWFjZjY0ZjdkZWQzMzRjN2ExNTRkMTgxOGM3ZWM3MjVkY2U2OTAxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlvYsQhfhjSK+t4yAaJIsMHtNTxkd
ch5t5QwsdtIe2xwilpi6NyBWQTP6DqvJdA9w/+XHnBGff96ciCs040nbdOXiVqgA
wL2RYvZgtJvHdUnVfRyNPLoOTPdKVL/g0MC27AZqs0Vq7Lt5fcDJjAecc2g7xP7O
jiyeLYovqVkj8ydUGn1C1lFHGr/2ldmARxYommmkk6HrL7Xxpm1OdBAt7J2aqFjS
/y+LVfMWya5GS8a0DqyAi1CN1rP0afjep84tirtaYdShhHgbj7iWMlAUh9IiLBXH
IwkRNRlg6hCBe3p45PQ/ixCIsv3Wno4nTDCCO6IRuRqPhEZP3jxtG+XZmQIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFLWs9k997TNMehVNGBjH7HJdzmkBMB8GA1UdIwQY
MBaAFBwjPu5iTBksbH2toUMt4Lnniwm6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSENNLTdtSk1HU3hzZmEyaFF5M2d1ZWVMQ2JvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNi9jNWJlZjctMjViMy00NDYzLWIzYmYt
NTdhOTUxZjQ5OTMwLzEvdGF6MlQzM3RNMHg2RlUwWUdNZnNjbDNPYVFFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNi9jNWJlZjctMjViMy00NDYzLWIzYmYtNTdhOTUxZjQ5OTMw
LzEvSENNLTdtSk1HU3hzZmEyaFF5M2d1ZWVMQ2JvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQDBZqgAwQC
uUrYAwQCuZLMAwQCucAcMA0EAgACMAcDBQMqEYBAMA0GCSqGSIb3DQEBCwUAA4IB
AQC0ds52YfwrPAwJdqUTsJ7Dep5tqEtmvqfe0dOykdpfCzSpLOqOOK2acIGF8j1w
6Zf5hoo6ROd3dNpSyLscClYkBbk5NFNKIPqLIPPMKqAuqnj8dc2tksL+OYspOKiB
DqJkmAxgnAr/+6M+FvANndKTdrWptqpqI4HXUayOVWi/uPr5o3EJ9tUCtKkDOrnR
OI0jp+lVdGB5w200EQIMMeye9w+it6GdEKKSYaO2pSJemgF4ahId8bA8r+pCZ04T
ZqwBGfPEKNAHtNyB8ESyE7dQOQb8hFTmoDhOFbeBKmLXxFI7Bl+l1ZZLKiQ0bA4a
15hV2574jfLk3XNxV+QsoWOn
-----END CERTIFICATE-----
Generated at Mon May 12 03:39:37 2025 by rpki-client