Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/93/6ce0c0-937c-4a43-9e84-18e5c537d51d/1/tMgfdflW1HfrjIX1OmftqfAiGYM.roa
File: tMgfdflW1HfrjIX1OmftqfAiGYM.roa (raw, json)
Hash identifier: TEZ+04G9ENofbFYH1QSbRnejIyew5GW13kx1nCrgkw8=
Subject key identifier: B4:C8:1F:75:F9:56:D4:77:EB:8C:85:F5:3A:67:ED:A9:F0:22:19:83
Certificate issuer: /CN=70de707d6c01006b2aca687eaab29cb4736b7668
Certificate serial: 17D0A56A
Authority key identifier: 70:DE:70:7D:6C:01:00:6B:2A:CA:68:7E:AA:B2:9C:B4:73:6B:76:68
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cN5wfWwBAGsqymh-qrKctHNrdmg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/93/6ce0c0-937c-4a43-9e84-18e5c537d51d/1/tMgfdflW1HfrjIX1OmftqfAiGYM.roa
Signing time: Sat 01 Jan 2022 03:57:20 +0000
ROA not before: Sat 01 Jan 2022 03:57:20 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 208357
IP address blocks: 185.54.138.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 399549802 (0x17d0a56a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=70de707d6c01006b2aca687eaab29cb4736b7668
Validity
Not Before: Jan 1 03:57:20 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=b4c81f75f956d477eb8c85f53a67eda9f0221983
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:44:d0:f8:23:40:e0:d1:f3:71:de:be:5b:da:
fc:f2:61:a9:60:4e:ce:68:fc:dc:2a:86:05:fd:af:
20:40:bc:8b:a8:63:11:67:5c:30:1e:49:e7:8c:48:
a2:28:c5:b3:bc:b3:92:b0:3c:39:40:c2:30:12:9e:
a5:c4:bd:2c:88:a3:19:2d:c4:17:ca:35:6a:b3:9c:
8f:92:98:91:28:eb:c9:c3:15:23:1c:bd:7d:fb:1e:
07:95:e6:29:3a:db:0a:28:00:57:26:3c:e0:06:da:
b2:67:e9:a9:83:e2:a6:81:4b:37:b9:48:2e:99:af:
14:de:4c:4e:41:cb:33:80:26:c6:f0:05:6f:ba:db:
63:64:1d:65:07:8c:61:09:18:6d:bb:e8:61:0e:09:
9e:8f:45:f8:ce:3e:43:7f:d2:23:4b:3c:5b:a2:9e:
c5:bb:0b:3b:cd:e5:01:bf:66:13:14:47:4d:a6:73:
0f:dd:31:89:ae:25:47:19:37:0e:b7:8c:07:6b:70:
56:e7:50:7c:38:da:7c:c3:16:91:01:e3:3c:13:1f:
5c:5f:b1:0e:5e:13:39:ec:5b:9f:84:6d:e4:e0:da:
63:26:dc:04:c3:47:29:a0:a0:cd:d6:27:04:44:cc:
3b:5c:73:4e:6d:bf:27:a2:d7:3b:72:5e:b5:59:4f:
10:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:C8:1F:75:F9:56:D4:77:EB:8C:85:F5:3A:67:ED:A9:F0:22:19:83
X509v3 Authority Key Identifier:
keyid:70:DE:70:7D:6C:01:00:6B:2A:CA:68:7E:AA:B2:9C:B4:73:6B:76:68
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cN5wfWwBAGsqymh-qrKctHNrdmg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/93/6ce0c0-937c-4a43-9e84-18e5c537d51d/1/tMgfdflW1HfrjIX1OmftqfAiGYM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/93/6ce0c0-937c-4a43-9e84-18e5c537d51d/1/cN5wfWwBAGsqymh-qrKctHNrdmg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.54.138.0/24
Signature Algorithm: sha256WithRSAEncryption
24:32:68:f7:07:3f:04:5b:37:cf:44:18:c3:61:70:b3:ce:ff:
62:54:c7:62:4b:79:dc:49:dd:d2:95:a0:9d:e9:fc:bd:5b:ee:
7b:4b:4c:cc:47:a3:85:d5:52:b9:33:3c:df:1e:b6:88:ea:ed:
b7:be:71:2f:bb:09:33:79:87:7f:0b:e3:4d:d2:d1:d6:4c:16:
dd:4c:84:a0:79:53:79:d2:43:a4:d2:2b:70:06:e2:47:a2:96:
d0:a1:52:c1:8d:32:4e:4b:82:2b:c8:13:94:aa:f9:01:38:30:
39:2f:82:3b:07:ae:ce:28:82:67:54:5e:f1:94:15:a5:c4:c3:
c0:d9:29:cf:04:f5:bb:30:ec:0b:0f:0a:b8:93:10:91:54:e2:
45:d1:13:b8:82:92:b9:9d:23:74:32:7d:4e:c2:9a:4b:76:24:
8a:73:69:1a:4d:fd:2c:88:e3:8e:e6:60:2b:d7:ae:a4:ca:c4:
cb:47:9e:0a:92:0e:e8:ef:a3:b9:8d:86:55:3d:4d:cf:ff:ab:
e8:27:3d:b9:2b:1b:a9:a8:49:ee:d4:54:7f:9d:2d:c5:2d:1e:
fb:3e:ca:36:72:74:63:20:a9:64:92:c0:69:33:03:08:0c:c2:
cc:0a:1a:2f:28:1f:da:a1:29:21:30:7d:a6:57:8a:50:e6:c0:
e6:ab:3f:00
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEF9ClajANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
MGRlNzA3ZDZjMDEwMDZiMmFjYTY4N2VhYWIyOWNiNDczNmI3NjY4MB4XDTIyMDEw
MTAzNTcyMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYjRjODFmNzVmOTU2
ZDQ3N2ViOGM4NWY1M2E2N2VkYTlmMDIyMTk4MzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMNE0PgjQODR83Hevlva/PJhqWBOzmj83CqGBf2vIEC8i6hj
EWdcMB5J54xIoijFs7yzkrA8OUDCMBKepcS9LIijGS3EF8o1arOcj5KYkSjrycMV
Ixy9ffseB5XmKTrbCigAVyY84AbasmfpqYPipoFLN7lILpmvFN5MTkHLM4AmxvAF
b7rbY2QdZQeMYQkYbbvoYQ4Jno9F+M4+Q3/SI0s8W6KexbsLO83lAb9mExRHTaZz
D90xia4lRxk3DreMB2twVudQfDjafMMWkQHjPBMfXF+xDl4TOexbn4Rt5ODaYybc
BMNHKaCgzdYnBETMO1xzTm2/J6LXO3JetVlPECMCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBS0yB91+VbUd+uMhfU6Z+2p8CIZgzAfBgNVHSMEGDAWgBRw3nB9bAEAayrK
aH6qspy0c2t2aDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2NONXdmV3dCQUdzcXltaC1xcktjdEhOcmRtZy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOTMvNmNlMGMwLTkzN2MtNGE0My05ZTg0LTE4ZTVjNTM3ZDUxZC8x
L3RNZ2ZkZmxXMUhmcmpJWDFPbWZ0cWZBaUdZTS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOTMv
NmNlMGMwLTkzN2MtNGE0My05ZTg0LTE4ZTVjNTM3ZDUxZC8xL2NONXdmV3dCQUdz
cXltaC1xcktjdEhOcmRtZy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEALk2ijANBgkqhkiG9w0BAQsFAAOC
AQEAJDJo9wc/BFs3z0QYw2Fws87/YlTHYkt53End0pWgnen8vVvue0tMzEejhdVS
uTM83x62iOrtt75xL7sJM3mHfwvjTdLR1kwW3UyEoHlTedJDpNIrcAbiR6KW0KFS
wY0yTkuCK8gTlKr5ATgwOS+COweuziiCZ1Re8ZQVpcTDwNkpzwT1uzDsCw8KuJMQ
kVTiRdETuIKSuZ0jdDJ9TsKaS3YkinNpGk39LIjjjuZgK9eupMrEy0eeCpIO6O+j
uY2GVT1Nz/+r6Cc9uSsbqahJ7tRUf50txS0e+z7KNnJ0YyCpZJLAaTMDCAzCzAoa
Lygf2qEpITB9pleKUObA5qs/AA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:24:17 2024 by rpki-client on console-ams.rpki-client.org