Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9a/40d9a5-2566-49e1-a57b-d1abf4ee32cb/1/tlrJiO_GdaoRGdYrke_NL25DM5A.roa
File: tlrJiO_GdaoRGdYrke_NL25DM5A.roa (raw, json)
Hash identifier: SbPYkxfsGIj/cGsgaUQgT1loGiloUZw7fecV1KRfebI=
Subject key identifier: B6:5A:C9:88:EF:C6:75:AA:11:19:D6:2B:91:EF:CD:2F:6E:43:33:90
Certificate issuer: /CN=359f0f5ff620e0db5311f64736909973ac60f6f3
Certificate serial: 392ECABE
Authority key identifier: 35:9F:0F:5F:F6:20:E0:DB:53:11:F6:47:36:90:99:73:AC:60:F6:F3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NZ8PX_Yg4NtTEfZHNpCZc6xg9vM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9a/40d9a5-2566-49e1-a57b-d1abf4ee32cb/1/tlrJiO_GdaoRGdYrke_NL25DM5A.roa
Signing time: Wed 18 May 2022 06:42:29 +0000
ROA not before: Wed 18 May 2022 06:42:29 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 198668
IP address blocks: 185.97.24.0/22 maxlen: 22
185.64.222.0/24 maxlen: 32
37.221.240.0/20 maxlen: 32
45.153.192.0/22 maxlen: 22
185.19.0.0/22 maxlen: 32
185.74.60.0/23 maxlen: 32
85.255.88.0/22 maxlen: 22
2a0d:3140::/29 maxlen: 29
2a03:d840:ffff::/48 maxlen: 48
2a04:c740::/29 maxlen: 48
2a0f:9300::/29 maxlen: 29
2a03:d840::/32 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 959367870 (0x392ecabe)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=359f0f5ff620e0db5311f64736909973ac60f6f3
Validity
Not Before: May 18 06:42:29 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=b65ac988efc675aa1119d62b91efcd2f6e433390
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:99:9e:16:0d:b5:68:b8:68:8e:1a:b9:ec:69:
01:a9:00:67:e1:6e:82:3c:0a:a3:3a:07:54:ed:c4:
a8:2a:15:f5:47:c2:34:ef:d8:6c:6a:05:57:c9:42:
81:c6:55:ec:7a:62:79:fc:b8:79:92:e7:09:86:0c:
19:27:35:6f:fa:d3:f0:97:8d:e2:6e:a3:d5:04:62:
ac:6d:68:0e:1a:7a:02:09:a3:5e:10:2d:9f:f3:5d:
1e:35:f0:33:ff:5b:49:e7:58:63:02:78:c8:f4:c4:
ab:41:a6:e0:66:87:76:e9:ff:58:ee:51:03:34:61:
ea:41:29:f4:52:ef:df:97:71:26:c4:0d:71:a6:26:
7a:7e:33:d2:1c:f8:0a:cb:06:45:0b:70:31:09:dc:
6e:aa:12:02:4c:22:ab:8e:c6:58:d7:b3:fe:06:5c:
96:12:ec:5e:82:a0:86:84:30:c4:76:fa:8a:da:58:
9b:ce:44:61:fb:ca:ff:ad:26:d1:0b:7f:34:03:8f:
b8:66:4c:c6:7a:17:74:02:88:4f:ca:eb:b7:e3:f4:
ed:9b:2e:d6:ea:c6:aa:10:b0:5d:fa:19:5c:f7:cc:
fc:f0:d3:bf:74:6d:40:6e:62:ed:89:c3:75:d6:47:
f8:2c:11:a5:1a:52:57:3a:03:a0:9e:d7:b4:84:8e:
39:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:5A:C9:88:EF:C6:75:AA:11:19:D6:2B:91:EF:CD:2F:6E:43:33:90
X509v3 Authority Key Identifier:
keyid:35:9F:0F:5F:F6:20:E0:DB:53:11:F6:47:36:90:99:73:AC:60:F6:F3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NZ8PX_Yg4NtTEfZHNpCZc6xg9vM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/40d9a5-2566-49e1-a57b-d1abf4ee32cb/1/tlrJiO_GdaoRGdYrke_NL25DM5A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/40d9a5-2566-49e1-a57b-d1abf4ee32cb/1/NZ8PX_Yg4NtTEfZHNpCZc6xg9vM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.221.240.0/20
45.153.192.0/22
85.255.88.0/22
185.19.0.0/22
185.64.222.0/24
185.74.60.0/23
185.97.24.0/22
IPv6:
2a03:d840::/32
2a04:c740::/29
2a0d:3140::/29
2a0f:9300::/29
Signature Algorithm: sha256WithRSAEncryption
9f:36:46:b0:39:94:94:24:6c:cd:29:70:d3:fd:09:65:70:b6:
43:e9:9b:57:a4:7e:f2:26:0b:dc:b2:1f:bb:d8:fd:35:f7:42:
a8:34:cc:ce:70:83:2e:6f:3a:59:aa:ec:ca:96:c0:67:85:b0:
c1:12:96:1f:49:43:3a:79:2a:b7:38:9b:ff:5f:52:38:8f:db:
09:bf:a4:15:e3:9c:91:d7:bd:a8:a4:08:84:70:f8:6a:39:e2:
d0:94:98:a8:61:81:fd:bc:c1:02:3c:0b:7c:dd:71:b0:3b:66:
df:4e:5c:c8:65:79:a2:dc:a3:2f:4c:e2:90:32:05:2e:7b:71:
8b:f3:05:b5:82:05:b0:f8:2d:2c:a9:c5:3d:82:0b:c1:80:46:
6e:25:73:54:35:62:08:0f:4c:ae:5d:5c:3a:06:da:9e:e7:aa:
48:29:96:17:8f:0d:f2:d4:90:e0:5c:8c:c8:83:3d:36:cb:d2:
ef:85:85:38:57:1b:4f:1d:60:bc:ed:5a:84:72:ae:0d:82:89:
a7:fe:99:17:83:b7:69:5f:ec:a0:46:2d:cf:a9:5f:71:73:65:
d1:f9:b1:15:d7:b8:60:aa:ba:7f:db:c0:78:b4:2e:8f:7e:37:
9b:17:60:ba:9b:c8:73:1d:71:75:03:bf:de:54:5c:72:6c:57:
2f:6e:1a:08
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIEOS7KvjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
NTlmMGY1ZmY2MjBlMGRiNTMxMWY2NDczNjkwOTk3M2FjNjBmNmYzMB4XDTIyMDUx
ODA2NDIyOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYjY1YWM5ODhlZmM2
NzVhYTExMTlkNjJiOTFlZmNkMmY2ZTQzMzM5MDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANiZnhYNtWi4aI4auexpAakAZ+FugjwKozoHVO3EqCoV9UfC
NO/YbGoFV8lCgcZV7Hpiefy4eZLnCYYMGSc1b/rT8JeN4m6j1QRirG1oDhp6Agmj
XhAtn/NdHjXwM/9bSedYYwJ4yPTEq0Gm4GaHdun/WO5RAzRh6kEp9FLv35dxJsQN
caYmen4z0hz4CssGRQtwMQncbqoSAkwiq47GWNez/gZclhLsXoKghoQwxHb6itpY
m85EYfvK/60m0Qt/NAOPuGZMxnoXdAKIT8rrt+P07Zsu1urGqhCwXfoZXPfM/PDT
v3RtQG5i7YnDddZH+CwRpRpSVzoDoJ7XtISOOUMCAwEAAaOCAlEwggJNMB0GA1Ud
DgQWBBS2WsmI78Z1qhEZ1iuR780vbkMzkDAfBgNVHSMEGDAWgBQ1nw9f9iDg21MR
9kc2kJlzrGD28zAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L05aOFBYX1lnNE50VEVmWkhOcENaYzZ4Zzl2TS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOWEvNDBkOWE1LTI1NjYtNDllMS1hNTdiLWQxYWJmNGVlMzJjYi8x
L3RsckppT19HZGFvUkdkWXJrZV9OTDI1RE01QS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOWEv
NDBkOWE1LTI1NjYtNDllMS1hNTdiLWQxYWJmNGVlMzJjYi8xL05aOFBYX1lnNE50
VEVmWkhOcENaYzZ4Zzl2TS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBn
BggrBgEFBQcBBwEB/wRYMFYwMAQCAAEwKgMEBCXd8AMEAi2ZwAMEAlX/WAMEArkT
AAMEALlA3gMEAblKPAMEArlhGDAiBAIAAjAcAwUAKgPYQAMFAyoEx0ADBQMqDTFA
AwUDKg+TADANBgkqhkiG9w0BAQsFAAOCAQEAnzZGsDmUlCRszSlw0/0JZXC2Q+mb
V6R+8iYL3LIfu9j9NfdCqDTMznCDLm86WarsypbAZ4WwwRKWH0lDOnkqtzib/19S
OI/bCb+kFeOckde9qKQIhHD4ajni0JSYqGGB/bzBAjwLfN1xsDtm305cyGV5otyj
L0zikDIFLntxi/MFtYIFsPgtLKnFPYILwYBGbiVzVDViCA9Mrl1cOgbanueqSCmW
F48N8tSQ4FyMyIM9NsvS74WFOFcbTx1gvO1ahHKuDYKJp/6ZF4O3aV/soEYtz6lf
cXNl0fmxFde4YKq6f9vAeLQuj343mxdgupvIcx1xdQO/3lRccmxXL24aCA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:25:32 2024 by rpki-client on console-ams.rpki-client.org