Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/TJQBqU1l9XVokdUXwuOMPry8hXw.roa
File: TJQBqU1l9XVokdUXwuOMPry8hXw.roa (raw, json)
Hash identifier: zZO255ccnaCoAXbQAZthTCPLmdFCU98xWKA3ybte3co=
Subject key identifier: 4C:94:01:A9:4D:65:F5:75:68:91:D5:17:C2:E3:8C:3E:BC:BC:85:7C
Certificate issuer: /CN=84b2f4fa5163af96168e88fbf9cb4ed1ed8fb4c4
Certificate serial: 180115FF
Authority key identifier: 84:B2:F4:FA:51:63:AF:96:16:8E:88:FB:F9:CB:4E:D1:ED:8F:B4:C4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/TJQBqU1l9XVokdUXwuOMPry8hXw.roa
Signing time: Sat 01 Jan 2022 04:00:29 +0000
ROA not before: Sat 01 Jan 2022 04:00:29 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 61066
IP address blocks: 213.91.156.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 402724351 (0x180115ff)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=84b2f4fa5163af96168e88fbf9cb4ed1ed8fb4c4
Validity
Not Before: Jan 1 04:00:29 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=4c9401a94d65f5756891d517c2e38c3ebcbc857c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:77:4f:8a:63:bf:da:a0:92:18:62:b0:ae:f8:
95:64:1a:f8:30:97:da:bb:a5:da:db:f3:3e:15:5d:
24:ab:ff:5c:80:d2:b6:aa:2d:34:16:89:fe:eb:f6:
45:1f:54:f2:37:e5:48:5c:50:03:20:bc:f0:13:07:
05:a1:5d:05:fa:77:2d:90:f2:e6:49:55:91:c4:dc:
bc:4b:39:4c:26:43:55:7c:75:84:00:be:d2:e9:13:
c4:5a:57:f5:6d:d5:d3:7c:c0:66:31:91:b4:bc:3d:
14:53:b9:65:9f:67:c4:fd:64:4d:c7:5d:1d:7c:90:
37:8b:5a:b4:a9:0e:df:65:e3:ba:cc:cc:e4:64:f0:
4d:6d:d1:e5:84:7e:af:5e:45:ca:32:46:7e:65:7d:
b8:0a:e9:a3:26:5a:3f:e5:22:1a:bf:19:b8:e8:47:
3f:47:83:f0:12:48:60:36:84:08:eb:e2:b6:c0:84:
0a:4a:ab:66:e4:0a:bc:fb:c2:38:e5:97:f8:f1:81:
bc:33:9f:47:94:f2:30:0e:43:df:46:78:a7:73:b0:
9d:0a:1f:ca:f5:89:45:a2:d2:a7:65:3a:56:d6:75:
be:2e:ba:86:1f:cd:41:95:f2:44:a8:3b:7d:b2:7f:
1a:18:bd:4a:20:22:db:d0:b2:7f:77:16:65:6e:ef:
08:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:94:01:A9:4D:65:F5:75:68:91:D5:17:C2:E3:8C:3E:BC:BC:85:7C
X509v3 Authority Key Identifier:
keyid:84:B2:F4:FA:51:63:AF:96:16:8E:88:FB:F9:CB:4E:D1:ED:8F:B4:C4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/TJQBqU1l9XVokdUXwuOMPry8hXw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.91.156.0/24
Signature Algorithm: sha256WithRSAEncryption
96:ee:91:00:20:7e:36:f7:a9:47:c3:c8:dd:6d:25:4a:35:8d:
d4:62:9f:34:d2:f9:fe:8b:3c:d8:f7:5d:e5:60:13:55:98:9c:
52:8e:02:91:9b:03:1c:ed:a0:ac:a6:12:7c:d5:2c:df:ae:38:
aa:f4:ba:df:19:77:21:ea:ce:df:12:04:1e:16:00:cb:9c:5c:
1e:40:ba:60:06:ae:80:0e:e0:03:c7:d9:7a:1b:ba:6f:3c:df:
a3:61:22:70:15:86:04:6a:2c:47:4e:63:82:46:75:13:26:6b:
e2:cd:1c:6d:ce:c7:95:89:d0:82:41:20:9e:e1:93:82:0b:8c:
aa:b2:6b:47:4d:c4:e8:14:1f:2f:61:d3:36:47:32:89:9c:26:
c5:20:b9:29:5a:89:e2:ab:6b:b9:ea:15:39:29:a7:33:62:86:
3d:f3:c7:7d:f7:aa:c1:b3:f2:8b:8d:5a:d0:8c:20:9a:83:44:
70:0e:31:50:1c:cb:c9:3c:79:d4:6d:aa:f1:f8:9a:18:d9:ec:
48:aa:68:26:06:b6:46:97:7c:e1:8c:7d:eb:2c:02:83:ea:c1:
d9:79:8e:56:b5:4e:85:11:39:45:c6:e1:6e:4d:db:7d:df:79:
71:ca:b5:86:f7:1a:42:37:ee:66:df:2c:9e:a7:08:0c:7b:86:
7b:9f:b0:0b
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEGAEV/zANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
NGIyZjRmYTUxNjNhZjk2MTY4ZTg4ZmJmOWNiNGVkMWVkOGZiNGM0MB4XDTIyMDEw
MTA0MDAyOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNGM5NDAxYTk0ZDY1
ZjU3NTY4OTFkNTE3YzJlMzhjM2ViY2JjODU3YzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALt3T4pjv9qgkhhisK74lWQa+DCX2rul2tvzPhVdJKv/XIDS
tqotNBaJ/uv2RR9U8jflSFxQAyC88BMHBaFdBfp3LZDy5klVkcTcvEs5TCZDVXx1
hAC+0ukTxFpX9W3V03zAZjGRtLw9FFO5ZZ9nxP1kTcddHXyQN4tatKkO32XjuszM
5GTwTW3R5YR+r15FyjJGfmV9uArpoyZaP+UiGr8ZuOhHP0eD8BJIYDaECOvitsCE
CkqrZuQKvPvCOOWX+PGBvDOfR5TyMA5D30Z4p3OwnQofyvWJRaLSp2U6VtZ1vi66
hh/NQZXyRKg7fbJ/Ghi9SiAi29Cyf3cWZW7vCFUCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRMlAGpTWX1dWiR1RfC44w+vLyFfDAfBgNVHSMEGDAWgBSEsvT6UWOvlhaO
iPv5y07R7Y+0xDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2hMTDAtbEZqcjVZV2pvajctY3RPMGUyUHRNUS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYjAvNGFhNzg5LTg3OGItNDcyYi1iODQ3LTg3MmJhMmQ5ZjQ0Yy8x
L1RKUUJxVTFsOVhWb2tkVVh3dU9NUHJ5OGhYdy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjAv
NGFhNzg5LTg3OGItNDcyYi1iODQ3LTg3MmJhMmQ5ZjQ0Yy8xL2hMTDAtbEZqcjVZ
V2pvajctY3RPMGUyUHRNUS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEANVbnDANBgkqhkiG9w0BAQsFAAOC
AQEAlu6RACB+NvepR8PI3W0lSjWN1GKfNNL5/os82Pdd5WATVZicUo4CkZsDHO2g
rKYSfNUs3644qvS63xl3IerO3xIEHhYAy5xcHkC6YAaugA7gA8fZehu6bzzfo2Ei
cBWGBGosR05jgkZ1EyZr4s0cbc7HlYnQgkEgnuGTgguMqrJrR03E6BQfL2HTNkcy
iZwmxSC5KVqJ4qtrueoVOSmnM2KGPfPHffeqwbPyi41a0IwgmoNEcA4xUBzLyTx5
1G2q8fiaGNnsSKpoJga2Rpd84Yx96ywCg+rB2XmOVrVOhRE5Rcbhbk3bfd95ccq1
hvcaQjfuZt8snqcIDHuGe5+wCw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:50:04 2024 by rpki-client on console-fra.rpki-client.org