Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/TDTFR0Xn0_Yr5kb13bVUgpn12WQ.roa
File: TDTFR0Xn0_Yr5kb13bVUgpn12WQ.roa (raw, json)
Hash identifier: 4l0PTuIB9mxjG4L7PEhK5hU5kX7OocUYk/0F3JcK8/I=
Subject key identifier: 4C:34:C5:47:45:E7:D3:F6:2B:E6:46:F5:DD:B5:54:82:99:F5:D9:64
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 01840A26AB1185BB8146D8EB79B080E98515
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/TDTFR0Xn0_Yr5kb13bVUgpn12WQ.roa
Signing time: Mon 24 Oct 2022 13:20:17 +0000
ROA not before: Mon 24 Oct 2022 13:20:17 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 26383
IP address blocks: 185.72.8.0/24 maxlen: 24
212.192.12.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:0a:26:ab:11:85:bb:81:46:d8:eb:79:b0:80:e9:85:15
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Oct 24 13:20:17 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=4c34c54745e7d3f62be646f5ddb5548299f5d964
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:e9:bb:80:e1:72:ee:f3:29:99:56:ac:25:c9:
cc:76:7d:1e:5a:03:86:3c:cf:53:1b:a6:a1:e4:85:
8d:e5:24:60:8a:ec:58:4a:7a:99:44:41:21:3b:dd:
56:43:d6:24:39:16:94:a5:00:09:0b:94:a7:91:77:
d4:4a:07:70:70:51:39:71:69:14:71:9e:3e:93:e3:
ba:cc:69:48:5e:fc:86:57:89:a4:45:4e:b2:4d:6e:
46:d3:01:ef:a2:67:3e:ae:86:39:5b:78:f2:12:c5:
ce:9b:50:41:eb:0e:b6:17:58:73:18:d5:7c:7f:ca:
4e:31:4d:d9:8b:70:ac:24:31:1e:89:20:4a:4a:06:
ee:c2:b6:e7:7b:bf:b7:e6:7f:32:f7:bf:e8:35:10:
47:cc:65:30:0c:56:21:b6:f3:a7:f3:eb:9d:40:84:
e6:5a:f5:ab:30:e2:0f:b5:4e:f3:ab:bc:67:74:77:
ff:d5:c4:64:88:65:46:1a:f2:36:da:24:63:2e:af:
08:61:72:0d:75:c0:0a:cc:ad:05:45:d0:92:44:8c:
56:30:7b:85:45:0f:63:4f:77:0b:ec:c2:1f:78:96:
30:8e:1f:d0:79:20:4f:22:3e:bf:87:ba:67:77:ba:
53:ba:ea:5a:18:4c:7d:e4:d5:bc:1e:5f:8a:f0:0a:
c0:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:34:C5:47:45:E7:D3:F6:2B:E6:46:F5:DD:B5:54:82:99:F5:D9:64
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/TDTFR0Xn0_Yr5kb13bVUgpn12WQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.72.8.0/24
212.192.12.0/24
Signature Algorithm: sha256WithRSAEncryption
8f:eb:91:05:d9:c2:92:95:f1:cd:50:6d:fc:eb:54:fb:59:76:
27:4c:ba:23:cc:10:4a:78:ac:59:2b:e7:c7:d8:cb:ab:f4:e8:
70:98:87:ae:3e:58:ba:b3:14:5f:07:f7:6e:f7:37:aa:ef:1c:
c5:a4:57:c1:4f:4a:b6:88:89:9d:8d:a7:6d:29:c6:d6:67:ce:
82:75:4a:76:6e:5a:ca:5f:c9:b5:35:de:de:40:76:98:77:25:
58:36:31:56:70:c5:ee:b6:e5:80:aa:ea:41:9c:8c:66:4e:c1:
db:b8:23:ad:52:bd:5c:1d:2c:8e:47:b5:c4:e5:a8:16:fc:97:
e4:b1:e8:07:4c:ee:00:09:01:86:33:ae:87:38:64:a3:4d:8f:
de:2b:35:e2:17:10:cf:05:4b:9b:75:c5:9f:10:5e:af:8a:ef:
e2:10:45:81:56:e9:25:21:30:eb:46:60:e6:23:b2:44:78:32:
90:7b:75:24:1d:e4:dc:0e:8e:97:48:45:f0:79:4c:2e:ef:1e:
dc:4a:fc:62:26:7a:df:13:67:73:f7:ef:cc:e4:d2:0a:75:1c:
28:14:77:91:0b:b0:bf:5b:af:58:37:4a:cb:99:77:fb:ca:0c:
15:ee:ce:c3:08:7b:7d:59:e5:55:5a:b1:ec:ae:55:91:53:94:
ac:e3:cc:aa
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYQKJqsRhbuBRtjrebCA6YUVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjIxMDI0MTMyMDE3WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YzM0YzU0NzQ1ZTdkM2Y2MmJlNjQ2ZjVkZGI1NTQ4Mjk5ZjVkOTY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0+m7gOFy7vMpmVasJcnMdn0eWgOG
PM9TG6ah5IWN5SRgiuxYSnqZREEhO91WQ9YkORaUpQAJC5SnkXfUSgdwcFE5cWkU
cZ4+k+O6zGlIXvyGV4mkRU6yTW5G0wHvomc+roY5W3jyEsXOm1BB6w62F1hzGNV8
f8pOMU3Zi3CsJDEeiSBKSgbuwrbne7+35n8y97/oNRBHzGUwDFYhtvOn8+udQITm
WvWrMOIPtU7zq7xndHf/1cRkiGVGGvI22iRjLq8IYXINdcAKzK0FRdCSRIxWMHuF
RQ9jT3cL7MIfeJYwjh/QeSBPIj6/h7pnd7pTuupaGEx95NW8Hl+K8ArABQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFEw0xUdF59P2K+ZG9d21VIKZ9dlkMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvVERURlIwWG4wX1lyNWtiMTNiVlVncG4xMldRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAuUgIAwQA
1MAMMA0GCSqGSIb3DQEBCwUAA4IBAQCP65EF2cKSlfHNUG3861T7WXYnTLojzBBK
eKxZK+fH2Mur9OhwmIeuPli6sxRfB/du9zeq7xzFpFfBT0q2iImdjadtKcbWZ86C
dUp2blrKX8m1Nd7eQHaYdyVYNjFWcMXutuWAqupBnIxmTsHbuCOtUr1cHSyOR7XE
5agW/JfksegHTO4ACQGGM66HOGSjTY/eKzXiFxDPBUubdcWfEF6viu/iEEWBVukl
ITDrRmDmI7JEeDKQe3UkHeTcDo6XSEXweUwu7x7cSvxiJnrfE2dz9+/M5NIKdRwo
FHeRC7C/W69YN0rLmXf7ygwV7s7DCHt9WeVVWrHsrlWRU5Ss48yq
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:45:58 2023 by rpki-client on console-ams.rpki-client.org