Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/TVQGZ7dajlPw2mEB9Fk6iVefxSE.roa
File: TVQGZ7dajlPw2mEB9Fk6iVefxSE.roa (raw, json)
Hash identifier: JJcQZkrDT8L2lekZzHYe2X4boQL3SmPuDuTLYJgTJb4=
Subject key identifier: 4D:54:06:67:B7:5A:8E:53:F0:DA:61:01:F4:59:3A:89:57:9F:C5:21
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 01850BBCB47C567658981E81489D1358AB10
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/TVQGZ7dajlPw2mEB9Fk6iVefxSE.roa
Signing time: Tue 13 Dec 2022 13:46:34 +0000
ROA not before: Tue 13 Dec 2022 13:46:34 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 211439
IP address blocks: 194.87.137.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:0b:bc:b4:7c:56:76:58:98:1e:81:48:9d:13:58:ab:10
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Dec 13 13:46:34 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=4d540667b75a8e53f0da6101f4593a89579fc521
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:1c:91:22:09:ec:73:de:91:a8:55:56:4c:91:
c0:0e:d8:82:43:cd:86:08:3a:fd:d8:af:5c:72:ee:
87:c2:e7:b6:d7:1b:0d:81:67:54:93:96:49:35:7c:
25:0f:f2:da:4f:bf:3e:36:e9:48:e5:fe:da:6f:6d:
74:63:3a:a6:fa:ff:7d:c4:51:99:4d:23:96:7d:59:
a5:dc:f6:52:bb:33:8e:46:41:d7:82:bb:0e:a1:91:
c8:5d:9a:48:23:23:4c:42:20:90:c6:51:ac:95:fe:
b5:52:b3:c8:23:c7:0f:2a:58:1b:f9:63:e0:3d:2f:
f4:13:69:7c:ce:d6:81:2b:9c:0c:f6:83:1c:ef:62:
5a:ca:dc:27:7a:3a:90:8d:ac:4d:09:f0:03:7d:10:
a6:c7:04:f6:c2:f1:ff:fe:7b:30:fd:ea:7a:f4:fc:
05:4a:d6:36:8e:4d:64:be:df:4e:fe:f1:34:42:8d:
a6:d0:97:3e:c3:f2:5f:f7:95:84:4e:d5:cf:1a:1d:
8e:b5:93:ab:d2:75:94:32:15:8c:51:b0:86:5f:10:
f4:c9:4c:b8:59:f8:f1:00:ed:72:0f:16:5d:c7:a3:
48:20:74:b8:2a:fa:ea:7e:77:58:50:00:ba:d9:29:
a9:e0:d5:95:2b:99:bf:35:80:11:77:36:b6:db:28:
74:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:54:06:67:B7:5A:8E:53:F0:DA:61:01:F4:59:3A:89:57:9F:C5:21
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/TVQGZ7dajlPw2mEB9Fk6iVefxSE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.87.137.0/24
Signature Algorithm: sha256WithRSAEncryption
34:33:93:dc:ac:2f:30:88:de:eb:e5:3e:21:83:82:3d:88:35:
5d:f9:06:5a:4f:1d:b6:56:57:a6:2b:a8:74:6a:45:e2:89:bf:
29:46:82:c9:f2:aa:4c:aa:b6:06:7e:23:0b:67:3c:ee:cb:9d:
2b:65:6c:86:9a:dd:f0:11:47:6b:c1:61:8a:97:c4:5e:b4:a5:
5a:c2:1a:2b:d2:33:29:a5:83:c4:45:8c:32:54:3c:ab:af:a9:
14:46:e3:59:4a:99:bb:01:27:9f:13:2d:3a:4e:c4:81:ef:e4:
9b:52:e4:f9:cb:8c:27:ba:d8:ba:bc:b1:7d:bc:a3:c6:8e:97:
94:e6:7e:fe:6e:37:73:6a:90:e3:c3:b2:05:30:e6:c5:e3:cf:
60:56:10:ba:79:ca:21:df:3c:50:39:15:71:24:52:08:23:3f:
3d:92:4c:52:72:85:77:b0:ee:aa:fa:ae:b3:2a:58:64:6c:56:
6c:21:a9:6e:9c:3a:99:31:2d:9d:d1:76:b3:d9:24:e4:2b:e1:
5a:76:1c:2a:93:9f:55:bc:f4:0a:ca:63:3a:cc:43:6e:63:06:
0b:4d:2c:72:19:a3:e0:b7:6b:fa:72:91:a2:43:d3:eb:e2:e7:
db:3c:0f:6c:ef:ee:0a:ac:08:b5:37:9c:90:33:07:a9:d0:11:
a7:94:91:a9
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYULvLR8VnZYmB6BSJ0TWKsQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjIxMjEzMTM0NjM0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZDU0MDY2N2I3NWE4ZTUzZjBkYTYxMDFmNDU5M2E4OTU3OWZjNTIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAphyRIgnsc96RqFVWTJHADtiCQ82G
CDr92K9ccu6Hwue21xsNgWdUk5ZJNXwlD/LaT78+NulI5f7ab210Yzqm+v99xFGZ
TSOWfVml3PZSuzOORkHXgrsOoZHIXZpIIyNMQiCQxlGslf61UrPII8cPKlgb+WPg
PS/0E2l8ztaBK5wM9oMc72JaytwnejqQjaxNCfADfRCmxwT2wvH//nsw/ep69PwF
StY2jk1kvt9O/vE0Qo2m0Jc+w/Jf95WETtXPGh2OtZOr0nWUMhWMUbCGXxD0yUy4
WfjxAO1yDxZdx6NIIHS4KvrqfndYUAC62Smp4NWVK5m/NYARdza22yh0dwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFE1UBme3Wo5T8NphAfRZOolXn8UhMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvVFZRR1o3ZGFqbFB3Mm1FQjlGazZpVmVmeFNFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwleJMA0G
CSqGSIb3DQEBCwUAA4IBAQA0M5PcrC8wiN7r5T4hg4I9iDVd+QZaTx22VlemK6h0
akXiib8pRoLJ8qpMqrYGfiMLZzzuy50rZWyGmt3wEUdrwWGKl8RetKVawhor0jMp
pYPERYwyVDyrr6kURuNZSpm7ASefEy06TsSB7+SbUuT5y4wnuti6vLF9vKPGjpeU
5n7+bjdzapDjw7IFMObF489gVhC6ecoh3zxQORVxJFIIIz89kkxScoV3sO6q+q6z
KlhkbFZsIalunDqZMS2d0Xaz2STkK+Fadhwqk59VvPQKymM6zENuYwYLTSxyGaPg
t2v6cpGiQ9Pr4ufbPA9s7+4KrAi1N5yQMwep0BGnlJGp
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:16:17 2024 by rpki-client on console-fra.rpki-client.org