Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/tywUS3RpVt7gLvYG2fsSfaKYMqA.roa
File: tywUS3RpVt7gLvYG2fsSfaKYMqA.roa (raw, json)
Hash identifier: r9jwOMkfhACJHlgn1mYKeKbKsDyMRkFWe9wrC3GbJbo=
Subject key identifier: B7:2C:14:4B:74:69:56:DE:E0:2E:F6:06:D9:FB:12:7D:A2:98:32:A0
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 01844DA4178E2FC52A0EE357F5161D9E3A39
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/tywUS3RpVt7gLvYG2fsSfaKYMqA.roa
Signing time: Sun 06 Nov 2022 15:51:50 +0000
ROA not before: Sun 06 Nov 2022 15:51:50 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 206216
IP address blocks: 194.87.169.0/24 maxlen: 24
193.124.204.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:4d:a4:17:8e:2f:c5:2a:0e:e3:57:f5:16:1d:9e:3a:39
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Nov 6 15:51:50 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=b72c144b746956dee02ef606d9fb127da29832a0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:af:03:14:e8:34:da:13:c0:8d:2d:b8:a0:e4:
6a:95:97:8c:59:76:f5:ab:9f:74:9a:e3:2a:b5:6c:
cb:21:7e:1e:d0:d4:55:de:1f:79:d3:ef:4c:08:52:
31:c0:a2:56:d2:85:d6:3f:2b:0c:b5:20:5d:fa:eb:
90:38:c5:60:d8:8b:7d:80:d1:a7:4c:43:8e:6b:33:
d8:4f:75:a5:db:d6:e3:73:5a:ab:2d:50:06:e7:2a:
51:ae:b8:69:57:62:be:29:d5:f5:66:81:1f:db:4a:
f0:6a:a8:da:73:dd:f0:47:1e:81:d5:02:6c:75:94:
06:b0:91:a6:09:31:23:19:a3:7c:f6:15:59:9b:c0:
a8:1c:a2:9e:db:87:8c:9e:c0:9a:da:9e:95:77:35:
17:a1:6f:dc:72:d2:ca:7e:29:c6:39:14:a9:3c:cc:
06:9a:ae:32:5a:f1:ef:0e:35:83:82:64:75:f5:e6:
e1:8b:41:e5:f0:5e:0f:73:a4:38:ff:6d:a7:16:b5:
b4:92:65:84:62:e4:b9:d1:e8:f0:2d:65:78:1e:14:
89:c2:04:55:b9:a9:4a:d1:ad:96:dc:ec:8b:93:d5:
43:17:39:fa:07:bf:97:1d:87:bc:c2:7b:2c:a7:df:
36:cc:7d:3a:9c:46:cd:53:4d:c8:54:b3:a7:33:89:
56:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:2C:14:4B:74:69:56:DE:E0:2E:F6:06:D9:FB:12:7D:A2:98:32:A0
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/tywUS3RpVt7gLvYG2fsSfaKYMqA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.124.204.0/24
194.87.169.0/24
Signature Algorithm: sha256WithRSAEncryption
20:16:33:d3:22:78:06:00:e9:52:61:a5:36:5d:ae:cc:a9:b0:
5d:fe:a6:49:62:42:7d:84:ea:ae:2d:43:a5:7a:ee:07:88:6b:
0d:8a:d9:3f:04:f3:45:28:0f:6e:b1:5a:03:ad:e5:f7:51:08:
42:e4:2f:17:c9:e1:b5:a4:8c:37:ed:91:63:b1:04:83:79:48:
71:f6:ae:22:8e:4b:0e:39:e5:b5:75:9f:2c:a8:a0:c1:ee:e8:
aa:13:27:fe:42:7d:cd:17:89:7f:f2:41:2b:68:01:4a:da:c4:
b3:de:d6:ac:fb:f1:52:8c:4a:5a:f6:c8:0c:40:c2:64:af:a9:
72:a6:0b:33:4e:bb:74:3b:1f:94:52:ab:cd:a1:2f:13:92:73:
d6:4f:7a:2b:fb:64:8d:13:f7:e4:ad:fb:e2:92:aa:c7:c3:7b:
e9:47:fa:8d:62:50:d4:ec:ba:61:ca:7e:a7:19:6c:5d:87:a6:
74:17:9f:ae:b9:f4:0e:26:c7:03:ed:a9:00:dd:5f:41:7d:77:
3b:84:85:ce:65:43:8b:a9:ee:df:c3:58:17:09:ac:54:66:b0:
04:fc:de:5f:1c:c7:be:53:f4:07:91:0f:43:4b:40:62:ed:eb:
bd:27:3f:a9:60:f9:34:79:82:15:a8:fa:71:2e:9f:46:b0:e7:
2e:87:b4:0c
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYRNpBeOL8UqDuNX9RYdnjo5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjIxMTA2MTU1MTUwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNzJjMTQ0Yjc0Njk1NmRlZTAyZWY2MDZkOWZiMTI3ZGEyOTgzMmEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAra8DFOg02hPAjS24oORqlZeMWXb1
q590muMqtWzLIX4e0NRV3h950+9MCFIxwKJW0oXWPysMtSBd+uuQOMVg2It9gNGn
TEOOazPYT3Wl29bjc1qrLVAG5ypRrrhpV2K+KdX1ZoEf20rwaqjac93wRx6B1QJs
dZQGsJGmCTEjGaN89hVZm8CoHKKe24eMnsCa2p6VdzUXoW/cctLKfinGORSpPMwG
mq4yWvHvDjWDgmR19ebhi0Hl8F4Pc6Q4/22nFrW0kmWEYuS50ejwLWV4HhSJwgRV
ualK0a2W3OyLk9VDFzn6B7+XHYe8wnssp982zH06nEbNU03IVLOnM4lWGwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFLcsFEt0aVbe4C72Btn7En2imDKgMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvdHl3VVMzUnBWdDdnTHZZRzJmc1NmYUtZTXFBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAwXzMAwQA
wlepMA0GCSqGSIb3DQEBCwUAA4IBAQAgFjPTIngGAOlSYaU2Xa7MqbBd/qZJYkJ9
hOquLUOleu4HiGsNitk/BPNFKA9usVoDreX3UQhC5C8XyeG1pIw37ZFjsQSDeUhx
9q4ijksOOeW1dZ8sqKDB7uiqEyf+Qn3NF4l/8kEraAFK2sSz3tas+/FSjEpa9sgM
QMJkr6lypgszTrt0Ox+UUqvNoS8TknPWT3or+2SNE/fkrfvikqrHw3vpR/qNYlDU
7Lphyn6nGWxdh6Z0F5+uufQOJscD7akA3V9BfXc7hIXOZUOLqe7fw1gXCaxUZrAE
/N5fHMe+U/QHkQ9DS0Bi7eu9Jz+pYPk0eYIVqPpxLp9GsOcuh7QM
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:46:07 2023 by rpki-client on console-ams.rpki-client.org