Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/05/27585c-b866-4962-80fd-ea6134706a40/1/tPKD1NiDLxLqB8TqxgMssz7eKhQ.roa
File: tPKD1NiDLxLqB8TqxgMssz7eKhQ.roa (raw, json)
Hash identifier: MJfK0Q8EfumyBGNnk5ZAzufvxXttOSYvRt/MZhdLvVA=
Subject key identifier: B4:F2:83:D4:D8:83:2F:12:EA:07:C4:EA:C6:03:2C:B3:3E:DE:2A:14
Certificate issuer: /CN=da0389d85ea126e0efbebc5d8459ef709fb895cb
Certificate serial: 018487B3DFB30AC0CF17C3E15BC926C10AA5
Authority key identifier: DA:03:89:D8:5E:A1:26:E0:EF:BE:BC:5D:84:59:EF:70:9F:B8:95:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2gOJ2F6hJuDvvrxdhFnvcJ-4lcs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/05/27585c-b866-4962-80fd-ea6134706a40/1/tPKD1NiDLxLqB8TqxgMssz7eKhQ.roa
Signing time: Thu 17 Nov 2022 22:27:03 +0000
ROA not before: Thu 17 Nov 2022 22:27:03 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 60446
IP address blocks: 185.112.74.0/24 maxlen: 24
2a10:5540::/33 maxlen: 48
2a10:5540:1::/48 maxlen: 48
2a10:5540::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:87:b3:df:b3:0a:c0:cf:17:c3:e1:5b:c9:26:c1:0a:a5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=da0389d85ea126e0efbebc5d8459ef709fb895cb
Validity
Not Before: Nov 17 22:27:03 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=b4f283d4d8832f12ea07c4eac6032cb33ede2a14
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:c6:cc:8d:06:6a:53:3c:a9:b4:8d:41:8d:3c:
18:92:30:c2:07:79:da:28:99:0a:be:0f:9b:5d:97:
9a:a1:87:55:f6:ea:5a:9b:81:0f:ab:45:d6:3e:ab:
74:11:06:f6:2a:97:07:5d:99:d5:99:8d:08:3b:a1:
52:48:92:e5:0e:b9:95:d4:de:91:23:dd:c0:30:6d:
89:83:54:1e:e9:82:59:b7:30:79:8a:79:07:75:28:
1b:f4:10:17:23:2b:6d:d6:35:ec:28:87:02:84:32:
a8:3c:7e:91:9c:86:c9:2c:53:28:16:86:7e:08:b4:
06:27:52:21:f1:23:8f:3e:b6:11:86:4d:16:82:90:
be:d3:82:88:b8:41:75:26:a7:8a:d2:9f:95:28:2a:
69:a1:f0:2c:2a:dc:1b:cd:0f:e3:e2:91:04:e8:66:
fa:2b:91:21:f2:38:9c:fb:56:68:67:c9:64:8a:8b:
df:a9:c9:e4:a8:7c:c9:14:7c:d2:89:08:7d:84:32:
06:a0:5e:37:a6:61:55:1f:85:03:20:dd:63:7e:30:
c3:01:c7:5c:23:26:84:64:db:73:53:8e:fc:2d:00:
74:79:3c:6c:fa:43:aa:ea:61:de:38:28:2b:b5:99:
5a:f6:d5:ce:15:09:ed:29:0a:f4:f3:ec:b1:58:46:
72:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:F2:83:D4:D8:83:2F:12:EA:07:C4:EA:C6:03:2C:B3:3E:DE:2A:14
X509v3 Authority Key Identifier:
keyid:DA:03:89:D8:5E:A1:26:E0:EF:BE:BC:5D:84:59:EF:70:9F:B8:95:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2gOJ2F6hJuDvvrxdhFnvcJ-4lcs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/05/27585c-b866-4962-80fd-ea6134706a40/1/tPKD1NiDLxLqB8TqxgMssz7eKhQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/05/27585c-b866-4962-80fd-ea6134706a40/1/2gOJ2F6hJuDvvrxdhFnvcJ-4lcs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.112.74.0/24
IPv6:
2a10:5540::/29
Signature Algorithm: sha256WithRSAEncryption
71:c7:a9:31:d1:fb:b4:d2:8f:bf:7b:df:0c:fa:a2:65:f2:29:
4f:dc:6b:ff:55:8b:a6:20:50:38:7b:09:3d:09:34:0b:e2:62:
f2:51:60:0a:a4:a3:ae:d0:f3:69:90:24:f1:a0:fb:06:3d:64:
ed:ba:bf:a3:5a:39:84:a2:15:6c:44:7f:d7:84:4d:89:27:38:
c6:b4:5f:1b:5c:b6:23:45:87:6d:88:e7:83:b9:5c:b9:30:30:
06:b5:99:03:ad:da:c0:0a:01:25:01:48:46:2b:c4:98:1e:a3:
4c:f1:9e:ee:a9:ab:29:17:93:1b:09:46:77:ff:45:50:9c:6b:
4f:37:5c:84:aa:de:9b:62:cd:91:5a:08:16:ca:d7:1b:f8:e4:
d0:ff:77:2b:24:74:21:30:0b:65:ae:5d:5b:66:ce:a7:8b:ad:
74:81:5a:06:33:ad:02:5d:5b:96:00:7c:36:dc:66:85:1d:32:
8a:f5:48:4c:84:80:62:dd:e8:c2:c1:2d:a4:96:68:0e:f0:ed:
5f:6f:1a:eb:c8:9f:06:11:b7:76:dc:9a:82:d3:3d:fd:b9:07:
0b:5a:b8:a5:27:a3:05:a4:17:ce:f9:26:65:cd:7f:3c:6c:26:
e2:46:46:ef:50:5e:cd:f5:7b:12:a2:da:da:67:1e:75:cf:59:
cf:80:76:f5
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYSHs9+zCsDPF8PhW8kmwQqlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhMDM4OWQ4NWVhMTI2ZTBlZmJlYmM1ZDg0NTllZjcwOWZi
ODk1Y2IwHhcNMjIxMTE3MjIyNzAzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNGYyODNkNGQ4ODMyZjEyZWEwN2M0ZWFjNjAzMmNiMzNlZGUyYTE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyMbMjQZqUzyptI1BjTwYkjDCB3na
KJkKvg+bXZeaoYdV9upam4EPq0XWPqt0EQb2KpcHXZnVmY0IO6FSSJLlDrmV1N6R
I93AMG2Jg1Qe6YJZtzB5inkHdSgb9BAXIytt1jXsKIcChDKoPH6RnIbJLFMoFoZ+
CLQGJ1Ih8SOPPrYRhk0WgpC+04KIuEF1JqeK0p+VKCppofAsKtwbzQ/j4pEE6Gb6
K5Eh8jic+1ZoZ8lkiovfqcnkqHzJFHzSiQh9hDIGoF43pmFVH4UDIN1jfjDDAcdc
IyaEZNtzU478LQB0eTxs+kOq6mHeOCgrtZla9tXOFQntKQr08+yxWEZy7QIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFLTyg9TYgy8S6gfE6sYDLLM+3ioUMB8GA1UdIwQY
MBaAFNoDidheoSbg7768XYRZ73CfuJXLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmdPSjJGNmhKdUR2dnJ4ZGhGbnZjSi00bGNzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNS8yNzU4NWMtYjg2Ni00OTYyLTgwZmQt
ZWE2MTM0NzA2YTQwLzEvdFBLRDFOaURMeExxQjhUcXhnTXNzejdlS2hRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNS8yNzU4NWMtYjg2Ni00OTYyLTgwZmQtZWE2MTM0NzA2YTQw
LzEvMmdPSjJGNmhKdUR2dnJ4ZGhGbnZjSi00bGNzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAuXBKMA0E
AgACMAcDBQMqEFVAMA0GCSqGSIb3DQEBCwUAA4IBAQBxx6kx0fu00o+/e98M+qJl
8ilP3Gv/VYumIFA4ewk9CTQL4mLyUWAKpKOu0PNpkCTxoPsGPWTtur+jWjmEohVs
RH/XhE2JJzjGtF8bXLYjRYdtiOeDuVy5MDAGtZkDrdrACgElAUhGK8SYHqNM8Z7u
qaspF5MbCUZ3/0VQnGtPN1yEqt6bYs2RWggWytcb+OTQ/3crJHQhMAtlrl1bZs6n
i610gVoGM60CXVuWAHw23GaFHTKK9UhMhIBi3ejCwS2klmgO8O1fbxrryJ8GEbd2
3JqC0z39uQcLWrilJ6MFpBfO+SZlzX88bCbiRkbvUF7N9XsSotraZx51z1nPgHb1
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:46:51 2023 by rpki-client on console-ams.rpki-client.org