Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0d/615164-6d96-488a-96ba-d6e1e347f9c7/1/TGPI9i5blUsW-FQUBdckSraquCE.roa
File: TGPI9i5blUsW-FQUBdckSraquCE.roa (raw, json)
Hash identifier: d8uTQI1n5lhpvmOOMrLjGJOBrdgwuqV+zakpQJZz83Q=
Subject key identifier: 4C:63:C8:F6:2E:5B:95:4B:16:F8:54:14:05:D7:24:4A:B6:AA:B8:21
Certificate issuer: /CN=0af61798dd18965c027afa7f93ae030ff5e1d76e
Certificate serial: 0392DE0A
Authority key identifier: 0A:F6:17:98:DD:18:96:5C:02:7A:FA:7F:93:AE:03:0F:F5:E1:D7:6E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CvYXmN0YllwCevp_k64DD_Xh124.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0d/615164-6d96-488a-96ba-d6e1e347f9c7/1/TGPI9i5blUsW-FQUBdckSraquCE.roa
Signing time: Sat 01 Jan 2022 11:01:57 +0000
ROA not before: Sat 01 Jan 2022 11:01:57 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 5588
IP address blocks: 109.205.91.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 59956746 (0x392de0a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0af61798dd18965c027afa7f93ae030ff5e1d76e
Validity
Not Before: Jan 1 11:01:57 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=4c63c8f62e5b954b16f8541405d7244ab6aab821
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:62:4c:aa:5e:1f:de:c7:e6:51:73:e1:99:26:
15:8f:52:75:b5:a7:28:f5:b7:e0:3a:fe:30:93:72:
b4:27:a1:0c:c1:a8:77:7e:1f:07:88:36:84:6e:70:
d4:d3:79:c2:74:1a:65:e8:f6:83:96:76:45:24:45:
fd:63:a5:73:6b:74:29:92:bd:81:eb:a3:32:49:86:
7c:8c:c5:d2:54:2d:b1:7c:6e:09:da:71:2f:9a:ab:
d5:f4:f7:42:7f:66:42:7e:d9:f8:ce:88:1d:e7:17:
fb:d2:2b:4d:38:b7:e5:b5:05:13:40:f9:a1:f8:07:
34:e4:b1:98:3f:15:f9:c9:77:ae:e9:8e:99:06:3d:
3a:14:d2:c0:c7:ce:79:4c:e7:74:56:de:75:79:a2:
11:65:16:14:ba:01:65:a6:72:07:3f:6a:d0:47:29:
6c:fe:7c:cf:c4:cb:7a:aa:b7:26:23:3f:54:34:c8:
61:72:3b:55:c3:f8:1a:1c:9f:00:bc:62:ed:f4:85:
e6:e4:ce:5b:24:95:7f:ef:00:c1:f1:28:1a:d9:0f:
56:95:7c:2e:d7:7d:96:f5:7c:72:3d:0c:46:55:de:
99:f6:40:cf:18:be:9e:7b:e2:19:96:33:67:7e:2c:
40:b9:a2:6f:4a:8c:95:34:c1:92:f8:f1:93:81:dd:
e6:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:63:C8:F6:2E:5B:95:4B:16:F8:54:14:05:D7:24:4A:B6:AA:B8:21
X509v3 Authority Key Identifier:
keyid:0A:F6:17:98:DD:18:96:5C:02:7A:FA:7F:93:AE:03:0F:F5:E1:D7:6E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CvYXmN0YllwCevp_k64DD_Xh124.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/615164-6d96-488a-96ba-d6e1e347f9c7/1/TGPI9i5blUsW-FQUBdckSraquCE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/615164-6d96-488a-96ba-d6e1e347f9c7/1/CvYXmN0YllwCevp_k64DD_Xh124.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.205.91.0/24
Signature Algorithm: sha256WithRSAEncryption
43:ac:c8:3d:08:ac:29:f4:55:41:7a:34:21:f3:1e:5a:9f:dc:
5b:b0:2c:da:b9:88:d9:98:6d:09:ad:0c:6f:bb:f3:92:08:4b:
2c:94:87:ee:8d:da:0d:63:73:ed:42:1a:c6:f8:a5:8c:40:e4:
43:46:81:a2:a7:24:b3:2a:4d:46:43:cc:7e:d0:eb:51:56:08:
99:01:fa:e0:60:a6:20:01:57:fb:fd:76:1c:06:e1:43:44:6b:
f4:f4:95:7e:06:8a:75:c9:ae:c4:53:0b:32:51:fa:45:31:93:
2a:98:9e:29:81:23:9e:2d:a9:65:b7:2a:00:42:22:d0:44:1a:
d2:85:f8:71:26:99:bb:eb:e9:34:27:ef:4f:1a:bd:33:e0:be:
e5:30:bf:88:7f:e2:35:47:64:89:2b:2d:d7:85:58:dd:1e:4e:
9e:dc:90:26:35:e0:c9:94:2e:f0:dc:b6:f7:0a:c1:48:89:5e:
a5:0d:39:1a:6b:24:e3:3c:fd:cf:b4:a4:e1:9b:a0:c9:71:50:
a2:fb:54:74:ea:e5:5a:04:d4:60:ee:d9:1f:7a:03:e2:ee:a2:
0d:f0:9f:33:e9:fd:c0:8c:a0:d4:e8:d0:c2:fa:04:db:3a:b6:
2b:f5:01:7b:e2:ac:1a:42:30:09:35:f3:96:ea:84:88:8d:98:
0c:41:87:02
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEA5LeCjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
YWY2MTc5OGRkMTg5NjVjMDI3YWZhN2Y5M2FlMDMwZmY1ZTFkNzZlMB4XDTIyMDEw
MTExMDE1N1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNGM2M2M4ZjYyZTVi
OTU0YjE2Zjg1NDE0MDVkNzI0NGFiNmFhYjgyMTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAIhiTKpeH97H5lFz4ZkmFY9SdbWnKPW34Dr+MJNytCehDMGo
d34fB4g2hG5w1NN5wnQaZej2g5Z2RSRF/WOlc2t0KZK9geujMkmGfIzF0lQtsXxu
CdpxL5qr1fT3Qn9mQn7Z+M6IHecX+9IrTTi35bUFE0D5ofgHNOSxmD8V+cl3rumO
mQY9OhTSwMfOeUzndFbedXmiEWUWFLoBZaZyBz9q0EcpbP58z8TLeqq3JiM/VDTI
YXI7VcP4GhyfALxi7fSF5uTOWySVf+8AwfEoGtkPVpV8Ltd9lvV8cj0MRlXemfZA
zxi+nnviGZYzZ34sQLmib0qMlTTBkvjxk4Hd5kECAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRMY8j2LluVSxb4VBQF1yRKtqq4ITAfBgNVHSMEGDAWgBQK9heY3RiWXAJ6
+n+TrgMP9eHXbjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0N2WVhtTjBZbGx3Q2V2cF9rNjRERF9YaDEyNC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMGQvNjE1MTY0LTZkOTYtNDg4YS05NmJhLWQ2ZTFlMzQ3ZjljNy8x
L1RHUEk5aTVibFVzVy1GUVVCZGNrU3JhcXVDRS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMGQv
NjE1MTY0LTZkOTYtNDg4YS05NmJhLWQ2ZTFlMzQ3ZjljNy8xL0N2WVhtTjBZbGx3
Q2V2cF9rNjRERF9YaDEyNC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAG3NWzANBgkqhkiG9w0BAQsFAAOC
AQEAQ6zIPQisKfRVQXo0IfMeWp/cW7As2rmI2ZhtCa0Mb7vzkghLLJSH7o3aDWNz
7UIaxviljEDkQ0aBoqcksypNRkPMftDrUVYImQH64GCmIAFX+/12HAbhQ0Rr9PSV
fgaKdcmuxFMLMlH6RTGTKpieKYEjni2pZbcqAEIi0EQa0oX4cSaZu+vpNCfvTxq9
M+C+5TC/iH/iNUdkiSst14VY3R5OntyQJjXgyZQu8Ny29wrBSIlepQ05Gmsk4zz9
z7Sk4ZugyXFQovtUdOrlWgTUYO7ZH3oD4u6iDfCfM+n9wIyg1OjQwvoE2zq2K/UB
e+KsGkIwCTXzluqEiI2YDEGHAg==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:47:34 2023 by rpki-client on console-ams.rpki-client.org