Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0f/c2c288-6f56-4c4d-9db5-96e99f794278/1/TL9BK6cxEGE5qfsXSJ3no1RLGss.roa
File: TL9BK6cxEGE5qfsXSJ3no1RLGss.roa (raw, json)
Hash identifier: PlGXQwtjJQ4CvD+erGBBYGxaPC+8/4BRYvjjPjgf+Uo=
Subject key identifier: 4C:BF:41:2B:A7:31:10:61:39:A9:FB:17:48:9D:E7:A3:54:4B:1A:CB
Certificate issuer: /CN=faa4eea86f9f3e6e7881b4b8da19a1d2725e8710
Certificate serial: 3724765B
Authority key identifier: FA:A4:EE:A8:6F:9F:3E:6E:78:81:B4:B8:DA:19:A1:D2:72:5E:87:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-qTuqG-fPm54gbS42hmh0nJehxA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0f/c2c288-6f56-4c4d-9db5-96e99f794278/1/TL9BK6cxEGE5qfsXSJ3no1RLGss.roa
Signing time: Sat 01 Jan 2022 03:53:20 +0000
ROA not before: Sat 01 Jan 2022 03:53:20 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 39256
IP address blocks: 46.254.80.0/21 maxlen: 21
188.93.24.0/21 maxlen: 21
92.43.0.0/21 maxlen: 21
185.17.88.0/22 maxlen: 22
2a03:7dc0::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 925136475 (0x3724765b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=faa4eea86f9f3e6e7881b4b8da19a1d2725e8710
Validity
Not Before: Jan 1 03:53:20 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=4cbf412ba731106139a9fb17489de7a3544b1acb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:09:a4:37:5e:7a:e9:1b:49:ca:83:0c:3a:d1:
26:cc:d3:19:68:e6:be:5a:94:7b:6f:9b:1b:0d:19:
33:24:12:7d:1b:8f:c0:03:4a:0c:f9:c4:a6:de:39:
63:c0:cb:93:11:e1:5d:fb:74:a3:0a:65:56:aa:32:
79:54:8b:05:c1:fe:e2:ff:45:99:be:93:4c:c8:26:
3e:be:a6:53:98:a3:89:88:53:23:65:2f:6c:7f:d3:
c2:51:0f:b8:e2:41:20:57:e9:d7:17:a5:63:de:a5:
aa:e3:ff:fd:1d:de:a5:ca:9f:9a:16:b0:6b:37:5f:
08:41:43:a4:d0:09:d2:3c:25:42:59:cf:82:58:b3:
0f:d6:c4:19:77:d4:c7:cc:c2:7e:09:bd:6d:59:20:
68:c7:1f:39:7d:cc:fa:04:3c:84:0a:5f:40:f3:fe:
ec:06:02:3c:44:dd:7b:fe:f7:bd:ba:bb:49:51:52:
86:2d:36:98:14:fa:13:fa:13:53:bf:b6:24:8c:b3:
bc:12:fc:86:8b:df:18:a7:97:a5:c7:0f:0d:12:1a:
0b:56:d3:c2:e2:13:56:44:d3:c7:60:99:ef:50:1d:
2f:be:69:07:01:de:08:98:c0:2f:a2:ab:06:8c:17:
e6:b1:20:29:f3:45:30:89:57:f5:ad:ac:8b:4f:85:
5d:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:BF:41:2B:A7:31:10:61:39:A9:FB:17:48:9D:E7:A3:54:4B:1A:CB
X509v3 Authority Key Identifier:
keyid:FA:A4:EE:A8:6F:9F:3E:6E:78:81:B4:B8:DA:19:A1:D2:72:5E:87:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-qTuqG-fPm54gbS42hmh0nJehxA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/c2c288-6f56-4c4d-9db5-96e99f794278/1/TL9BK6cxEGE5qfsXSJ3no1RLGss.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/c2c288-6f56-4c4d-9db5-96e99f794278/1/1-qTuqG-fPm54gbS42hmh0nJehxA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.254.80.0/21
92.43.0.0/21
185.17.88.0/22
188.93.24.0/21
IPv6:
2a03:7dc0::/32
Signature Algorithm: sha256WithRSAEncryption
11:71:f2:20:8d:15:0e:f4:74:d9:ef:b8:6d:0e:69:64:a0:00:
12:0f:84:9d:f5:ad:20:27:98:49:05:08:8f:3a:97:e7:08:cf:
a2:d3:0d:bf:66:c8:f0:47:c0:0d:15:5f:d0:3f:25:64:eb:98:
7e:d7:db:26:45:11:fd:89:76:06:e3:bf:f6:0e:e1:0c:39:ed:
21:a2:02:27:49:ac:9c:58:64:f4:9f:54:d0:9c:fa:f9:1b:b5:
4d:fd:a6:6b:b0:75:6f:4d:7e:0f:39:83:54:0f:06:11:ac:4b:
ee:94:e8:4f:6b:93:95:18:b6:07:73:92:2e:4c:f5:1c:80:f3:
c5:f8:84:d1:f3:bd:5f:94:55:78:d7:14:f0:20:10:28:83:32:
b3:9b:7b:00:08:70:bc:82:8a:2e:aa:ee:df:73:53:d4:4a:b6:
fe:bf:18:26:2e:11:83:d2:b1:cc:ce:82:62:27:e3:2b:89:4e:
e2:8f:9e:0f:ab:a9:cd:a2:be:52:af:97:83:c5:55:7a:f3:8a:
0d:f5:7c:39:b3:a0:c7:cb:5d:c1:b2:a6:4a:ba:e9:6f:ac:09:
b3:63:48:e2:73:04:ff:bd:c8:7b:c1:82:a1:89:8d:f3:99:60:
c8:df:04:7d:fc:69:9c:c2:a8:d7:f4:54:32:ba:83:a2:3b:20:
67:f8:5f:c1
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgIENyR2WzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
YWE0ZWVhODZmOWYzZTZlNzg4MWI0YjhkYTE5YTFkMjcyNWU4NzEwMB4XDTIyMDEw
MTAzNTMyMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNGNiZjQxMmJhNzMx
MTA2MTM5YTlmYjE3NDg5ZGU3YTM1NDRiMWFjYjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMkJpDdeeukbScqDDDrRJszTGWjmvlqUe2+bGw0ZMyQSfRuP
wANKDPnEpt45Y8DLkxHhXft0owplVqoyeVSLBcH+4v9Fmb6TTMgmPr6mU5ijiYhT
I2UvbH/TwlEPuOJBIFfp1xelY96lquP//R3epcqfmhawazdfCEFDpNAJ0jwlQlnP
glizD9bEGXfUx8zCfgm9bVkgaMcfOX3M+gQ8hApfQPP+7AYCPETde/73vbq7SVFS
hi02mBT6E/oTU7+2JIyzvBL8hovfGKeXpccPDRIaC1bTwuITVkTTx2CZ71AdL75p
BwHeCJjAL6KrBowX5rEgKfNFMIlX9a2si0+FXZECAwEAAaOCAiwwggIoMB0GA1Ud
DgQWBBRMv0ErpzEQYTmp+xdIneejVEsayzAfBgNVHSMEGDAWgBT6pO6ob58+bniB
tLjaGaHScl6HEDAOBgNVHQ8BAf8EBAMCB4AwZQYIKwYBBQUHAQEEWTBXMFUGCCsG
AQUFBzAChklyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzEtcVR1cUctZlBtNTRnYlM0MmhtaDBuSmVoeEEuY2VyMIGNBggrBgEFBQcBCwSB
gDB+MHwGCCsGAQUFBzALhnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS9ERUZBVUxULzBmL2MyYzI4OC02ZjU2LTRjNGQtOWRiNS05NmU5OWY3OTQyNzgv
MS9UTDlCSzZjeEVHRTVxZnNYU0ozbm8xUkxHc3Mucm9hMIGCBgNVHR8EezB5MHeg
daBzhnFyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzBm
L2MyYzI4OC02ZjU2LTRjNGQtOWRiNS05NmU5OWY3OTQyNzgvMS8xLXFUdXFHLWZQ
bTU0Z2JTNDJobWgwbkplaHhBLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4C
MEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQDLv5QAwQDXCsAAwQCuRFYAwQD
vF0YMA0EAgACMAcDBQAqA33AMA0GCSqGSIb3DQEBCwUAA4IBAQARcfIgjRUO9HTZ
77htDmlkoAASD4Sd9a0gJ5hJBQiPOpfnCM+i0w2/ZsjwR8ANFV/QPyVk65h+19sm
RRH9iXYG47/2DuEMOe0hogInSaycWGT0n1TQnPr5G7VN/aZrsHVvTX4POYNUDwYR
rEvulOhPa5OVGLYHc5IuTPUcgPPF+ITR871flFV41xTwIBAogzKzm3sACHC8goou
qu7fc1PUSrb+vxgmLhGD0rHMzoJiJ+MriU7ij54Pq6nNor5Sr5eDxVV684oN9Xw5
s6DHy13BsqZKuulvrAmzY0jicwT/vch7wYKhiY3zmWDI3wR9/GmcwqjX9FQyuoOi
OyBn+F/B
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:43:54 2023 by rpki-client on console-fra.rpki-client.org