Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/b22603-90ab-43ad-ab16-65249cbc573c/1/TgriEcXDiC73Mrbmpbm0ppUnGDI.roa
File: TgriEcXDiC73Mrbmpbm0ppUnGDI.roa (raw, json)
Hash identifier: ANXZYNNFfPeV1CHQrKoETLqA6Qlmubs80z4qD3rxIDM=
Subject key identifier: 4E:0A:E2:11:C5:C3:88:2E:F7:32:B6:E6:A5:B9:B4:A6:95:27:18:32
Certificate issuer: /CN=dc11daefaff81c7e501278d87d9bc2b204d71155
Certificate serial: 018456D3E473822091AD24F824E45AA19B72
Authority key identifier: DC:11:DA:EF:AF:F8:1C:7E:50:12:78:D8:7D:9B:C2:B2:04:D7:11:55
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3BHa76_4HH5QEnjYfZvCsgTXEVU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/b22603-90ab-43ad-ab16-65249cbc573c/1/TgriEcXDiC73Mrbmpbm0ppUnGDI.roa
Signing time: Tue 08 Nov 2022 10:40:37 +0000
ROA not before: Tue 08 Nov 2022 10:40:37 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 62206
IP address blocks: 94.154.41.0/24 maxlen: 24
94.154.40.0/22 maxlen: 24
94.154.44.0/24 maxlen: 24
94.154.43.0/24 maxlen: 24
94.154.40.0/24 maxlen: 24
94.154.42.0/24 maxlen: 24
94.154.45.0/24 maxlen: 24
94.154.46.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:56:d3:e4:73:82:20:91:ad:24:f8:24:e4:5a:a1:9b:72
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dc11daefaff81c7e501278d87d9bc2b204d71155
Validity
Not Before: Nov 8 10:40:37 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=4e0ae211c5c3882ef732b6e6a5b9b4a695271832
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:16:36:ba:ef:df:a5:24:08:80:39:df:f9:1d:
ab:7b:7f:be:71:89:d6:27:b4:3f:53:4f:ba:1a:44:
a4:63:c0:07:e3:d7:39:89:fb:fa:dd:8e:46:45:54:
07:eb:4a:f3:a6:4b:10:5a:d6:a3:ed:4b:17:bd:06:
bf:e4:bb:cd:e0:1e:c8:99:7c:95:71:9a:4b:49:1d:
13:7d:5f:2b:5a:13:33:a4:44:9b:63:21:eb:dd:3f:
bd:b0:0e:c4:07:1c:a8:ec:20:3a:76:84:50:0c:26:
28:4f:a5:41:bf:7e:84:2d:d4:fd:c7:6d:4a:71:30:
18:19:ea:83:53:01:8d:50:f7:90:4a:dd:e3:97:65:
84:a7:a2:7c:f4:5d:de:29:ea:00:62:dc:72:35:81:
29:89:3e:32:2f:09:b2:bb:44:ee:58:26:9c:b9:47:
8a:ed:aa:dc:bd:15:99:20:c6:1e:0b:af:fa:0b:60:
d1:51:4e:c3:98:96:77:ed:5c:a3:34:82:e1:33:ae:
c2:4d:61:f4:81:a8:09:67:64:e9:48:6c:ce:1e:e8:
62:19:ec:92:f1:c6:19:36:9a:c7:c1:06:53:9c:88:
26:63:68:d6:1c:23:b0:43:61:a5:99:53:4a:81:65:
ed:ee:e5:b8:e9:7d:2e:af:31:d9:bb:b6:ec:2f:65:
7d:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:0A:E2:11:C5:C3:88:2E:F7:32:B6:E6:A5:B9:B4:A6:95:27:18:32
X509v3 Authority Key Identifier:
keyid:DC:11:DA:EF:AF:F8:1C:7E:50:12:78:D8:7D:9B:C2:B2:04:D7:11:55
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3BHa76_4HH5QEnjYfZvCsgTXEVU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/b22603-90ab-43ad-ab16-65249cbc573c/1/TgriEcXDiC73Mrbmpbm0ppUnGDI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/b22603-90ab-43ad-ab16-65249cbc573c/1/3BHa76_4HH5QEnjYfZvCsgTXEVU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.154.40.0-94.154.46.255
Signature Algorithm: sha256WithRSAEncryption
2c:cd:95:d0:4b:bb:be:20:4f:1c:5c:9e:19:8d:74:21:29:b4:
cf:cb:2a:9f:d5:14:75:31:f0:86:96:a2:34:b3:30:be:59:21:
03:fc:d9:d8:49:a7:f4:1d:b5:8a:21:79:f9:fa:e9:ed:24:bf:
0e:f8:41:6c:ec:8b:d6:9b:fd:2a:78:bf:da:97:cd:e2:d8:9a:
c5:e9:02:d0:a1:af:af:ce:0e:fd:85:e4:03:89:da:61:27:5b:
3d:cf:e7:54:20:5b:db:7d:45:23:a3:11:1f:06:bd:0f:de:c5:
9c:53:88:81:88:f8:58:cb:ba:12:4f:31:83:ee:02:22:9c:b2:
d8:bb:95:d0:dc:b5:45:3b:30:5f:5f:e6:52:1c:0a:68:af:a0:
45:f7:3c:67:1a:16:2e:89:e1:b5:bf:4b:2d:81:39:5f:43:9a:
26:d5:77:c2:74:2d:7c:57:30:6e:40:f2:34:62:00:57:6b:2e:
f5:00:a7:a8:27:8d:f2:a7:59:ac:70:eb:4d:e6:6c:29:e1:dc:
a6:61:79:a9:a6:e2:a4:36:17:13:ad:75:f5:51:32:8d:1c:54:
0f:2e:9a:ae:50:b0:3d:4b:74:c8:f5:45:9d:0e:73:52:56:16:
ca:d1:7d:a0:5f:fd:26:53:7f:38:09:30:23:44:8b:04:e1:ec:
ed:77:7b:4d
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYRW0+RzgiCRrST4JORaoZtyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRjMTFkYWVmYWZmODFjN2U1MDEyNzhkODdkOWJjMmIyMDRk
NzExNTUwHhcNMjIxMTA4MTA0MDM3WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZTBhZTIxMWM1YzM4ODJlZjczMmI2ZTZhNWI5YjRhNjk1MjcxODMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvBY2uu/fpSQIgDnf+R2re3++cYnW
J7Q/U0+6GkSkY8AH49c5ifv63Y5GRVQH60rzpksQWtaj7UsXvQa/5LvN4B7ImXyV
cZpLSR0TfV8rWhMzpESbYyHr3T+9sA7EBxyo7CA6doRQDCYoT6VBv36ELdT9x21K
cTAYGeqDUwGNUPeQSt3jl2WEp6J89F3eKeoAYtxyNYEpiT4yLwmyu0TuWCacuUeK
7arcvRWZIMYeC6/6C2DRUU7DmJZ37VyjNILhM67CTWH0gagJZ2TpSGzOHuhiGeyS
8cYZNprHwQZTnIgmY2jWHCOwQ2GlmVNKgWXt7uW46X0urzHZu7bsL2V97QIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFE4K4hHFw4gu9zK25qW5tKaVJxgyMB8GA1UdIwQY
MBaAFNwR2u+v+Bx+UBJ42H2bwrIE1xFVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM0JIYTc2XzRISDVRRW5qWWZadkNzZ1RYRVZVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC9iMjI2MDMtOTBhYi00M2FkLWFiMTYt
NjUyNDljYmM1NzNjLzEvVGdyaUVjWERpQzczTXJibXBibTBwcFVuR0RJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC9iMjI2MDMtOTBhYi00M2FkLWFiMTYtNjUyNDljYmM1NzNj
LzEvM0JIYTc2XzRISDVRRW5qWWZadkNzZ1RYRVZVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBANemigD
BABemi4wDQYJKoZIhvcNAQELBQADggEBACzNldBLu74gTxxcnhmNdCEptM/LKp/V
FHUx8IaWojSzML5ZIQP82dhJp/QdtYohefn66e0kvw74QWzsi9ab/Sp4v9qXzeLY
msXpAtChr6/ODv2F5AOJ2mEnWz3P51QgW9t9RSOjER8GvQ/exZxTiIGI+FjLuhJP
MYPuAiKcsti7ldDctUU7MF9f5lIcCmivoEX3PGcaFi6J4bW/Sy2BOV9DmibVd8J0
LXxXMG5A8jRiAFdrLvUAp6gnjfKnWaxw603mbCnh3KZheamm4qQ2FxOtdfVRMo0c
VA8umq5QsD1LdMj1RZ0Oc1JWFsrRfaBf/SZTfzgJMCNEiwTh7O13e00=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:44:10 2023 by rpki-client on console-fra.rpki-client.org