Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/12/b74ad6-aa5a-4949-b860-649bfc548587/1/tGWR4MrCN9hxFxyVDitsLwdhzyw.roa
File: tGWR4MrCN9hxFxyVDitsLwdhzyw.roa (raw, json)
Hash identifier: Qa9bCLGoC3H/JKz8FFzFGvi3RkgoCwki9/PhIoMjMaE=
Subject key identifier: B4:65:91:E0:CA:C2:37:D8:71:17:1C:95:0E:2B:6C:2F:07:61:CF:2C
Certificate issuer: /CN=82b53661f621b6f574a5f38f1162ca679c3b30ee
Certificate serial: 018C3607926DD103BD3EB66CA56C967A7315
Authority key identifier: 82:B5:36:61:F6:21:B6:F5:74:A5:F3:8F:11:62:CA:67:9C:3B:30:EE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/grU2YfYhtvV0pfOPEWLKZ5w7MO4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/12/b74ad6-aa5a-4949-b860-649bfc548587/1/tGWR4MrCN9hxFxyVDitsLwdhzyw.roa
Signing time: Mon 04 Dec 2023 18:11:55 +0000
ROA not before: Mon 04 Dec 2023 18:11:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 209377
IP address blocks: 152.89.4.0/24 maxlen: 24
152.89.4.0/22 maxlen: 22
2a09:2c40:b::/48 maxlen: 48
2a09:2c40:e::/48 maxlen: 48
2a09:2c40:c::/48 maxlen: 48
2a09:2c40::/29 maxlen: 29
2a09:2c40:a::/48 maxlen: 48
2a09:2c40:d::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:36:07:92:6d:d1:03:bd:3e:b6:6c:a5:6c:96:7a:73:15
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=82b53661f621b6f574a5f38f1162ca679c3b30ee
Validity
Not Before: Dec 4 18:11:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b46591e0cac237d871171c950e2b6c2f0761cf2c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:be:7f:80:92:ae:8e:a7:59:de:b9:64:c1:f2:
a9:66:08:9e:db:37:2a:2c:54:67:56:49:77:ca:68:
10:72:70:c4:65:30:80:a4:bb:5f:aa:58:c5:99:69:
79:6d:4c:d9:20:39:18:55:4e:74:c8:64:60:a9:28:
fc:bc:26:b3:3d:60:ed:e8:a0:66:6e:1a:c4:19:fb:
27:eb:fc:3b:15:b2:98:58:da:f8:4a:5a:c5:d2:8c:
10:2b:7c:f3:18:f6:00:0a:49:75:c9:3f:a7:29:07:
22:a5:32:cc:0b:54:70:94:57:8c:2a:47:6a:13:44:
4e:1f:5f:60:a8:c5:c1:14:c1:9c:df:96:cd:26:d3:
d4:42:90:b7:1d:c2:88:1f:bb:f5:48:4d:dc:1a:48:
bb:51:b8:1e:93:fa:a2:30:8e:4d:f2:58:51:40:0e:
7e:22:e3:cb:98:8c:7a:c6:0d:ac:c6:2e:11:57:e2:
33:16:8d:66:bb:ac:27:d5:5a:a4:b5:a2:65:1e:c1:
f9:82:b6:2b:39:b5:4b:23:d1:a0:ea:96:de:15:bf:
3b:fa:6b:11:6f:31:4c:e8:a7:d6:5e:aa:f4:3a:55:
8d:18:df:ff:3e:97:8a:be:c8:32:9c:ac:92:62:f1:
a6:68:a9:52:27:a2:28:37:4a:70:3d:40:90:dd:03:
7f:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:65:91:E0:CA:C2:37:D8:71:17:1C:95:0E:2B:6C:2F:07:61:CF:2C
X509v3 Authority Key Identifier:
keyid:82:B5:36:61:F6:21:B6:F5:74:A5:F3:8F:11:62:CA:67:9C:3B:30:EE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/grU2YfYhtvV0pfOPEWLKZ5w7MO4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/12/b74ad6-aa5a-4949-b860-649bfc548587/1/tGWR4MrCN9hxFxyVDitsLwdhzyw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/12/b74ad6-aa5a-4949-b860-649bfc548587/1/grU2YfYhtvV0pfOPEWLKZ5w7MO4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
152.89.4.0/22
IPv6:
2a09:2c40::/29
Signature Algorithm: sha256WithRSAEncryption
d1:7f:b8:16:13:29:46:11:3c:93:c1:02:f9:98:d9:b8:85:21:
9e:48:10:f9:96:51:23:e1:a7:a3:10:a3:ee:6f:93:e9:2c:81:
68:b1:53:df:8e:6b:23:87:95:15:ae:57:75:9e:af:ae:5a:43:
cf:62:58:56:57:67:b1:65:32:44:fb:ea:27:87:92:42:0e:37:
01:c3:50:f3:5e:9f:91:5e:8d:87:d4:f3:20:51:a3:aa:d4:a9:
28:f4:26:ac:10:1a:5b:79:7f:10:ff:f6:73:ec:9b:2e:c4:b9:
8e:b5:8d:46:9f:2f:c9:63:f3:63:2b:8e:95:c3:ef:fa:03:a6:
6f:97:f2:f0:e9:49:66:ec:85:88:bd:38:22:4e:de:25:24:4f:
b1:28:85:7e:f9:64:eb:48:b9:72:35:65:87:dd:de:6c:58:2a:
03:c9:9d:8c:30:96:cf:9b:2d:a0:d2:b9:d8:39:3b:b8:73:cb:
02:cd:02:53:13:d4:84:2f:ac:4b:36:32:e9:9d:80:e5:c0:df:
d4:16:90:62:34:6e:00:22:61:4d:49:ca:53:00:69:f3:00:52:
44:22:03:d8:72:3c:d5:ec:4c:8c:1c:7b:cd:a5:4e:d9:98:dd:
3b:60:85:a8:3f:72:4d:f8:76:ec:f4:de:ff:ac:fe:1d:70:56:
5e:6b:4f:10
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYw2B5Jt0QO9PrZspWyWenMVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgyYjUzNjYxZjYyMWI2ZjU3NGE1ZjM4ZjExNjJjYTY3OWMz
YjMwZWUwHhcNMjMxMjA0MTgxMTU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNDY1OTFlMGNhYzIzN2Q4NzExNzFjOTUwZTJiNmMyZjA3NjFjZjJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuL5/gJKujqdZ3rlkwfKpZgie2zcq
LFRnVkl3ymgQcnDEZTCApLtfqljFmWl5bUzZIDkYVU50yGRgqSj8vCazPWDt6KBm
bhrEGfsn6/w7FbKYWNr4SlrF0owQK3zzGPYACkl1yT+nKQcipTLMC1RwlFeMKkdq
E0ROH19gqMXBFMGc35bNJtPUQpC3HcKIH7v1SE3cGki7Ubgek/qiMI5N8lhRQA5+
IuPLmIx6xg2sxi4RV+IzFo1mu6wn1VqktaJlHsH5grYrObVLI9Gg6pbeFb87+msR
bzFM6KfWXqr0OlWNGN//PpeKvsgynKySYvGmaKlSJ6IoN0pwPUCQ3QN/7wIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFLRlkeDKwjfYcRcclQ4rbC8HYc8sMB8GA1UdIwQY
MBaAFIK1NmH2Ibb1dKXzjxFiymecOzDuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ3JVMllmWWh0dlYwcGZPUEVXTEtaNXc3TU80LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMi9iNzRhZDYtYWE1YS00OTQ5LWI4NjAt
NjQ5YmZjNTQ4NTg3LzEvdEdXUjRNckNOOWh4Rnh5VkRpdHNMd2Roenl3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMi9iNzRhZDYtYWE1YS00OTQ5LWI4NjAtNjQ5YmZjNTQ4NTg3
LzEvZ3JVMllmWWh0dlYwcGZPUEVXTEtaNXc3TU80LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCmFkEMA0E
AgACMAcDBQMqCSxAMA0GCSqGSIb3DQEBCwUAA4IBAQDRf7gWEylGETyTwQL5mNm4
hSGeSBD5llEj4aejEKPub5PpLIFosVPfjmsjh5UVrld1nq+uWkPPYlhWV2exZTJE
++onh5JCDjcBw1DzXp+RXo2H1PMgUaOq1Kko9CasEBpbeX8Q//Zz7JsuxLmOtY1G
ny/JY/NjK46Vw+/6A6Zvl/Lw6Ulm7IWIvTgiTt4lJE+xKIV++WTrSLlyNWWH3d5s
WCoDyZ2MMJbPmy2g0rnYOTu4c8sCzQJTE9SEL6xLNjLpnYDlwN/UFpBiNG4AImFN
ScpTAGnzAFJEIgPYcjzV7EyMHHvNpU7ZmN07YIWoP3JN+Hbs9N7/rP4dcFZea08Q
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:02:02 2025 by rpki-client