Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/TLWTErM3oyQRQknYFpZ-wtdsHN8.roa
File: TLWTErM3oyQRQknYFpZ-wtdsHN8.roa (raw, json)
Hash identifier: OWajIB3ybcwUh21byZtvBggOj+T8aS/UffT5hZas9wA=
Subject key identifier: 4C:B5:93:12:B3:37:A3:24:11:42:49:D8:16:96:7E:C2:D7:6C:1C:DF
Certificate issuer: /CN=1b0415bfc43b38e9cfd1a12995202e8763752fde
Certificate serial: 0B0FD475
Authority key identifier: 1B:04:15:BF:C4:3B:38:E9:CF:D1:A1:29:95:20:2E:87:63:75:2F:DE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GwQVv8Q7OOnP0aEplSAuh2N1L94.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/TLWTErM3oyQRQknYFpZ-wtdsHN8.roa
Signing time: Wed 22 Jun 2022 08:43:44 +0000
ROA not before: Wed 22 Jun 2022 08:43:44 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 49581
IP address blocks: 45.134.36.0/24 maxlen: 24
185.117.3.0/24 maxlen: 24
45.13.227.0/24 maxlen: 24
5.253.246.0/24 maxlen: 24
45.142.104.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 185586805 (0xb0fd475)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1b0415bfc43b38e9cfd1a12995202e8763752fde
Validity
Not Before: Jun 22 08:43:44 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=4cb59312b337a324114249d816967ec2d76c1cdf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ef:41:22:d5:fd:e6:ec:fc:f9:d1:94:b5:8d:d7:
8d:a5:b2:36:f2:5a:2f:6d:10:a3:70:e2:63:1f:26:
c0:87:73:d5:d4:a6:0c:0d:64:b7:f5:21:52:0c:02:
44:6d:8b:dc:5f:8a:bb:55:17:ee:86:51:b4:e1:85:
bf:39:9f:04:f4:7b:81:e5:cf:f7:12:f1:75:fa:a3:
d6:9b:5c:59:56:f5:9d:d5:34:58:01:41:3a:8c:5e:
d8:f6:b9:1d:fe:1f:d0:b4:44:3d:7c:b9:78:7d:9d:
74:4e:4c:30:a9:95:dd:62:0d:fa:d0:f3:ac:af:29:
59:7f:e5:75:58:9a:69:fb:c4:a2:9e:87:ea:70:36:
4b:22:b9:16:95:f8:5b:cd:fb:ee:d0:ef:bd:bd:f7:
4e:be:14:7c:b3:06:a3:43:fe:03:ef:3b:51:77:56:
90:2f:ed:50:79:83:cb:0e:86:66:e6:ff:d7:20:21:
d2:84:20:56:42:72:38:b7:93:d4:62:08:37:04:41:
f3:13:a7:98:3d:fb:b6:24:d5:fd:22:c5:cb:cb:6b:
96:90:bf:e2:9e:79:aa:73:57:f8:65:96:94:8f:ce:
42:8a:18:55:11:a4:5f:dd:88:f9:16:91:46:05:61:
4e:65:07:bf:62:c6:4d:a8:22:72:60:b0:6d:5a:9f:
9e:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:B5:93:12:B3:37:A3:24:11:42:49:D8:16:96:7E:C2:D7:6C:1C:DF
X509v3 Authority Key Identifier:
keyid:1B:04:15:BF:C4:3B:38:E9:CF:D1:A1:29:95:20:2E:87:63:75:2F:DE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GwQVv8Q7OOnP0aEplSAuh2N1L94.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/TLWTErM3oyQRQknYFpZ-wtdsHN8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/GwQVv8Q7OOnP0aEplSAuh2N1L94.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.253.246.0/24
45.13.227.0/24
45.134.36.0/24
45.142.104.0/24
185.117.3.0/24
Signature Algorithm: sha256WithRSAEncryption
a4:86:b8:e8:cc:4c:df:f3:d9:51:2b:b4:b3:77:6f:ee:2f:66:
07:46:97:19:ad:57:24:84:6e:c9:e9:78:54:19:36:44:8a:13:
ac:0d:d3:11:8a:98:75:cd:b8:9f:70:f1:0b:9f:20:14:a0:fb:
a7:96:c7:84:6b:f8:65:68:61:c3:6c:bb:9c:de:b6:62:ec:eb:
d6:33:4a:1a:f8:e7:27:8d:09:6b:f4:0e:3d:a0:03:31:f9:14:
cd:74:ce:64:a2:38:a9:bc:00:f9:5b:b5:2c:91:99:56:ad:ae:
e4:3b:39:e7:e0:92:1f:da:51:18:3c:1f:53:10:40:f0:e7:91:
8c:97:c1:cf:8f:fd:74:bd:e9:21:b9:5a:34:f6:89:b9:94:d0:
5d:9d:ea:cb:13:3b:09:12:71:8c:be:25:40:e1:cb:85:de:4e:
43:fb:17:22:36:04:70:94:e5:52:bb:b7:c5:00:75:13:a7:09:
de:13:a8:65:80:ee:b5:8a:04:45:d6:be:3c:8e:37:10:c5:47:
46:dc:48:84:38:83:69:08:95:cd:07:4b:72:65:95:dc:8b:d3:
58:f0:46:03:f0:36:30:93:a8:85:1d:71:11:ad:fd:23:cd:13:
34:9e:ab:e3:97:1a:40:4c:17:ea:56:ad:93:67:c5:0c:46:a7:
38:c6:3e:17
-----BEGIN CERTIFICATE-----
MIIFBzCCA++gAwIBAgIECw/UdTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
YjA0MTViZmM0M2IzOGU5Y2ZkMWExMjk5NTIwMmU4NzYzNzUyZmRlMB4XDTIyMDYy
MjA4NDM0NFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNGNiNTkzMTJiMzM3
YTMyNDExNDI0OWQ4MTY5NjdlYzJkNzZjMWNkZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAO9BItX95uz8+dGUtY3XjaWyNvJaL20Qo3DiYx8mwIdz1dSm
DA1kt/UhUgwCRG2L3F+Ku1UX7oZRtOGFvzmfBPR7geXP9xLxdfqj1ptcWVb1ndU0
WAFBOoxe2Pa5Hf4f0LREPXy5eH2ddE5MMKmV3WIN+tDzrK8pWX/ldViaafvEop6H
6nA2SyK5FpX4W8377tDvvb33Tr4UfLMGo0P+A+87UXdWkC/tUHmDyw6GZub/1yAh
0oQgVkJyOLeT1GIINwRB8xOnmD37tiTV/SLFy8trlpC/4p55qnNX+GWWlI/OQooY
VRGkX92I+RaRRgVhTmUHv2LGTagicmCwbVqfnm0CAwEAAaOCAiEwggIdMB0GA1Ud
DgQWBBRMtZMSszejJBFCSdgWln7C12wc3zAfBgNVHSMEGDAWgBQbBBW/xDs46c/R
oSmVIC6HY3Uv3jAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0d3UVZ2OFE3T09uUDBhRXBsU0F1aDJOMUw5NC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMTYvMDk0MDgxLThhZWItNDJiZi1hNTc4LWEzY2EwZGI4MzI1NC8x
L1RMV1RFck0zb3lRUlFrbllGcFotd3Rkc0hOOC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMTYv
MDk0MDgxLThhZWItNDJiZi1hNTc4LWEzY2EwZGI4MzI1NC8xL0d3UVZ2OFE3T09u
UDBhRXBsU0F1aDJOMUw5NC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA3
BggrBgEFBQcBBwEB/wQoMCYwJAQCAAEwHgMEAAX99gMEAC0N4wMEAC2GJAMEAC2O
aAMEALl1AzANBgkqhkiG9w0BAQsFAAOCAQEApIa46MxM3/PZUSu0s3dv7i9mB0aX
Ga1XJIRuyel4VBk2RIoTrA3TEYqYdc24n3DxC58gFKD7p5bHhGv4ZWhhw2y7nN62
Yuzr1jNKGvjnJ40Ja/QOPaADMfkUzXTOZKI4qbwA+Vu1LJGZVq2u5Ds55+CSH9pR
GDwfUxBA8OeRjJfBz4/9dL3pIblaNPaJuZTQXZ3qyxM7CRJxjL4lQOHLhd5OQ/sX
IjYEcJTlUru3xQB1E6cJ3hOoZYDutYoERda+PI43EMVHRtxIhDiDaQiVzQdLcmWV
3IvTWPBGA/A2MJOohR1xEa39I80TNJ6r45caQEwX6latk2fFDEanOMY+Fw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:55:13 2024 by rpki-client on console-ams.rpki-client.org