Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/tfhRJQ5SE4wBqyJt2rekMYuBoIk.roa
File: tfhRJQ5SE4wBqyJt2rekMYuBoIk.roa (raw, json)
Hash identifier: wde6ir+vw1cmGFZXZP3zNcFid6SuKSbT22KRHAbV0bY=
Subject key identifier: B5:F8:51:25:0E:52:13:8C:01:AB:22:6D:DA:B7:A4:31:8B:81:A0:89
Certificate issuer: /CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Certificate serial: 01851A314881CAED9CE86B788658F832AB5F
Authority key identifier: 9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/tfhRJQ5SE4wBqyJt2rekMYuBoIk.roa
Signing time: Fri 16 Dec 2022 09:08:35 +0000
ROA not before: Fri 16 Dec 2022 09:08:35 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 209371
IP address blocks: 45.88.139.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:1a:31:48:81:ca:ed:9c:e8:6b:78:86:58:f8:32:ab:5f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Validity
Not Before: Dec 16 09:08:35 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=b5f851250e52138c01ab226ddab7a4318b81a089
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:82:9e:01:b7:48:58:46:40:5e:ea:0b:9f:47:
7c:ec:92:ec:0b:98:ad:cc:69:07:4d:2a:75:42:b2:
f9:04:a7:02:69:be:e1:df:16:7b:28:ea:48:9f:95:
9b:50:bf:52:43:c7:2d:fe:db:ac:5d:ee:9e:4c:6c:
c4:4e:6a:40:e7:21:d6:49:91:91:de:f7:41:25:80:
e5:8f:4c:e3:8d:a3:6f:d8:33:0c:45:fa:85:0a:77:
06:60:85:e5:b6:23:ea:18:aa:59:0e:98:49:b7:14:
86:72:b6:6f:78:b9:0f:4d:e0:0e:b9:1b:9b:7c:f3:
3e:c1:5e:5a:c5:65:74:ca:0a:40:0e:e6:b0:3a:08:
91:84:b2:49:e5:f8:bb:9f:55:02:90:0a:96:5c:35:
69:15:bf:da:b2:0e:72:ca:45:a5:2e:8b:5e:f7:12:
e4:47:a2:a2:c3:98:4a:ec:73:d2:f0:b7:ce:16:cc:
bd:d5:a1:be:3d:de:8e:2e:71:c1:ea:09:64:24:a8:
48:9a:2d:4e:4e:3b:c0:2b:2c:07:f2:1d:b0:c2:2b:
b5:56:2a:44:fb:90:7f:49:ca:9c:80:98:85:ca:a4:
98:1b:49:fc:bc:5a:f5:f0:bf:ac:a8:5d:1e:f4:60:
77:26:d2:76:97:35:42:19:5e:40:7d:3f:15:fa:27:
80:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:F8:51:25:0E:52:13:8C:01:AB:22:6D:DA:B7:A4:31:8B:81:A0:89
X509v3 Authority Key Identifier:
keyid:9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/tfhRJQ5SE4wBqyJt2rekMYuBoIk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.88.139.0/24
Signature Algorithm: sha256WithRSAEncryption
ae:0d:5c:5b:ed:31:6a:6f:43:e9:68:e0:33:4f:f1:00:d8:11:
cd:37:1b:eb:f0:3b:27:7b:7d:06:68:8f:d8:2d:40:48:92:4b:
9f:57:7a:f6:10:f4:60:18:4d:c4:34:1a:03:20:f1:a8:f4:7d:
56:a6:e9:f0:21:60:b0:0f:85:cc:2c:51:c6:3c:eb:b3:0e:17:
6e:8b:06:2f:78:21:4a:36:4f:e4:31:20:d8:de:cd:b1:94:45:
dd:ac:6c:68:29:d4:95:b2:80:13:44:10:4d:f8:dd:ac:15:a4:
0d:6b:10:ca:58:c8:55:f5:68:8c:d4:10:39:d8:4b:fa:d4:cf:
47:5f:33:62:50:4b:5d:10:3e:14:ac:3e:c3:8c:9c:df:14:c0:
aa:45:f4:9a:e4:2a:b5:69:3f:8e:09:21:68:9d:a9:67:bb:35:
de:2b:09:cc:a4:28:cb:1a:dd:da:f7:a8:22:51:a6:c8:83:32:
35:8c:22:38:a2:1a:7a:a7:56:06:8b:61:45:69:72:a4:45:95:
bf:4a:61:c0:b2:c5:a3:dd:5b:14:b2:38:71:48:22:67:27:80:
e7:00:0b:b4:14:8e:6c:42:ab:0d:f7:27:cd:4e:72:77:49:0f:
a4:fd:32:54:f9:6a:fb:f4:59:9c:d4:75:84:0c:55:bc:50:09:
68:ba:11:ed
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYUaMUiByu2c6Gt4hlj4MqtfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMmE0NzhiYjBiMDhlNjYxYjBiMmY5ZmJlODkzNWJjOWMy
YTI4YTEwHhcNMjIxMjE2MDkwODM1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNWY4NTEyNTBlNTIxMzhjMDFhYjIyNmRkYWI3YTQzMThiODFhMDg5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzYKeAbdIWEZAXuoLn0d87JLsC5it
zGkHTSp1QrL5BKcCab7h3xZ7KOpIn5WbUL9SQ8ct/tusXe6eTGzETmpA5yHWSZGR
3vdBJYDlj0zjjaNv2DMMRfqFCncGYIXltiPqGKpZDphJtxSGcrZveLkPTeAOuRub
fPM+wV5axWV0ygpADuawOgiRhLJJ5fi7n1UCkAqWXDVpFb/asg5yykWlLote9xLk
R6Kiw5hK7HPS8LfOFsy91aG+Pd6OLnHB6glkJKhImi1OTjvAKywH8h2wwiu1VipE
+5B/ScqcgJiFyqSYG0n8vFr18L+sqF0e9GB3JtJ2lzVCGV5AfT8V+ieAaQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLX4USUOUhOMAasibdq3pDGLgaCJMB8GA1UdIwQY
MBaAFJ0qR4uwsI5mGwsvn76JNbycKiihMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMt
ZWVmMzUxMWY2YzYwLzEvdGZoUkpRNVNFNHdCcXlKdDJyZWtNWXVCb0lrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMtZWVmMzUxMWY2YzYw
LzEvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALViLMA0G
CSqGSIb3DQEBCwUAA4IBAQCuDVxb7TFqb0PpaOAzT/EA2BHNNxvr8Dsne30GaI/Y
LUBIkkufV3r2EPRgGE3ENBoDIPGo9H1WpunwIWCwD4XMLFHGPOuzDhduiwYveCFK
Nk/kMSDY3s2xlEXdrGxoKdSVsoATRBBN+N2sFaQNaxDKWMhV9WiM1BA52Ev61M9H
XzNiUEtdED4UrD7DjJzfFMCqRfSa5Cq1aT+OCSFonalnuzXeKwnMpCjLGt3a96gi
UabIgzI1jCI4ohp6p1YGi2FFaXKkRZW/SmHAssWj3VsUsjhxSCJnJ4DnAAu0FI5s
QqsN9yfNTnJ3SQ+k/TJU+Wr79Fmc1HWEDFW8UAlouhHt
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:32 2024 by rpki-client on console-fra.rpki-client.org