Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/19/34244d-03c8-4780-87c3-45e696a5ae45/1/TNaVouHWo7ymUZeUMCW-We9TGNI.roa
File: TNaVouHWo7ymUZeUMCW-We9TGNI.roa (raw, json)
Hash identifier: ioGb+pDy3iSvH6bZqXw20DyS+jRyjpvUsnsj+wi1xmE=
Subject key identifier: 4C:D6:95:A2:E1:D6:A3:BC:A6:51:97:94:30:25:BE:59:EF:53:18:D2
Certificate issuer: /CN=f13219221cc0a21326ce006c42825bac2be31e17
Certificate serial: 018A5F0D4F90A1CB7CDBAC4B9C57EFB97939
Authority key identifier: F1:32:19:22:1C:C0:A2:13:26:CE:00:6C:42:82:5B:AC:2B:E3:1E:17
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8TIZIhzAohMmzgBsQoJbrCvjHhc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/19/34244d-03c8-4780-87c3-45e696a5ae45/1/TNaVouHWo7ymUZeUMCW-We9TGNI.roa
Signing time: Mon 04 Sep 2023 07:17:02 +0000
ROA not before: Mon 04 Sep 2023 07:17:02 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 44577
IP address blocks: 37.99.190.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:5f:0d:4f:90:a1:cb:7c:db:ac:4b:9c:57:ef:b9:79:39
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f13219221cc0a21326ce006c42825bac2be31e17
Validity
Not Before: Sep 4 07:17:02 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4cd695a2e1d6a3bca65197943025be59ef5318d2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:8e:03:1b:7c:f7:fe:83:4d:ba:40:b0:41:eb:
cf:94:ed:be:36:74:73:a3:3c:6c:2f:40:03:b8:ee:
de:08:a4:a0:4f:33:b2:ae:8d:6a:89:cc:02:fa:71:
8c:1d:c3:68:09:05:3d:e3:f9:ac:82:b4:38:66:a4:
f3:8b:d8:02:a6:67:cb:c8:69:c7:d2:76:9c:3b:26:
d6:e8:41:65:13:81:20:a3:dc:b7:cf:69:7e:1c:d6:
34:0e:4f:97:8c:0b:03:14:ac:5e:90:99:e6:43:31:
4a:9b:39:09:69:8a:5b:1b:64:3d:69:84:70:17:c2:
54:3d:1e:3b:0a:fd:63:25:2c:3a:18:a7:6f:db:76:
33:65:e7:2d:02:d5:10:1e:45:05:b7:e6:4f:89:a0:
0e:50:de:40:8e:8c:01:96:c5:e3:be:cb:79:b8:40:
59:ee:1d:cd:c6:f0:f9:87:42:f5:87:a6:93:8d:2b:
5a:26:8e:61:fe:14:9c:94:c8:38:af:ce:d1:00:6b:
89:7d:0e:87:e1:6d:3d:ca:8d:14:36:ea:e3:84:19:
c4:c2:3a:b4:7f:b0:c2:3e:07:00:8e:76:28:00:93:
81:b7:e0:7d:ba:1a:4e:92:b5:b3:ab:33:4a:a1:6e:
67:06:ca:c1:6a:f7:cd:72:4a:8a:ca:41:1e:a2:a0:
b8:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:D6:95:A2:E1:D6:A3:BC:A6:51:97:94:30:25:BE:59:EF:53:18:D2
X509v3 Authority Key Identifier:
keyid:F1:32:19:22:1C:C0:A2:13:26:CE:00:6C:42:82:5B:AC:2B:E3:1E:17
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8TIZIhzAohMmzgBsQoJbrCvjHhc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/19/34244d-03c8-4780-87c3-45e696a5ae45/1/TNaVouHWo7ymUZeUMCW-We9TGNI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/19/34244d-03c8-4780-87c3-45e696a5ae45/1/8TIZIhzAohMmzgBsQoJbrCvjHhc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.99.190.0/24
Signature Algorithm: sha256WithRSAEncryption
2a:d0:4a:af:8d:5c:32:cb:72:93:83:d1:d4:3c:5c:17:94:fc:
d9:9d:c1:fb:3c:e6:5a:77:0a:ca:8b:8b:f0:52:06:3b:49:98:
e0:79:b3:21:24:56:71:cc:bc:5f:19:9c:9a:2d:ab:58:4c:2d:
4e:4c:0a:2d:33:7b:d5:18:83:dd:d1:9a:1f:8c:38:6a:3d:fc:
19:c0:9a:7a:53:d3:34:6c:5e:9a:f5:61:4d:c4:10:d7:e6:20:
cb:9f:f0:66:fe:76:49:5a:da:ec:3c:61:d4:eb:c7:94:d4:44:
5b:7e:f5:68:10:4b:60:a9:65:46:2e:ea:68:0c:3f:14:22:c6:
9d:58:10:cb:4b:d4:8d:f8:e8:cf:f5:cb:e6:4e:f3:4e:31:8c:
29:df:46:c9:9e:15:c8:e6:76:c3:a8:3e:a9:ea:20:18:d9:68:
8e:b0:5a:1e:d9:13:e0:7d:07:7d:c9:6e:4c:51:46:9e:f4:3f:
44:88:ec:dd:42:7e:13:ec:9b:85:3b:84:d5:96:6b:9e:98:0e:
69:30:60:45:c7:6f:67:af:52:7f:a2:89:4b:fc:03:6e:92:7c:
75:d0:40:d3:38:c2:e8:f9:63:a2:10:47:a4:37:b0:3b:2c:f5:
f1:82:47:53:dc:dc:89:6e:c8:55:9f:f2:bf:59:d3:6a:1f:cc:
23:ed:02:42
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYpfDU+Qoct826xLnFfvuXk5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxMzIxOTIyMWNjMGEyMTMyNmNlMDA2YzQyODI1YmFjMmJl
MzFlMTcwHhcNMjMwOTA0MDcxNzAyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0Y2Q2OTVhMmUxZDZhM2JjYTY1MTk3OTQzMDI1YmU1OWVmNTMxOGQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0I4DG3z3/oNNukCwQevPlO2+NnRz
ozxsL0ADuO7eCKSgTzOyro1qicwC+nGMHcNoCQU94/msgrQ4ZqTzi9gCpmfLyGnH
0nacOybW6EFlE4Ego9y3z2l+HNY0Dk+XjAsDFKxekJnmQzFKmzkJaYpbG2Q9aYRw
F8JUPR47Cv1jJSw6GKdv23YzZectAtUQHkUFt+ZPiaAOUN5AjowBlsXjvst5uEBZ
7h3NxvD5h0L1h6aTjStaJo5h/hSclMg4r87RAGuJfQ6H4W09yo0UNurjhBnEwjq0
f7DCPgcAjnYoAJOBt+B9uhpOkrWzqzNKoW5nBsrBavfNckqKykEeoqC4ZwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEzWlaLh1qO8plGXlDAlvlnvUxjSMB8GA1UdIwQY
MBaAFPEyGSIcwKITJs4AbEKCW6wr4x4XMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOFRJWkloekFvaE1temdCc1FvSmJyQ3ZqSGhjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOS8zNDI0NGQtMDNjOC00NzgwLTg3YzMt
NDVlNjk2YTVhZTQ1LzEvVE5hVm91SFdvN3ltVVplVU1DVy1XZTlUR05JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOS8zNDI0NGQtMDNjOC00NzgwLTg3YzMtNDVlNjk2YTVhZTQ1
LzEvOFRJWkloekFvaE1temdCc1FvSmJyQ3ZqSGhjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAJWO+MA0G
CSqGSIb3DQEBCwUAA4IBAQAq0EqvjVwyy3KTg9HUPFwXlPzZncH7POZadwrKi4vw
UgY7SZjgebMhJFZxzLxfGZyaLatYTC1OTAotM3vVGIPd0ZofjDhqPfwZwJp6U9M0
bF6a9WFNxBDX5iDLn/Bm/nZJWtrsPGHU68eU1ERbfvVoEEtgqWVGLupoDD8UIsad
WBDLS9SN+OjP9cvmTvNOMYwp30bJnhXI5nbDqD6p6iAY2WiOsFoe2RPgfQd9yW5M
UUae9D9EiOzdQn4T7JuFO4TVlmuemA5pMGBFx29nr1J/oolL/ANuknx10EDTOMLo
+WOiEEekN7A7LPXxgkdT3NyJbshVn/K/WdNqH8wj7QJC
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:16:29 2025 by rpki-client