Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1b/148d88-6136-4374-994b-d53f94e207a9/1/Tq6pfKS94lMCbRE7HWSp81N3sKw.roa
File: Tq6pfKS94lMCbRE7HWSp81N3sKw.roa (raw, json)
Hash identifier: 94orMMNoWECFxKIpLR6+ITpKRgCuVGcl1xnGE8Ocnm8=
Subject key identifier: 4E:AE:A9:7C:A4:BD:E2:53:02:6D:11:3B:1D:64:A9:F3:53:77:B0:AC
Certificate issuer: /CN=ffb4f40f3211561c29f1bbc320bd87cfa2ddd029
Certificate serial: 0FCB917E
Authority key identifier: FF:B4:F4:0F:32:11:56:1C:29:F1:BB:C3:20:BD:87:CF:A2:DD:D0:29
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_7T0DzIRVhwp8bvDIL2Hz6Ld0Ck.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1b/148d88-6136-4374-994b-d53f94e207a9/1/Tq6pfKS94lMCbRE7HWSp81N3sKw.roa
Signing time: Sat 01 Jan 2022 06:53:04 +0000
ROA not before: Sat 01 Jan 2022 06:53:04 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 59943
IP address blocks: 91.208.211.0/24 maxlen: 24
193.104.8.0/24 maxlen: 24
185.3.216.0/22 maxlen: 24
91.223.195.0/24 maxlen: 24
2a02:5b41::/32 maxlen: 32
2a02:5b40::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 264999294 (0xfcb917e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ffb4f40f3211561c29f1bbc320bd87cfa2ddd029
Validity
Not Before: Jan 1 06:53:04 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=4eaea97ca4bde253026d113b1d64a9f35377b0ac
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:bc:5e:89:30:68:74:c9:b8:62:f4:38:58:f1:
24:39:6d:c4:24:67:d0:39:43:75:c4:f3:e5:01:0a:
23:2b:69:3d:31:0a:09:a5:19:e7:28:51:bd:7e:59:
44:11:a7:97:2b:39:77:d1:99:d0:b7:ac:fb:eb:1a:
e1:95:fd:38:e9:2b:9a:fa:60:ad:ba:c1:91:42:5c:
f3:40:36:6d:b6:88:c8:f4:2a:53:df:f9:5c:4d:43:
e4:ca:73:7e:7b:a0:6a:1b:99:a5:f3:13:9a:c6:3e:
16:2a:12:85:44:a5:54:77:ee:b2:83:35:63:2f:85:
2d:f2:14:da:08:d6:4e:04:66:3f:af:e6:37:36:6e:
5a:59:09:1a:40:db:87:8b:64:6c:1f:ab:05:d6:1f:
a9:1e:62:da:20:1b:1a:45:23:75:4d:e5:f4:a3:d9:
ed:12:49:74:60:47:c0:de:f8:68:41:2b:cf:76:6b:
ee:3b:c8:46:7d:4d:93:68:2d:98:be:b7:1f:38:54:
a5:3a:ec:d6:30:1a:11:d6:c7:dd:ec:c4:0a:ba:2e:
fe:b3:dc:34:0d:63:f8:a9:0d:f8:08:90:7b:47:fb:
d2:e5:4f:72:18:09:fd:37:35:01:e0:49:e6:b0:67:
52:ff:d1:93:40:e0:e3:e7:f3:3d:45:26:31:02:61:
6b:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:AE:A9:7C:A4:BD:E2:53:02:6D:11:3B:1D:64:A9:F3:53:77:B0:AC
X509v3 Authority Key Identifier:
keyid:FF:B4:F4:0F:32:11:56:1C:29:F1:BB:C3:20:BD:87:CF:A2:DD:D0:29
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_7T0DzIRVhwp8bvDIL2Hz6Ld0Ck.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/148d88-6136-4374-994b-d53f94e207a9/1/Tq6pfKS94lMCbRE7HWSp81N3sKw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/148d88-6136-4374-994b-d53f94e207a9/1/_7T0DzIRVhwp8bvDIL2Hz6Ld0Ck.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.208.211.0/24
91.223.195.0/24
185.3.216.0/22
193.104.8.0/24
IPv6:
2a02:5b40::/31
Signature Algorithm: sha256WithRSAEncryption
86:05:50:8c:80:f8:e2:99:14:28:d6:14:d6:cf:c1:ab:4c:f5:
48:59:e9:e4:77:c0:16:d6:e1:f1:c3:3e:f5:7a:c5:7f:1d:44:
a8:2c:a2:30:4f:62:d1:cb:2c:ba:b3:20:eb:1d:e9:6c:25:c9:
c7:6f:8a:97:eb:62:c6:97:91:21:f5:1f:b2:4b:ab:2b:01:ed:
ff:1f:78:53:0c:4f:cc:88:3f:2b:91:4e:57:f2:74:c8:6d:67:
da:04:e2:d3:a1:8a:e1:5f:41:b5:e2:38:2a:6d:c8:b9:eb:30:
c7:12:06:fb:b0:86:77:ed:79:52:f8:6a:db:30:a1:af:58:57:
dd:27:b5:ef:c7:18:25:62:aa:5d:04:eb:94:33:7a:40:85:a0:
ca:20:30:1b:8d:dc:2e:c3:3d:97:0e:4d:d0:d7:d1:5d:f6:bc:
56:2f:07:d0:bc:bf:19:44:54:e8:ff:1f:f0:99:70:5b:f4:67:
e6:77:e3:10:a9:e9:27:43:41:c5:1c:66:48:c1:5c:64:1f:24:
97:b7:6c:e7:f6:9d:aa:10:40:66:74:29:5e:db:50:82:31:a5:
d1:9a:08:4c:d3:e0:ae:d9:9e:51:59:bc:00:87:37:83:58:65:
af:6b:5f:7b:3f:ae:95:28:86:9f:45:5a:5a:d7:43:48:7f:d8:
cd:96:80:84
-----BEGIN CERTIFICATE-----
MIIFEDCCA/igAwIBAgIED8uRfjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
ZmI0ZjQwZjMyMTE1NjFjMjlmMWJiYzMyMGJkODdjZmEyZGRkMDI5MB4XDTIyMDEw
MTA2NTMwNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNGVhZWE5N2NhNGJk
ZTI1MzAyNmQxMTNiMWQ2NGE5ZjM1Mzc3YjBhYzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALa8XokwaHTJuGL0OFjxJDltxCRn0DlDdcTz5QEKIytpPTEK
CaUZ5yhRvX5ZRBGnlys5d9GZ0Les++sa4ZX9OOkrmvpgrbrBkUJc80A2bbaIyPQq
U9/5XE1D5MpzfnugahuZpfMTmsY+FioShUSlVHfusoM1Yy+FLfIU2gjWTgRmP6/m
NzZuWlkJGkDbh4tkbB+rBdYfqR5i2iAbGkUjdU3l9KPZ7RJJdGBHwN74aEErz3Zr
7jvIRn1Nk2gtmL63HzhUpTrs1jAaEdbH3ezECrou/rPcNA1j+KkN+AiQe0f70uVP
chgJ/Tc1AeBJ5rBnUv/Rk0Dg4+fzPUUmMQJha0kCAwEAAaOCAiowggImMB0GA1Ud
DgQWBBROrql8pL3iUwJtETsdZKnzU3ewrDAfBgNVHSMEGDAWgBT/tPQPMhFWHCnx
u8MgvYfPot3QKTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L183VDBEeklSVmh3cDhidkRJTDJIejZMZDBDay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMWIvMTQ4ZDg4LTYxMzYtNDM3NC05OTRiLWQ1M2Y5NGUyMDdhOS8x
L1RxNnBmS1M5NGxNQ2JSRTdIV1NwODFOM3NLdy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMWIv
MTQ4ZDg4LTYxMzYtNDM3NC05OTRiLWQ1M2Y5NGUyMDdhOS8xL183VDBEeklSVmh3
cDhidkRJTDJIejZMZDBDay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBA
BggrBgEFBQcBBwEB/wQxMC8wHgQCAAEwGAMEAFvQ0wMEAFvfwwMEArkD2AMEAMFo
CDANBAIAAjAHAwUBKgJbQDANBgkqhkiG9w0BAQsFAAOCAQEAhgVQjID44pkUKNYU
1s/Bq0z1SFnp5HfAFtbh8cM+9XrFfx1EqCyiME9i0cssurMg6x3pbCXJx2+Kl+ti
xpeRIfUfskurKwHt/x94UwxPzIg/K5FOV/J0yG1n2gTi06GK4V9BteI4Km3Iuesw
xxIG+7CGd+15Uvhq2zChr1hX3Se178cYJWKqXQTrlDN6QIWgyiAwG43cLsM9lw5N
0NfRXfa8Vi8H0Ly/GURU6P8f8JlwW/Rn5nfjEKnpJ0NBxRxmSMFcZB8kl7ds5/ad
qhBAZnQpXttQgjGl0ZoITNPgrtmeUVm8AIc3g1hlr2tfez+ulSiGn0VaWtdDSH/Y
zZaAhA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:56:44 2024 by rpki-client on console-ams.rpki-client.org