Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/fb1289-4d14-40f0-9679-11afb4992eef/1/ty9BHG4tL9uL1EbfKQPZjeF4hFk.roa
File: ty9BHG4tL9uL1EbfKQPZjeF4hFk.roa (raw, json)
Hash identifier: +PYdlo3hnxBtIqj0lhD4tB3lxz6cm0/RTJ08XLm2Jq4=
Subject key identifier: B7:2F:41:1C:6E:2D:2F:DB:8B:D4:46:DF:29:03:D9:8D:E1:78:84:59
Certificate issuer: /CN=aaebc9bfef2b4d23f19513bfd4d60bb798f5a59d
Certificate serial: 11B30A0C
Authority key identifier: AA:EB:C9:BF:EF:2B:4D:23:F1:95:13:BF:D4:D6:0B:B7:98:F5:A5:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/quvJv-8rTSPxlRO_1NYLt5j1pZ0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/fb1289-4d14-40f0-9679-11afb4992eef/1/ty9BHG4tL9uL1EbfKQPZjeF4hFk.roa
Signing time: Wed 16 Feb 2022 10:25:06 +0000
ROA not before: Wed 16 Feb 2022 10:25:06 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 34081
IP address blocks: 84.33.16.0/23 maxlen: 24
217.70.144.0/20 maxlen: 24
193.188.28.0/22 maxlen: 24
172.83.81.0/24 maxlen: 25
84.33.192.0/18 maxlen: 24
84.33.0.0/18 maxlen: 24
2001:1a38::/32 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 296946188 (0x11b30a0c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aaebc9bfef2b4d23f19513bfd4d60bb798f5a59d
Validity
Not Before: Feb 16 10:25:06 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=b72f411c6e2d2fdb8bd446df2903d98de1788459
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:af:94:4c:13:c1:99:4f:80:9a:5e:c1:c0:a8:
4f:fb:15:34:d9:4c:ed:12:b7:bd:b6:63:b8:74:39:
c6:4e:f1:63:12:75:b7:7e:e7:ed:28:be:e3:3d:c4:
3b:36:32:25:ef:87:12:b5:4c:49:75:18:40:39:4b:
9f:8c:9b:b5:5d:41:75:cf:42:4d:0d:83:75:98:3b:
ca:71:42:ce:2d:c3:2c:9d:5d:5f:8e:e2:e7:6e:19:
fd:36:04:8c:65:a4:08:71:52:ef:49:c4:c7:cb:d3:
e2:5f:4b:89:5e:8f:b8:b3:5e:6c:f7:4a:88:70:be:
0d:0e:3b:1e:cd:41:f2:32:59:27:4f:15:f2:69:89:
47:97:12:58:2b:ea:ab:bd:d3:e5:8d:b0:18:38:1f:
05:d5:a1:2b:46:22:a0:9d:40:08:5c:69:06:23:5f:
da:e7:1e:9d:19:d8:91:dc:29:0e:b7:ca:b7:e1:45:
32:f0:bb:bd:ab:d0:89:6f:e4:ae:16:dd:81:b2:08:
a3:33:71:29:7e:fc:ee:fb:54:ae:8d:62:1e:e8:b8:
ec:b6:06:fe:7f:90:61:88:f5:22:d0:65:ab:9b:2f:
e4:ac:c1:0d:50:89:f5:bb:de:76:c1:d8:94:cc:53:
42:15:d2:8c:35:f8:49:d4:b7:6a:53:81:58:25:30:
69:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:2F:41:1C:6E:2D:2F:DB:8B:D4:46:DF:29:03:D9:8D:E1:78:84:59
X509v3 Authority Key Identifier:
keyid:AA:EB:C9:BF:EF:2B:4D:23:F1:95:13:BF:D4:D6:0B:B7:98:F5:A5:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/quvJv-8rTSPxlRO_1NYLt5j1pZ0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/fb1289-4d14-40f0-9679-11afb4992eef/1/ty9BHG4tL9uL1EbfKQPZjeF4hFk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/fb1289-4d14-40f0-9679-11afb4992eef/1/quvJv-8rTSPxlRO_1NYLt5j1pZ0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.33.0.0/18
84.33.192.0/18
172.83.81.0/24
193.188.28.0/22
217.70.144.0/20
IPv6:
2001:1a38::/32
Signature Algorithm: sha256WithRSAEncryption
6d:d4:c8:6b:28:c7:e1:8f:f4:4b:d6:51:c3:cc:85:7d:d9:ba:
ea:cc:f1:b1:9c:fc:a6:46:23:1f:76:86:ba:a8:09:18:6c:b3:
f7:04:f7:d8:8d:5d:03:79:ae:71:28:1e:e1:f4:a7:f2:dc:00:
72:cd:dd:1a:9a:a8:fb:72:26:a8:79:3f:28:f9:73:14:89:3b:
4f:c5:06:4d:b9:4c:99:56:de:16:34:c3:10:a2:ad:79:56:d7:
1c:0e:5b:6e:59:cc:16:af:5f:96:3e:6e:b9:47:e1:9f:7a:ec:
07:24:bb:65:cf:52:d0:82:c8:c3:c8:ba:a3:c4:a1:e2:56:73:
c7:bc:8f:eb:0e:ea:5c:34:89:d7:ee:ed:0e:63:b0:4d:bf:1e:
49:d0:0d:f1:f1:7b:06:33:a3:96:9f:c3:13:ef:dd:75:79:74:
02:c1:a4:90:f4:0d:47:84:0f:a9:52:c8:2a:fd:fc:10:af:3d:
b8:08:6e:fb:bd:72:d2:f0:09:4b:5d:b0:2b:ce:83:0c:56:76:
4f:57:cf:1d:13:dc:fd:eb:5b:91:a7:a0:c8:c2:99:57:97:b2:
33:1b:b9:b3:d1:40:9a:8b:f9:09:5f:05:38:86:90:25:f3:db:
30:a8:3d:fc:67:50:16:5a:4e:b9:e1:60:5e:95:af:fe:85:a9:
cd:35:5f:72
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgIEEbMKDDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
YWViYzliZmVmMmI0ZDIzZjE5NTEzYmZkNGQ2MGJiNzk4ZjVhNTlkMB4XDTIyMDIx
NjEwMjUwNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYjcyZjQxMWM2ZTJk
MmZkYjhiZDQ0NmRmMjkwM2Q5OGRlMTc4ODQ1OTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAL2vlEwTwZlPgJpewcCoT/sVNNlM7RK3vbZjuHQ5xk7xYxJ1
t37n7Si+4z3EOzYyJe+HErVMSXUYQDlLn4ybtV1Bdc9CTQ2DdZg7ynFCzi3DLJ1d
X47i524Z/TYEjGWkCHFS70nEx8vT4l9LiV6PuLNebPdKiHC+DQ47Hs1B8jJZJ08V
8mmJR5cSWCvqq73T5Y2wGDgfBdWhK0YioJ1ACFxpBiNf2ucenRnYkdwpDrfKt+FF
MvC7vavQiW/krhbdgbIIozNxKX787vtUro1iHui47LYG/n+QYYj1ItBlq5sv5KzB
DVCJ9bvedsHYlMxTQhXSjDX4SdS3alOBWCUwaRECAwEAAaOCAjAwggIsMB0GA1Ud
DgQWBBS3L0Ecbi0v24vURt8pA9mN4XiEWTAfBgNVHSMEGDAWgBSq68m/7ytNI/GV
E7/U1gu3mPWlnTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3F1dkp2LThyVFNQeGxST18xTllMdDVqMXBaMC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMWMvZmIxMjg5LTRkMTQtNDBmMC05Njc5LTExYWZiNDk5MmVlZi8x
L3R5OUJIRzR0TDl1TDFFYmZLUVBaamVGNGhGay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMWMv
ZmIxMjg5LTRkMTQtNDBmMC05Njc5LTExYWZiNDk5MmVlZi8xL3F1dkp2LThyVFNQ
eGxST18xTllMdDVqMXBaMC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBG
BggrBgEFBQcBBwEB/wQ3MDUwJAQCAAEwHgMEBlQhAAMEBlQhwAMEAKxTUQMEAsG8
HAMEBNlGkDANBAIAAjAHAwUAIAEaODANBgkqhkiG9w0BAQsFAAOCAQEAbdTIayjH
4Y/0S9ZRw8yFfdm66szxsZz8pkYjH3aGuqgJGGyz9wT32I1dA3mucSge4fSn8twA
cs3dGpqo+3ImqHk/KPlzFIk7T8UGTblMmVbeFjTDEKKteVbXHA5bblnMFq9flj5u
uUfhn3rsByS7Zc9S0ILIw8i6o8Sh4lZzx7yP6w7qXDSJ1+7tDmOwTb8eSdAN8fF7
BjOjlp/DE+/ddXl0AsGkkPQNR4QPqVLIKv38EK89uAhu+71y0vAJS12wK86DDFZ2
T1fPHRPc/etbkaegyMKZV5eyMxu5s9FAmov5CV8FOIaQJfPbMKg9/GdQFlpOueFg
XpWv/oWpzTVfcg==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:45:00 2023 by rpki-client on console-fra.rpki-client.org