Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/0d8c8f-ff2c-4da8-b443-3040bed3cccd/1/TSr6-iZhUaD0S-33DwJlpRZkyc8.roa
File: TSr6-iZhUaD0S-33DwJlpRZkyc8.roa (raw, json)
Hash identifier: KWbFFBEIxhBTgAti3ogwtlMijw2EtK+72YHxi/4IUW8=
Subject key identifier: 4D:2A:FA:FA:26:61:51:A0:F4:4B:ED:F7:0F:02:65:A5:16:64:C9:CF
Certificate issuer: /CN=2b145a8bdf2bca150f25ed54a277b8f653efdb3e
Certificate serial: 551C2E
Authority key identifier: 2B:14:5A:8B:DF:2B:CA:15:0F:25:ED:54:A2:77:B8:F6:53:EF:DB:3E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KxRai98ryhUPJe1Uone49lPv2z4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/21/0d8c8f-ff2c-4da8-b443-3040bed3cccd/1/TSr6-iZhUaD0S-33DwJlpRZkyc8.roa
Signing time: Thu 31 Mar 2022 13:19:06 +0000
ROA not before: Thu 31 Mar 2022 13:19:06 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 212144
IP address blocks: 2a05:9a40::/29 maxlen: 29
2a10:3c80::/29 maxlen: 29
2a06:5fc0::/29 maxlen: 29
2a10:3f80::/29 maxlen: 29
2a0f:9ac0::/29 maxlen: 29
2a10:b40::/29 maxlen: 29
2a0d:6f80::/29 maxlen: 29
2a0f:9b40::/29 maxlen: 29
2a10:77c0::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5577774 (0x551c2e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2b145a8bdf2bca150f25ed54a277b8f653efdb3e
Validity
Not Before: Mar 31 13:19:06 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=4d2afafa266151a0f44bedf70f0265a51664c9cf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:20:11:ce:9c:a3:ec:a8:48:fe:f7:33:b6:cb:
3b:49:ce:d0:3b:52:89:19:68:f1:74:64:5b:47:5d:
d5:22:81:82:82:7e:a2:da:c6:2a:b9:42:0d:88:b3:
07:8e:6e:8f:8e:d7:a3:86:e5:79:7d:47:92:38:ce:
4b:3e:df:f1:49:24:03:3e:d4:1e:37:f0:72:60:09:
a6:cf:1e:3d:a7:c6:31:98:00:f0:a2:21:d0:9f:63:
f2:da:e8:cf:11:98:9b:db:91:c5:6a:da:aa:25:46:
dd:b3:7f:c7:ec:29:5c:ea:61:e3:11:bc:a5:fa:04:
4a:67:84:36:45:ed:9d:0e:e6:f0:34:ec:7e:aa:2e:
35:ba:c4:51:6e:6d:a3:00:a1:76:fb:65:d4:b8:d4:
f9:57:79:f8:77:48:44:ec:27:42:ec:7a:6f:fd:54:
fc:70:ec:b6:f0:2b:36:4c:c9:21:af:0c:49:84:e5:
98:80:e1:27:af:2e:f3:cc:c5:37:c8:5f:47:b1:e1:
5b:a7:83:f5:db:ab:f0:e2:e3:50:41:b2:48:ab:21:
f4:7d:8f:33:c6:a4:55:18:31:9d:92:a9:d0:e3:4e:
d7:03:0e:03:4e:5a:9a:ee:c0:ad:ad:a8:42:66:cd:
a2:b7:da:e4:ac:8b:ac:25:7d:c1:40:90:03:17:a6:
54:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:2A:FA:FA:26:61:51:A0:F4:4B:ED:F7:0F:02:65:A5:16:64:C9:CF
X509v3 Authority Key Identifier:
keyid:2B:14:5A:8B:DF:2B:CA:15:0F:25:ED:54:A2:77:B8:F6:53:EF:DB:3E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KxRai98ryhUPJe1Uone49lPv2z4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/0d8c8f-ff2c-4da8-b443-3040bed3cccd/1/TSr6-iZhUaD0S-33DwJlpRZkyc8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/21/0d8c8f-ff2c-4da8-b443-3040bed3cccd/1/KxRai98ryhUPJe1Uone49lPv2z4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:9a40::/29
2a06:5fc0::/29
2a0d:6f80::/29
2a0f:9ac0::/29
2a0f:9b40::/29
2a10:b40::/29
2a10:3c80::/29
2a10:3f80::/29
2a10:77c0::/29
Signature Algorithm: sha256WithRSAEncryption
80:a4:a9:16:5f:66:18:0e:ad:42:b7:87:f0:c3:1a:4e:2b:c3:
72:4c:ee:99:02:7a:1d:8a:ba:a7:8f:5a:ec:a7:89:06:f3:63:
61:a6:fe:b1:1f:8d:cc:1e:07:d4:46:14:91:3a:4d:cd:8d:8d:
09:2e:f0:78:f5:64:40:ad:6a:8a:cf:35:29:25:ae:7d:bb:7a:
e2:6a:41:2d:d5:f8:05:c6:6a:7d:16:d3:4c:40:c5:a4:c4:5e:
7c:10:8c:e6:77:41:ba:cc:c0:68:51:7c:e9:d1:18:02:aa:60:
04:37:83:17:66:b8:88:f3:f0:d6:5a:4e:3f:e6:2e:84:3a:ec:
41:d0:2c:6a:a7:7d:b9:d7:9d:d1:4a:94:e2:f4:44:2c:2a:38:
3a:8d:e5:5f:42:02:22:2b:e0:ee:c8:af:53:3f:b3:62:98:d5:
02:c0:1c:61:5b:57:bf:93:e7:ce:90:6a:ee:b4:c2:1c:e8:23:
a4:59:d2:1c:17:e5:73:6c:a6:eb:14:16:54:6e:7a:fb:b3:bc:
c2:2d:8f:57:59:ac:7a:62:6d:7d:a1:5a:10:0b:6e:06:d7:1e:
12:92:55:65:ca:33:84:96:41:ac:00:b4:cd:ca:68:f3:f2:79:
19:0d:a8:f7:73:7c:ea:b4:29:f1:e1:c0:04:51:91:e7:82:b7:
9e:ac:d7:ef
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgIDVRwuMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDJi
MTQ1YThiZGYyYmNhMTUwZjI1ZWQ1NGEyNzdiOGY2NTNlZmRiM2UwHhcNMjIwMzMx
MTMxOTA2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyg0ZDJhZmFmYTI2NjE1
MWEwZjQ0YmVkZjcwZjAyNjVhNTE2NjRjOWNmMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAxCARzpyj7KhI/vcztss7Sc7QO1KJGWjxdGRbR13VIoGCgn6i
2sYquUINiLMHjm6PjtejhuV5fUeSOM5LPt/xSSQDPtQeN/ByYAmmzx49p8YxmADw
oiHQn2Py2ujPEZib25HFatqqJUbds3/H7Clc6mHjEbyl+gRKZ4Q2Re2dDubwNOx+
qi41usRRbm2jAKF2+2XUuNT5V3n4d0hE7CdC7Hpv/VT8cOy28Cs2TMkhrwxJhOWY
gOEnry7zzMU3yF9HseFbp4P126vw4uNQQbJIqyH0fY8zxqRVGDGdkqnQ407XAw4D
Tlqa7sCtrahCZs2it9rkrIusJX3BQJADF6ZU+QIDAQABo4ICQjCCAj4wHQYDVR0O
BBYEFE0q+vomYVGg9Evt9w8CZaUWZMnPMB8GA1UdIwQYMBaAFCsUWovfK8oVDyXt
VKJ3uPZT79s+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
S3hSYWk5OHJ5aFVQSmUxVW9uZTQ5bFB2Mno0LmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC8yMS8wZDhjOGYtZmYyYy00ZGE4LWI0NDMtMzA0MGJlZDNjY2NkLzEv
VFNyNi1pWmhVYUQwUy0zM0R3SmxwUlpreWM4LnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMS8w
ZDhjOGYtZmYyYy00ZGE4LWI0NDMtMzA0MGJlZDNjY2NkLzEvS3hSYWk5OHJ5aFVQ
SmUxVW9uZTQ5bFB2Mno0LmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMFgG
CCsGAQUFBwEHAQH/BEkwRzBFBAIAAjA/AwUDKgWaQAMFAyoGX8ADBQMqDW+AAwUD
Kg+awAMFAyoPm0ADBQMqEAtAAwUDKhA8gAMFAyoQP4ADBQMqEHfAMA0GCSqGSIb3
DQEBCwUAA4IBAQCApKkWX2YYDq1Ct4fwwxpOK8NyTO6ZAnodirqnj1rsp4kG82Nh
pv6xH43MHgfURhSROk3NjY0JLvB49WRArWqKzzUpJa59u3riakEt1fgFxmp9FtNM
QMWkxF58EIzmd0G6zMBoUXzp0RgCqmAEN4MXZriI8/DWWk4/5i6EOuxB0Cxqp325
153RSpTi9EQsKjg6jeVfQgIiK+DuyK9TP7NimNUCwBxhW1e/k+fOkGrutMIc6COk
WdIcF+VzbKbrFBZUbnr7s7zCLY9XWax6Ym19oVoQC24G1x4SklVlyjOElkGsALTN
ymjz8nkZDaj3c3zqtCnx4cAEUZHngreerNfv
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:57 2023 by rpki-client on console-ams.rpki-client.org