Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/2a7472-cbb8-4c99-be21-11b4afbede19/1/TiJp7OGdmcNWBtSREDZL1_pG9sI.roa
File: TiJp7OGdmcNWBtSREDZL1_pG9sI.roa (raw, json)
Hash identifier: SmNr3S5u1rNN53vpNQy1Nebhk6sh0ke+Dp/Xu0hOWY8=
Subject key identifier: 4E:22:69:EC:E1:9D:99:C3:56:06:D4:91:10:36:4B:D7:FA:46:F6:C2
Certificate issuer: /CN=30056b0375d894b93cb0e26d9b4d64a08c58371e
Certificate serial: 018312024A486E8B26E14813ACAA00F95833
Authority key identifier: 30:05:6B:03:75:D8:94:B9:3C:B0:E2:6D:9B:4D:64:A0:8C:58:37:1E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MAVrA3XYlLk8sOJtm01koIxYNx4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/21/2a7472-cbb8-4c99-be21-11b4afbede19/1/TiJp7OGdmcNWBtSREDZL1_pG9sI.roa
Signing time: Tue 06 Sep 2022 08:54:43 +0000
ROA not before: Tue 06 Sep 2022 08:54:43 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 16509
IP address blocks: 185.146.155.0/24 maxlen: 24
185.146.154.0/24 maxlen: 24
2a07:4f80::/44 maxlen: 44
2a07:4f80::/48 maxlen: 48
2a07:4f80:1::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:12:02:4a:48:6e:8b:26:e1:48:13:ac:aa:00:f9:58:33
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=30056b0375d894b93cb0e26d9b4d64a08c58371e
Validity
Not Before: Sep 6 08:54:43 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=4e2269ece19d99c35606d49110364bd7fa46f6c2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:69:ae:ba:86:df:0c:1e:d9:a5:e4:5b:e7:61:
ce:2c:f4:63:33:a6:5c:84:88:28:94:79:b2:65:4e:
f1:5d:b9:b6:93:62:8f:d3:05:31:d5:3e:92:1a:80:
94:87:a2:69:01:d2:0b:49:fc:31:6b:e6:7e:33:0b:
2a:c0:56:ff:a9:4d:98:40:35:23:99:1f:bf:29:67:
66:44:73:61:19:61:57:d9:7b:b0:0a:96:5f:aa:01:
0d:1d:c0:af:34:a3:72:1b:37:90:e1:3e:e1:12:1c:
74:e0:fb:d2:88:34:2b:9f:d4:b9:c2:ea:4e:3d:a7:
fe:5f:e6:64:70:5c:46:29:f1:06:88:c8:c1:7e:82:
57:61:23:ac:5e:ff:9e:7d:07:de:3b:eb:97:e0:04:
76:0f:5c:03:d4:6f:a8:38:38:c7:e6:42:83:c0:70:
65:32:a9:a3:c7:5e:70:ba:63:91:ca:86:ed:81:8a:
c9:98:90:7c:27:1b:6a:47:d1:08:dc:3d:5e:63:a0:
3f:64:fb:fe:24:8d:75:4a:a8:6b:28:11:9c:17:84:
32:f6:de:47:c1:81:66:6e:56:a8:f2:05:c2:b7:8f:
72:cc:91:c7:f2:bd:16:cf:fc:3b:e2:36:e2:0b:29:
a0:6a:9a:54:d4:d6:f9:4e:a4:e9:b6:a2:98:b1:2a:
ec:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:22:69:EC:E1:9D:99:C3:56:06:D4:91:10:36:4B:D7:FA:46:F6:C2
X509v3 Authority Key Identifier:
keyid:30:05:6B:03:75:D8:94:B9:3C:B0:E2:6D:9B:4D:64:A0:8C:58:37:1E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MAVrA3XYlLk8sOJtm01koIxYNx4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/2a7472-cbb8-4c99-be21-11b4afbede19/1/TiJp7OGdmcNWBtSREDZL1_pG9sI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/21/2a7472-cbb8-4c99-be21-11b4afbede19/1/MAVrA3XYlLk8sOJtm01koIxYNx4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.146.154.0/23
IPv6:
2a07:4f80::/44
Signature Algorithm: sha256WithRSAEncryption
a9:8d:ce:51:9e:20:9c:5d:db:00:4d:ef:50:ae:7d:e5:17:2e:
53:51:ae:76:5f:eb:fe:fa:66:93:7d:1c:b1:bf:94:37:76:e6:
72:06:8c:54:0b:31:7f:c8:4a:f1:33:3c:5b:33:43:be:11:1d:
56:ee:85:9d:24:86:11:53:0d:04:4e:f0:5d:c9:fd:84:4a:ce:
b3:46:15:d7:40:86:77:28:f5:d1:b4:62:e5:32:96:0f:f4:97:
ac:00:ce:9b:5c:cb:21:31:77:c4:71:56:a0:02:83:f7:b8:eb:
cb:99:08:17:0d:34:4b:b0:15:77:e1:ac:cd:95:05:4e:de:47:
f3:06:af:44:2f:e0:32:b2:0f:ea:e2:ab:3e:f8:76:f9:ca:ec:
0a:17:d0:8d:33:dc:ce:6f:45:c2:45:e8:15:a7:21:2a:96:21:
f4:09:8c:83:dc:07:55:37:34:28:36:e8:17:58:fb:3c:b9:70:
52:86:06:a6:ab:3b:0c:8e:75:76:3c:f7:8e:f6:1d:75:e0:30:
4b:22:0f:af:ba:81:79:aa:14:f4:70:81:35:d5:d6:81:9a:29:
79:14:8c:8f:98:eb:38:5b:15:e6:e6:84:1a:96:86:b6:f6:41:
cc:8c:50:92:e8:b2:2b:80:00:a9:49:2b:7f:fd:44:75:1e:ea:
89:0e:56:eb
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYMSAkpIbosm4UgTrKoA+VgzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMwMDU2YjAzNzVkODk0YjkzY2IwZTI2ZDliNGQ2NGEwOGM1
ODM3MWUwHhcNMjIwOTA2MDg1NDQzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZTIyNjllY2UxOWQ5OWMzNTYwNmQ0OTExMDM2NGJkN2ZhNDZmNmMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj2muuobfDB7ZpeRb52HOLPRjM6Zc
hIgolHmyZU7xXbm2k2KP0wUx1T6SGoCUh6JpAdILSfwxa+Z+MwsqwFb/qU2YQDUj
mR+/KWdmRHNhGWFX2XuwCpZfqgENHcCvNKNyGzeQ4T7hEhx04PvSiDQrn9S5wupO
Paf+X+ZkcFxGKfEGiMjBfoJXYSOsXv+efQfeO+uX4AR2D1wD1G+oODjH5kKDwHBl
Mqmjx15wumORyobtgYrJmJB8JxtqR9EI3D1eY6A/ZPv+JI11SqhrKBGcF4Qy9t5H
wYFmblao8gXCt49yzJHH8r0Wz/w74jbiCymgappU1Nb5TqTptqKYsSrsXwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFE4iaezhnZnDVgbUkRA2S9f6RvbCMB8GA1UdIwQY
MBaAFDAFawN12JS5PLDibZtNZKCMWDceMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTUFWckEzWFlsTGs4c09KdG0wMWtvSXhZTng0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMS8yYTc0NzItY2JiOC00Yzk5LWJlMjEt
MTFiNGFmYmVkZTE5LzEvVGlKcDdPR2RtY05XQnRTUkVEWkwxX3BHOXNJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMS8yYTc0NzItY2JiOC00Yzk5LWJlMjEtMTFiNGFmYmVkZTE5
LzEvTUFWckEzWFlsTGs4c09KdG0wMWtvSXhZTng0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQBuZKaMA8E
AgACMAkDBwQqB0+AAAAwDQYJKoZIhvcNAQELBQADggEBAKmNzlGeIJxd2wBN71Cu
feUXLlNRrnZf6/76ZpN9HLG/lDd25nIGjFQLMX/ISvEzPFszQ74RHVbuhZ0khhFT
DQRO8F3J/YRKzrNGFddAhnco9dG0YuUylg/0l6wAzptcyyExd8RxVqACg/e468uZ
CBcNNEuwFXfhrM2VBU7eR/MGr0Qv4DKyD+riqz74dvnK7AoX0I0z3M5vRcJF6BWn
ISqWIfQJjIPcB1U3NCg26BdY+zy5cFKGBqarOwyOdXY89472HXXgMEsiD6+6gXmq
FPRwgTXV1oGaKXkUjI+Y6zhbFebmhBqWhrb2QcyMUJLosiuAAKlJK3/9RHUe6okO
Vus=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:22:09 2024 by rpki-client on console-fra.rpki-client.org