Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/899344-87c5-4aa2-b1a3-204d2587d81f/1/tCgzuWnRy0WuQaRONaNxDLVe9oc.roa
File: tCgzuWnRy0WuQaRONaNxDLVe9oc.roa (raw, json)
Hash identifier: 53Cdl2sv/vxTjY35UoEHLc1J0JDcL2ssxfYKJk7g1Fk=
Subject key identifier: B4:28:33:B9:69:D1:CB:45:AE:41:A4:4E:35:A3:71:0C:B5:5E:F6:87
Certificate issuer: /CN=3109f5695a89111d0f3bd6b5d2b18779aac102de
Certificate serial: 01842E1578631BE1C3F4DD1EE01543037108
Authority key identifier: 31:09:F5:69:5A:89:11:1D:0F:3B:D6:B5:D2:B1:87:79:AA:C1:02:DE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MQn1aVqJER0PO9a10rGHearBAt4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/21/899344-87c5-4aa2-b1a3-204d2587d81f/1/tCgzuWnRy0WuQaRONaNxDLVe9oc.roa
Signing time: Mon 31 Oct 2022 12:47:49 +0000
ROA not before: Mon 31 Oct 2022 12:47:49 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 209363
IP address blocks: 185.253.124.0/22 maxlen: 22
193.34.148.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:2e:15:78:63:1b:e1:c3:f4:dd:1e:e0:15:43:03:71:08
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3109f5695a89111d0f3bd6b5d2b18779aac102de
Validity
Not Before: Oct 31 12:47:49 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=b42833b969d1cb45ae41a44e35a3710cb55ef687
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:3f:ed:04:4c:33:32:51:2d:28:c7:d9:71:c2:
98:16:e6:eb:cd:75:97:c9:29:30:8e:a9:df:6f:24:
0e:d5:2c:79:b0:00:d0:cf:2d:2c:80:de:71:f2:5c:
99:7e:56:1d:bd:0c:52:af:c4:74:01:fe:9b:6c:62:
85:d2:7c:b5:8c:f4:3d:58:76:e8:70:83:be:a6:26:
8f:9c:89:32:02:72:5d:53:ad:04:cb:e9:7c:3d:c6:
1d:7b:06:e5:8f:ef:85:76:c7:8d:03:dc:0d:05:84:
34:e1:4c:41:64:20:ec:74:f4:b6:58:7b:aa:2a:92:
0a:5b:b7:d1:64:da:93:8b:f2:25:28:84:d0:ca:db:
c3:7f:51:58:c6:53:e1:a0:a2:bb:f9:96:3a:da:9c:
00:2b:c8:e0:09:be:a5:e3:6a:ce:80:cd:6d:16:12:
da:ef:13:00:b2:0c:15:4a:b8:10:25:0e:65:23:89:
38:5f:29:d8:2a:71:3f:c2:5a:15:b1:db:c7:c9:cf:
87:7f:fe:d9:df:a1:7e:d8:81:18:5d:80:78:3d:e8:
59:7f:5a:33:ce:31:63:93:61:11:8b:02:6f:04:a2:
76:78:e4:5c:8d:2f:60:58:18:c0:75:33:db:91:5b:
aa:ce:f3:98:99:c6:d0:d9:c3:be:1b:b1:91:81:6c:
6f:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:28:33:B9:69:D1:CB:45:AE:41:A4:4E:35:A3:71:0C:B5:5E:F6:87
X509v3 Authority Key Identifier:
keyid:31:09:F5:69:5A:89:11:1D:0F:3B:D6:B5:D2:B1:87:79:AA:C1:02:DE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MQn1aVqJER0PO9a10rGHearBAt4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/899344-87c5-4aa2-b1a3-204d2587d81f/1/tCgzuWnRy0WuQaRONaNxDLVe9oc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/21/899344-87c5-4aa2-b1a3-204d2587d81f/1/MQn1aVqJER0PO9a10rGHearBAt4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.253.124.0/22
193.34.148.0/23
Signature Algorithm: sha256WithRSAEncryption
7d:81:fd:e2:d1:56:95:b9:13:8b:ad:ae:e5:6a:36:f7:ce:50:
92:82:26:d5:25:7c:7c:73:1f:a4:d8:dd:95:e9:ee:03:b5:06:
ea:89:78:70:30:28:dd:1f:43:1e:e6:90:0b:d4:43:d1:75:4e:
14:af:2d:7b:c1:39:5a:c3:c7:58:88:e0:fb:d1:02:3d:13:2c:
82:7d:9e:89:1f:06:0d:f0:c2:b6:77:8c:92:a1:1f:1c:bb:c5:
58:3c:6b:de:44:14:c1:9b:eb:3c:4d:d7:3f:97:55:ba:1d:29:
9b:e0:25:b9:4f:b8:89:24:4a:3f:7d:91:8e:3b:4b:33:4e:ec:
1f:0c:d2:b3:91:1b:0b:65:e7:a0:86:1e:d0:33:77:d8:be:28:
7b:cf:10:18:fd:35:3a:58:1a:e2:8d:8b:0e:10:97:c7:9a:83:
e7:c5:25:48:49:e5:ed:e7:3f:ee:71:67:64:30:bd:10:44:12:
4d:c1:c5:21:12:93:7c:9e:70:f8:59:a0:c7:de:bc:93:ba:ae:
54:32:87:0c:19:de:f3:40:89:ca:2b:ec:63:36:55:a0:eb:fa:
cf:2e:62:1c:28:95:bb:6a:24:c7:52:38:1b:65:74:6b:12:fb:
fb:8e:40:e1:8f:20:b5:40:69:53:f9:b7:c5:2c:f1:ec:66:d8:
a1:b3:50:9d
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYQuFXhjG+HD9N0e4BVDA3EIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMxMDlmNTY5NWE4OTExMWQwZjNiZDZiNWQyYjE4Nzc5YWFj
MTAyZGUwHhcNMjIxMDMxMTI0NzQ5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNDI4MzNiOTY5ZDFjYjQ1YWU0MWE0NGUzNWEzNzEwY2I1NWVmNjg3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvT/tBEwzMlEtKMfZccKYFubrzXWX
ySkwjqnfbyQO1Sx5sADQzy0sgN5x8lyZflYdvQxSr8R0Af6bbGKF0ny1jPQ9WHbo
cIO+piaPnIkyAnJdU60Ey+l8PcYdewblj++FdseNA9wNBYQ04UxBZCDsdPS2WHuq
KpIKW7fRZNqTi/IlKITQytvDf1FYxlPhoKK7+ZY62pwAK8jgCb6l42rOgM1tFhLa
7xMAsgwVSrgQJQ5lI4k4XynYKnE/wloVsdvHyc+Hf/7Z36F+2IEYXYB4PehZf1oz
zjFjk2ERiwJvBKJ2eORcjS9gWBjAdTPbkVuqzvOYmcbQ2cO+G7GRgWxv0wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFLQoM7lp0ctFrkGkTjWjcQy1XvaHMB8GA1UdIwQY
MBaAFDEJ9WlaiREdDzvWtdKxh3mqwQLeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTVFuMWFWcUpFUjBQTzlhMTByR0hlYXJCQXQ0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMS84OTkzNDQtODdjNS00YWEyLWIxYTMt
MjA0ZDI1ODdkODFmLzEvdENnenVXblJ5MFd1UWFST05hTnhETFZlOW9jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMS84OTkzNDQtODdjNS00YWEyLWIxYTMtMjA0ZDI1ODdkODFm
LzEvTVFuMWFWcUpFUjBQTzlhMTByR0hlYXJCQXQ0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCuf18AwQB
wSKUMA0GCSqGSIb3DQEBCwUAA4IBAQB9gf3i0VaVuROLra7lajb3zlCSgibVJXx8
cx+k2N2V6e4DtQbqiXhwMCjdH0Me5pAL1EPRdU4Ury17wTlaw8dYiOD70QI9EyyC
fZ6JHwYN8MK2d4ySoR8cu8VYPGveRBTBm+s8Tdc/l1W6HSmb4CW5T7iJJEo/fZGO
O0szTuwfDNKzkRsLZeeghh7QM3fYvih7zxAY/TU6WBrijYsOEJfHmoPnxSVISeXt
5z/ucWdkML0QRBJNwcUhEpN8nnD4WaDH3ryTuq5UMocMGd7zQInKK+xjNlWg6/rP
LmIcKJW7aiTHUjgbZXRrEvv7jkDhjyC1QGlT+bfFLPHsZtihs1Cd
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:45:11 2023 by rpki-client on console-fra.rpki-client.org