Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/1ea2b0-6b9a-44d7-a2e5-2206cc2e691c/1/Tk-MRqOFZW-tEzvgXPRsw9d2BeY.roa
File: Tk-MRqOFZW-tEzvgXPRsw9d2BeY.roa (raw, json)
Hash identifier: 7qLiyVrF3vpgaG1Ngi/5E9i39cukqLfR63khfiAv6ig=
Subject key identifier: 4E:4F:8C:46:A3:85:65:6F:AD:13:3B:E0:5C:F4:6C:C3:D7:76:05:E6
Certificate issuer: /CN=81cca9f15e1921953a628c8ad2ac4be977b6c303
Certificate serial: 3C21B630
Authority key identifier: 81:CC:A9:F1:5E:19:21:95:3A:62:8C:8A:D2:AC:4B:E9:77:B6:C3:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gcyp8V4ZIZU6YoyK0qxL6Xe2wwM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/24/1ea2b0-6b9a-44d7-a2e5-2206cc2e691c/1/Tk-MRqOFZW-tEzvgXPRsw9d2BeY.roa
Signing time: Tue 21 Jun 2022 17:06:45 +0000
ROA not before: Tue 21 Jun 2022 17:06:45 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 60320
IP address blocks: 5.160.78.0/24 maxlen: 24
46.209.0.0/23 maxlen: 23
46.209.1.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1008842288 (0x3c21b630)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=81cca9f15e1921953a628c8ad2ac4be977b6c303
Validity
Not Before: Jun 21 17:06:45 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=4e4f8c46a385656fad133be05cf46cc3d77605e6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:db:24:b8:c7:00:54:de:8e:f2:4e:6f:06:87:
dc:06:ac:be:62:10:76:38:ad:23:d2:ec:53:84:bd:
9a:1a:2c:f6:73:14:10:97:1e:55:98:5f:ee:ed:15:
c6:c9:77:1b:eb:b7:8f:5c:4c:3d:b9:52:5b:7d:15:
97:fd:d9:07:1e:0d:f2:73:98:0a:5f:4f:89:b1:a5:
e1:48:c5:76:e6:bf:bd:ad:49:03:65:a2:7d:58:d8:
32:3b:41:86:f1:c4:1a:00:d4:b4:8d:2e:48:94:09:
75:fe:e8:75:46:52:cc:03:ca:ec:5c:de:44:66:eb:
80:48:1f:bd:53:0f:9a:85:3b:eb:96:17:fa:9c:2a:
12:21:86:10:7e:4e:41:dd:83:f2:d6:dc:b1:cb:d9:
07:5e:19:e6:cc:c3:0b:c1:46:b1:a7:aa:6b:eb:46:
61:e9:ee:89:c7:63:af:77:3a:6f:54:32:b9:71:3d:
21:eb:ed:a3:03:85:d3:bd:47:d7:8f:80:a1:09:5b:
c3:be:c9:1e:2f:9a:32:2e:e6:69:18:03:6b:5e:ae:
ce:df:72:fb:fb:7c:b2:b2:02:9f:cc:f9:f6:3d:42:
1b:83:9c:74:80:d2:c6:eb:34:4b:21:51:bb:23:da:
1d:09:80:b6:3a:77:02:45:63:7b:49:a4:bd:ca:fd:
cf:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:4F:8C:46:A3:85:65:6F:AD:13:3B:E0:5C:F4:6C:C3:D7:76:05:E6
X509v3 Authority Key Identifier:
keyid:81:CC:A9:F1:5E:19:21:95:3A:62:8C:8A:D2:AC:4B:E9:77:B6:C3:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gcyp8V4ZIZU6YoyK0qxL6Xe2wwM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/1ea2b0-6b9a-44d7-a2e5-2206cc2e691c/1/Tk-MRqOFZW-tEzvgXPRsw9d2BeY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/24/1ea2b0-6b9a-44d7-a2e5-2206cc2e691c/1/gcyp8V4ZIZU6YoyK0qxL6Xe2wwM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.160.78.0/24
46.209.0.0/23
Signature Algorithm: sha256WithRSAEncryption
0b:01:12:27:45:cb:5c:73:a2:77:fa:f3:8c:2c:63:fc:66:70:
1a:13:18:64:56:53:44:30:c3:ea:16:1f:1c:84:48:65:fb:3e:
34:c5:1f:71:1f:3e:91:98:27:98:c1:f2:2f:ef:de:10:a7:75:
fb:1a:8b:ad:20:de:54:a3:fd:c8:fe:dc:e1:47:9f:6c:04:0e:
ea:2f:25:aa:de:33:dc:eb:29:97:a4:d4:bf:1b:74:47:a8:a4:
a9:ae:a0:00:ec:e2:bb:e4:ce:ce:a2:0a:fb:46:d9:86:a9:95:
0b:ec:65:89:0b:23:45:e0:8a:c0:3d:ba:00:18:cb:2c:00:19:
54:65:2f:4a:84:71:27:21:ed:85:9e:8d:9c:e5:74:59:12:09:
90:d6:72:c5:bf:63:1b:5a:19:5e:41:eb:57:91:03:fd:93:55:
ee:df:33:6c:c4:fc:f1:2b:99:1a:ff:2b:ad:82:f6:b1:04:fb:
86:78:4d:1b:31:eb:4f:1a:5c:03:6e:fc:ce:9e:50:98:f4:9d:
25:35:15:33:60:80:c6:0e:5a:45:0a:6c:56:96:e1:74:f1:ac:
d5:91:a1:d3:40:3f:e7:36:d7:05:e3:49:4f:05:aa:28:7c:f3:
31:06:db:29:5b:7c:49:1c:81:ee:b7:87:9b:c4:60:c2:1f:fe:
0a:28:78:51
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIEPCG2MDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
MWNjYTlmMTVlMTkyMTk1M2E2MjhjOGFkMmFjNGJlOTc3YjZjMzAzMB4XDTIyMDYy
MTE3MDY0NVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNGU0ZjhjNDZhMzg1
NjU2ZmFkMTMzYmUwNWNmNDZjYzNkNzc2MDVlNjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAK/bJLjHAFTejvJObwaH3AasvmIQdjitI9LsU4S9mhos9nMU
EJceVZhf7u0Vxsl3G+u3j1xMPblSW30Vl/3ZBx4N8nOYCl9PibGl4UjFdua/va1J
A2WifVjYMjtBhvHEGgDUtI0uSJQJdf7odUZSzAPK7FzeRGbrgEgfvVMPmoU765YX
+pwqEiGGEH5OQd2D8tbcscvZB14Z5szDC8FGsaeqa+tGYenuicdjr3c6b1QyuXE9
IevtowOF071H14+AoQlbw77JHi+aMi7maRgDa16uzt9y+/t8srICn8z59j1CG4Oc
dIDSxus0SyFRuyPaHQmAtjp3AkVje0mkvcr9zw8CAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBROT4xGo4Vlb60TO+Bc9GzD13YF5jAfBgNVHSMEGDAWgBSBzKnxXhkhlTpi
jIrSrEvpd7bDAzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2djeXA4VjRaSVpVNllveUswcXhMNlhlMnd3TS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMjQvMWVhMmIwLTZiOWEtNDRkNy1hMmU1LTIyMDZjYzJlNjkxYy8x
L1RrLU1ScU9GWlctdEV6dmdYUFJzdzlkMkJlWS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjQv
MWVhMmIwLTZiOWEtNDRkNy1hMmU1LTIyMDZjYzJlNjkxYy8xL2djeXA4VjRaSVpV
NllveUswcXhMNlhlMnd3TS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEAAWgTgMEAS7RADANBgkqhkiG9w0B
AQsFAAOCAQEACwESJ0XLXHOid/rzjCxj/GZwGhMYZFZTRDDD6hYfHIRIZfs+NMUf
cR8+kZgnmMHyL+/eEKd1+xqLrSDeVKP9yP7c4UefbAQO6i8lqt4z3Ospl6TUvxt0
R6ikqa6gAOziu+TOzqIK+0bZhqmVC+xliQsjReCKwD26ABjLLAAZVGUvSoRxJyHt
hZ6NnOV0WRIJkNZyxb9jG1oZXkHrV5ED/ZNV7t8zbMT88SuZGv8rrYL2sQT7hnhN
GzHrTxpcA278zp5QmPSdJTUVM2CAxg5aRQpsVpbhdPGs1ZGh00A/5zbXBeNJTwWq
KHzzMQbbKVt8SRyB7reHm8Rgwh/+Cih4UQ==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:45:19 2023 by rpki-client on console-fra.rpki-client.org