Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/b51a85-f99f-423f-9fae-dd294c378f6c/1/TbYWf_Opb0NPttCPD_FvCnkXu3c.roa
File: TbYWf_Opb0NPttCPD_FvCnkXu3c.roa (raw, json)
Hash identifier: NS45p/B1VGlrSaiYj7xoyZjVSwvOPVEBPAt8emcrP4U=
Subject key identifier: 4D:B6:16:7F:F3:A9:6F:43:4F:B6:D0:8F:0F:F1:6F:0A:79:17:BB:77
Certificate issuer: /CN=d8c60a0d2d70a9337d0bda56d1ad596ac1f69cda
Certificate serial: 0182EEE37E61F68F8AE5EA7E097A005D2E36
Authority key identifier: D8:C6:0A:0D:2D:70:A9:33:7D:0B:DA:56:D1:AD:59:6A:C1:F6:9C:DA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2MYKDS1wqTN9C9pW0a1ZasH2nNo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/24/b51a85-f99f-423f-9fae-dd294c378f6c/1/TbYWf_Opb0NPttCPD_FvCnkXu3c.roa
Signing time: Tue 30 Aug 2022 13:14:22 +0000
ROA not before: Tue 30 Aug 2022 13:14:22 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 206150
IP address blocks: 109.105.196.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:ee:e3:7e:61:f6:8f:8a:e5:ea:7e:09:7a:00:5d:2e:36
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d8c60a0d2d70a9337d0bda56d1ad596ac1f69cda
Validity
Not Before: Aug 30 13:14:22 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=4db6167ff3a96f434fb6d08f0ff16f0a7917bb77
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:97:17:63:b5:eb:64:f7:b4:bf:8e:16:9c:00:
28:4d:df:cc:7a:11:e9:43:1d:3e:9b:19:57:59:7b:
e2:e6:66:d6:3e:75:5b:8a:7f:70:28:c4:4c:1c:af:
75:5b:33:d5:01:14:15:05:ef:d9:25:fa:d1:bb:33:
35:ac:3c:ec:ce:9f:f4:bf:a6:a4:5b:8f:36:92:90:
6a:bb:f3:ca:5b:bf:f7:0c:8a:9f:7d:63:91:4e:41:
e7:6b:2f:8c:1b:01:cb:41:a0:19:7f:03:b1:60:71:
99:b1:f3:bc:61:c8:96:90:b5:ab:9a:5e:6d:25:05:
eb:06:3a:41:47:c7:59:77:44:da:2a:8f:28:22:d7:
a4:67:36:75:e2:a4:48:17:00:be:9e:0c:ee:b9:9a:
de:96:68:95:14:c7:85:e9:18:71:11:6f:f6:bf:d5:
4c:bc:b6:5d:fe:5c:6f:80:dc:21:8e:40:59:47:ce:
62:96:56:86:d4:1c:4f:cd:b3:76:52:4d:cf:d5:d0:
79:46:45:23:e9:e0:58:dc:dc:7b:4c:a5:3e:54:8d:
d8:3e:bc:3c:61:48:6f:52:b5:38:67:6e:74:28:d6:
6a:1c:e3:aa:ea:d1:03:58:29:0a:66:9c:30:a5:33:
9f:3a:e8:dc:67:b9:fd:17:7a:e9:02:5c:ec:f7:de:
6c:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:B6:16:7F:F3:A9:6F:43:4F:B6:D0:8F:0F:F1:6F:0A:79:17:BB:77
X509v3 Authority Key Identifier:
keyid:D8:C6:0A:0D:2D:70:A9:33:7D:0B:DA:56:D1:AD:59:6A:C1:F6:9C:DA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2MYKDS1wqTN9C9pW0a1ZasH2nNo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/b51a85-f99f-423f-9fae-dd294c378f6c/1/TbYWf_Opb0NPttCPD_FvCnkXu3c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/24/b51a85-f99f-423f-9fae-dd294c378f6c/1/2MYKDS1wqTN9C9pW0a1ZasH2nNo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.105.196.0/24
Signature Algorithm: sha256WithRSAEncryption
56:48:e5:2c:ad:46:38:20:ef:f1:fb:dd:bf:58:26:7b:01:d5:
ff:88:4d:c0:70:52:8f:3f:0b:f3:e6:73:0e:08:cf:36:08:8f:
dd:3b:d6:fb:5f:5c:cb:ed:de:d7:ee:70:92:92:74:0f:62:74:
b4:54:5c:f4:b5:86:65:94:17:a2:f8:9c:32:71:d2:b5:a3:1f:
73:1b:c5:37:65:6f:9f:03:14:83:a2:3a:33:e1:f4:0c:46:03:
1c:4a:4f:67:dc:1a:0b:41:05:94:07:45:45:7b:90:46:6e:26:
66:af:78:b1:14:3a:da:86:cd:45:00:d5:33:38:3e:13:f9:a0:
54:67:1d:19:10:33:96:86:b4:8f:ef:c1:c4:43:63:53:43:fd:
e4:6c:4b:86:78:02:bc:d9:34:fc:63:01:97:ad:26:bb:ce:72:
66:f8:7b:89:39:b1:d8:b9:23:db:8f:db:9a:f4:43:5c:78:eb:
c9:b6:0e:06:08:cd:84:fa:d7:18:2b:39:bb:a4:d1:32:f3:97:
9f:3e:a5:f7:3f:8e:e7:f8:9a:d3:f9:37:19:c7:58:87:23:f3:
23:e6:41:47:22:42:c4:ea:32:b6:07:40:dc:0c:cd:ac:70:2d:
29:b8:fc:e7:84:29:f9:a5:b3:3d:f5:dd:dd:82:a4:1c:25:ea:
b6:8e:b7:b7
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYLu435h9o+K5ep+CXoAXS42MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ4YzYwYTBkMmQ3MGE5MzM3ZDBiZGE1NmQxYWQ1OTZhYzFm
NjljZGEwHhcNMjIwODMwMTMxNDIyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZGI2MTY3ZmYzYTk2ZjQzNGZiNmQwOGYwZmYxNmYwYTc5MTdiYjc3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAppcXY7XrZPe0v44WnAAoTd/MehHp
Qx0+mxlXWXvi5mbWPnVbin9wKMRMHK91WzPVARQVBe/ZJfrRuzM1rDzszp/0v6ak
W482kpBqu/PKW7/3DIqffWORTkHnay+MGwHLQaAZfwOxYHGZsfO8YciWkLWrml5t
JQXrBjpBR8dZd0TaKo8oItekZzZ14qRIFwC+ngzuuZrelmiVFMeF6RhxEW/2v9VM
vLZd/lxvgNwhjkBZR85illaG1BxPzbN2Uk3P1dB5RkUj6eBY3Nx7TKU+VI3YPrw8
YUhvUrU4Z250KNZqHOOq6tEDWCkKZpwwpTOfOujcZ7n9F3rpAlzs995sQwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFE22Fn/zqW9DT7bQjw/xbwp5F7t3MB8GA1UdIwQY
MBaAFNjGCg0tcKkzfQvaVtGtWWrB9pzaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMk1ZS0RTMXdxVE45QzlwVzBhMVphc0gybk5vLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNC9iNTFhODUtZjk5Zi00MjNmLTlmYWUt
ZGQyOTRjMzc4ZjZjLzEvVGJZV2ZfT3BiME5QdHRDUERfRnZDbmtYdTNjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNC9iNTFhODUtZjk5Zi00MjNmLTlmYWUtZGQyOTRjMzc4ZjZj
LzEvMk1ZS0RTMXdxVE45QzlwVzBhMVphc0gybk5vLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAbWnEMA0G
CSqGSIb3DQEBCwUAA4IBAQBWSOUsrUY4IO/x+92/WCZ7AdX/iE3AcFKPPwvz5nMO
CM82CI/dO9b7X1zL7d7X7nCSknQPYnS0VFz0tYZllBei+JwycdK1ox9zG8U3ZW+f
AxSDojoz4fQMRgMcSk9n3BoLQQWUB0VFe5BGbiZmr3ixFDrahs1FANUzOD4T+aBU
Zx0ZEDOWhrSP78HEQ2NTQ/3kbEuGeAK82TT8YwGXrSa7znJm+HuJObHYuSPbj9ua
9ENceOvJtg4GCM2E+tcYKzm7pNEy85efPqX3P47n+JrT+TcZx1iHI/Mj5kFHIkLE
6jK2B0DcDM2scC0puPznhCn5pbM99d3dgqQcJeq2jre3
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:58:28 2024 by rpki-client on console-ams.rpki-client.org