Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/TkVDaucB_bl68WAHSovc7MDEc7c.roa
File: TkVDaucB_bl68WAHSovc7MDEc7c.roa (raw, json)
Hash identifier: RSzb8T3Oq1cTD5D0EFk6ErZNY03RtNbPCHpAXEZYVrk=
Subject key identifier: 4E:45:43:6A:E7:01:FD:B9:7A:F1:60:07:4A:8B:DC:EC:C0:C4:73:B7
Certificate issuer: /CN=d56ef48ed6155dd7843eed3632469abaa3100bf3
Certificate serial: 08AAC739
Authority key identifier: D5:6E:F4:8E:D6:15:5D:D7:84:3E:ED:36:32:46:9A:BA:A3:10:0B:F3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1W70jtYVXdeEPu02MkaauqMQC_M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/TkVDaucB_bl68WAHSovc7MDEc7c.roa
Signing time: Sat 01 Jan 2022 14:01:44 +0000
ROA not before: Sat 01 Jan 2022 14:01:44 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 206477
IP address blocks: 2a0e:8f02:f02e::/48 maxlen: 48
2a0e:8f02:f02b::/48 maxlen: 48
2a0e:8f02:f02d::/48 maxlen: 48
2a0e:8f02:f02c::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 145409849 (0x8aac739)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d56ef48ed6155dd7843eed3632469abaa3100bf3
Validity
Not Before: Jan 1 14:01:44 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=4e45436ae701fdb97af160074a8bdcecc0c473b7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:c3:06:7d:37:69:23:c1:44:c2:fb:12:89:4c:
af:5f:28:2e:ec:50:e1:af:75:9c:a3:29:05:0f:4b:
20:4c:be:7c:46:f1:0d:3d:ac:b2:16:09:28:1b:bd:
0d:7b:8f:07:7e:46:e0:1c:3e:0a:56:be:29:7a:b0:
75:78:da:3c:4f:3a:89:b2:14:62:9d:1c:52:76:87:
4f:ab:25:00:44:f1:eb:a3:23:4b:f8:89:2b:53:a7:
8b:69:7f:06:d4:c4:fc:05:d4:e9:39:1b:db:24:62:
36:ed:64:9d:7c:c1:9a:bd:1f:64:fb:24:e9:4a:bb:
d8:7b:c6:8b:fa:86:33:14:e5:31:22:dc:c0:07:35:
1f:d0:dc:cb:58:ca:41:ad:7f:f6:1d:7b:3b:bc:c3:
2c:7f:f0:69:f2:0f:09:bc:28:ec:66:3e:83:2f:7d:
70:b4:d1:10:69:87:24:43:72:72:d3:e7:41:90:4c:
04:fd:25:65:eb:02:36:fc:2c:c1:ef:b3:a2:fd:dd:
64:24:5a:09:31:ca:18:f0:43:19:f9:91:21:90:b3:
59:cf:3d:01:1e:e8:45:4b:8d:89:37:e5:be:9b:6f:
6d:9a:84:c0:66:b7:e3:f5:a1:d1:59:a2:2f:40:77:
16:1a:56:f5:92:1b:3e:2e:ed:ea:f3:8a:01:9b:d7:
69:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:45:43:6A:E7:01:FD:B9:7A:F1:60:07:4A:8B:DC:EC:C0:C4:73:B7
X509v3 Authority Key Identifier:
keyid:D5:6E:F4:8E:D6:15:5D:D7:84:3E:ED:36:32:46:9A:BA:A3:10:0B:F3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1W70jtYVXdeEPu02MkaauqMQC_M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/TkVDaucB_bl68WAHSovc7MDEc7c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/1W70jtYVXdeEPu02MkaauqMQC_M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:8f02:f02b::-2a0e:8f02:f02e:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
62:48:5c:de:b7:8a:09:c2:80:b8:89:04:6e:80:4c:d7:8f:00:
de:35:ba:29:c7:74:e1:80:8b:a2:09:d8:79:d7:1e:21:e4:b2:
f0:77:22:b5:1d:9b:ab:77:a7:69:28:2a:80:63:a1:87:82:42:
26:52:10:d7:78:89:fe:93:09:09:51:65:cb:e6:18:53:2d:5d:
16:df:13:1c:05:b9:4d:58:ab:d2:5d:8b:0b:e0:f4:80:f6:e8:
3a:f7:7d:96:23:2c:be:38:19:e6:1c:34:26:46:9e:99:de:6c:
3a:a5:96:f2:d5:24:ae:ff:66:0b:a4:2b:d0:dd:a8:91:f6:51:
c7:c7:3a:e4:26:78:73:3b:38:05:b0:da:04:9b:cf:e2:43:f3:
5c:fb:fc:fd:67:0c:e3:f9:62:6f:e1:8f:00:6c:56:ba:fc:9e:
b5:00:e5:88:b2:1d:d0:17:ea:c1:dc:fa:5f:d8:87:93:47:2c:
56:1c:ce:52:c8:34:5c:b8:da:38:3e:50:c5:fd:2c:fc:db:57:
94:af:fa:37:0c:77:31:7a:75:7c:75:5c:69:be:c3:cd:cf:ad:
7c:3d:7a:e3:7f:78:48:bc:7e:e0:2f:9c:7c:a0:76:ea:dd:57:
37:79:4f:9d:21:ef:fd:d9:eb:ff:2b:47:77:56:e7:c5:66:a3:
00:bd:7d:df
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgIECKrHOTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
NTZlZjQ4ZWQ2MTU1ZGQ3ODQzZWVkMzYzMjQ2OWFiYWEzMTAwYmYzMB4XDTIyMDEw
MTE0MDE0NFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNGU0NTQzNmFlNzAx
ZmRiOTdhZjE2MDA3NGE4YmRjZWNjMGM0NzNiNzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKnDBn03aSPBRML7EolMr18oLuxQ4a91nKMpBQ9LIEy+fEbx
DT2sshYJKBu9DXuPB35G4Bw+Cla+KXqwdXjaPE86ibIUYp0cUnaHT6slAETx66Mj
S/iJK1Oni2l/BtTE/AXU6Tkb2yRiNu1knXzBmr0fZPsk6Uq72HvGi/qGMxTlMSLc
wAc1H9Dcy1jKQa1/9h17O7zDLH/wafIPCbwo7GY+gy99cLTREGmHJENyctPnQZBM
BP0lZesCNvwswe+zov3dZCRaCTHKGPBDGfmRIZCzWc89AR7oRUuNiTflvptvbZqE
wGa34/Wh0VmiL0B3FhpW9ZIbPi7t6vOKAZvXaQMCAwEAAaOCAhcwggITMB0GA1Ud
DgQWBBRORUNq5wH9uXrxYAdKi9zswMRztzAfBgNVHSMEGDAWgBTVbvSO1hVd14Q+
7TYyRpq6oxAL8zAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzFXNzBqdFlWWGRlRVB1MDJNa2FhdXFNUUNfTS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMjUvNThmZjU0LTM0MTAtNGU0Mi1hYWI4LWQyZDdmMmJiNjRkZi8x
L1RrVkRhdWNCX2JsNjhXQUhTb3ZjN01ERWM3Yy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjUv
NThmZjU0LTM0MTAtNGU0Mi1hYWI4LWQyZDdmMmJiNjRkZi8xLzFXNzBqdFlWWGRl
RVB1MDJNa2FhdXFNUUNfTS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAt
BggrBgEFBQcBBwEB/wQeMBwwGgQCAAIwFDASAwcAKg6PAvArAwcAKg6PAvAuMA0G
CSqGSIb3DQEBCwUAA4IBAQBiSFzet4oJwoC4iQRugEzXjwDeNbopx3ThgIuiCdh5
1x4h5LLwdyK1HZurd6dpKCqAY6GHgkImUhDXeIn+kwkJUWXL5hhTLV0W3xMcBblN
WKvSXYsL4PSA9ug6932WIyy+OBnmHDQmRp6Z3mw6pZby1SSu/2YLpCvQ3aiR9lHH
xzrkJnhzOzgFsNoEm8/iQ/Nc+/z9Zwzj+WJv4Y8AbFa6/J61AOWIsh3QF+rB3Ppf
2IeTRyxWHM5SyDRcuNo4PlDF/Sz821eUr/o3DHcxenV8dVxpvsPNz618PXrjf3hI
vH7gL5x8oHbq3Vc3eU+dIe/92ev/K0d3VufFZqMAvX3f
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:49:12 2023 by rpki-client on console-ams.rpki-client.org