Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/27/fab49a-91f4-460c-827b-c3327822a138/1/TWWfnxGqAbqjSfxCXt-JjBnsFLk.roa
File: TWWfnxGqAbqjSfxCXt-JjBnsFLk.roa (raw, json)
Hash identifier: wcyPCihq1Faw9HFlgSg+obpNsouNPpjptWXvEahGz8k=
Subject key identifier: 4D:65:9F:9F:11:AA:01:BA:A3:49:FC:42:5E:DF:89:8C:19:EC:14:B9
Certificate issuer: /CN=1f896cd3d8d1a0699da521055dfb58dc06dddf35
Certificate serial: 0B1F6BA9
Authority key identifier: 1F:89:6C:D3:D8:D1:A0:69:9D:A5:21:05:5D:FB:58:DC:06:DD:DF:35
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/H4ls09jRoGmdpSEFXftY3Abd3zU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/27/fab49a-91f4-460c-827b-c3327822a138/1/TWWfnxGqAbqjSfxCXt-JjBnsFLk.roa
Signing time: Sat 01 Jan 2022 05:03:59 +0000
ROA not before: Sat 01 Jan 2022 05:03:59 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 59882
IP address blocks: 185.153.208.0/22 maxlen: 22
2a07:88c0::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 186608553 (0xb1f6ba9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1f896cd3d8d1a0699da521055dfb58dc06dddf35
Validity
Not Before: Jan 1 05:03:59 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=4d659f9f11aa01baa349fc425edf898c19ec14b9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:34:ce:1b:9e:c2:9d:ea:0a:01:6b:41:f5:88:
e7:2e:99:4f:d7:ec:35:83:75:3b:9a:b2:b6:4c:34:
ae:95:7e:72:0b:b0:53:b8:37:e4:e7:a6:32:74:68:
81:2f:b3:62:47:13:7e:f1:27:17:58:fe:8e:22:e6:
8b:8b:fe:6b:a5:47:39:3a:8b:91:6c:b8:66:90:a7:
df:50:d7:39:a8:e8:62:71:39:c0:52:9f:74:a5:e7:
8a:6f:06:a4:14:ae:99:1b:84:76:5a:49:56:ff:e6:
12:b9:34:87:b9:38:ab:37:a8:44:67:21:6c:a5:af:
6b:67:79:7e:52:fe:36:4d:ab:cb:d6:50:19:9f:45:
32:aa:36:1d:0e:c1:59:8f:46:f0:7b:9d:90:0a:7a:
e9:0e:2b:25:13:5e:36:6a:dd:37:c1:8d:67:37:f5:
b1:28:e7:9a:dd:5a:bf:bf:38:e9:85:07:92:bc:2d:
c6:63:14:96:08:fe:b8:58:1b:77:6b:30:fd:a3:80:
ab:02:46:ee:ca:46:25:1d:44:6d:f8:3a:bb:30:08:
12:69:ef:e5:20:c0:28:f8:a7:a7:30:9b:dd:08:79:
9e:0b:3e:08:a9:1c:62:03:eb:08:79:6d:05:b5:dd:
60:cc:8a:07:66:7f:82:f0:b9:f9:af:69:3c:22:c3:
9a:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:65:9F:9F:11:AA:01:BA:A3:49:FC:42:5E:DF:89:8C:19:EC:14:B9
X509v3 Authority Key Identifier:
keyid:1F:89:6C:D3:D8:D1:A0:69:9D:A5:21:05:5D:FB:58:DC:06:DD:DF:35
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/H4ls09jRoGmdpSEFXftY3Abd3zU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/27/fab49a-91f4-460c-827b-c3327822a138/1/TWWfnxGqAbqjSfxCXt-JjBnsFLk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/27/fab49a-91f4-460c-827b-c3327822a138/1/H4ls09jRoGmdpSEFXftY3Abd3zU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.153.208.0/22
IPv6:
2a07:88c0::/29
Signature Algorithm: sha256WithRSAEncryption
20:40:99:7e:a7:8e:84:80:6d:e1:8b:5d:0d:d0:15:df:4a:27:
c5:24:13:b4:2e:49:d7:b3:72:54:73:e4:f9:f2:e0:d0:77:24:
8c:3d:5c:c8:65:86:d8:52:24:24:b8:f9:04:50:b6:df:43:95:
27:d8:3a:e5:8e:ef:0c:b5:61:87:c4:be:1e:5e:37:5f:72:8b:
3d:2c:11:1b:34:1b:d2:b3:25:5d:60:73:36:25:e0:f4:ac:ff:
9b:8d:46:f0:9b:de:d8:a1:07:2a:29:c8:4a:f3:02:5a:f7:bd:
21:d9:04:7c:21:18:40:55:50:17:06:16:86:ce:d5:68:63:d4:
8b:37:e0:09:97:3d:e2:c7:88:d9:4f:d4:95:ec:02:c2:e4:bc:
e5:5c:92:51:1b:9b:c8:00:10:95:34:73:9c:64:6b:80:d9:bb:
0b:6d:1d:e5:7a:91:b4:c1:27:5e:a4:31:04:8e:b2:42:37:30:
6d:79:9f:b9:af:41:59:e0:87:5c:9d:5a:ca:54:3e:59:6d:23:
2f:b1:8b:74:e3:60:0d:d3:41:a8:a6:d6:dd:5c:04:7e:ef:96:
37:4e:db:4e:7a:a0:d0:9e:89:03:51:f3:b6:2b:53:a5:9b:7a:
5f:10:c2:df:26:3a:3c:1e:26:e9:6d:ce:ec:33:cc:b7:c4:da:
01:21:6d:f2
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIECx9rqTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
Zjg5NmNkM2Q4ZDFhMDY5OWRhNTIxMDU1ZGZiNThkYzA2ZGRkZjM1MB4XDTIyMDEw
MTA1MDM1OVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNGQ2NTlmOWYxMWFh
MDFiYWEzNDlmYzQyNWVkZjg5OGMxOWVjMTRiOTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAN80zhuewp3qCgFrQfWI5y6ZT9fsNYN1O5qytkw0rpV+cguw
U7g35OemMnRogS+zYkcTfvEnF1j+jiLmi4v+a6VHOTqLkWy4ZpCn31DXOajoYnE5
wFKfdKXnim8GpBSumRuEdlpJVv/mErk0h7k4qzeoRGchbKWva2d5flL+Nk2ry9ZQ
GZ9FMqo2HQ7BWY9G8HudkAp66Q4rJRNeNmrdN8GNZzf1sSjnmt1av7846YUHkrwt
xmMUlgj+uFgbd2sw/aOAqwJG7spGJR1Ebfg6uzAIEmnv5SDAKPinpzCb3Qh5ngs+
CKkcYgPrCHltBbXdYMyKB2Z/gvC5+a9pPCLDmikCAwEAAaOCAhgwggIUMB0GA1Ud
DgQWBBRNZZ+fEaoBuqNJ/EJe34mMGewUuTAfBgNVHSMEGDAWgBQfiWzT2NGgaZ2l
IQVd+1jcBt3fNTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0g0bHMwOWpSb0dtZHBTRUZYZnRZM0FiZDN6VS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMjcvZmFiNDlhLTkxZjQtNDYwYy04MjdiLWMzMzI3ODIyYTEzOC8x
L1RXV2ZueEdxQWJxalNmeENYdC1KakJuc0ZMay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjcv
ZmFiNDlhLTkxZjQtNDYwYy04MjdiLWMzMzI3ODIyYTEzOC8xL0g0bHMwOWpSb0dt
ZHBTRUZYZnRZM0FiZDN6VS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAu
BggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEArmZ0DANBAIAAjAHAwUDKgeIwDAN
BgkqhkiG9w0BAQsFAAOCAQEAIECZfqeOhIBt4YtdDdAV30onxSQTtC5J17NyVHPk
+fLg0HckjD1cyGWG2FIkJLj5BFC230OVJ9g65Y7vDLVhh8S+Hl43X3KLPSwRGzQb
0rMlXWBzNiXg9Kz/m41G8Jve2KEHKinISvMCWve9IdkEfCEYQFVQFwYWhs7VaGPU
izfgCZc94seI2U/UlewCwuS85VySURubyAAQlTRznGRrgNm7C20d5XqRtMEnXqQx
BI6yQjcwbXmfua9BWeCHXJ1aylQ+WW0jL7GLdONgDdNBqKbW3VwEfu+WN07bTnqg
0J6JA1HztitTpZt6XxDC3yY6PB4m6W3O7DPMt8TaASFt8g==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:49:21 2023 by rpki-client on console-ams.rpki-client.org