Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/32/15d896-2f69-4697-a6fc-08da6652a867/1/tdjAX8S-QFWneGpfvsxV1OwmCsY.roa
File: tdjAX8S-QFWneGpfvsxV1OwmCsY.roa (raw, json)
Hash identifier: re7y9ov63JqcMNiz9xkZMMNTCeQHyMOBch7XbWad8lY=
Subject key identifier: B5:D8:C0:5F:C4:BE:40:55:A7:78:6A:5F:BE:CC:55:D4:EC:26:0A:C6
Certificate issuer: /CN=2d9e31c9029ee44bd681b515330335c6a1cfdeee
Certificate serial: 4197B8FA
Authority key identifier: 2D:9E:31:C9:02:9E:E4:4B:D6:81:B5:15:33:03:35:C6:A1:CF:DE:EE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LZ4xyQKe5EvWgbUVMwM1xqHP3u4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/32/15d896-2f69-4697-a6fc-08da6652a867/1/tdjAX8S-QFWneGpfvsxV1OwmCsY.roa
Signing time: Sat 01 Jan 2022 15:04:16 +0000
ROA not before: Sat 01 Jan 2022 15:04:16 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 209523
IP address blocks: 185.97.140.0/22 maxlen: 22
185.97.141.0/24 maxlen: 24
5.198.192.0/19 maxlen: 19
2a02:e58::/32 maxlen: 32
2a02:e58:2::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1100462330 (0x4197b8fa)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2d9e31c9029ee44bd681b515330335c6a1cfdeee
Validity
Not Before: Jan 1 15:04:16 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=b5d8c05fc4be4055a7786a5fbecc55d4ec260ac6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:ce:06:a6:d2:86:42:cc:12:4a:46:eb:2e:b0:
8d:45:02:16:77:ad:d7:53:92:f7:71:01:e7:84:02:
ac:4c:b7:42:c4:b6:1f:8f:a6:4a:73:e9:ae:78:b0:
8b:5b:b9:3e:bc:87:5f:a3:49:e6:3b:a1:5c:a7:cb:
72:77:b8:6c:29:0d:c9:f0:a2:25:d7:80:10:29:55:
5b:cd:23:84:c7:01:7d:34:fe:21:33:ca:82:bc:c7:
66:e7:3b:7a:d8:17:bb:10:c9:04:23:39:c1:2a:90:
51:bc:63:ca:04:0a:b8:e0:43:d6:66:dc:c5:7d:8b:
2b:8d:07:10:0d:52:f0:b5:e9:09:35:a4:4c:f7:29:
d4:c9:85:cd:fb:46:b3:1f:8a:a7:d8:f0:26:44:ec:
af:47:0e:fd:e8:ba:fa:b9:97:27:d7:d4:b4:29:d6:
cb:5a:3f:6b:e0:f5:15:f8:cf:c7:43:34:12:68:09:
86:11:0e:e5:2b:f7:f8:7d:91:a9:ac:4a:81:05:67:
f4:08:f5:63:85:25:c7:1f:fb:58:8d:a2:0d:06:39:
78:11:1d:33:44:50:df:1e:30:e5:fb:62:d4:75:e4:
7c:6b:1d:5b:b4:d4:6b:ab:4e:e2:bf:8a:0b:13:a3:
fa:ce:d1:a5:fd:c1:75:7a:45:c7:f9:a3:69:4f:3a:
3e:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:D8:C0:5F:C4:BE:40:55:A7:78:6A:5F:BE:CC:55:D4:EC:26:0A:C6
X509v3 Authority Key Identifier:
keyid:2D:9E:31:C9:02:9E:E4:4B:D6:81:B5:15:33:03:35:C6:A1:CF:DE:EE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LZ4xyQKe5EvWgbUVMwM1xqHP3u4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/32/15d896-2f69-4697-a6fc-08da6652a867/1/tdjAX8S-QFWneGpfvsxV1OwmCsY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/32/15d896-2f69-4697-a6fc-08da6652a867/1/LZ4xyQKe5EvWgbUVMwM1xqHP3u4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.198.192.0/19
185.97.140.0/22
IPv6:
2a02:e58::/32
Signature Algorithm: sha256WithRSAEncryption
74:91:44:1f:e0:20:7b:eb:a0:d4:89:71:26:2b:92:ff:b5:7e:
05:16:48:bd:dd:3f:a9:c2:fd:26:b7:46:a9:1a:15:fc:49:0c:
46:97:d5:52:23:57:a2:3b:3b:8d:ab:24:c2:04:37:0a:77:5b:
36:13:0d:6e:b6:31:3c:58:d4:84:72:3a:5e:34:5b:1a:2d:5c:
98:28:69:6b:2e:e6:f7:8e:5f:8f:35:58:f0:d4:1c:bf:c0:4b:
30:ff:5d:f0:f5:52:15:e6:86:f2:23:44:e2:91:ce:7f:3b:7d:
b4:7c:d4:4d:86:51:27:74:3b:04:cb:aa:a8:29:1c:03:4a:e9:
ab:06:7d:9b:0c:7c:dc:61:46:3c:fb:b2:12:c3:c0:af:18:fe:
96:a3:b3:a6:eb:aa:d0:65:33:f4:e2:ab:74:7f:bb:ba:f1:08:
5a:7a:1f:68:60:da:4b:8e:22:13:60:dd:c6:5b:16:81:66:eb:
75:58:ff:47:4b:26:67:28:d7:2c:8c:ae:ff:7a:11:de:89:27:
5a:16:09:3e:a4:dc:ba:d9:6f:38:9d:ad:e6:ad:6c:4c:34:a3:
fd:ef:63:89:45:b4:3c:ab:69:bb:df:72:92:9c:45:aa:d7:80:
95:55:f6:6e:5e:bd:f3:70:6a:d4:b7:56:4d:7a:92:03:7c:e7:
7a:a0:0d:b9
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgIEQZe4+jANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
ZDllMzFjOTAyOWVlNDRiZDY4MWI1MTUzMzAzMzVjNmExY2ZkZWVlMB4XDTIyMDEw
MTE1MDQxNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYjVkOGMwNWZjNGJl
NDA1NWE3Nzg2YTVmYmVjYzU1ZDRlYzI2MGFjNjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMXOBqbShkLMEkpG6y6wjUUCFnet11OS93EB54QCrEy3QsS2
H4+mSnPprniwi1u5PryHX6NJ5juhXKfLcne4bCkNyfCiJdeAEClVW80jhMcBfTT+
ITPKgrzHZuc7etgXuxDJBCM5wSqQUbxjygQKuOBD1mbcxX2LK40HEA1S8LXpCTWk
TPcp1MmFzftGsx+Kp9jwJkTsr0cO/ei6+rmXJ9fUtCnWy1o/a+D1FfjPx0M0EmgJ
hhEO5Sv3+H2RqaxKgQVn9Aj1Y4Ulxx/7WI2iDQY5eBEdM0RQ3x4w5fti1HXkfGsd
W7TUa6tO4r+KCxOj+s7Rpf3BdXpFx/mjaU86PokCAwEAAaOCAh4wggIaMB0GA1Ud
DgQWBBS12MBfxL5AVad4al++zFXU7CYKxjAfBgNVHSMEGDAWgBQtnjHJAp7kS9aB
tRUzAzXGoc/e7jAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0xaNHh5UUtlNUV2V2diVVZNd00xeHFIUDN1NC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzIvMTVkODk2LTJmNjktNDY5Ny1hNmZjLTA4ZGE2NjUyYTg2Ny8x
L3RkakFYOFMtUUZXbmVHcGZ2c3hWMU93bUNzWS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzIv
MTVkODk2LTJmNjktNDY5Ny1hNmZjLTA4ZGE2NjUyYTg2Ny8xL0xaNHh5UUtlNUV2
V2diVVZNd00xeHFIUDN1NC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA0
BggrBgEFBQcBBwEB/wQlMCMwEgQCAAEwDAMEBQXGwAMEArlhjDANBAIAAjAHAwUA
KgIOWDANBgkqhkiG9w0BAQsFAAOCAQEAdJFEH+Age+ug1IlxJiuS/7V+BRZIvd0/
qcL9JrdGqRoV/EkMRpfVUiNXojs7jaskwgQ3CndbNhMNbrYxPFjUhHI6XjRbGi1c
mChpay7m945fjzVY8NQcv8BLMP9d8PVSFeaG8iNE4pHOfzt9tHzUTYZRJ3Q7BMuq
qCkcA0rpqwZ9mwx83GFGPPuyEsPArxj+lqOzpuuq0GUz9OKrdH+7uvEIWnofaGDa
S44iE2DdxlsWgWbrdVj/R0smZyjXLIyu/3oR3oknWhYJPqTcutlvOJ2t5q1sTDSj
/e9jiUW0PKtpu99ykpxFqteAlVX2bl6983Bq1LdWTXqSA3zneqANuQ==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:46:13 2023 by rpki-client on console-fra.rpki-client.org