Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/33/3ed00a-15ee-4664-a7f1-a1b96b9b70f8/1/TUZ_n9aA4vL3ZewCXkPy5HzGsMs.roa
File: TUZ_n9aA4vL3ZewCXkPy5HzGsMs.roa (raw, json)
Hash identifier: 27JT/TCRcwaX0NPmXskWlavBUtyU8LZUfxPPXXHG5aE=
Subject key identifier: 4D:46:7F:9F:D6:80:E2:F2:F7:65:EC:02:5E:43:F2:E4:7C:C6:B0:CB
Certificate issuer: /CN=88add9b671f7a36eb2367e34fee4bcb13b8f66cc
Certificate serial: 14CBB77C
Authority key identifier: 88:AD:D9:B6:71:F7:A3:6E:B2:36:7E:34:FE:E4:BC:B1:3B:8F:66:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iK3ZtnH3o26yNn40_uS8sTuPZsw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/33/3ed00a-15ee-4664-a7f1-a1b96b9b70f8/1/TUZ_n9aA4vL3ZewCXkPy5HzGsMs.roa
Signing time: Sat 01 Jan 2022 05:51:55 +0000
ROA not before: Sat 01 Jan 2022 05:51:55 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 57841
IP address blocks: 171.25.218.236/30 maxlen: 30
91.90.231.0/24 maxlen: 24
171.25.219.1/32 maxlen: 32
176.106.160.0/20 maxlen: 20
194.9.212.0/22 maxlen: 22
171.25.218.0/23 maxlen: 30
176.106.176.0/21 maxlen: 21
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 348895100 (0x14cbb77c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=88add9b671f7a36eb2367e34fee4bcb13b8f66cc
Validity
Not Before: Jan 1 05:51:55 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=4d467f9fd680e2f2f765ec025e43f2e47cc6b0cb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:84:09:cc:8a:bf:20:78:c3:54:82:c9:3c:59:
fd:4e:ba:23:39:b9:26:ee:21:c6:e7:8a:15:f2:8f:
3a:35:66:cb:23:a9:ca:e6:66:6a:0f:73:a4:45:47:
f5:cf:c1:33:37:1e:f2:3d:aa:b6:f9:3e:67:65:3e:
85:16:fb:e0:e0:03:19:ee:da:23:1e:f9:75:ff:2b:
a7:5f:f2:95:56:b9:e3:4d:4e:82:50:d8:ce:0e:6f:
0a:13:e7:4d:d6:e4:ca:4f:bd:1a:1e:a2:41:f7:63:
36:09:5c:ed:5f:0b:1d:29:37:7d:4b:e5:ab:c0:a5:
e0:cd:a8:bb:34:e3:ab:fa:e4:32:fd:6b:54:64:6b:
d8:61:d6:64:48:6f:d4:a5:5a:a4:d4:5a:be:cb:13:
67:60:07:ad:22:2e:e0:d0:76:14:1e:c3:62:1a:52:
62:3f:cd:d6:20:a8:92:c6:e7:6d:42:c5:16:61:13:
ea:d2:f3:17:03:ae:1e:1d:dc:32:22:33:e9:9c:50:
6f:4e:cf:c8:5c:d5:02:55:85:de:47:e9:b7:9e:a9:
f6:e6:95:32:f8:d1:12:d5:69:e7:76:c2:16:3d:d1:
63:74:ea:da:e1:a7:0c:b8:c5:2d:b0:e2:9c:5f:71:
a6:ef:81:e9:07:03:d0:64:f9:ba:40:76:73:3b:f2:
01:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:46:7F:9F:D6:80:E2:F2:F7:65:EC:02:5E:43:F2:E4:7C:C6:B0:CB
X509v3 Authority Key Identifier:
keyid:88:AD:D9:B6:71:F7:A3:6E:B2:36:7E:34:FE:E4:BC:B1:3B:8F:66:CC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iK3ZtnH3o26yNn40_uS8sTuPZsw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/33/3ed00a-15ee-4664-a7f1-a1b96b9b70f8/1/TUZ_n9aA4vL3ZewCXkPy5HzGsMs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/33/3ed00a-15ee-4664-a7f1-a1b96b9b70f8/1/iK3ZtnH3o26yNn40_uS8sTuPZsw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.90.231.0/24
171.25.218.0/23
176.106.160.0-176.106.183.255
194.9.212.0/22
Signature Algorithm: sha256WithRSAEncryption
69:2b:5f:0e:f9:66:15:63:01:21:ca:36:0a:43:77:6d:ff:ba:
6d:0f:61:10:74:ef:56:ca:ec:03:cd:8f:7b:31:68:5b:38:b1:
b1:ac:a6:20:fb:fa:c2:8b:c7:7b:8d:03:be:12:a2:3e:8b:a7:
5c:b2:4e:aa:2c:89:9e:f7:3a:69:95:42:36:7b:4c:42:2a:27:
0b:58:f1:0d:76:c7:cb:c8:71:ec:27:6c:78:45:16:ef:68:e9:
56:9c:a2:b7:92:59:98:df:46:41:94:a8:43:74:b2:9f:8a:4d:
55:31:16:cd:aa:8d:ea:1c:fd:98:57:8e:20:57:3d:64:16:d8:
7b:9d:63:59:46:33:bf:ee:58:f4:96:6c:a1:5d:e8:16:f8:8a:
46:3b:40:6e:72:f0:50:56:5e:0f:e4:fd:22:80:3d:9e:17:50:
6a:c0:f0:8a:29:e6:01:3d:8f:92:82:22:cd:0d:7f:63:b9:94:
ac:16:94:35:85:f2:fd:bd:81:27:f6:38:fc:c2:00:25:9b:cd:
8c:9f:4d:3e:46:4e:93:7c:fb:e8:54:f8:35:0c:44:df:52:03:
14:c2:29:c4:f6:d2:d9:38:96:60:84:3c:9c:1d:d8:c4:0f:60:
29:e8:56:60:c9:2a:55:b1:c2:e0:09:e4:b1:aa:e8:2a:82:ef:
bb:10:51:71
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgIEFMu3fDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
OGFkZDliNjcxZjdhMzZlYjIzNjdlMzRmZWU0YmNiMTNiOGY2NmNjMB4XDTIyMDEw
MTA1NTE1NVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNGQ0NjdmOWZkNjgw
ZTJmMmY3NjVlYzAyNWU0M2YyZTQ3Y2M2YjBjYjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAL+ECcyKvyB4w1SCyTxZ/U66Izm5Ju4hxueKFfKPOjVmyyOp
yuZmag9zpEVH9c/BMzce8j2qtvk+Z2U+hRb74OADGe7aIx75df8rp1/ylVa5401O
glDYzg5vChPnTdbkyk+9Gh6iQfdjNglc7V8LHSk3fUvlq8Cl4M2ouzTjq/rkMv1r
VGRr2GHWZEhv1KVapNRavssTZ2AHrSIu4NB2FB7DYhpSYj/N1iCoksbnbULFFmET
6tLzFwOuHh3cMiIz6ZxQb07PyFzVAlWF3kfpt56p9uaVMvjREtVp53bCFj3RY3Tq
2uGnDLjFLbDinF9xpu+B6QcD0GT5ukB2czvyAc0CAwEAAaOCAiMwggIfMB0GA1Ud
DgQWBBRNRn+f1oDi8vdl7AJeQ/LkfMawyzAfBgNVHSMEGDAWgBSIrdm2cfejbrI2
fjT+5LyxO49mzDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2lLM1p0bkgzbzI2eU5uNDBfdVM4c1R1UFpzdy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzMvM2VkMDBhLTE1ZWUtNDY2NC1hN2YxLWExYjk2YjliNzBmOC8x
L1RVWl9uOWFBNHZMM1pld0NYa1B5NUh6R3NNcy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzMv
M2VkMDBhLTE1ZWUtNDY2NC1hN2YxLWExYjk2YjliNzBmOC8xL2lLM1p0bkgzbzI2
eU5uNDBfdVM4c1R1UFpzdy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA5
BggrBgEFBQcBBwEB/wQqMCgwJgQCAAEwIAMEAFta5wMEAasZ2jAMAwQFsGqgAwQD
sGqwAwQCwgnUMA0GCSqGSIb3DQEBCwUAA4IBAQBpK18O+WYVYwEhyjYKQ3dt/7pt
D2EQdO9WyuwDzY97MWhbOLGxrKYg+/rCi8d7jQO+EqI+i6dcsk6qLIme9zpplUI2
e0xCKicLWPENdsfLyHHsJ2x4RRbvaOlWnKK3klmY30ZBlKhDdLKfik1VMRbNqo3q
HP2YV44gVz1kFth7nWNZRjO/7lj0lmyhXegW+IpGO0BucvBQVl4P5P0igD2eF1Bq
wPCKKeYBPY+SgiLNDX9juZSsFpQ1hfL9vYEn9jj8wgAlm82Mn00+Rk6TfPvoVPg1
DETfUgMUwinE9tLZOJZghDycHdjED2Ap6FZgySpVscLgCeSxqugqgu+7EFFx
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:02:06 2024 by rpki-client on console-ams.rpki-client.org