Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/tFTpinJmhqJIhb6ks6dUI-p_VuE.roa
File: tFTpinJmhqJIhb6ks6dUI-p_VuE.roa (raw, json)
Hash identifier: eazCS3bJRB70cn/88Vuz29rOXOArTGLlm33COVGOyvk=
Subject key identifier: B4:54:E9:8A:72:66:86:A2:48:85:BE:A4:B3:A7:54:23:EA:7F:56:E1
Certificate issuer: /CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Certificate serial: 08DE2EE2
Authority key identifier: 3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/tFTpinJmhqJIhb6ks6dUI-p_VuE.roa
Signing time: Thu 28 Apr 2022 16:41:11 +0000
ROA not before: Thu 28 Apr 2022 16:41:11 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 213035
IP address blocks: 213.209.149.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 148778722 (0x8de2ee2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Validity
Not Before: Apr 28 16:41:11 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=b454e98a726686a24885bea4b3a75423ea7f56e1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:29:43:a0:f0:39:7a:01:69:60:ed:11:34:52:
2e:90:d4:22:61:43:15:4c:20:f3:28:b9:29:20:34:
c7:a2:9a:76:d1:c6:11:b2:84:a7:5c:24:b5:14:f0:
82:b4:e8:cd:01:bb:f6:f6:53:57:3f:b2:c5:34:7c:
05:32:11:f5:45:c5:43:5b:73:bc:7d:0c:0d:82:1f:
99:b0:b1:5c:47:87:3f:e1:b1:a6:69:97:8b:59:ea:
ee:35:50:41:1a:9c:2f:64:46:7c:2e:2f:ca:a1:a8:
e1:94:7e:2b:a1:ea:7b:a5:2b:ad:7d:66:fb:3c:7b:
55:cd:4b:e6:8d:c2:09:68:82:7e:aa:15:6a:f3:36:
0e:e1:0d:9f:98:78:c6:ff:40:16:c0:7b:e2:3e:fe:
4c:11:b4:b6:39:db:06:09:15:e0:e7:39:80:fd:21:
a4:04:9e:4c:c7:b8:8c:7d:7c:e6:00:84:83:ff:d3:
88:70:35:3b:91:98:0f:61:5a:55:b7:87:f7:d8:dc:
71:c1:c7:b9:18:65:58:a1:e6:6f:09:d4:b9:da:6e:
50:8a:2f:2a:7c:03:be:38:fe:fb:47:7e:6b:e7:45:
8c:cf:56:6d:e0:5c:4d:e1:f8:ae:7f:dd:5d:19:2f:
b1:ed:7c:b6:10:25:c1:fc:b0:be:3d:9e:6e:f5:89:
a2:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:54:E9:8A:72:66:86:A2:48:85:BE:A4:B3:A7:54:23:EA:7F:56:E1
X509v3 Authority Key Identifier:
keyid:3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/tFTpinJmhqJIhb6ks6dUI-p_VuE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/O0duEuiYflswLNwkvdnbP-g8hEk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.209.149.0/24
Signature Algorithm: sha256WithRSAEncryption
b6:d1:50:ac:3c:61:e2:f0:35:8f:90:38:c3:73:67:e8:fc:da:
9c:7e:d3:37:d3:c8:6e:eb:72:a1:ba:0e:97:2c:de:8d:55:03:
91:e7:4c:c9:f2:eb:eb:81:62:65:aa:2b:a8:1c:2d:86:bf:b3:
50:f1:3d:f7:ca:a0:6e:b3:3c:e1:f7:f4:0e:3e:a2:79:f5:69:
c8:1d:59:f1:c7:68:89:52:f8:e5:5e:77:ec:2d:e4:c6:37:9e:
cb:40:9d:cc:ef:0e:c4:80:e0:67:c9:49:97:8c:79:c2:49:ad:
87:ba:27:f8:fb:41:d8:73:a6:af:28:5d:1d:6c:32:ca:07:b6:
55:41:86:5b:04:76:c1:a0:bd:7a:7a:21:89:41:9e:b5:a6:d1:
3d:d5:c3:c3:fd:99:65:af:1a:b8:97:7a:fb:c0:20:06:f1:a6:
06:c5:02:78:5b:39:34:64:6f:d9:d1:a1:01:3e:ba:db:03:94:
90:ef:74:40:df:b3:08:f1:2c:f0:ad:11:4d:f5:5b:b2:af:35:
ca:d6:30:aa:71:4b:a1:b4:28:ad:74:fd:0b:10:7d:ff:42:31:
bf:2a:01:57:74:14:5a:0d:8d:61:f8:e4:53:57:03:3b:71:5c:
c1:39:27:ec:a4:37:3e:0c:32:7d:bb:45:3f:04:34:6b:76:f9:
6b:b7:75:0a
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIECN4u4jANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
YjQ3NmUxMmU4OTg3ZTViMzAyY2RjMjRiZGQ5ZGIzZmU4M2M4NDQ5MB4XDTIyMDQy
ODE2NDExMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYjQ1NGU5OGE3MjY2
ODZhMjQ4ODViZWE0YjNhNzU0MjNlYTdmNTZlMTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMopQ6DwOXoBaWDtETRSLpDUImFDFUwg8yi5KSA0x6KadtHG
EbKEp1wktRTwgrTozQG79vZTVz+yxTR8BTIR9UXFQ1tzvH0MDYIfmbCxXEeHP+Gx
pmmXi1nq7jVQQRqcL2RGfC4vyqGo4ZR+K6Hqe6UrrX1m+zx7Vc1L5o3CCWiCfqoV
avM2DuENn5h4xv9AFsB74j7+TBG0tjnbBgkV4Oc5gP0hpASeTMe4jH185gCEg//T
iHA1O5GYD2FaVbeH99jcccHHuRhlWKHmbwnUudpuUIovKnwDvjj++0d+a+dFjM9W
beBcTeH4rn/dXRkvse18thAlwfywvj2ebvWJonUCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBS0VOmKcmaGokiFvqSzp1Qj6n9W4TAfBgNVHSMEGDAWgBQ7R24S6Jh+WzAs
3CS92ds/6DyESTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L08wZHVFdWlZZmxzd0xOd2t2ZG5iUC1nOGhFay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzQvZDkwYzZmLTY1NzYtNDZiOS04MzEzLTZjYmZmM2M0ZGEwMS8x
L3RGVHBpbkptaHFKSWhiNmtzNmRVSS1wX1Z1RS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzQv
ZDkwYzZmLTY1NzYtNDZiOS04MzEzLTZjYmZmM2M0ZGEwMS8xL08wZHVFdWlZZmxz
d0xOd2t2ZG5iUC1nOGhFay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEANXRlTANBgkqhkiG9w0BAQsFAAOC
AQEAttFQrDxh4vA1j5A4w3Nn6PzanH7TN9PIbutyoboOlyzejVUDkedMyfLr64Fi
ZaorqBwthr+zUPE998qgbrM84ff0Dj6iefVpyB1Z8cdoiVL45V537C3kxjeey0Cd
zO8OxIDgZ8lJl4x5wkmth7on+PtB2HOmryhdHWwyyge2VUGGWwR2waC9enohiUGe
tabRPdXDw/2ZZa8auJd6+8AgBvGmBsUCeFs5NGRv2dGhAT662wOUkO90QN+zCPEs
8K0RTfVbsq81ytYwqnFLobQorXT9CxB9/0IxvyoBV3QUWg2NYfjkU1cDO3FcwTkn
7KQ3PgwyfbtFPwQ0a3b5a7d1Cg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:02:26 2024 by rpki-client on console-ams.rpki-client.org