Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/TKl5L_2hbFbeVa-dj-YK0ywym48.roa
File: TKl5L_2hbFbeVa-dj-YK0ywym48.roa (raw, json)
Hash identifier: j+/gFEx9QTzTqwcS+hA3b8zJH4AJ2M5Mri8O4wibdEc=
Subject key identifier: 4C:A9:79:2F:FD:A1:6C:56:DE:55:AF:9D:8F:E6:0A:D3:2C:32:9B:8F
Certificate issuer: /CN=6f84e4738a70ea39c08cef210432ae399ec7e915
Certificate serial: 01841D928139494301C79D62DFBCB74E8600
Authority key identifier: 6F:84:E4:73:8A:70:EA:39:C0:8C:EF:21:04:32:AE:39:9E:C7:E9:15
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/TKl5L_2hbFbeVa-dj-YK0ywym48.roa
Signing time: Fri 28 Oct 2022 07:50:51 +0000
ROA not before: Fri 28 Oct 2022 07:50:51 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 6137
IP address blocks: 109.121.34.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:1d:92:81:39:49:43:01:c7:9d:62:df:bc:b7:4e:86:00
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6f84e4738a70ea39c08cef210432ae399ec7e915
Validity
Not Before: Oct 28 07:50:51 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=4ca9792ffda16c56de55af9d8fe60ad32c329b8f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:54:9d:67:63:6a:08:79:45:6b:4b:82:52:2a:
63:e3:8f:80:e6:1c:df:ca:45:15:76:a8:42:92:90:
18:a3:05:c6:9f:49:46:ef:fc:66:42:1f:a4:81:c6:
65:15:62:66:bf:33:eb:e5:70:81:82:98:22:f0:53:
fa:4e:17:c0:31:8a:d6:a2:20:47:e1:13:e8:26:2f:
5d:d1:02:40:05:d2:38:f1:3e:33:9e:00:16:1d:85:
6b:e8:1c:12:fa:9b:eb:3f:7b:5a:9b:0e:9f:ea:90:
2a:b1:a3:b5:45:12:f6:a5:43:f6:be:df:a4:5f:da:
97:e5:e9:e6:f2:a5:0a:ec:ed:e3:15:06:37:6e:fa:
04:1a:35:5f:b5:2c:33:47:f8:73:08:21:20:6e:71:
b1:71:5b:89:57:bb:80:e2:2c:27:f0:ee:51:0e:bb:
3c:b5:46:ec:8c:93:53:09:cc:66:83:0d:e6:d6:6c:
12:28:b2:88:f4:0c:ce:f4:e9:d3:2e:f1:b5:d0:06:
6b:46:53:24:5c:2c:08:98:bc:fa:61:e6:39:60:72:
d6:a5:59:76:39:12:e7:4b:d7:db:0c:b8:20:20:76:
f7:06:72:52:74:a3:e1:c7:6c:a1:bb:e7:11:ae:5c:
e9:ae:0d:98:3b:ff:ba:6b:81:18:76:05:c3:ed:da:
c6:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:A9:79:2F:FD:A1:6C:56:DE:55:AF:9D:8F:E6:0A:D3:2C:32:9B:8F
X509v3 Authority Key Identifier:
keyid:6F:84:E4:73:8A:70:EA:39:C0:8C:EF:21:04:32:AE:39:9E:C7:E9:15
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/TKl5L_2hbFbeVa-dj-YK0ywym48.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.121.34.0/24
Signature Algorithm: sha256WithRSAEncryption
1b:6f:da:94:76:fb:0d:9d:be:ca:5d:38:ee:91:90:ff:a0:69:
ff:c8:dd:87:f8:f8:fd:10:fc:a5:1d:54:ad:56:42:d1:70:59:
19:16:27:dc:ed:eb:f5:93:04:86:e2:37:86:6e:eb:e5:e6:6d:
8f:2b:bd:4e:fd:cd:b8:90:f5:94:ed:85:33:e5:8f:cf:3a:09:
99:e4:62:a3:d8:2a:25:dd:f6:02:e4:6d:82:1d:0d:4e:ba:e9:
00:22:ce:72:b7:4a:2e:2a:f6:ac:ec:e9:4e:86:8b:cc:03:74:
1b:45:0f:12:d9:91:9d:65:04:51:5c:1e:00:a2:b1:c5:bb:01:
4a:2e:71:6f:dc:84:6e:c0:27:53:09:09:44:cc:0b:b6:65:22:
e9:cb:f0:c1:8d:f6:12:80:22:d4:8f:54:0a:b0:53:a4:32:50:
ea:dc:83:a7:38:75:43:7c:fc:89:df:40:32:a6:1a:b7:d4:06:
bf:10:fd:3a:84:b3:d2:ec:cc:4a:5b:b7:a9:65:d2:52:43:05:
f2:20:3f:a7:c7:e9:23:71:22:c7:fe:86:df:a2:61:1c:3d:3d:
79:7d:17:02:c7:b2:86:ba:af:f7:cf:5d:e6:4c:80:81:e6:bd:
fe:1d:3b:b0:c2:44:e3:e7:b7:3c:d7:13:29:fd:31:3c:fe:74:
c3:fb:fc:d3
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYQdkoE5SUMBx51i37y3ToYAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmODRlNDczOGE3MGVhMzljMDhjZWYyMTA0MzJhZTM5OWVj
N2U5MTUwHhcNMjIxMDI4MDc1MDUxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0Y2E5NzkyZmZkYTE2YzU2ZGU1NWFmOWQ4ZmU2MGFkMzJjMzI5YjhmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvlSdZ2NqCHlFa0uCUipj44+A5hzf
ykUVdqhCkpAYowXGn0lG7/xmQh+kgcZlFWJmvzPr5XCBgpgi8FP6ThfAMYrWoiBH
4RPoJi9d0QJABdI48T4zngAWHYVr6BwS+pvrP3tamw6f6pAqsaO1RRL2pUP2vt+k
X9qX5enm8qUK7O3jFQY3bvoEGjVftSwzR/hzCCEgbnGxcVuJV7uA4iwn8O5RDrs8
tUbsjJNTCcxmgw3m1mwSKLKI9AzO9OnTLvG10AZrRlMkXCwImLz6YeY5YHLWpVl2
ORLnS9fbDLggIHb3BnJSdKPhx2yhu+cRrlzprg2YO/+6a4EYdgXD7drGzwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEypeS/9oWxW3lWvnY/mCtMsMpuPMB8GA1UdIwQY
MBaAFG+E5HOKcOo5wIzvIQQyrjmex+kVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYjRUa2M0cHc2am5Bak84aEJES3VPWjdINlJVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9kZGY4YjMtMWMwOC00OTVjLThkZGYt
ZmFlNWRiZWQzYjFiLzEvVEtsNUxfMmhiRmJlVmEtZGotWUsweXd5bTQ4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9kZGY4YjMtMWMwOC00OTVjLThkZGYtZmFlNWRiZWQzYjFi
LzEvYjRUa2M0cHc2am5Bak84aEJES3VPWjdINlJVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAbXkiMA0G
CSqGSIb3DQEBCwUAA4IBAQAbb9qUdvsNnb7KXTjukZD/oGn/yN2H+Pj9EPylHVSt
VkLRcFkZFifc7ev1kwSG4jeGbuvl5m2PK71O/c24kPWU7YUz5Y/POgmZ5GKj2Col
3fYC5G2CHQ1OuukAIs5yt0ouKvas7OlOhovMA3QbRQ8S2ZGdZQRRXB4AorHFuwFK
LnFv3IRuwCdTCQlEzAu2ZSLpy/DBjfYSgCLUj1QKsFOkMlDq3IOnOHVDfPyJ30Ay
phq31Aa/EP06hLPS7MxKW7epZdJSQwXyID+nx+kjcSLH/obfomEcPT15fRcCx7KG
uq/3z13mTICB5r3+HTuwwkTj57c81xMp/TE8/nTD+/zT
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:46:35 2023 by rpki-client on console-fra.rpki-client.org