Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/39/c94855-5b1a-4f96-b7a1-6fe1f294e627/1/jTM-ADxOCl8Mf0M3lyzVSIdQ1m0.roa
File: jTM-ADxOCl8Mf0M3lyzVSIdQ1m0.roa (raw, json)
Hash identifier: oep3IFUCpvxrbbI/BPkmhg+xfFUrL/bNcqSHw1jB/Dc=
Subject key identifier: 8D:33:3E:00:3C:4E:0A:5F:0C:7F:43:37:97:2C:D5:48:87:50:D6:6D
Certificate issuer: /CN=673b3a71cf772755a3df8ced5d73516f871c0a11
Certificate serial: 06091D05
Authority key identifier: 67:3B:3A:71:CF:77:27:55:A3:DF:8C:ED:5D:73:51:6F:87:1C:0A:11
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Zzs6cc93J1Wj34ztXXNRb4ccChE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/39/c94855-5b1a-4f96-b7a1-6fe1f294e627/1/jTM-ADxOCl8Mf0M3lyzVSIdQ1m0.roa
Signing time: Mon 10 Jan 2022 09:38:15 +0000
ROA not before: Mon 10 Jan 2022 09:38:15 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 209236
IP address blocks: 170.102.144.0/24 maxlen: 24
170.102.145.0/24 maxlen: 24
170.102.192.0/24 maxlen: 24
170.102.192.0/23 maxlen: 23
170.102.194.0/24 maxlen: 24
170.102.195.0/24 maxlen: 24
170.102.193.0/24 maxlen: 24
170.102.196.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 101260549 (0x6091d05)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=673b3a71cf772755a3df8ced5d73516f871c0a11
Validity
Not Before: Jan 10 09:38:15 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=8d333e003c4e0a5f0c7f4337972cd5488750d66d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:cd:48:08:b7:0f:41:72:15:9c:fa:0c:6a:84:
05:ce:b8:51:8a:09:fc:f2:cd:bd:88:75:ea:74:11:
43:ed:f5:08:28:b4:42:0a:8a:9d:6e:6d:61:fc:19:
3b:fa:4c:87:90:73:df:2a:ad:1a:29:b9:47:89:75:
ef:94:f6:0e:f3:8f:f3:29:a3:f5:b0:92:cb:6c:a3:
41:48:9b:bf:9a:b4:f2:8f:26:94:d6:e2:16:f2:20:
70:5c:08:7c:85:60:76:0d:8e:3b:07:f9:1b:2e:e5:
63:71:0c:6b:01:8f:32:c1:99:8d:97:38:6b:35:dc:
93:f9:3d:93:d0:4c:4d:65:18:10:7d:d1:9e:94:db:
ed:fb:29:1b:b8:ed:82:3d:f0:5d:67:cb:13:94:e7:
bc:4f:e2:65:75:7f:f1:7a:c7:19:4a:4b:23:80:eb:
4e:08:aa:d1:98:85:da:fe:7c:cd:9e:b1:59:d6:6d:
1a:cd:f1:53:0c:e7:29:de:7f:09:87:73:58:91:c0:
a7:6f:01:74:57:47:b8:97:76:b1:66:2a:b7:bc:f2:
a6:da:e2:7d:2b:bf:2e:8c:78:e5:7e:7d:e5:71:63:
5d:fc:98:c2:98:43:49:cc:ae:89:b6:0f:85:49:1f:
f4:b0:c1:d1:c2:8d:88:59:35:66:12:5e:bf:e4:54:
2c:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8D:33:3E:00:3C:4E:0A:5F:0C:7F:43:37:97:2C:D5:48:87:50:D6:6D
X509v3 Authority Key Identifier:
keyid:67:3B:3A:71:CF:77:27:55:A3:DF:8C:ED:5D:73:51:6F:87:1C:0A:11
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Zzs6cc93J1Wj34ztXXNRb4ccChE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/39/c94855-5b1a-4f96-b7a1-6fe1f294e627/1/jTM-ADxOCl8Mf0M3lyzVSIdQ1m0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/39/c94855-5b1a-4f96-b7a1-6fe1f294e627/1/Zzs6cc93J1Wj34ztXXNRb4ccChE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
170.102.144.0/23
170.102.192.0-170.102.196.255
Signature Algorithm: sha256WithRSAEncryption
25:fd:be:24:d7:9f:2a:64:e3:cb:b8:66:a6:a7:4d:82:22:45:
d1:85:26:29:06:31:7b:c2:63:88:02:99:b2:e8:9f:81:e6:21:
2d:8a:f2:ad:62:5d:af:10:ea:7a:89:de:1b:fe:f7:35:e3:1b:
0a:cb:72:3b:c3:9b:14:ac:0f:3f:b4:b2:a5:b6:6f:46:9c:89:
da:ce:b1:4e:99:e8:8a:3c:bb:c2:52:c7:76:15:09:cb:f9:bc:
30:53:7b:d2:e1:e5:35:8b:2e:77:24:55:da:ff:56:18:90:50:
58:4f:bd:02:e0:f6:d1:49:19:51:4c:af:8c:f0:05:ff:ee:d3:
8e:73:ef:9f:36:6a:82:f1:3e:16:2d:a0:f7:a7:d7:00:2e:ad:
73:e8:ae:98:ac:3a:1d:85:c5:08:95:9e:22:50:68:87:f5:9c:
ab:83:fb:9b:87:b3:7b:8a:30:bd:69:d4:dc:48:68:42:86:25:
d3:73:35:f8:06:ef:6b:d1:89:02:24:e7:52:20:d9:0d:7b:4c:
09:e4:ef:60:38:44:d5:77:28:46:0d:09:6e:a3:c3:54:09:34:
9e:d6:34:3d:f0:31:52:e3:37:02:8d:0a:c3:29:e4:4f:6e:de:
8f:1f:ad:cb:39:0e:17:c4:81:e5:74:5b:23:27:b1:1f:05:ba:
00:9e:c3:51
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgIEBgkdBTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
NzNiM2E3MWNmNzcyNzU1YTNkZjhjZWQ1ZDczNTE2Zjg3MWMwYTExMB4XDTIyMDEx
MDA5MzgxNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOGQzMzNlMDAzYzRl
MGE1ZjBjN2Y0MzM3OTcyY2Q1NDg4NzUwZDY2ZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALTNSAi3D0FyFZz6DGqEBc64UYoJ/PLNvYh16nQRQ+31CCi0
QgqKnW5tYfwZO/pMh5Bz3yqtGim5R4l175T2DvOP8ymj9bCSy2yjQUibv5q08o8m
lNbiFvIgcFwIfIVgdg2OOwf5Gy7lY3EMawGPMsGZjZc4azXck/k9k9BMTWUYEH3R
npTb7fspG7jtgj3wXWfLE5TnvE/iZXV/8XrHGUpLI4DrTgiq0ZiF2v58zZ6xWdZt
Gs3xUwznKd5/CYdzWJHAp28BdFdHuJd2sWYqt7zyptrifSu/Lox45X595XFjXfyY
wphDScyuibYPhUkf9LDB0cKNiFk1ZhJev+RULN8CAwEAAaOCAhcwggITMB0GA1Ud
DgQWBBSNMz4APE4KXwx/QzeXLNVIh1DWbTAfBgNVHSMEGDAWgBRnOzpxz3cnVaPf
jO1dc1FvhxwKETAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1p6czZjYzkzSjFXajM0enRYWE5SYjRjY0NoRS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzkvYzk0ODU1LTViMWEtNGY5Ni1iN2ExLTZmZTFmMjk0ZTYyNy8x
L2pUTS1BRHhPQ2w4TWYwTTNseXpWU0lkUTFtMC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzkv
Yzk0ODU1LTViMWEtNGY5Ni1iN2ExLTZmZTFmMjk0ZTYyNy8xL1p6czZjYzkzSjFX
ajM0enRYWE5SYjRjY0NoRS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAt
BggrBgEFBQcBBwEB/wQeMBwwGgQCAAEwFAMEAapmkDAMAwQGqmbAAwQAqmbEMA0G
CSqGSIb3DQEBCwUAA4IBAQAl/b4k158qZOPLuGamp02CIkXRhSYpBjF7wmOIApmy
6J+B5iEtivKtYl2vEOp6id4b/vc14xsKy3I7w5sUrA8/tLKltm9GnInazrFOmeiK
PLvCUsd2FQnL+bwwU3vS4eU1iy53JFXa/1YYkFBYT70C4PbRSRlRTK+M8AX/7tOO
c++fNmqC8T4WLaD3p9cALq1z6K6YrDodhcUIlZ4iUGiH9Zyrg/ubh7N7ijC9adTc
SGhChiXTczX4Bu9r0YkCJOdSINkNe0wJ5O9gOETVdyhGDQluo8NUCTSe1jQ98DFS
4zcCjQrDKeRPbt6PH63LOQ4XxIHldFsjJ7EfBboAnsNR
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:03:34 2024 by rpki-client on console-ams.rpki-client.org