Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3f/ba27fb-2550-49ad-b0ef-5b83d0e96012/1/TAmpVhcgTSjrkeHaG78IAOgTyH8.roa
File: TAmpVhcgTSjrkeHaG78IAOgTyH8.roa (raw, json)
Hash identifier: MDUvliDSmpZaFgWqbntQyurEAYgs0VUS8CZgMZdGwbM=
Subject key identifier: 4C:09:A9:56:17:20:4D:28:EB:91:E1:DA:1B:BF:08:00:E8:13:C8:7F
Certificate issuer: /CN=fa64a1f7ca40b58116e6bc838e062f9c712228a4
Certificate serial: 035D09E7
Authority key identifier: FA:64:A1:F7:CA:40:B5:81:16:E6:BC:83:8E:06:2F:9C:71:22:28:A4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-mSh98pAtYEW5ryDjgYvnHEiKKQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3f/ba27fb-2550-49ad-b0ef-5b83d0e96012/1/TAmpVhcgTSjrkeHaG78IAOgTyH8.roa
Signing time: Sat 01 Jan 2022 00:53:13 +0000
ROA not before: Sat 01 Jan 2022 00:53:13 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 14618
IP address blocks: 213.109.179.0/24 maxlen: 24
213.109.177.0/24 maxlen: 24
213.109.178.0/24 maxlen: 24
213.109.176.0/24 maxlen: 24
2a00:de61:300::/40 maxlen: 48
2a00:de61:200::/40 maxlen: 48
2a00:de61:100::/40 maxlen: 48
2a00:de61::/40 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 56429031 (0x35d09e7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fa64a1f7ca40b58116e6bc838e062f9c712228a4
Validity
Not Before: Jan 1 00:53:13 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=4c09a95617204d28eb91e1da1bbf0800e813c87f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:08:95:6e:f2:07:11:c2:cb:a4:0f:97:2a:cd:
26:e1:11:e9:db:89:56:93:70:67:f6:41:10:a8:85:
96:81:f6:5c:ea:7f:c9:b6:1d:07:6e:96:e9:a9:0c:
fb:ae:ed:32:ec:70:47:6c:ef:6a:5b:66:06:42:10:
fa:bf:78:81:b5:73:0a:21:76:65:6a:03:44:74:66:
aa:7b:67:48:c6:ef:b7:c8:da:97:28:4b:c0:d4:37:
61:9b:eb:f2:4d:17:d0:5c:eb:9f:0d:29:a4:72:52:
2a:e8:18:18:5c:8e:87:14:4d:35:ee:14:26:c4:c5:
6e:ae:01:db:00:80:83:8c:eb:ca:c9:30:bd:f5:d9:
58:ac:ce:c9:c6:3e:e6:17:cb:41:fd:4d:72:b5:b9:
23:c3:a2:1a:f1:23:f2:ba:f6:da:5d:81:81:20:44:
7d:58:ed:6c:4a:4e:b2:21:be:aa:b8:9f:bd:6d:7d:
75:f9:1a:bc:65:ec:cf:e0:0a:a9:6e:dd:92:df:42:
4a:cc:1d:3c:47:f1:90:90:c5:00:50:41:2b:1f:da:
4c:3d:df:ee:84:41:db:80:b6:cd:07:50:d8:2e:c9:
bd:90:1d:6a:f8:97:0d:20:c5:e0:9a:8e:57:ce:15:
31:22:03:60:c3:d6:d8:bc:eb:78:5c:b9:cf:2c:f8:
10:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:09:A9:56:17:20:4D:28:EB:91:E1:DA:1B:BF:08:00:E8:13:C8:7F
X509v3 Authority Key Identifier:
keyid:FA:64:A1:F7:CA:40:B5:81:16:E6:BC:83:8E:06:2F:9C:71:22:28:A4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-mSh98pAtYEW5ryDjgYvnHEiKKQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/ba27fb-2550-49ad-b0ef-5b83d0e96012/1/TAmpVhcgTSjrkeHaG78IAOgTyH8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/ba27fb-2550-49ad-b0ef-5b83d0e96012/1/1-mSh98pAtYEW5ryDjgYvnHEiKKQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.109.176.0/22
IPv6:
2a00:de61::/38
Signature Algorithm: sha256WithRSAEncryption
7b:d7:3a:da:fb:14:ac:df:db:bf:3f:a7:ec:0d:ad:73:21:11:
bf:3d:1b:0d:1e:38:0b:92:e9:f1:d8:3f:3f:90:6f:fb:72:9d:
a2:13:aa:0a:be:4e:51:75:3d:30:e3:cf:99:12:c9:5f:13:ea:
18:e4:dd:1d:02:9a:10:8a:bf:7a:d4:56:56:4e:c9:be:d8:12:
d4:22:e9:9b:66:27:8e:e1:50:a0:35:ee:08:fa:53:69:2a:5f:
41:5d:39:1f:42:32:9f:d0:88:a8:c4:ef:80:5b:86:95:f6:0b:
58:d3:e6:4e:8b:71:63:ca:16:78:55:e3:e8:03:bb:63:1c:f0:
6a:0d:56:8c:9a:78:b8:b5:4f:e6:d7:02:ab:28:d9:52:98:89:
6e:a9:02:d2:82:cb:dc:f5:64:a2:1b:22:b8:ba:d9:27:dd:df:
ef:07:cf:47:0c:4a:c7:71:c2:58:94:ea:ce:13:1b:54:a4:25:
82:25:35:e0:be:4e:cc:1a:f7:18:53:ce:77:31:27:41:f8:9d:
4a:20:65:12:b5:92:16:65:ac:66:8c:75:78:2a:54:25:c1:3a:
af:5c:dd:9b:36:fa:20:d1:05:71:4f:e9:33:32:f2:23:46:9b:
d5:04:3b:23:08:39:27:d3:e6:6d:a0:3e:95:f0:9f:c2:7b:95:
41:5b:96:13
-----BEGIN CERTIFICATE-----
MIIFATCCA+mgAwIBAgIEA10J5zANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
YTY0YTFmN2NhNDBiNTgxMTZlNmJjODM4ZTA2MmY5YzcxMjIyOGE0MB4XDTIyMDEw
MTAwNTMxM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNGMwOWE5NTYxNzIw
NGQyOGViOTFlMWRhMWJiZjA4MDBlODEzYzg3ZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALcIlW7yBxHCy6QPlyrNJuER6duJVpNwZ/ZBEKiFloH2XOp/
ybYdB26W6akM+67tMuxwR2zvaltmBkIQ+r94gbVzCiF2ZWoDRHRmqntnSMbvt8ja
lyhLwNQ3YZvr8k0X0Fzrnw0ppHJSKugYGFyOhxRNNe4UJsTFbq4B2wCAg4zryskw
vfXZWKzOycY+5hfLQf1NcrW5I8OiGvEj8rr22l2BgSBEfVjtbEpOsiG+qrifvW19
dfkavGXsz+AKqW7dkt9CSswdPEfxkJDFAFBBKx/aTD3f7oRB24C2zQdQ2C7JvZAd
aviXDSDF4JqOV84VMSIDYMPW2LzreFy5zyz4EGsCAwEAAaOCAhswggIXMB0GA1Ud
DgQWBBRMCalWFyBNKOuR4dobvwgA6BPIfzAfBgNVHSMEGDAWgBT6ZKH3ykC1gRbm
vIOOBi+ccSIopDAOBgNVHQ8BAf8EBAMCB4AwZQYIKwYBBQUHAQEEWTBXMFUGCCsG
AQUFBzAChklyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzEtbVNoOThwQXRZRVc1cnlEamdZdm5IRWlLS1EuY2VyMIGNBggrBgEFBQcBCwSB
gDB+MHwGCCsGAQUFBzALhnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS9ERUZBVUxULzNmL2JhMjdmYi0yNTUwLTQ5YWQtYjBlZi01YjgzZDBlOTYwMTIv
MS9UQW1wVmhjZ1RTanJrZUhhRzc4SUFPZ1R5SDgucm9hMIGCBgNVHR8EezB5MHeg
daBzhnFyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzNm
L2JhMjdmYi0yNTUwLTQ5YWQtYjBlZi01YjgzZDBlOTYwMTIvMS8xLW1TaDk4cEF0
WUVXNXJ5RGpnWXZuSEVpS0tRLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4C
MC8GCCsGAQUFBwEHAQH/BCAwHjAMBAIAATAGAwQC1W2wMA4EAgACMAgDBgIqAN5h
ADANBgkqhkiG9w0BAQsFAAOCAQEAe9c62vsUrN/bvz+n7A2tcyERvz0bDR44C5Lp
8dg/P5Bv+3KdohOqCr5OUXU9MOPPmRLJXxPqGOTdHQKaEIq/etRWVk7JvtgS1CLp
m2YnjuFQoDXuCPpTaSpfQV05H0Iyn9CIqMTvgFuGlfYLWNPmTotxY8oWeFXj6AO7
Yxzwag1WjJp4uLVP5tcCqyjZUpiJbqkC0oLL3PVkohsiuLrZJ93f7wfPRwxKx3HC
WJTqzhMbVKQlgiU14L5OzBr3GFPOdzEnQfidSiBlErWSFmWsZox1eCpUJcE6r1zd
mzb6INEFcU/pMzLyI0ab1QQ7Iwg5J9PmbaA+lfCfwnuVQVuWEw==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:47:00 2023 by rpki-client on console-fra.rpki-client.org