Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/a49102-0612-47a0-8117-cb1125007dfb/1/tTsHz9gt1XfTshBVIoRrUq0qWuw.roa
File: tTsHz9gt1XfTshBVIoRrUq0qWuw.roa (raw, json)
Hash identifier: 2gerTT6Ucjx9Y8QM0BIadLVwG97YbH5ceXS3geKRuMo=
Subject key identifier: B5:3B:07:CF:D8:2D:D5:77:D3:B2:10:55:22:84:6B:52:AD:2A:5A:EC
Certificate issuer: /CN=94846741139263388d984db1e97e031669c6486e
Certificate serial: 01852A2FAE2B33BBD5FBFDAA86447EC5D515
Authority key identifier: 94:84:67:41:13:92:63:38:8D:98:4D:B1:E9:7E:03:16:69:C6:48:6E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lIRnQROSYziNmE2x6X4DFmnGSG4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/40/a49102-0612-47a0-8117-cb1125007dfb/1/tTsHz9gt1XfTshBVIoRrUq0qWuw.roa
Signing time: Mon 19 Dec 2022 11:40:45 +0000
ROA not before: Mon 19 Dec 2022 11:40:45 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 400377
IP address blocks: 195.190.139.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:2a:2f:ae:2b:33:bb:d5:fb:fd:aa:86:44:7e:c5:d5:15
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=94846741139263388d984db1e97e031669c6486e
Validity
Not Before: Dec 19 11:40:45 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=b53b07cfd82dd577d3b2105522846b52ad2a5aec
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:1d:7a:46:e3:3f:4a:1e:24:14:41:da:e6:6e:
94:ee:9d:22:c5:86:be:fc:28:42:a5:7a:9b:06:0a:
f6:60:e9:12:cd:3c:e8:1e:e4:8c:b7:fe:7b:db:77:
97:d7:66:70:7c:88:98:9f:43:2d:13:31:39:21:ac:
e0:07:37:83:78:84:af:d5:17:49:ca:85:46:92:a0:
a5:ef:eb:cc:0d:79:5f:ef:77:b2:9d:0e:4c:a7:01:
aa:3a:d0:f5:9a:6a:e8:6a:8d:5b:56:c1:f3:76:57:
b4:8f:ed:59:c7:fe:38:09:19:c1:c8:3a:a9:e2:f9:
a7:89:48:8d:d4:31:38:6e:21:38:03:12:00:c6:b5:
6d:ec:cc:bd:76:45:59:f2:6c:73:f0:d9:de:94:72:
11:9b:66:26:5b:18:09:e1:d7:c2:c6:fa:a8:58:17:
95:c3:09:15:8b:2f:4b:d5:a2:37:dd:56:cb:04:5d:
46:55:10:18:72:9a:d9:f6:c2:0a:81:19:68:e6:33:
ab:af:b5:15:da:f9:64:62:9a:eb:42:e0:c0:a9:c8:
e6:94:73:2d:26:79:61:7f:ee:7f:0e:8a:8c:37:63:
6f:8f:06:73:6e:e9:0c:72:16:f0:6d:6b:3a:d4:4d:
93:fb:d2:7b:86:d0:7b:5e:4d:46:fe:b1:93:6d:bd:
55:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:3B:07:CF:D8:2D:D5:77:D3:B2:10:55:22:84:6B:52:AD:2A:5A:EC
X509v3 Authority Key Identifier:
keyid:94:84:67:41:13:92:63:38:8D:98:4D:B1:E9:7E:03:16:69:C6:48:6E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lIRnQROSYziNmE2x6X4DFmnGSG4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/a49102-0612-47a0-8117-cb1125007dfb/1/tTsHz9gt1XfTshBVIoRrUq0qWuw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/40/a49102-0612-47a0-8117-cb1125007dfb/1/lIRnQROSYziNmE2x6X4DFmnGSG4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.190.139.0/24
Signature Algorithm: sha256WithRSAEncryption
3d:cd:e9:51:11:2f:d0:c9:46:48:d0:5a:45:c3:1a:a3:9e:26:
b6:66:ad:24:d5:17:0d:48:d6:d7:5b:f4:fe:63:52:a1:7b:88:
d3:d7:3b:7a:90:f9:71:54:b1:8b:46:2d:88:3e:e2:11:02:c5:
75:0d:e8:9d:3b:e9:87:2e:d8:a6:c9:76:2f:54:28:fb:75:8c:
61:d4:b3:fc:bc:c6:76:63:0b:4f:ff:f0:fd:74:d1:32:24:06:
ba:d9:ce:74:57:d6:91:06:b3:b1:9a:6a:02:be:40:c0:d8:75:
7f:8c:bf:d6:1d:ea:25:6a:16:18:56:8f:06:d1:05:e0:2c:de:
ab:42:9d:46:5f:0c:07:2c:24:ff:8e:3a:26:8f:d7:b5:c5:69:
1c:fa:c4:82:a5:1e:eb:3c:ca:f0:0b:56:46:c6:b2:ad:6e:c5:
3d:c9:b3:34:58:10:dc:51:75:0e:e9:ed:27:92:76:e9:6f:4f:
36:19:c5:5c:e0:fb:dd:a0:06:3f:6b:e4:0d:de:b7:20:47:b3:
9a:d3:cf:44:47:15:9f:76:69:be:9e:3c:64:96:a5:e5:ea:06:
77:10:cf:13:88:78:00:0c:bd:d3:b2:53:9d:c5:09:41:97:87:
a5:ee:85:53:79:a9:a0:6a:ab:a7:ca:ec:30:22:e1:40:d3:af:
67:d0:d2:66
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYUqL64rM7vV+/2qhkR+xdUVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk0ODQ2NzQxMTM5MjYzMzg4ZDk4NGRiMWU5N2UwMzE2Njlj
NjQ4NmUwHhcNMjIxMjE5MTE0MDQ1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNTNiMDdjZmQ4MmRkNTc3ZDNiMjEwNTUyMjg0NmI1MmFkMmE1YWVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmx16RuM/Sh4kFEHa5m6U7p0ixYa+
/ChCpXqbBgr2YOkSzTzoHuSMt/5723eX12ZwfIiYn0MtEzE5IazgBzeDeISv1RdJ
yoVGkqCl7+vMDXlf73eynQ5MpwGqOtD1mmroao1bVsHzdle0j+1Zx/44CRnByDqp
4vmniUiN1DE4biE4AxIAxrVt7My9dkVZ8mxz8NnelHIRm2YmWxgJ4dfCxvqoWBeV
wwkViy9L1aI33VbLBF1GVRAYcprZ9sIKgRlo5jOrr7UV2vlkYprrQuDAqcjmlHMt
Jnlhf+5/DoqMN2NvjwZzbukMchbwbWs61E2T+9J7htB7Xk1G/rGTbb1VawIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLU7B8/YLdV307IQVSKEa1KtKlrsMB8GA1UdIwQY
MBaAFJSEZ0ETkmM4jZhNsel+AxZpxkhuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbElSblFST1NZemlObUUyeDZYNERGbW5HU0c0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC9hNDkxMDItMDYxMi00N2EwLTgxMTct
Y2IxMTI1MDA3ZGZiLzEvdFRzSHo5Z3QxWGZUc2hCVklvUnJVcTBxV3V3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC9hNDkxMDItMDYxMi00N2EwLTgxMTctY2IxMTI1MDA3ZGZi
LzEvbElSblFST1NZemlObUUyeDZYNERGbW5HU0c0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAw76LMA0G
CSqGSIb3DQEBCwUAA4IBAQA9zelRES/QyUZI0FpFwxqjnia2Zq0k1RcNSNbXW/T+
Y1Khe4jT1zt6kPlxVLGLRi2IPuIRAsV1DeidO+mHLtimyXYvVCj7dYxh1LP8vMZ2
YwtP//D9dNEyJAa62c50V9aRBrOxmmoCvkDA2HV/jL/WHeolahYYVo8G0QXgLN6r
Qp1GXwwHLCT/jjomj9e1xWkc+sSCpR7rPMrwC1ZGxrKtbsU9ybM0WBDcUXUO6e0n
knbpb082GcVc4PvdoAY/a+QN3rcgR7Oa089ERxWfdmm+njxklqXl6gZ3EM8TiHgA
DL3TslOdxQlBl4el7oVTeamgaqunyuwwIuFA069n0NJm
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:47:04 2023 by rpki-client on console-fra.rpki-client.org