Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4a/9b1f95-3b18-4812-924e-7bfda62544ce/1/tjm3i610AkxoblGiBO3SzO4ef8k.roa
File: tjm3i610AkxoblGiBO3SzO4ef8k.roa (raw, json)
Hash identifier: FaaNptDA2Z5jd8wztoriNPFL4svx0vy5LwSGPKI4Wrw=
Subject key identifier: B6:39:B7:8B:AD:74:02:4C:68:6E:51:A2:04:ED:D2:CC:EE:1E:7F:C9
Certificate issuer: /CN=05d658594b65364b2c2e56a6a45ebb06847b3849
Certificate serial: 0182400066B7C1694467EB036A4550C9D895
Authority key identifier: 05:D6:58:59:4B:65:36:4B:2C:2E:56:A6:A4:5E:BB:06:84:7B:38:49
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BdZYWUtlNkssLlampF67BoR7OEk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4a/9b1f95-3b18-4812-924e-7bfda62544ce/1/tjm3i610AkxoblGiBO3SzO4ef8k.roa
Signing time: Wed 27 Jul 2022 14:12:24 +0000
ROA not before: Wed 27 Jul 2022 14:12:24 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 24935
IP address blocks: 195.74.80.0/24 maxlen: 24
185.161.45.0/24 maxlen: 24
185.161.47.0/24 maxlen: 24
185.252.156.0/24 maxlen: 24
185.252.159.0/24 maxlen: 24
185.252.158.0/24 maxlen: 24
37.235.92.0/24 maxlen: 24
46.29.122.0/24 maxlen: 24
37.235.93.0/24 maxlen: 24
46.29.123.0/24 maxlen: 24
194.213.30.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:40:00:66:b7:c1:69:44:67:eb:03:6a:45:50:c9:d8:95
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=05d658594b65364b2c2e56a6a45ebb06847b3849
Validity
Not Before: Jul 27 14:12:24 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=b639b78bad74024c686e51a204edd2ccee1e7fc9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:47:53:de:ae:95:94:ca:af:1f:46:97:4e:fe:
9b:d8:a2:26:3a:e8:a3:c8:19:25:a4:a0:1d:c4:2e:
db:73:93:e4:5f:32:20:11:bb:82:ba:c4:0e:27:ee:
ce:6c:a4:ad:98:14:1f:c6:db:45:81:ca:84:38:87:
52:cd:72:94:1d:b4:bc:01:17:a6:ac:96:0f:fa:bd:
78:8b:87:39:f9:38:d3:b5:cc:8a:be:42:19:0c:85:
d0:1d:ef:ed:0f:fa:44:77:28:f1:31:1e:29:5b:da:
88:e8:2b:70:a1:4e:50:32:89:4f:56:75:37:42:c5:
c2:c7:76:96:6c:00:dc:81:c3:51:89:25:73:6c:ec:
35:5e:17:e3:33:3a:98:e4:82:07:e3:bd:bb:6e:66:
e7:29:75:27:18:4a:7c:a9:40:ed:05:2f:1f:3e:e3:
85:cc:f7:bc:80:52:18:92:2e:c6:9a:2e:06:06:62:
c8:6f:0d:78:ec:ad:92:cf:f4:7f:cb:50:fd:a7:55:
9e:07:7f:d9:d6:89:ed:28:52:bd:e9:1c:fe:fd:d6:
7e:d0:8a:a5:7f:37:a0:af:e4:7a:1f:53:a3:df:5d:
cb:fc:93:36:6e:25:2e:99:29:b9:14:ab:dd:60:1f:
60:ef:cd:31:20:75:e1:1f:11:74:06:40:bd:8b:59:
a2:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:39:B7:8B:AD:74:02:4C:68:6E:51:A2:04:ED:D2:CC:EE:1E:7F:C9
X509v3 Authority Key Identifier:
keyid:05:D6:58:59:4B:65:36:4B:2C:2E:56:A6:A4:5E:BB:06:84:7B:38:49
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BdZYWUtlNkssLlampF67BoR7OEk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/9b1f95-3b18-4812-924e-7bfda62544ce/1/tjm3i610AkxoblGiBO3SzO4ef8k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/9b1f95-3b18-4812-924e-7bfda62544ce/1/BdZYWUtlNkssLlampF67BoR7OEk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.235.92.0/23
46.29.122.0/23
185.161.45.0/24
185.161.47.0/24
185.252.156.0/24
185.252.158.0/23
194.213.30.0/24
195.74.80.0/24
Signature Algorithm: sha256WithRSAEncryption
53:08:c5:0b:e1:eb:1b:cb:8d:fd:58:d9:5d:c5:6c:4c:ad:a8:
e1:ff:0c:07:36:50:6d:03:52:4a:8c:ab:ec:7c:83:0d:53:b0:
99:f9:60:70:5d:41:57:bd:8d:0f:33:e7:9a:fa:a9:af:e7:fc:
32:f1:59:04:45:ac:08:63:f3:59:40:05:48:30:49:dd:1e:d6:
28:be:be:e6:5c:90:cf:99:76:aa:1f:d5:84:e0:51:e1:bf:08:
11:13:21:8f:1d:6b:82:3e:50:ec:4c:a8:2d:95:be:14:21:9e:
ff:04:c0:c9:b6:65:f5:14:eb:1d:4b:a2:47:69:51:68:cc:4d:
81:df:b6:02:dd:e3:39:1f:ad:e2:45:18:a3:60:eb:8d:47:1b:
3d:0b:45:46:8b:9c:54:54:e8:a5:75:9e:f2:0c:95:86:66:93:
ea:0c:96:54:c2:a1:81:96:a3:6f:29:01:14:a3:18:fb:af:80:
5c:5e:8b:36:f8:0f:59:85:0c:8d:d1:4f:da:89:1f:1f:d7:84:
89:9b:2b:c4:12:2b:22:b5:e9:a9:8d:3f:fb:af:7c:3b:6c:28:
d7:90:ce:7d:6a:78:87:d2:b1:54:e1:89:1e:1f:b2:0f:46:63:
b7:e1:2b:29:62:8a:8a:53:e5:e8:ac:a6:a4:2b:74:54:9e:83:
8e:c5:83:f4
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAYJAAGa3wWlEZ+sDakVQydiVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1ZDY1ODU5NGI2NTM2NGIyYzJlNTZhNmE0NWViYjA2ODQ3
YjM4NDkwHhcNMjIwNzI3MTQxMjI0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNjM5Yjc4YmFkNzQwMjRjNjg2ZTUxYTIwNGVkZDJjY2VlMWU3ZmM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAskdT3q6VlMqvH0aXTv6b2KImOuij
yBklpKAdxC7bc5PkXzIgEbuCusQOJ+7ObKStmBQfxttFgcqEOIdSzXKUHbS8ARem
rJYP+r14i4c5+TjTtcyKvkIZDIXQHe/tD/pEdyjxMR4pW9qI6CtwoU5QMolPVnU3
QsXCx3aWbADcgcNRiSVzbOw1XhfjMzqY5IIH4727bmbnKXUnGEp8qUDtBS8fPuOF
zPe8gFIYki7Gmi4GBmLIbw147K2Sz/R/y1D9p1WeB3/Z1ontKFK96Rz+/dZ+0Iql
fzegr+R6H1Oj313L/JM2biUumSm5FKvdYB9g780xIHXhHxF0BkC9i1mi3wIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFLY5t4utdAJMaG5RogTt0szuHn/JMB8GA1UdIwQY
MBaAFAXWWFlLZTZLLC5WpqReuwaEezhJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQmRaWVdVdGxOa3NzTGxhbXBGNjdCb1I3T0VrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80YS85YjFmOTUtM2IxOC00ODEyLTkyNGUt
N2JmZGE2MjU0NGNlLzEvdGptM2k2MTBBa3hvYmxHaUJPM1N6TzRlZjhrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80YS85YjFmOTUtM2IxOC00ODEyLTkyNGUtN2JmZGE2MjU0NGNl
LzEvQmRaWVdVdGxOa3NzTGxhbXBGNjdCb1I3T0VrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQBJetcAwQB
Lh16AwQAuaEtAwQAuaEvAwQAufycAwQBufyeAwQAwtUeAwQAw0pQMA0GCSqGSIb3
DQEBCwUAA4IBAQBTCMUL4esby439WNldxWxMrajh/wwHNlBtA1JKjKvsfIMNU7CZ
+WBwXUFXvY0PM+ea+qmv5/wy8VkERawIY/NZQAVIMEndHtYovr7mXJDPmXaqH9WE
4FHhvwgREyGPHWuCPlDsTKgtlb4UIZ7/BMDJtmX1FOsdS6JHaVFozE2B37YC3eM5
H63iRRijYOuNRxs9C0VGi5xUVOildZ7yDJWGZpPqDJZUwqGBlqNvKQEUoxj7r4Bc
Xos2+A9ZhQyN0U/aiR8f14SJmyvEEisitempjT/7r3w7bCjXkM59aniH0rFU4Yke
H7IPRmO34SspYoqKU+XorKakK3RUnoOOxYP0
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:51:20 2023 by rpki-client on console-ams.rpki-client.org