Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4e/822400-3248-4702-b29b-a1b7ceefa16c/1/TxON0chceSIF0Fs-sltFmYnAUgE.roa
File: TxON0chceSIF0Fs-sltFmYnAUgE.roa (raw, json)
Hash identifier: zfPtG/Se7IZsDLyohsrh4B5FLv4dqms4+QBIxLP3Gio=
Subject key identifier: 4F:13:8D:D1:C8:5C:79:22:05:D0:5B:3E:B2:5B:45:99:89:C0:52:01
Certificate issuer: /CN=f8651b1194f12e98e70d3da78efe4dd2467cd423
Certificate serial: 01848E43119959673B9AB1A4950F2786969F
Authority key identifier: F8:65:1B:11:94:F1:2E:98:E7:0D:3D:A7:8E:FE:4D:D2:46:7C:D4:23
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-GUbEZTxLpjnDT2njv5N0kZ81CM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4e/822400-3248-4702-b29b-a1b7ceefa16c/1/TxON0chceSIF0Fs-sltFmYnAUgE.roa
Signing time: Sat 19 Nov 2022 05:01:10 +0000
ROA not before: Sat 19 Nov 2022 05:01:10 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 35830
IP address blocks: 212.119.40.0/23 maxlen: 23
45.80.106.0/23 maxlen: 23
45.140.204.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:8e:43:11:99:59:67:3b:9a:b1:a4:95:0f:27:86:96:9f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f8651b1194f12e98e70d3da78efe4dd2467cd423
Validity
Not Before: Nov 19 05:01:10 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=4f138dd1c85c792205d05b3eb25b459989c05201
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:d4:06:b4:43:1e:2d:ce:5c:8e:d4:ca:65:6b:
9b:c6:10:8e:f2:69:9a:be:4d:73:47:18:01:94:56:
9d:aa:b1:de:c3:66:74:57:b3:6c:64:73:50:c5:3c:
81:7b:cb:e6:fe:88:87:bd:9f:32:fe:84:6b:16:30:
98:1f:9f:d3:3e:2e:51:ab:9d:78:b5:02:c2:5f:24:
5c:3e:27:5e:e7:97:fe:89:fb:4d:99:86:e2:70:c4:
34:cd:b1:59:5b:51:e3:f3:f6:4c:cc:58:30:cc:c0:
44:7f:a7:f1:c3:9c:8f:71:60:8b:89:fb:a2:68:53:
4e:30:14:91:58:05:a1:cc:59:37:34:a6:c9:c3:80:
ac:84:02:f2:de:2e:eb:3d:ef:5d:ec:f3:cc:71:0b:
9b:6f:52:f5:75:d8:49:dc:9e:ff:78:1e:93:37:1d:
a4:c5:14:22:04:28:e8:51:87:f1:98:16:9e:5e:ed:
3e:41:4c:f0:f9:60:3f:81:fc:67:8f:0b:86:90:14:
c7:a8:95:fd:1a:95:97:a1:d3:e8:16:88:cf:93:3c:
5a:5d:8f:b6:ac:b0:4a:c8:d0:06:35:1e:41:01:63:
f6:c0:3c:9d:e0:c8:3d:29:1b:f3:95:cc:93:f9:bc:
03:d4:3c:0f:43:9b:ec:0f:04:90:2b:19:61:8e:05:
d5:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4F:13:8D:D1:C8:5C:79:22:05:D0:5B:3E:B2:5B:45:99:89:C0:52:01
X509v3 Authority Key Identifier:
keyid:F8:65:1B:11:94:F1:2E:98:E7:0D:3D:A7:8E:FE:4D:D2:46:7C:D4:23
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-GUbEZTxLpjnDT2njv5N0kZ81CM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/822400-3248-4702-b29b-a1b7ceefa16c/1/TxON0chceSIF0Fs-sltFmYnAUgE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/822400-3248-4702-b29b-a1b7ceefa16c/1/1-GUbEZTxLpjnDT2njv5N0kZ81CM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.80.106.0/23
45.140.204.0/23
212.119.40.0/23
Signature Algorithm: sha256WithRSAEncryption
42:5c:bc:90:e1:a5:c6:64:80:f0:72:0e:f6:d6:e9:17:1b:3a:
b3:11:8b:ce:87:82:ca:2e:63:8a:4b:ba:1e:9b:15:ff:02:56:
af:5f:d4:68:fa:5c:78:78:52:98:bb:5d:29:09:6b:77:44:38:
75:0f:71:1b:51:d9:fc:28:88:f9:ac:21:d0:92:dc:2e:23:98:
67:df:b1:b1:74:f8:dd:b1:19:e3:db:92:ba:1d:a3:8b:4f:e4:
b4:dd:a0:7b:44:f5:b7:34:a7:72:9d:bc:a1:78:35:f0:2a:41:
89:98:e1:d5:7d:e8:58:c8:60:9d:43:9a:9a:5b:c2:53:bb:4e:
30:2e:e0:c2:0a:cc:38:32:37:15:12:10:4b:41:81:f0:c9:c3:
c3:96:33:87:c0:40:0f:08:c8:9c:f7:39:fc:b8:8c:f8:01:2e:
15:2e:f7:36:28:3b:d5:60:db:55:16:05:a8:43:54:e5:9f:50:
7c:6b:c3:6d:f7:f4:93:b9:8a:75:9b:3d:3b:a3:41:61:e2:4b:
fd:21:06:b3:60:c1:15:99:25:bb:26:cd:5f:e1:85:65:d7:00:
9f:1c:2c:7b:86:c3:e0:58:95:69:9f:5e:d1:59:0f:cb:cb:6c:
20:81:ca:1f:28:f7:85:a8:7b:c0:47:2a:27:a3:8c:ee:c1:b2:
03:19:e8:f8
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYSOQxGZWWc7mrGklQ8nhpafMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY4NjUxYjExOTRmMTJlOThlNzBkM2RhNzhlZmU0ZGQyNDY3
Y2Q0MjMwHhcNMjIxMTE5MDUwMTEwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZjEzOGRkMWM4NWM3OTIyMDVkMDViM2ViMjViNDU5OTg5YzA1MjAxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn9QGtEMeLc5cjtTKZWubxhCO8mma
vk1zRxgBlFadqrHew2Z0V7NsZHNQxTyBe8vm/oiHvZ8y/oRrFjCYH5/TPi5Rq514
tQLCXyRcPide55f+iftNmYbicMQ0zbFZW1Hj8/ZMzFgwzMBEf6fxw5yPcWCLifui
aFNOMBSRWAWhzFk3NKbJw4CshALy3i7rPe9d7PPMcQubb1L1ddhJ3J7/eB6TNx2k
xRQiBCjoUYfxmBaeXu0+QUzw+WA/gfxnjwuGkBTHqJX9GpWXodPoFojPkzxaXY+2
rLBKyNAGNR5BAWP2wDyd4Mg9KRvzlcyT+bwD1DwPQ5vsDwSQKxlhjgXVbwIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFE8TjdHIXHkiBdBbPrJbRZmJwFIBMB8GA1UdIwQY
MBaAFPhlGxGU8S6Y5w09p47+TdJGfNQjMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1HVWJFWlR4THBqbkRUMm5qdjVOMGtaODFDTS5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNGUvODIyNDAwLTMyNDgtNDcwMi1iMjli
LWExYjdjZWVmYTE2Yy8xL1R4T04wY2hjZVNJRjBGcy1zbHRGbVluQVVnRS5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNGUvODIyNDAwLTMyNDgtNDcwMi1iMjliLWExYjdjZWVmYTE2
Yy8xLzEtR1ViRVpUeExwam5EVDJuanY1TjBrWjgxQ00uY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBIDBAEtUGoD
BAEtjMwDBAHUdygwDQYJKoZIhvcNAQELBQADggEBAEJcvJDhpcZkgPByDvbW6Rcb
OrMRi86HgsouY4pLuh6bFf8CVq9f1Gj6XHh4Upi7XSkJa3dEOHUPcRtR2fwoiPms
IdCS3C4jmGffsbF0+N2xGePbkrodo4tP5LTdoHtE9bc0p3KdvKF4NfAqQYmY4dV9
6FjIYJ1DmppbwlO7TjAu4MIKzDgyNxUSEEtBgfDJw8OWM4fAQA8IyJz3Ofy4jPgB
LhUu9zYoO9Vg21UWBahDVOWfUHxrw2339JO5inWbPTujQWHiS/0hBrNgwRWZJbsm
zV/hhWXXAJ8cLHuGw+BYlWmfXtFZD8vLbCCByh8o94Woe8BHKiejjO7BsgMZ6Pg=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:28:55 2024 by rpki-client on console-fra.rpki-client.org