Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/tcMd-HExqbbbMG3ElNksLKfGcLE.roa
File: tcMd-HExqbbbMG3ElNksLKfGcLE.roa (raw, json)
Hash identifier: T0R7WQCSTtrNMVaWvGARoEgmAfcRax9WmHoRrlB2bZc=
Subject key identifier: B5:C3:1D:F8:71:31:A9:B6:DB:30:6D:C4:94:D9:2C:2C:A7:C6:70:B1
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 15487760
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/tcMd-HExqbbbMG3ElNksLKfGcLE.roa
Signing time: Thu 23 Jun 2022 19:56:19 +0000
ROA not before: Thu 23 Jun 2022 19:56:19 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 209859
IP address blocks: 2a0e:b102:140::/43 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 357070688 (0x15487760)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jun 23 19:56:19 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=b5c31df87131a9b6db306dc494d92c2ca7c670b1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:b6:79:41:e9:25:6a:d5:21:ff:5a:c5:22:f4:
74:63:84:dd:c7:47:fe:92:74:9b:83:46:2f:cb:c8:
8b:5b:60:aa:21:1e:97:09:49:57:5a:17:47:fe:4d:
f8:93:96:ce:26:8a:ea:47:42:8c:57:b2:87:c2:bf:
10:b5:eb:89:be:84:98:27:c7:91:a9:54:34:08:66:
60:ab:2c:b0:a7:4f:c4:97:8d:07:01:91:c7:9a:bd:
e9:fb:c5:bf:89:0e:f0:89:8b:15:fc:6e:8b:41:45:
02:60:dc:be:79:07:ac:f5:cc:99:03:e5:24:5b:ee:
9a:8b:da:5c:95:73:20:95:fc:fc:6a:81:9e:1e:4f:
ef:01:18:9c:20:1f:b4:10:ef:bc:72:5d:ab:90:c8:
ad:70:31:68:2e:56:b4:a2:aa:82:f3:66:b3:df:41:
3f:43:82:81:5a:14:e8:05:0c:15:e5:db:33:5f:94:
77:8e:5f:92:fb:f9:67:af:da:93:13:59:7b:7b:4a:
b4:e1:40:97:94:7b:1f:37:71:e5:70:35:51:6a:c6:
59:a0:b7:9a:3b:fb:92:72:c0:a9:a6:7c:60:96:82:
e0:25:59:13:3f:18:ff:f7:de:c3:e5:af:b8:d2:07:
ce:3c:da:16:07:2f:ce:b5:f5:33:70:ab:c8:c9:11:
6f:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:C3:1D:F8:71:31:A9:B6:DB:30:6D:C4:94:D9:2C:2C:A7:C6:70:B1
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/tcMd-HExqbbbMG3ElNksLKfGcLE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:b102:140::/43
Signature Algorithm: sha256WithRSAEncryption
45:5b:15:12:a0:aa:66:75:e6:bf:e7:e5:54:22:38:45:10:de:
de:53:74:b4:b0:9b:cb:5a:d7:35:0f:ec:eb:ea:c6:73:84:fe:
d5:ed:76:90:39:b8:07:fe:d0:17:8a:b1:da:e8:a9:ac:8d:b1:
e7:93:a2:6d:31:12:b5:b2:4e:e1:56:72:c4:e1:b2:e2:47:09:
c0:b0:b6:19:ea:f7:08:1f:08:da:20:fa:9f:c1:46:a3:9c:1c:
8f:01:ae:ad:5c:df:46:3c:64:ee:55:63:ff:bd:a7:24:64:01:
9e:56:40:02:24:d6:c4:67:dc:e0:a8:80:2f:39:79:8c:6d:01:
fe:40:10:6e:00:5f:69:4d:0d:e7:f2:df:61:d6:50:92:0b:4e:
01:ef:42:1b:46:ce:33:e6:ae:23:33:00:2c:5a:19:08:32:c5:
de:4f:79:c0:27:c7:f9:b2:f3:02:26:9f:fa:9e:f6:2e:66:4a:
1b:65:bf:ee:3f:61:1c:0b:90:a6:a7:54:47:07:93:31:fc:09:
e6:73:b2:33:a4:40:a0:ee:88:b3:2c:d5:c9:95:83:fc:fb:87:
79:cf:67:65:34:22:2c:d2:f0:1a:46:4b:41:3e:ad:d1:fa:19:
85:ea:be:f9:90:3f:9f:19:74:fd:a1:ab:21:72:5d:a5:15:f6:
36:92:bd:2a
-----BEGIN CERTIFICATE-----
MIIE8jCCA9qgAwIBAgIEFUh3YDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
M2U5MTY3MTdhYjExY2NjZjExZWYxZmI1YzEyZWU0MTk1MGZhZDliMB4XDTIyMDYy
MzE5NTYxOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYjVjMzFkZjg3MTMx
YTliNmRiMzA2ZGM0OTRkOTJjMmNhN2M2NzBiMTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAIS2eUHpJWrVIf9axSL0dGOE3cdH/pJ0m4NGL8vIi1tgqiEe
lwlJV1oXR/5N+JOWziaK6kdCjFeyh8K/ELXrib6EmCfHkalUNAhmYKsssKdPxJeN
BwGRx5q96fvFv4kO8ImLFfxui0FFAmDcvnkHrPXMmQPlJFvumovaXJVzIJX8/GqB
nh5P7wEYnCAftBDvvHJdq5DIrXAxaC5WtKKqgvNms99BP0OCgVoU6AUMFeXbM1+U
d45fkvv5Z6/akxNZe3tKtOFAl5R7Hzdx5XA1UWrGWaC3mjv7knLAqaZ8YJaC4CVZ
Ez8Y//few+WvuNIHzjzaFgcvzrX1M3CryMkRbxsCAwEAAaOCAgwwggIIMB0GA1Ud
DgQWBBS1wx34cTGpttswbcSU2Swsp8ZwsTAfBgNVHSMEGDAWgBRj6RZxerEczPEe
8ftcEu5BlQ+tmzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1kta1djWHF4SE16eEh2SDdYQkx1UVpVUHJacy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNTEvNDk1N2E0LWNlNTktNDMxNS05OTc2LWRjNWVjNzQ4ZjZhNS8x
L3RjTWQtSEV4cWJiYk1HM0VsTmtzTEtmR2NMRS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTEv
NDk1N2E0LWNlNTktNDMxNS05OTc2LWRjNWVjNzQ4ZjZhNS8xL1kta1djWHF4SE16
eEh2SDdYQkx1UVpVUHJacy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAi
BggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHBSoOsQIBQDANBgkqhkiG9w0BAQsF
AAOCAQEARVsVEqCqZnXmv+flVCI4RRDe3lN0tLCby1rXNQ/s6+rGc4T+1e12kDm4
B/7QF4qx2uiprI2x55OibTEStbJO4VZyxOGy4kcJwLC2Ger3CB8I2iD6n8FGo5wc
jwGurVzfRjxk7lVj/72nJGQBnlZAAiTWxGfc4KiALzl5jG0B/kAQbgBfaU0N5/Lf
YdZQkgtOAe9CG0bOM+auIzMALFoZCDLF3k95wCfH+bLzAiaf+p72LmZKG2W/7j9h
HAuQpqdURweTMfwJ5nOyM6RAoO6IsyzVyZWD/PuHec9nZTQiLNLwGkZLQT6t0foZ
heq++ZA/nxl0/aGrIXJdpRX2NpK9Kg==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:52:04 2023 by rpki-client on console-ams.rpki-client.org