Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/54/193c71-c94a-416f-a186-416664f01a2c/1/Tlrul5GlMU8EaH0yRXBQuQi-axg.roa
File: Tlrul5GlMU8EaH0yRXBQuQi-axg.roa (raw, json)
Hash identifier: ffPd5sw3xShklHX2ffVesWyqo3gYQKQlgEmI4FP5vK8=
Subject key identifier: 4E:5A:EE:97:91:A5:31:4F:04:68:7D:32:45:70:50:B9:08:BE:6B:18
Certificate issuer: /CN=fb1157e81b7c9e43360a1cb50a31401175921808
Certificate serial: 0146CBD6
Authority key identifier: FB:11:57:E8:1B:7C:9E:43:36:0A:1C:B5:0A:31:40:11:75:92:18:08
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-xFX6Bt8nkM2Chy1CjFAEXWSGAg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/54/193c71-c94a-416f-a186-416664f01a2c/1/Tlrul5GlMU8EaH0yRXBQuQi-axg.roa
Signing time: Sat 01 Jan 2022 09:00:13 +0000
ROA not before: Sat 01 Jan 2022 09:00:13 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 1239
IP address blocks: 193.108.56.0/22 maxlen: 24
193.108.102.0/23 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 21416918 (0x146cbd6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fb1157e81b7c9e43360a1cb50a31401175921808
Validity
Not Before: Jan 1 09:00:13 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=4e5aee9791a5314f04687d32457050b908be6b18
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:d3:23:18:38:e3:80:26:ea:7d:54:d4:90:fb:
b2:2b:16:02:cd:87:cf:d6:bd:40:6e:7a:60:3d:8d:
6c:59:a9:58:25:4d:49:23:8d:e8:99:22:91:f2:a3:
23:76:f6:56:47:6c:17:49:41:bf:5c:f4:90:1e:87:
a6:fd:f1:4a:2f:70:bc:c8:5b:d2:7b:4d:7a:00:e8:
b4:1e:21:5b:9c:e2:83:9d:60:fb:0b:36:5a:fa:74:
61:0f:a4:b2:c6:94:18:a2:89:f5:44:23:38:1c:83:
5e:f9:07:b7:50:9d:1e:f8:8b:a9:29:63:67:cc:74:
91:31:99:ce:23:e7:9e:cc:fd:f0:94:81:58:52:f9:
a9:e6:f4:6a:8d:05:f3:2c:1f:30:45:36:7e:e7:99:
84:cc:40:70:ad:a1:04:a4:fd:1b:c8:99:dc:da:bd:
4c:e0:3c:f7:b2:0e:cc:e4:15:91:5f:24:d4:f1:a7:
56:ba:a5:b0:75:93:7d:df:9f:f4:b6:8a:3a:89:9e:
6c:5a:ad:1a:23:f3:08:62:b8:80:5d:3c:da:51:cc:
a7:11:92:ec:3a:31:15:5e:f3:ee:3f:c4:1d:65:53:
bb:f1:94:4f:26:d6:9c:11:54:00:a1:73:68:65:f3:
ef:0b:21:24:5f:22:5a:2a:34:e1:68:58:93:37:f7:
3a:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:5A:EE:97:91:A5:31:4F:04:68:7D:32:45:70:50:B9:08:BE:6B:18
X509v3 Authority Key Identifier:
keyid:FB:11:57:E8:1B:7C:9E:43:36:0A:1C:B5:0A:31:40:11:75:92:18:08
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-xFX6Bt8nkM2Chy1CjFAEXWSGAg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/54/193c71-c94a-416f-a186-416664f01a2c/1/Tlrul5GlMU8EaH0yRXBQuQi-axg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/54/193c71-c94a-416f-a186-416664f01a2c/1/1-xFX6Bt8nkM2Chy1CjFAEXWSGAg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.108.56.0/22
193.108.102.0/23
Signature Algorithm: sha256WithRSAEncryption
3a:07:58:f9:04:78:46:35:43:67:58:bd:89:26:5a:07:e4:32:
eb:f5:27:fe:c2:85:74:9d:2f:4e:1a:0a:94:77:56:ee:26:fc:
40:fa:f5:d0:f9:e2:21:eb:e7:a0:48:60:16:0d:17:05:c3:19:
b6:d2:a8:ef:45:3a:b7:0d:c9:2e:a2:14:bc:c6:61:11:5b:2e:
05:35:59:73:5c:4d:c3:90:fa:aa:14:41:76:eb:c5:84:43:df:
f0:42:da:d3:3f:60:37:e9:77:3b:9a:17:66:4a:f7:cf:26:ff:
1d:03:ad:8c:15:3d:ac:d2:1b:e8:00:bf:47:ae:c4:9f:4f:c7:
4d:d3:5d:11:0e:52:68:fb:fb:83:41:6c:5e:05:77:97:45:af:
bf:48:3b:31:cc:b1:c1:9b:87:f1:04:31:2b:9e:75:e7:27:fb:
bc:d4:38:77:48:12:29:82:89:59:14:90:d9:4a:e7:eb:73:fe:
ad:1f:bd:ad:ff:11:8a:50:57:4d:ea:65:9d:52:41:35:ba:21:
72:42:fb:08:95:0f:f5:d5:62:7c:10:20:c4:22:a4:4b:b7:91:
28:7a:66:f7:ca:95:32:f2:b0:cf:25:83:58:73:c4:db:3d:c9:
a1:fd:52:e6:c4:b3:fd:77:5f:6f:c5:93:6c:c2:f9:10:44:e6:
1f:1b:05:49
-----BEGIN CERTIFICATE-----
MIIE9zCCA9+gAwIBAgIEAUbL1jANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
YjExNTdlODFiN2M5ZTQzMzYwYTFjYjUwYTMxNDAxMTc1OTIxODA4MB4XDTIyMDEw
MTA5MDAxM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNGU1YWVlOTc5MWE1
MzE0ZjA0Njg3ZDMyNDU3MDUwYjkwOGJlNmIxODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJ7TIxg444Am6n1U1JD7sisWAs2Hz9a9QG56YD2NbFmpWCVN
SSON6JkikfKjI3b2VkdsF0lBv1z0kB6Hpv3xSi9wvMhb0ntNegDotB4hW5zig51g
+ws2Wvp0YQ+kssaUGKKJ9UQjOByDXvkHt1CdHviLqSljZ8x0kTGZziPnnsz98JSB
WFL5qeb0ao0F8ywfMEU2fueZhMxAcK2hBKT9G8iZ3Nq9TOA897IOzOQVkV8k1PGn
VrqlsHWTfd+f9LaKOomebFqtGiPzCGK4gF082lHMpxGS7DoxFV7z7j/EHWVTu/GU
TybWnBFUAKFzaGXz7wshJF8iWio04WhYkzf3OgcCAwEAAaOCAhEwggINMB0GA1Ud
DgQWBBROWu6XkaUxTwRofTJFcFC5CL5rGDAfBgNVHSMEGDAWgBT7EVfoG3yeQzYK
HLUKMUARdZIYCDAOBgNVHQ8BAf8EBAMCB4AwZQYIKwYBBQUHAQEEWTBXMFUGCCsG
AQUFBzAChklyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzEteEZYNkJ0OG5rTTJDaHkxQ2pGQUVYV1NHQWcuY2VyMIGNBggrBgEFBQcBCwSB
gDB+MHwGCCsGAQUFBzALhnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS9ERUZBVUxULzU0LzE5M2M3MS1jOTRhLTQxNmYtYTE4Ni00MTY2NjRmMDFhMmMv
MS9UbHJ1bDVHbE1VOEVhSDB5UlhCUXVRaS1heGcucm9hMIGCBgNVHR8EezB5MHeg
daBzhnFyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzU0
LzE5M2M3MS1jOTRhLTQxNmYtYTE4Ni00MTY2NjRmMDFhMmMvMS8xLXhGWDZCdDhu
a00yQ2h5MUNqRkFFWFdTR0FnLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4C
MCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCwWw4AwQBwWxmMA0GCSqGSIb3
DQEBCwUAA4IBAQA6B1j5BHhGNUNnWL2JJloH5DLr9Sf+woV0nS9OGgqUd1buJvxA
+vXQ+eIh6+egSGAWDRcFwxm20qjvRTq3DckuohS8xmERWy4FNVlzXE3DkPqqFEF2
68WEQ9/wQtrTP2A36Xc7mhdmSvfPJv8dA62MFT2s0hvoAL9HrsSfT8dN010RDlJo
+/uDQWxeBXeXRa+/SDsxzLHBm4fxBDErnnXnJ/u81Dh3SBIpgolZFJDZSufrc/6t
H72t/xGKUFdN6mWdUkE1uiFyQvsIlQ/11WJ8ECDEIqRLt5Eoemb3ypUy8rDPJYNY
c8TbPcmh/VLmxLP9d19vxZNswvkQROYfGwVJ
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:29 2023 by rpki-client on console-fra.rpki-client.org