Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/56/ed51d7-64fd-4c73-9e8c-0e37e11d0ec3/1/TVEX0LrwqfulPpQucL0P3u-CZOM.roa
File: TVEX0LrwqfulPpQucL0P3u-CZOM.roa (raw, json)
Hash identifier: mqbe1wqZbhqjipsYvTeLkTlNDvZmewydwQM3UJPYXr0=
Subject key identifier: 4D:51:17:D0:BA:F0:A9:FB:A5:3E:94:2E:70:BD:0F:DE:EF:82:64:E3
Certificate issuer: /CN=b6d14118dbd227298daa80c7acab11eea6d63e21
Certificate serial: 0E84A637
Authority key identifier: B6:D1:41:18:DB:D2:27:29:8D:AA:80:C7:AC:AB:11:EE:A6:D6:3E:21
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ttFBGNvSJymNqoDHrKsR7qbWPiE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/56/ed51d7-64fd-4c73-9e8c-0e37e11d0ec3/1/TVEX0LrwqfulPpQucL0P3u-CZOM.roa
Signing time: Sat 01 Jan 2022 15:57:19 +0000
ROA not before: Sat 01 Jan 2022 15:57:19 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 34636
IP address blocks: 185.67.102.0/24 maxlen: 24
185.67.103.0/24 maxlen: 24
185.67.100.0/22 maxlen: 22
185.67.100.0/24 maxlen: 24
185.67.101.0/24 maxlen: 24
185.132.80.0/24 maxlen: 24
185.132.80.0/23 maxlen: 23
185.132.80.0/22 maxlen: 22
185.132.82.0/23 maxlen: 23
185.132.83.0/24 maxlen: 24
185.132.81.0/24 maxlen: 24
2a04:f080::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 243574327 (0xe84a637)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b6d14118dbd227298daa80c7acab11eea6d63e21
Validity
Not Before: Jan 1 15:57:19 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=4d5117d0baf0a9fba53e942e70bd0fdeef8264e3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:af:6a:16:7b:ec:96:17:08:1b:76:3c:b9:11:
8f:88:8f:d8:45:3b:d5:7a:93:86:9b:3f:96:f2:62:
b0:30:35:f6:0f:12:52:6e:7c:27:eb:48:ad:a1:24:
c1:18:df:59:2d:f4:fc:98:eb:17:f4:04:51:95:49:
ee:39:2a:2d:7c:77:32:b9:da:06:bd:b8:1b:2a:72:
e7:93:98:a8:70:78:f8:ac:17:8f:4d:00:41:15:73:
d6:52:19:f4:0f:94:94:30:11:da:59:55:3f:2e:ee:
a3:36:6a:e8:7e:51:65:66:c0:d8:99:5f:55:53:b3:
92:c7:9e:d2:67:b2:29:e0:17:35:cd:1d:2c:f8:30:
4a:00:61:8b:99:09:d2:46:aa:b3:ea:36:9a:61:df:
5e:6b:8a:3d:f7:57:0d:46:e1:45:81:a9:3a:5f:34:
44:4d:70:2d:0a:36:fc:93:c4:ee:1f:f5:b2:de:9b:
47:ba:e0:7f:7c:6e:fb:f5:06:31:db:b7:dd:ce:87:
01:60:f3:f2:08:0a:ff:a7:97:5d:71:72:97:62:43:
51:e3:49:fa:19:bf:74:c8:52:09:07:4b:24:7a:bb:
bb:ee:38:1a:86:5d:4c:7e:a5:26:83:f6:1e:01:43:
35:10:86:dc:77:10:a9:0d:58:87:be:1a:13:e3:9c:
cd:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:51:17:D0:BA:F0:A9:FB:A5:3E:94:2E:70:BD:0F:DE:EF:82:64:E3
X509v3 Authority Key Identifier:
keyid:B6:D1:41:18:DB:D2:27:29:8D:AA:80:C7:AC:AB:11:EE:A6:D6:3E:21
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ttFBGNvSJymNqoDHrKsR7qbWPiE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/56/ed51d7-64fd-4c73-9e8c-0e37e11d0ec3/1/TVEX0LrwqfulPpQucL0P3u-CZOM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/56/ed51d7-64fd-4c73-9e8c-0e37e11d0ec3/1/ttFBGNvSJymNqoDHrKsR7qbWPiE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.67.100.0/22
185.132.80.0/22
IPv6:
2a04:f080::/29
Signature Algorithm: sha256WithRSAEncryption
27:75:1f:19:fc:2e:35:09:3c:02:60:3a:95:41:21:ae:f5:ec:
45:6d:46:a2:61:0a:a1:0b:d8:26:b4:8b:10:5f:bd:d9:d8:9d:
2d:6d:5f:a4:e5:f0:07:18:82:8e:c4:04:c4:5f:84:99:a6:43:
40:83:dc:be:cf:2a:7d:12:0e:15:61:4e:ea:a8:77:5c:c8:aa:
1e:44:5a:09:e8:04:d6:55:c4:be:4c:f4:ae:04:cf:b7:bc:44:
c8:73:da:8d:c7:b8:2b:94:19:29:73:f7:1b:ee:03:b9:53:61:
c7:1e:53:c2:c0:ae:6b:48:19:84:ea:2a:ec:38:fb:3f:1a:1d:
15:56:26:47:fb:38:56:7f:5c:b6:32:c8:6d:e1:98:54:84:d7:
4c:4a:17:ff:9f:58:78:fc:53:90:b7:f1:a7:9e:bc:33:e7:59:
95:b5:f9:5f:54:9b:db:b2:19:0c:68:a0:f4:4b:90:b0:49:62:
4c:32:f5:b8:c2:5b:9e:e4:7e:5d:5a:ee:48:11:df:9c:cd:03:
d5:6f:b4:5f:6e:5a:03:d0:8b:31:22:b3:30:23:1a:95:cf:99:
6f:c7:da:41:87:52:b9:45:69:95:5f:ed:03:72:7a:e9:dc:3f:
44:10:61:6f:7e:a8:eb:b4:ff:b2:57:eb:75:84:8e:aa:9d:78:
c1:69:52:a3
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgIEDoSmNzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
NmQxNDExOGRiZDIyNzI5OGRhYTgwYzdhY2FiMTFlZWE2ZDYzZTIxMB4XDTIyMDEw
MTE1NTcxOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNGQ1MTE3ZDBiYWYw
YTlmYmE1M2U5NDJlNzBiZDBmZGVlZjgyNjRlMzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJqvahZ77JYXCBt2PLkRj4iP2EU71XqThps/lvJisDA19g8S
Um58J+tIraEkwRjfWS30/JjrF/QEUZVJ7jkqLXx3MrnaBr24Gypy55OYqHB4+KwX
j00AQRVz1lIZ9A+UlDAR2llVPy7uozZq6H5RZWbA2JlfVVOzksee0meyKeAXNc0d
LPgwSgBhi5kJ0kaqs+o2mmHfXmuKPfdXDUbhRYGpOl80RE1wLQo2/JPE7h/1st6b
R7rgf3xu+/UGMdu33c6HAWDz8ggK/6eXXXFyl2JDUeNJ+hm/dMhSCQdLJHq7u+44
GoZdTH6lJoP2HgFDNRCG3HcQqQ1Yh74aE+OczYMCAwEAAaOCAh4wggIaMB0GA1Ud
DgQWBBRNURfQuvCp+6U+lC5wvQ/e74Jk4zAfBgNVHSMEGDAWgBS20UEY29InKY2q
gMesqxHuptY+ITAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3R0RkJHTnZTSnltTnFvREhyS3NSN3FiV1BpRS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNTYvZWQ1MWQ3LTY0ZmQtNGM3My05ZThjLTBlMzdlMTFkMGVjMy8x
L1RWRVgwTHJ3cWZ1bFBwUXVjTDBQM3UtQ1pPTS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTYv
ZWQ1MWQ3LTY0ZmQtNGM3My05ZThjLTBlMzdlMTFkMGVjMy8xL3R0RkJHTnZTSnlt
TnFvREhyS3NSN3FiV1BpRS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA0
BggrBgEFBQcBBwEB/wQlMCMwEgQCAAEwDAMEArlDZAMEArmEUDANBAIAAjAHAwUD
KgTwgDANBgkqhkiG9w0BAQsFAAOCAQEAJ3UfGfwuNQk8AmA6lUEhrvXsRW1GomEK
oQvYJrSLEF+92didLW1fpOXwBxiCjsQExF+EmaZDQIPcvs8qfRIOFWFO6qh3XMiq
HkRaCegE1lXEvkz0rgTPt7xEyHPajce4K5QZKXP3G+4DuVNhxx5TwsCua0gZhOoq
7Dj7PxodFVYmR/s4Vn9ctjLIbeGYVITXTEoX/59YePxTkLfxp568M+dZlbX5X1Sb
27IZDGig9EuQsEliTDL1uMJbnuR+XVruSBHfnM0D1W+0X25aA9CLMSKzMCMalc+Z
b8faQYdSuUVplV/tA3J66dw/RBBhb36o67T/slfrdYSOqp14wWlSow==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:38 2023 by rpki-client on console-fra.rpki-client.org