Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/59/40fdd1-1092-4f69-b648-691ff5b44b01/1/tuBCpHgi9ftjcxi0xNeVYixn24o.roa
File: tuBCpHgi9ftjcxi0xNeVYixn24o.roa (raw, json)
Hash identifier: ahG0TPjyxWrgiziDpB3lkIiuQ52NZr5lhRhfBkbS5GM=
Subject key identifier: B6:E0:42:A4:78:22:F5:FB:63:73:18:B4:C4:D7:95:62:2C:67:DB:8A
Certificate issuer: /CN=1e9fdc7fb39ebbbed4ee54f703d3ac6153ddee69
Certificate serial: 0181F760920F8DD2A22FD88C65F03E643C0D
Authority key identifier: 1E:9F:DC:7F:B3:9E:BB:BE:D4:EE:54:F7:03:D3:AC:61:53:DD:EE:69
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Hp_cf7Oeu77U7lT3A9OsYVPd7mk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/59/40fdd1-1092-4f69-b648-691ff5b44b01/1/tuBCpHgi9ftjcxi0xNeVYixn24o.roa
Signing time: Wed 13 Jul 2022 11:45:09 +0000
ROA not before: Wed 13 Jul 2022 11:45:09 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 62240
IP address blocks: 194.113.239.0/24 maxlen: 24
185.221.196.0/23 maxlen: 24
185.238.88.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:81:f7:60:92:0f:8d:d2:a2:2f:d8:8c:65:f0:3e:64:3c:0d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1e9fdc7fb39ebbbed4ee54f703d3ac6153ddee69
Validity
Not Before: Jul 13 11:45:09 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=b6e042a47822f5fb637318b4c4d795622c67db8a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:07:22:b0:87:8b:3a:97:e3:32:31:7e:ff:fd:
03:89:6f:71:f2:d2:ef:43:3c:22:70:c7:36:28:95:
22:d8:7b:11:1d:3f:d8:fa:eb:8a:f9:74:84:8c:9b:
5a:1b:e7:99:48:9d:2e:0d:59:ba:68:83:1e:71:52:
5a:7b:fe:cf:1d:b4:b6:a0:2a:ee:63:aa:a0:c6:fd:
ad:8e:84:f6:b6:0b:72:3e:f2:e7:1c:ad:c2:a8:30:
a4:44:da:31:79:fe:d5:72:7b:d8:a2:36:65:86:8d:
63:71:8a:98:1a:32:36:97:a6:1e:21:9a:4c:61:b5:
5b:92:87:5c:f1:a4:2b:54:bc:2b:3f:89:35:b2:77:
9f:40:26:80:9e:ba:04:f6:c6:36:0f:ac:d9:1a:a3:
4d:05:a6:e9:29:7f:41:97:9c:5c:19:c5:3e:71:72:
0d:7a:65:b0:a4:38:f7:8a:5e:f3:e9:5a:24:40:21:
b0:5c:6f:61:4d:cc:ac:ca:4b:3d:92:b3:62:b8:a7:
2b:16:6e:30:ba:58:1f:22:41:19:50:fb:93:b6:0b:
da:de:f6:28:52:22:43:2c:b3:ca:64:a6:d3:a0:5c:
e2:43:35:42:0b:3b:a1:8f:14:9d:e8:cc:f3:e6:61:
1c:7c:a8:d7:7a:42:95:39:87:de:65:47:bd:82:cb:
67:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:E0:42:A4:78:22:F5:FB:63:73:18:B4:C4:D7:95:62:2C:67:DB:8A
X509v3 Authority Key Identifier:
keyid:1E:9F:DC:7F:B3:9E:BB:BE:D4:EE:54:F7:03:D3:AC:61:53:DD:EE:69
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Hp_cf7Oeu77U7lT3A9OsYVPd7mk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/59/40fdd1-1092-4f69-b648-691ff5b44b01/1/tuBCpHgi9ftjcxi0xNeVYixn24o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/59/40fdd1-1092-4f69-b648-691ff5b44b01/1/Hp_cf7Oeu77U7lT3A9OsYVPd7mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.221.196.0/23
185.238.88.0/22
194.113.239.0/24
Signature Algorithm: sha256WithRSAEncryption
8c:60:16:c0:ee:98:01:06:44:18:71:6f:34:5e:b5:26:00:40:
8b:9a:6e:94:0d:1c:f9:b7:ac:b3:fa:18:b4:4a:97:d2:ed:43:
7f:7d:33:1b:01:67:15:68:3d:63:b3:91:cd:12:a6:41:69:a2:
f4:64:3f:76:08:45:70:93:c0:b3:36:fd:c3:10:ca:cc:64:ad:
a2:73:c9:fa:88:1f:9d:09:f7:c7:e4:d7:62:91:96:3d:72:d4:
0b:f6:cc:75:3b:c9:78:dd:f8:b1:e5:c5:02:86:8b:54:70:d1:
fb:7f:c5:ca:98:2a:d7:f6:55:59:26:a7:b4:3a:b9:fc:d5:1c:
63:5d:48:6c:97:b7:67:79:97:32:01:2b:41:45:d4:7e:e6:23:
d7:49:5e:82:04:d8:df:7a:bd:7f:10:a2:f7:43:80:78:14:27:
f9:8e:e3:d2:ea:de:9c:d1:67:ff:22:80:37:9d:fb:4a:42:a0:
dd:c2:91:fe:5c:c8:d3:23:8c:fd:65:94:9f:dd:45:11:d2:c8:
fd:2a:13:21:4e:0c:57:6e:38:a5:72:f9:63:e9:c2:bf:1c:f5:
11:83:fa:c7:d4:4a:38:e9:9a:ff:77:12:38:cd:48:14:72:32:
e7:70:11:51:0b:5a:32:93:40:2d:37:56:2f:91:3a:db:5c:d2:
0b:78:e0:48
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYH3YJIPjdKiL9iMZfA+ZDwNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFlOWZkYzdmYjM5ZWJiYmVkNGVlNTRmNzAzZDNhYzYxNTNk
ZGVlNjkwHhcNMjIwNzEzMTE0NTA5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNmUwNDJhNDc4MjJmNWZiNjM3MzE4YjRjNGQ3OTU2MjJjNjdkYjhhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApAcisIeLOpfjMjF+//0DiW9x8tLv
QzwicMc2KJUi2HsRHT/Y+uuK+XSEjJtaG+eZSJ0uDVm6aIMecVJae/7PHbS2oCru
Y6qgxv2tjoT2tgtyPvLnHK3CqDCkRNoxef7VcnvYojZlho1jcYqYGjI2l6YeIZpM
YbVbkodc8aQrVLwrP4k1snefQCaAnroE9sY2D6zZGqNNBabpKX9Bl5xcGcU+cXIN
emWwpDj3il7z6VokQCGwXG9hTcysyks9krNiuKcrFm4wulgfIkEZUPuTtgva3vYo
UiJDLLPKZKbToFziQzVCCzuhjxSd6Mzz5mEcfKjXekKVOYfeZUe9gstnLwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFLbgQqR4IvX7Y3MYtMTXlWIsZ9uKMB8GA1UdIwQY
MBaAFB6f3H+znru+1O5U9wPTrGFT3e5pMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSHBfY2Y3T2V1NzdVN2xUM0E5T3NZVlBkN21rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OS80MGZkZDEtMTA5Mi00ZjY5LWI2NDgt
NjkxZmY1YjQ0YjAxLzEvdHVCQ3BIZ2k5ZnRqY3hpMHhOZVZZaXhuMjRvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OS80MGZkZDEtMTA5Mi00ZjY5LWI2NDgtNjkxZmY1YjQ0YjAx
LzEvSHBfY2Y3T2V1NzdVN2xUM0E5T3NZVlBkN21rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBud3EAwQC
ue5YAwQAwnHvMA0GCSqGSIb3DQEBCwUAA4IBAQCMYBbA7pgBBkQYcW80XrUmAECL
mm6UDRz5t6yz+hi0SpfS7UN/fTMbAWcVaD1js5HNEqZBaaL0ZD92CEVwk8CzNv3D
EMrMZK2ic8n6iB+dCffH5NdikZY9ctQL9sx1O8l43fix5cUChotUcNH7f8XKmCrX
9lVZJqe0Orn81RxjXUhsl7dneZcyAStBRdR+5iPXSV6CBNjfer1/EKL3Q4B4FCf5
juPS6t6c0Wf/IoA3nftKQqDdwpH+XMjTI4z9ZZSf3UUR0sj9KhMhTgxXbjilcvlj
6cK/HPURg/rH1Eo46Zr/dxI4zUgUcjLncBFRC1oyk0AtN1YvkTrbXNILeOBI
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:30:45 2024 by rpki-client on console-fra.rpki-client.org