Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5c/e853ab-f470-4928-bc68-57e90c56a0e2/1/TPKY9y-lWUiE_ihUEtbAzarYmuM.roa
File: TPKY9y-lWUiE_ihUEtbAzarYmuM.roa (raw, json)
Hash identifier: doWpwGUKNVSV0IApQXAP43OgAqLNqCmByR3eja7Mhj4=
Subject key identifier: 4C:F2:98:F7:2F:A5:59:48:84:FE:28:54:12:D6:C0:CD:AA:D8:9A:E3
Certificate issuer: /CN=ea0f5b221f6af32098f3064d68251b617892ac92
Certificate serial: 0183A1BAA12C46E996E319648ED1A1B71C0C
Authority key identifier: EA:0F:5B:22:1F:6A:F3:20:98:F3:06:4D:68:25:1B:61:78:92:AC:92
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6g9bIh9q8yCY8wZNaCUbYXiSrJI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5c/e853ab-f470-4928-bc68-57e90c56a0e2/1/TPKY9y-lWUiE_ihUEtbAzarYmuM.roa
Signing time: Tue 04 Oct 2022 06:41:46 +0000
ROA not before: Tue 04 Oct 2022 06:41:46 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 14618
IP address blocks: 2a03:1e84:1900::/56 maxlen: 56
2a03:1e80:303:200::/56 maxlen: 56
2a03:1e84:9261::/48 maxlen: 48
2a03:1e84:9260::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:a1:ba:a1:2c:46:e9:96:e3:19:64:8e:d1:a1:b7:1c:0c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ea0f5b221f6af32098f3064d68251b617892ac92
Validity
Not Before: Oct 4 06:41:46 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=4cf298f72fa5594884fe285412d6c0cdaad89ae3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:21:eb:e7:ca:f4:68:90:b9:c8:11:ad:b6:97:
8b:e1:03:c5:db:26:19:70:e6:81:2e:a4:dd:e4:4c:
a4:aa:09:07:e5:e0:87:1a:b4:61:f2:f1:3e:48:b0:
bc:6f:33:16:a4:7a:39:4d:2a:c4:62:8f:45:33:2c:
17:84:62:77:a0:97:55:3b:ca:9a:39:16:98:d7:a7:
49:29:68:11:1e:32:3a:20:57:23:df:42:c5:8c:d3:
6a:00:86:7b:77:c0:1d:1c:a8:88:3e:29:61:48:39:
5c:ba:b4:80:80:bf:f0:71:4d:01:66:b2:4f:f8:d7:
16:57:5e:8b:f8:fe:24:41:48:41:fe:50:81:12:36:
3d:40:f5:b0:49:87:cb:91:33:77:c9:b9:9d:00:f4:
37:0b:bb:d8:7a:85:7c:bc:cf:a5:0e:b9:6c:ea:e7:
fb:69:52:cf:74:de:e1:b3:1b:ab:90:a0:b3:8e:c8:
7e:02:80:2d:31:40:1d:0f:22:03:cd:0e:c2:3a:78:
c1:6d:46:6e:09:4c:ab:c7:4d:42:59:e9:a8:dc:13:
49:69:a5:e8:d7:39:b7:2c:43:4f:24:5b:39:87:25:
cf:af:86:5e:1c:8e:f4:2f:9e:ab:7c:4f:21:d4:e7:
90:fd:3c:0a:19:6c:79:a6:7b:e0:7e:a1:fa:79:dc:
1a:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:F2:98:F7:2F:A5:59:48:84:FE:28:54:12:D6:C0:CD:AA:D8:9A:E3
X509v3 Authority Key Identifier:
keyid:EA:0F:5B:22:1F:6A:F3:20:98:F3:06:4D:68:25:1B:61:78:92:AC:92
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6g9bIh9q8yCY8wZNaCUbYXiSrJI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/e853ab-f470-4928-bc68-57e90c56a0e2/1/TPKY9y-lWUiE_ihUEtbAzarYmuM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/e853ab-f470-4928-bc68-57e90c56a0e2/1/6g9bIh9q8yCY8wZNaCUbYXiSrJI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a03:1e80:303:200::/56
2a03:1e84:1900::/56
2a03:1e84:9260::/47
Signature Algorithm: sha256WithRSAEncryption
1b:98:72:02:3c:11:bd:18:ae:5d:35:da:f3:45:77:f5:b7:8e:
71:2b:c0:99:79:a7:60:4f:52:6d:4f:49:b6:97:85:92:fa:03:
3c:e6:e6:5f:20:16:25:70:a4:f8:8f:05:ab:84:f1:a5:66:16:
3d:e2:c6:73:c5:a2:df:d8:8c:b3:c8:98:1a:2d:86:33:4f:12:
52:5a:3f:2b:f2:7d:cf:c0:83:ef:b8:92:dd:09:5f:99:7e:11:
a8:12:ac:ef:32:5a:77:af:10:93:87:e1:25:ec:4d:03:69:6d:
37:ba:fa:0a:81:e2:a6:1a:b7:b9:1b:6e:14:ec:d7:32:a1:75:
75:75:f3:d5:88:59:8d:90:a7:7f:aa:9c:37:2c:76:89:5d:23:
96:04:18:31:38:0e:40:0c:fb:93:42:b1:25:96:63:f9:01:2d:
be:c9:f8:b1:d3:0e:0f:1e:d2:47:8a:05:7b:89:c2:48:d1:75:
7c:c5:7f:d8:5c:58:f0:d0:3c:9d:f3:d6:83:50:a4:bb:97:ad:
23:0a:41:a3:c2:0d:06:ac:0b:05:f6:2e:f9:fa:c5:d5:15:0d:
55:5f:b5:a0:86:58:7e:7b:bb:d4:18:7d:fa:0c:f9:93:0a:ce:
84:b4:c6:1a:49:86:39:f6:54:fe:ef:bb:89:b2:c4:16:7d:37:
fb:f1:cc:ac
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAYOhuqEsRumW4xlkjtGhtxwMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVhMGY1YjIyMWY2YWYzMjA5OGYzMDY0ZDY4MjUxYjYxNzg5
MmFjOTIwHhcNMjIxMDA0MDY0MTQ2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0Y2YyOThmNzJmYTU1OTQ4ODRmZTI4NTQxMmQ2YzBjZGFhZDg5YWUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoiHr58r0aJC5yBGttpeL4QPF2yYZ
cOaBLqTd5EykqgkH5eCHGrRh8vE+SLC8bzMWpHo5TSrEYo9FMywXhGJ3oJdVO8qa
ORaY16dJKWgRHjI6IFcj30LFjNNqAIZ7d8AdHKiIPilhSDlcurSAgL/wcU0BZrJP
+NcWV16L+P4kQUhB/lCBEjY9QPWwSYfLkTN3ybmdAPQ3C7vYeoV8vM+lDrls6uf7
aVLPdN7hsxurkKCzjsh+AoAtMUAdDyIDzQ7COnjBbUZuCUyrx01CWemo3BNJaaXo
1zm3LENPJFs5hyXPr4ZeHI70L56rfE8h1OeQ/TwKGWx5pnvgfqH6edwa1QIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFEzymPcvpVlIhP4oVBLWwM2q2JrjMB8GA1UdIwQY
MBaAFOoPWyIfavMgmPMGTWglG2F4kqySMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNmc5YkloOXE4eUNZOHdaTmFDVWJZWGlTckpJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yy9lODUzYWItZjQ3MC00OTI4LWJjNjgt
NTdlOTBjNTZhMGUyLzEvVFBLWTl5LWxXVWlFX2loVUV0YkF6YXJZbXVNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yy9lODUzYWItZjQ3MC00OTI4LWJjNjgtNTdlOTBjNTZhMGUy
LzEvNmc5YkloOXE4eUNZOHdaTmFDVWJZWGlTckpJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTAjBAIAAjAdAwgAKgMegAMD
AgMIACoDHoQZAAADBwEqAx6EkmAwDQYJKoZIhvcNAQELBQADggEBABuYcgI8Eb0Y
rl012vNFd/W3jnErwJl5p2BPUm1PSbaXhZL6Azzm5l8gFiVwpPiPBauE8aVmFj3i
xnPFot/YjLPImBothjNPElJaPyvyfc/Ag++4kt0JX5l+EagSrO8yWnevEJOH4SXs
TQNpbTe6+gqB4qYat7kbbhTs1zKhdXV189WIWY2Qp3+qnDcsdoldI5YEGDE4DkAM
+5NCsSWWY/kBLb7J+LHTDg8e0keKBXuJwkjRdXzFf9hcWPDQPJ3z1oNQpLuXrSMK
QaPCDQasCwX2Lvn6xdUVDVVftaCGWH57u9QYffoM+ZMKzoS0xhpJhjn2VP7vu4my
xBZ9N/vxzKw=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:49:03 2023 by rpki-client on console-fra.rpki-client.org