Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5d/09cea0-ef2b-4f20-a19a-eb5a627e76a3/1/TrCP5PdP3XO4h-VQi992y7O6IC8.roa
File: TrCP5PdP3XO4h-VQi992y7O6IC8.roa (raw, json)
Hash identifier: ckb5P9AG2Sh+JDwlknGaDRJofWtK50zbb7rtfQStYJE=
Subject key identifier: 4E:B0:8F:E4:F7:4F:DD:73:B8:87:E5:50:8B:DF:76:CB:B3:BA:20:2F
Certificate issuer: /CN=4c37f27eb4997b3bef9f28266a39694050fe74f9
Certificate serial: 0183E561BF3306458CA2D7FABF7687C11236
Authority key identifier: 4C:37:F2:7E:B4:99:7B:3B:EF:9F:28:26:6A:39:69:40:50:FE:74:F9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TDfyfrSZezvvnygmajlpQFD-dPk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5d/09cea0-ef2b-4f20-a19a-eb5a627e76a3/1/TrCP5PdP3XO4h-VQi992y7O6IC8.roa
Signing time: Mon 17 Oct 2022 09:58:51 +0000
ROA not before: Mon 17 Oct 2022 09:58:51 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 56995
IP address blocks: 188.161.104.0/21 maxlen: 21
188.161.104.0/24 maxlen: 24
188.161.105.0/24 maxlen: 24
188.161.110.0/24 maxlen: 24
188.161.111.0/24 maxlen: 24
188.161.106.0/24 maxlen: 24
188.161.107.0/24 maxlen: 24
188.161.108.0/24 maxlen: 24
188.161.109.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:e5:61:bf:33:06:45:8c:a2:d7:fa:bf:76:87:c1:12:36
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4c37f27eb4997b3bef9f28266a39694050fe74f9
Validity
Not Before: Oct 17 09:58:51 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=4eb08fe4f74fdd73b887e5508bdf76cbb3ba202f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:ee:12:25:c3:8c:14:5a:ca:b3:9d:a6:20:16:
71:3a:a6:d2:55:a9:25:68:b4:a0:41:55:62:f9:f2:
f1:9b:9b:2e:99:99:c6:60:bd:b3:5c:8b:1b:9e:10:
4d:de:ad:6a:b1:9a:2f:cb:8a:78:01:d3:6d:e7:98:
e4:57:97:04:a3:9e:26:e1:77:19:5b:6b:b0:57:0f:
88:88:0c:c8:39:87:1a:0b:19:59:ea:5a:55:ce:7d:
c8:d4:b4:9f:0f:2d:e7:43:a7:e4:4d:b2:9f:ea:6a:
cb:ff:2e:64:a1:00:53:79:46:a2:2c:15:4a:af:5a:
64:fe:f1:f0:b1:d7:fb:28:b4:43:ac:ab:b8:1f:8a:
88:a7:c9:93:70:ec:ef:de:a0:33:50:b2:70:1b:3b:
fb:c5:59:4f:a3:79:90:dd:46:76:05:51:cd:61:d0:
55:01:b7:2c:a5:00:a0:42:5b:56:04:d1:83:4c:43:
56:1d:ac:48:68:ad:14:13:ec:b4:2e:a5:16:06:0b:
2c:e2:c3:a2:a2:75:93:19:f8:35:84:f9:e5:42:ea:
63:0f:b0:79:d3:80:d8:92:c6:7e:bb:ab:11:ae:ac:
b5:75:19:9f:db:4f:a9:60:3e:e1:65:5b:c9:04:e1:
96:18:16:fa:57:df:22:3c:2c:f3:21:35:2c:40:bb:
fd:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:B0:8F:E4:F7:4F:DD:73:B8:87:E5:50:8B:DF:76:CB:B3:BA:20:2F
X509v3 Authority Key Identifier:
keyid:4C:37:F2:7E:B4:99:7B:3B:EF:9F:28:26:6A:39:69:40:50:FE:74:F9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TDfyfrSZezvvnygmajlpQFD-dPk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/09cea0-ef2b-4f20-a19a-eb5a627e76a3/1/TrCP5PdP3XO4h-VQi992y7O6IC8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/09cea0-ef2b-4f20-a19a-eb5a627e76a3/1/TDfyfrSZezvvnygmajlpQFD-dPk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.161.104.0/21
Signature Algorithm: sha256WithRSAEncryption
45:df:67:a7:12:27:bb:91:a8:3f:af:ae:70:93:76:49:96:61:
ce:d3:d5:dd:e1:31:c4:cd:08:b8:57:de:29:70:41:2b:0a:42:
34:b5:ed:57:c4:73:a1:e4:ec:2b:e8:ea:44:13:87:46:b6:92:
87:df:25:f4:61:10:45:21:15:2e:ae:a8:ed:32:4a:a5:12:44:
48:49:af:f6:5e:65:63:9b:d2:f8:0a:d5:b7:dc:a4:65:95:89:
06:11:82:ec:8a:07:87:f7:4b:f7:42:83:42:ac:19:a1:88:d9:
64:e6:37:cb:8f:f0:97:51:8f:3d:6d:8d:c1:88:e7:55:0b:26:
4c:7d:3c:c2:16:f4:e3:64:1d:5b:d4:4b:84:b0:75:d6:70:5f:
4c:8c:ee:73:5e:ff:00:29:9a:db:d3:d6:ef:30:93:0a:80:de:
b8:1f:0a:fa:84:45:f0:60:5e:22:53:2e:0a:42:0a:d4:87:29:
b5:81:c9:1f:68:60:1b:15:65:ff:9d:f5:1c:89:dc:da:dd:fc:
9e:95:23:10:a5:cd:12:d8:0e:ec:96:53:28:23:fa:ae:c2:3a:
15:ef:20:03:a0:73:5a:67:bd:73:65:6b:4b:c5:95:9b:62:34:
bb:72:46:96:47:1f:46:4f:2a:9e:f2:7a:8c:d8:cb:1f:60:37:
a2:c9:5e:79
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYPlYb8zBkWMotf6v3aHwRI2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRjMzdmMjdlYjQ5OTdiM2JlZjlmMjgyNjZhMzk2OTQwNTBm
ZTc0ZjkwHhcNMjIxMDE3MDk1ODUxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZWIwOGZlNGY3NGZkZDczYjg4N2U1NTA4YmRmNzZjYmIzYmEyMDJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqe4SJcOMFFrKs52mIBZxOqbSVakl
aLSgQVVi+fLxm5sumZnGYL2zXIsbnhBN3q1qsZovy4p4AdNt55jkV5cEo54m4XcZ
W2uwVw+IiAzIOYcaCxlZ6lpVzn3I1LSfDy3nQ6fkTbKf6mrL/y5koQBTeUaiLBVK
r1pk/vHwsdf7KLRDrKu4H4qIp8mTcOzv3qAzULJwGzv7xVlPo3mQ3UZ2BVHNYdBV
AbcspQCgQltWBNGDTENWHaxIaK0UE+y0LqUWBgss4sOionWTGfg1hPnlQupjD7B5
04DYksZ+u6sRrqy1dRmf20+pYD7hZVvJBOGWGBb6V98iPCzzITUsQLv92QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFE6wj+T3T91zuIflUIvfdsuzuiAvMB8GA1UdIwQY
MBaAFEw38n60mXs7758oJmo5aUBQ/nT5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVERmeWZyU1plenZ2bnlnbWFqbHBRRkQtZFBrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZC8wOWNlYTAtZWYyYi00ZjIwLWExOWEt
ZWI1YTYyN2U3NmEzLzEvVHJDUDVQZFAzWE80aC1WUWk5OTJ5N082SUM4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZC8wOWNlYTAtZWYyYi00ZjIwLWExOWEtZWI1YTYyN2U3NmEz
LzEvVERmeWZyU1plenZ2bnlnbWFqbHBRRkQtZFBrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDvKFoMA0G
CSqGSIb3DQEBCwUAA4IBAQBF32enEie7kag/r65wk3ZJlmHO09Xd4THEzQi4V94p
cEErCkI0te1XxHOh5Owr6OpEE4dGtpKH3yX0YRBFIRUurqjtMkqlEkRISa/2XmVj
m9L4CtW33KRllYkGEYLsigeH90v3QoNCrBmhiNlk5jfLj/CXUY89bY3BiOdVCyZM
fTzCFvTjZB1b1EuEsHXWcF9MjO5zXv8AKZrb09bvMJMKgN64Hwr6hEXwYF4iUy4K
QgrUhym1gckfaGAbFWX/nfUcidza3fyelSMQpc0S2A7sllMoI/quwjoV7yADoHNa
Z71zZWtLxZWbYjS7ckaWRx9GTyqe8nqM2MsfYDeiyV55
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:12:10 2024 by rpki-client on console-ams.rpki-client.org