Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5d/7a2a99-146c-4781-a302-eb7aaa6828be/1/TH2vZcFrGCALx9cSUjDYIAvZDBI.roa
File: TH2vZcFrGCALx9cSUjDYIAvZDBI.roa (raw, json)
Hash identifier: 3N2vMlw8cOClOASpiS9uVs72sxN2l7IhO7vk5vvfsgc=
Subject key identifier: 4C:7D:AF:65:C1:6B:18:20:0B:C7:D7:12:52:30:D8:20:0B:D9:0C:12
Certificate issuer: /CN=4dd954d3c77c9c4e37eebf753d86f3dcf091d4a9
Certificate serial: 01825545F13AC408366985DBD364FF36C766
Authority key identifier: 4D:D9:54:D3:C7:7C:9C:4E:37:EE:BF:75:3D:86:F3:DC:F0:91:D4:A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TdlU08d8nE437r91PYbz3PCR1Kk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5d/7a2a99-146c-4781-a302-eb7aaa6828be/1/TH2vZcFrGCALx9cSUjDYIAvZDBI.roa
Signing time: Sun 31 Jul 2022 17:20:23 +0000
ROA not before: Sun 31 Jul 2022 17:20:23 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 58507
IP address blocks: 161.8.192.0/18 maxlen: 24
161.8.0.0/18 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:55:45:f1:3a:c4:08:36:69:85:db:d3:64:ff:36:c7:66
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4dd954d3c77c9c4e37eebf753d86f3dcf091d4a9
Validity
Not Before: Jul 31 17:20:23 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=4c7daf65c16b18200bc7d7125230d8200bd90c12
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:6a:26:c6:69:85:a5:0b:1b:b7:f6:3b:11:07:
4f:16:62:fb:48:ba:6c:2f:77:bd:1b:ec:3a:57:89:
86:52:22:8b:b2:c3:a1:12:39:51:9f:79:e1:a0:40:
2a:b6:01:c5:29:ae:c7:38:1f:20:d6:83:4e:44:d7:
41:7a:90:e5:bb:26:57:63:30:d8:1c:4b:2f:d7:e3:
0b:44:fc:ba:87:de:0d:63:98:25:3d:2f:55:ef:10:
2b:ba:61:bd:e2:b4:58:7e:00:eb:a0:bc:aa:5a:dd:
68:e3:4a:dc:45:13:10:45:16:b1:6a:48:3c:5c:57:
a4:67:7e:bd:e2:5a:ad:83:3c:e5:36:d6:80:74:46:
e6:12:a8:5a:3f:ff:b4:e3:3f:14:13:21:d6:2d:95:
f5:53:97:3d:59:04:a0:b3:5d:89:ed:3d:db:ad:1a:
92:d9:6d:b7:be:0e:2e:ff:78:e6:c5:96:8c:b5:e9:
86:7a:0e:58:8e:29:98:1b:da:5f:0d:e2:4d:6f:c1:
3f:da:41:73:c4:a7:3e:16:0f:f9:e4:c6:3a:0a:bb:
02:62:0b:af:c4:91:2f:35:c3:26:fa:9f:08:ab:f0:
eb:b7:5c:66:41:e3:13:d1:19:25:51:a6:bb:08:8d:
a0:f4:2c:9a:98:63:c9:76:a2:7c:dd:6f:16:89:8b:
73:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:7D:AF:65:C1:6B:18:20:0B:C7:D7:12:52:30:D8:20:0B:D9:0C:12
X509v3 Authority Key Identifier:
keyid:4D:D9:54:D3:C7:7C:9C:4E:37:EE:BF:75:3D:86:F3:DC:F0:91:D4:A9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TdlU08d8nE437r91PYbz3PCR1Kk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/7a2a99-146c-4781-a302-eb7aaa6828be/1/TH2vZcFrGCALx9cSUjDYIAvZDBI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/7a2a99-146c-4781-a302-eb7aaa6828be/1/TdlU08d8nE437r91PYbz3PCR1Kk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
161.8.0.0/18
161.8.192.0/18
Signature Algorithm: sha256WithRSAEncryption
b5:7f:be:e8:0f:aa:bc:5f:e9:fb:26:40:af:6b:11:e4:bb:30:
91:b0:57:e4:8a:b5:36:8d:a8:60:ae:cc:8b:70:3c:02:c7:1c:
5e:6d:c1:dd:cc:14:02:5e:9c:af:a8:fd:34:ca:48:9d:48:f9:
05:b8:90:48:25:2c:3c:99:87:0f:57:37:2e:9a:d3:a6:66:8c:
1f:f4:d0:d2:86:84:49:cd:8e:86:51:ac:78:c7:bc:1e:db:c2:
5e:3d:23:44:44:36:92:4e:09:b9:2e:3f:1d:64:4e:dd:8b:1a:
a4:48:49:28:6f:6b:63:bc:d5:fd:03:41:73:87:a9:6a:cb:df:
dc:d8:85:43:8f:0d:e8:38:bb:71:52:0a:c1:d8:6c:27:d0:d1:
aa:a1:bd:7a:4a:7c:b0:3f:7e:e3:07:b9:46:c0:33:a9:8f:cd:
a9:c2:3a:89:7c:fd:9f:c1:72:e8:c6:32:2d:b1:7e:3b:10:78:
51:d8:db:f5:46:aa:0b:f0:52:03:c2:e0:08:da:be:45:4d:6d:
83:e3:21:51:f0:38:bc:9b:88:4d:dc:47:0c:16:81:15:b7:58:
0d:8d:20:0f:56:3c:7d:c9:25:a8:58:ae:84:a6:b8:19:a6:de:
4f:fb:d7:e4:a8:1d:40:f0:d9:da:19:c2:dc:f9:7b:be:c8:ac:
cb:16:50:d1
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYJVRfE6xAg2aYXb02T/NsdmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRkZDk1NGQzYzc3YzljNGUzN2VlYmY3NTNkODZmM2RjZjA5
MWQ0YTkwHhcNMjIwNzMxMTcyMDIzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YzdkYWY2NWMxNmIxODIwMGJjN2Q3MTI1MjMwZDgyMDBiZDkwYzEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlWomxmmFpQsbt/Y7EQdPFmL7SLps
L3e9G+w6V4mGUiKLssOhEjlRn3nhoEAqtgHFKa7HOB8g1oNORNdBepDluyZXYzDY
HEsv1+MLRPy6h94NY5glPS9V7xArumG94rRYfgDroLyqWt1o40rcRRMQRRaxakg8
XFekZ3694lqtgzzlNtaAdEbmEqhaP/+04z8UEyHWLZX1U5c9WQSgs12J7T3brRqS
2W23vg4u/3jmxZaMtemGeg5YjimYG9pfDeJNb8E/2kFzxKc+Fg/55MY6CrsCYguv
xJEvNcMm+p8Iq/Drt1xmQeMT0RklUaa7CI2g9CyamGPJdqJ83W8WiYtzdwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFEx9r2XBaxggC8fXElIw2CAL2QwSMB8GA1UdIwQY
MBaAFE3ZVNPHfJxON+6/dT2G89zwkdSpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVGRsVTA4ZDhuRTQzN3I5MVBZYnozUENSMUtrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZC83YTJhOTktMTQ2Yy00NzgxLWEzMDIt
ZWI3YWFhNjgyOGJlLzEvVEgydlpjRnJHQ0FMeDljU1VqRFlJQXZaREJJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZC83YTJhOTktMTQ2Yy00NzgxLWEzMDItZWI3YWFhNjgyOGJl
LzEvVGRsVTA4ZDhuRTQzN3I5MVBZYnozUENSMUtrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQGoQgAAwQG
oQjAMA0GCSqGSIb3DQEBCwUAA4IBAQC1f77oD6q8X+n7JkCvaxHkuzCRsFfkirU2
jahgrsyLcDwCxxxebcHdzBQCXpyvqP00ykidSPkFuJBIJSw8mYcPVzcumtOmZowf
9NDShoRJzY6GUax4x7we28JePSNERDaSTgm5Lj8dZE7dixqkSEkob2tjvNX9A0Fz
h6lqy9/c2IVDjw3oOLtxUgrB2Gwn0NGqob16SnywP37jB7lGwDOpj82pwjqJfP2f
wXLoxjItsX47EHhR2Nv1RqoL8FIDwuAI2r5FTW2D4yFR8Di8m4hN3EcMFoEVt1gN
jSAPVjx9ySWoWK6EprgZpt5P+9fkqB1A8NnaGcLc+Xu+yKzLFlDR
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:31:23 2024 by rpki-client on console-fra.rpki-client.org