Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/61/f92e2a-e1e4-487d-9acc-ed1f30cc1c57/1/tfQGAkgrzH2hX6lSBVuKWdKH2uY.roa
File: tfQGAkgrzH2hX6lSBVuKWdKH2uY.roa (raw, json)
Hash identifier: BNqdaAVORgwMurg9b27l0loj9hxjTduULGGsEht5c/c=
Subject key identifier: B5:F4:06:02:48:2B:CC:7D:A1:5F:A9:52:05:5B:8A:59:D2:87:DA:E6
Certificate issuer: /CN=8777b5b36f66e13c4388c9934da507856515d073
Certificate serial: 388845B3
Authority key identifier: 87:77:B5:B3:6F:66:E1:3C:43:88:C9:93:4D:A5:07:85:65:15:D0:73
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/h3e1s29m4TxDiMmTTaUHhWUV0HM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/61/f92e2a-e1e4-487d-9acc-ed1f30cc1c57/1/tfQGAkgrzH2hX6lSBVuKWdKH2uY.roa
Signing time: Sat 01 Jan 2022 01:51:48 +0000
ROA not before: Sat 01 Jan 2022 01:51:48 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 48844
IP address blocks: 37.19.15.128/29 maxlen: 29
5.149.139.0/24 maxlen: 24
37.19.13.64/26 maxlen: 26
2a00:1528:aa00:d000::/56 maxlen: 56
2a00:1528:aa00:c000::/56 maxlen: 56
2a00:1528:aa00::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 948454835 (0x388845b3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8777b5b36f66e13c4388c9934da507856515d073
Validity
Not Before: Jan 1 01:51:48 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=b5f40602482bcc7da15fa952055b8a59d287dae6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:ae:00:cd:b3:e1:14:68:ac:5e:c4:91:75:af:
71:32:3d:0d:03:c3:df:c2:41:19:9a:fe:67:8b:9b:
f2:47:b0:ca:69:ae:de:74:22:58:59:9e:0c:c3:bb:
7f:ec:c6:75:85:77:48:c2:b7:71:f1:a9:54:45:bf:
f9:3a:fd:b6:8c:c8:da:2f:0c:dd:20:8d:fe:49:b4:
0a:d3:44:b5:9d:cf:d8:2b:d8:d5:98:10:b4:59:22:
e4:1e:41:fb:e4:af:98:b1:71:36:08:e9:d2:4f:c8:
b1:d1:a2:4d:5b:32:1a:5a:43:48:48:6c:d9:7e:5f:
44:cf:71:5f:f6:4b:d6:5c:d4:04:6d:3f:36:d5:69:
f7:d2:cf:43:ac:82:5f:6a:8e:4a:5c:7a:53:b3:3b:
2e:ad:77:bb:ad:ce:ba:c2:df:46:31:48:4b:9f:d5:
07:67:c8:20:12:ee:17:66:9d:c7:30:e4:19:43:ea:
23:42:ca:9b:08:82:b5:31:d2:14:6e:b1:97:5c:ed:
17:b2:2b:f1:cb:9d:cd:9d:30:71:b6:17:9a:30:a6:
47:80:ab:47:1f:8f:f2:09:91:bf:ca:d0:18:5c:cd:
f0:d6:e5:f4:70:54:c8:82:69:b9:94:77:dd:c7:c0:
8f:ea:c1:ce:36:1d:95:c9:32:4d:17:f2:36:42:b5:
a7:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:F4:06:02:48:2B:CC:7D:A1:5F:A9:52:05:5B:8A:59:D2:87:DA:E6
X509v3 Authority Key Identifier:
keyid:87:77:B5:B3:6F:66:E1:3C:43:88:C9:93:4D:A5:07:85:65:15:D0:73
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/h3e1s29m4TxDiMmTTaUHhWUV0HM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/61/f92e2a-e1e4-487d-9acc-ed1f30cc1c57/1/tfQGAkgrzH2hX6lSBVuKWdKH2uY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/61/f92e2a-e1e4-487d-9acc-ed1f30cc1c57/1/h3e1s29m4TxDiMmTTaUHhWUV0HM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.149.139.0/24
37.19.13.64/26
37.19.15.128/29
IPv6:
2a00:1528:aa00::/48
Signature Algorithm: sha256WithRSAEncryption
43:2b:dd:ef:d8:7f:60:e0:e8:d0:ac:2f:87:fe:f4:4d:69:91:
2c:d7:78:87:be:93:2b:4e:09:a6:8a:3f:04:a5:6c:4c:5a:f7:
b7:b4:1b:c6:39:2a:91:80:c3:da:f9:3c:3d:8e:93:aa:00:b7:
21:66:2d:c7:5c:a9:5b:bc:6c:31:4a:96:e6:6d:25:5c:60:6e:
32:a0:ed:b4:3d:fd:f7:d3:b6:43:49:7f:79:75:b7:d3:d6:0b:
67:e1:9e:d9:94:13:08:ac:dc:4e:03:56:11:56:c4:f3:68:c5:
ce:4b:95:e7:26:68:f3:e6:6f:a1:81:d0:5d:c3:9f:69:77:18:
d0:fa:60:3d:1b:a4:cb:b3:4e:29:f3:98:bc:ce:a6:84:10:58:
22:d1:f2:5a:94:3c:2a:11:c7:62:5a:b3:ab:96:fb:98:e4:ba:
48:d9:43:19:19:e0:ae:a3:49:10:65:f5:18:d8:39:9a:0e:a7:
4f:0c:25:1f:cd:44:10:4d:ce:0d:f0:74:c1:44:83:5a:02:4d:
28:4c:f2:75:17:17:0b:1e:16:19:b4:be:a4:73:c0:af:71:91:
d3:a0:f7:52:7a:4b:b5:0c:5d:05:0a:8a:4b:6e:55:06:24:58:
b1:7b:04:fc:66:3a:d1:d0:92:bb:cd:90:f1:66:b6:1f:6b:2a:
6c:2e:17:24
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgIEOIhFszANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
Nzc3YjViMzZmNjZlMTNjNDM4OGM5OTM0ZGE1MDc4NTY1MTVkMDczMB4XDTIyMDEw
MTAxNTE0OFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYjVmNDA2MDI0ODJi
Y2M3ZGExNWZhOTUyMDU1YjhhNTlkMjg3ZGFlNjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALiuAM2z4RRorF7EkXWvcTI9DQPD38JBGZr+Z4ub8kewymmu
3nQiWFmeDMO7f+zGdYV3SMK3cfGpVEW/+Tr9tozI2i8M3SCN/km0CtNEtZ3P2CvY
1ZgQtFki5B5B++SvmLFxNgjp0k/IsdGiTVsyGlpDSEhs2X5fRM9xX/ZL1lzUBG0/
NtVp99LPQ6yCX2qOSlx6U7M7Lq13u63OusLfRjFIS5/VB2fIIBLuF2adxzDkGUPq
I0LKmwiCtTHSFG6xl1ztF7Ir8cudzZ0wcbYXmjCmR4CrRx+P8gmRv8rQGFzN8Nbl
9HBUyIJpuZR33cfAj+rBzjYdlckyTRfyNkK1p6MCAwEAAaOCAigwggIkMB0GA1Ud
DgQWBBS19AYCSCvMfaFfqVIFW4pZ0ofa5jAfBgNVHSMEGDAWgBSHd7Wzb2bhPEOI
yZNNpQeFZRXQczAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2gzZTFzMjltNFR4RGlNbVRUYVVIaFdVVjBITS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNjEvZjkyZTJhLWUxZTQtNDg3ZC05YWNjLWVkMWYzMGNjMWM1Ny8x
L3RmUUdBa2dyekgyaFg2bFNCVnVLV2RLSDJ1WS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNjEv
ZjkyZTJhLWUxZTQtNDg3ZC05YWNjLWVkMWYzMGNjMWM1Ny8xL2gzZTFzMjltNFR4
RGlNbVRUYVVIaFdVVjBITS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA+
BggrBgEFBQcBBwEB/wQvMC0wGgQCAAEwFAMEAAWViwMFBiUTDUADBQMlEw+AMA8E
AgACMAkDBwAqABUoqgAwDQYJKoZIhvcNAQELBQADggEBAEMr3e/Yf2Dg6NCsL4f+
9E1pkSzXeIe+kytOCaaKPwSlbExa97e0G8Y5KpGAw9r5PD2Ok6oAtyFmLcdcqVu8
bDFKluZtJVxgbjKg7bQ9/ffTtkNJf3l1t9PWC2fhntmUEwis3E4DVhFWxPNoxc5L
lecmaPPmb6GB0F3Dn2l3GND6YD0bpMuzTinzmLzOpoQQWCLR8lqUPCoRx2Jas6uW
+5jkukjZQxkZ4K6jSRBl9RjYOZoOp08MJR/NRBBNzg3wdMFEg1oCTShM8nUXFwse
Fhm0vqRzwK9xkdOg91J6S7UMXQUKiktuVQYkWLF7BPxmOtHQkrvNkPFmth9rKmwu
FyQ=
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:00:41 2023 by rpki-client on console-ams.rpki-client.org