Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/74e15f-f487-4559-bfdd-0fc58e58cac9/1/TkTtXMdChaJGMC-RsmTf-IOfYOY.roa
File: TkTtXMdChaJGMC-RsmTf-IOfYOY.roa (raw, json)
Hash identifier: dSAiuSbA+JFEkr7BwKsqrog0R/3nC+ghtpxI+z/SBh4=
Subject key identifier: 4E:44:ED:5C:C7:42:85:A2:46:30:2F:91:B2:64:DF:F8:83:9F:60:E6
Certificate issuer: /CN=765ea3400a3748c3b6c61268d492f8bf0a908239
Certificate serial: 027FAB79
Authority key identifier: 76:5E:A3:40:0A:37:48:C3:B6:C6:12:68:D4:92:F8:BF:0A:90:82:39
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dl6jQAo3SMO2xhJo1JL4vwqQgjk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/74e15f-f487-4559-bfdd-0fc58e58cac9/1/TkTtXMdChaJGMC-RsmTf-IOfYOY.roa
Signing time: Sat 01 Jan 2022 16:10:40 +0000
ROA not before: Sat 01 Jan 2022 16:10:40 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 207254
IP address blocks: 185.154.221.0/24 maxlen: 24
185.154.223.0/24 maxlen: 24
185.154.220.0/24 maxlen: 24
185.154.222.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 41921401 (0x27fab79)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=765ea3400a3748c3b6c61268d492f8bf0a908239
Validity
Not Before: Jan 1 16:10:40 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=4e44ed5cc74285a246302f91b264dff8839f60e6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:a6:98:c1:91:14:92:85:a2:95:89:33:13:72:
65:78:91:b7:bd:d6:e8:85:54:ad:88:29:82:74:dd:
f4:21:95:5a:7c:4c:7c:bb:0d:7d:d4:a4:7a:7a:a1:
ae:11:3e:f7:1a:89:d3:6e:85:76:f1:96:e6:4e:2c:
46:37:27:b9:e3:d8:b5:2a:5a:40:20:a4:3e:eb:76:
d5:8f:f2:09:28:44:83:e8:1a:da:0e:7a:1d:76:b8:
08:db:92:88:4c:cf:50:63:73:c5:c6:c6:0c:7f:bf:
00:12:d4:8d:15:f4:2f:06:60:40:05:eb:87:63:bf:
75:c9:5c:c1:26:ea:ca:f3:13:2c:ce:ac:90:98:45:
00:06:db:37:4f:30:2e:85:5d:57:dc:9b:8e:db:b8:
b9:ea:34:25:26:f5:28:5b:86:f9:0b:e1:a1:bb:79:
eb:98:e7:39:e5:d1:7a:ab:77:6c:64:64:00:d5:32:
82:1d:0b:75:49:51:6c:9c:c7:b7:d4:b9:e1:71:3d:
5c:7c:39:29:b3:ea:45:9c:d3:49:a8:e9:dd:95:d0:
bc:0a:43:aa:ed:b5:27:f2:a2:0f:c9:16:e9:77:bb:
37:e1:29:b4:b1:71:74:6c:a7:1a:47:3c:38:97:30:
7a:f3:a6:1f:34:d3:0a:34:07:7b:91:5c:83:39:c4:
85:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:44:ED:5C:C7:42:85:A2:46:30:2F:91:B2:64:DF:F8:83:9F:60:E6
X509v3 Authority Key Identifier:
keyid:76:5E:A3:40:0A:37:48:C3:B6:C6:12:68:D4:92:F8:BF:0A:90:82:39
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dl6jQAo3SMO2xhJo1JL4vwqQgjk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/74e15f-f487-4559-bfdd-0fc58e58cac9/1/TkTtXMdChaJGMC-RsmTf-IOfYOY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/74e15f-f487-4559-bfdd-0fc58e58cac9/1/dl6jQAo3SMO2xhJo1JL4vwqQgjk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.154.220.0/22
Signature Algorithm: sha256WithRSAEncryption
81:72:ad:b1:61:1a:95:e6:f5:7a:4f:5f:65:93:e7:d4:74:14:
2a:9f:24:c9:a8:3f:46:bc:e5:30:ae:2a:63:3e:05:73:c7:c6:
5f:bf:50:8b:c6:ad:0d:61:85:fb:9e:9e:e0:62:0c:b2:b1:70:
32:5b:ea:39:9d:a5:2a:33:e7:98:58:65:32:06:04:26:65:69:
a7:11:01:8a:0c:97:96:65:4f:41:f3:88:a3:23:10:ac:c3:57:
b9:60:d1:87:0f:57:be:7c:3e:7c:5a:21:f2:19:06:71:73:80:
1a:d4:85:93:63:5c:cd:24:4d:68:fe:b1:03:4d:43:7b:4d:36:
e3:a9:e8:1d:5d:fd:09:82:83:71:62:5d:01:70:48:91:75:b3:
0e:f9:5a:a4:12:71:da:38:e2:54:9e:86:e6:80:cb:af:19:ac:
d7:39:88:fd:32:3f:2f:33:2f:b5:33:3e:1c:67:b2:73:79:20:
09:dd:cf:03:d1:05:bf:1a:41:d6:ac:60:0a:dc:fb:6f:b5:22:
c9:7d:18:11:87:70:70:51:e1:16:c2:79:87:cd:df:62:24:ee:
3a:5f:70:de:6d:1e:3d:cf:2c:a1:5f:b2:94:c4:e5:de:2d:9c:
56:da:f6:35:60:7c:0b:06:51:77:28:72:1c:d0:47:d6:05:f8:
f3:e5:1a:93
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAn+reTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
NjVlYTM0MDBhMzc0OGMzYjZjNjEyNjhkNDkyZjhiZjBhOTA4MjM5MB4XDTIyMDEw
MTE2MTA0MFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNGU0NGVkNWNjNzQy
ODVhMjQ2MzAyZjkxYjI2NGRmZjg4MzlmNjBlNjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAL2mmMGRFJKFopWJMxNyZXiRt73W6IVUrYgpgnTd9CGVWnxM
fLsNfdSkenqhrhE+9xqJ026FdvGW5k4sRjcnuePYtSpaQCCkPut21Y/yCShEg+ga
2g56HXa4CNuSiEzPUGNzxcbGDH+/ABLUjRX0LwZgQAXrh2O/dclcwSbqyvMTLM6s
kJhFAAbbN08wLoVdV9ybjtu4ueo0JSb1KFuG+Qvhobt565jnOeXReqt3bGRkANUy
gh0LdUlRbJzHt9S54XE9XHw5KbPqRZzTSajp3ZXQvApDqu21J/KiD8kW6Xe7N+Ep
tLFxdGynGkc8OJcwevOmHzTTCjQHe5FcgznEhSECAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRORO1cx0KFokYwL5GyZN/4g59g5jAfBgNVHSMEGDAWgBR2XqNACjdIw7bG
EmjUkvi/CpCCOTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2RsNmpRQW8zU01PMnhoSm8xSkw0dndxUWdqay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNjUvNzRlMTVmLWY0ODctNDU1OS1iZmRkLTBmYzU4ZTU4Y2FjOS8x
L1RrVHRYTWRDaGFKR01DLVJzbVRmLUlPZllPWS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNjUv
NzRlMTVmLWY0ODctNDU1OS1iZmRkLTBmYzU4ZTU4Y2FjOS8xL2RsNmpRQW8zU01P
MnhoSm8xSkw0dndxUWdqay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEArma3DANBgkqhkiG9w0BAQsFAAOC
AQEAgXKtsWEaleb1ek9fZZPn1HQUKp8kyag/RrzlMK4qYz4Fc8fGX79Qi8atDWGF
+56e4GIMsrFwMlvqOZ2lKjPnmFhlMgYEJmVppxEBigyXlmVPQfOIoyMQrMNXuWDR
hw9Xvnw+fFoh8hkGcXOAGtSFk2NczSRNaP6xA01De00246noHV39CYKDcWJdAXBI
kXWzDvlapBJx2jjiVJ6G5oDLrxms1zmI/TI/LzMvtTM+HGeyc3kgCd3PA9EFvxpB
1qxgCtz7b7UiyX0YEYdwcFHhFsJ5h83fYiTuOl9w3m0ePc8soV+ylMTl3i2cVtr2
NWB8CwZRdyhyHNBH1gX48+Uakw==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:00:52 2023 by rpki-client on console-ams.rpki-client.org