Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/Tc2-jd3Nr37kSMm-mSTetrPQ2h4.roa
File: Tc2-jd3Nr37kSMm-mSTetrPQ2h4.roa (raw, json)
Hash identifier: jgUzCtkg1GUrHnUqj6oMOi/nSafVsN+7tKTuQGCg44U=
Subject key identifier: 4D:CD:BE:8D:DD:CD:AF:7E:E4:48:C9:BE:99:24:DE:B6:B3:D0:DA:1E
Certificate issuer: /CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Certificate serial: 01833D7E607197DA5293A98BF5077C26C978
Authority key identifier: 2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/Tc2-jd3Nr37kSMm-mSTetrPQ2h4.roa
Signing time: Wed 14 Sep 2022 19:33:55 +0000
ROA not before: Wed 14 Sep 2022 19:33:55 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 60808
IP address blocks: 188.253.96.0/19 maxlen: 24
2a05:ec80::/29 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:3d:7e:60:71:97:da:52:93:a9:8b:f5:07:7c:26:c9:78
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Validity
Not Before: Sep 14 19:33:55 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=4dcdbe8dddcdaf7ee448c9be9924deb6b3d0da1e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:7b:85:c9:c8:cd:d6:37:ab:cd:53:91:bb:f8:
ee:50:0f:a7:4f:6c:68:30:17:f7:51:de:a3:da:1b:
9a:92:dd:14:2b:64:2b:3e:37:27:2f:99:57:1b:2e:
9a:ed:f3:ee:b9:67:e4:4c:9c:27:85:74:79:c7:9d:
8a:a8:33:da:8c:18:fe:e4:0b:c4:ab:e0:58:ca:d7:
85:04:b6:52:83:f7:84:ff:f2:03:5a:3d:89:ca:cc:
23:5d:6f:cd:c5:62:ed:b7:64:01:a9:b7:a4:cb:4e:
6d:ea:2b:a3:ed:d9:9a:b2:56:ba:01:03:e8:fa:62:
82:23:0f:ec:75:8d:73:0b:68:5f:2d:40:ad:63:8c:
57:89:8e:10:12:11:53:69:c3:be:b8:95:c7:a6:f8:
aa:6a:9d:af:c4:ad:82:67:a8:a0:95:9b:e6:53:82:
24:da:e9:a7:73:37:53:20:65:7c:6a:ae:06:17:bc:
4c:40:e4:43:64:b8:2b:b3:ab:84:92:db:aa:8e:ed:
2e:1f:68:78:ed:d6:0f:e3:33:ea:13:67:56:bd:a8:
83:10:43:73:9e:b9:40:0f:10:5e:b0:1d:ed:5f:a3:
4c:a5:21:24:f7:2d:90:42:12:a1:71:df:c2:f4:91:
7e:ef:b7:bc:81:7b:70:8d:ed:59:65:72:b2:db:37:
18:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:CD:BE:8D:DD:CD:AF:7E:E4:48:C9:BE:99:24:DE:B6:B3:D0:DA:1E
X509v3 Authority Key Identifier:
keyid:2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/Tc2-jd3Nr37kSMm-mSTetrPQ2h4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/KsPaobFIUPLmHFkrIZGRWl5lpHg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.253.96.0/19
IPv6:
2a05:ec80::/29
Signature Algorithm: sha256WithRSAEncryption
63:d2:96:09:47:9c:8d:54:c2:a0:3f:91:ad:79:39:69:85:0f:
1d:4b:e4:06:82:ff:e4:ae:33:bc:86:d5:16:e3:7c:5a:98:56:
2c:c7:26:d8:84:e5:96:03:49:60:8e:fc:ee:22:56:69:bb:9d:
b5:d4:0f:31:b0:1d:34:76:36:80:e3:10:a5:10:17:1f:bc:65:
a7:8c:a4:0d:b5:37:99:9e:ed:06:c1:53:6d:ae:5a:6e:c5:1b:
99:02:11:b6:78:6d:30:7a:9c:a6:89:3c:56:42:a4:f3:58:5a:
5c:8b:ff:8f:d4:1f:80:6f:12:14:0c:89:d6:86:e2:b8:3e:33:
8b:22:81:58:e6:b3:61:0e:76:a4:4b:a2:db:3b:bb:9d:59:eb:
35:88:87:1a:f7:23:71:49:01:d2:43:57:49:b5:6a:5b:75:b5:
f8:65:10:c0:17:4f:f8:c8:01:41:a5:fe:de:13:16:96:f0:e8:
cd:6c:5e:53:67:bf:a8:ad:72:90:6f:20:29:50:32:c8:89:12:
67:83:20:0c:d8:1f:70:70:76:a6:c6:9c:4a:e3:1c:41:dc:b1:
f6:21:82:bb:1f:e8:65:bb:b6:71:a4:50:6a:16:f6:57:b4:a5:
99:2e:c5:55:83:b0:bf:97:62:1f:1d:5f:42:6b:5a:ba:65:ce:
75:13:41:6f
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYM9fmBxl9pSk6mL9Qd8Jsl4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhYzNkYWExYjE0ODUwZjJlNjFjNTkyYjIxOTE5MTVhNWU2
NWE0NzgwHhcNMjIwOTE0MTkzMzU1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZGNkYmU4ZGRkY2RhZjdlZTQ0OGM5YmU5OTI0ZGViNmIzZDBkYTFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjnuFycjN1jerzVORu/juUA+nT2xo
MBf3Ud6j2huakt0UK2QrPjcnL5lXGy6a7fPuuWfkTJwnhXR5x52KqDPajBj+5AvE
q+BYyteFBLZSg/eE//IDWj2JyswjXW/NxWLtt2QBqbeky05t6iuj7dmasla6AQPo
+mKCIw/sdY1zC2hfLUCtY4xXiY4QEhFTacO+uJXHpviqap2vxK2CZ6iglZvmU4Ik
2umnczdTIGV8aq4GF7xMQORDZLgrs6uEktuqju0uH2h47dYP4zPqE2dWvaiDEENz
nrlADxBesB3tX6NMpSEk9y2QQhKhcd/C9JF+77e8gXtwje1ZZXKy2zcY8wIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFE3Nvo3dza9+5EjJvpkk3raz0NoeMB8GA1UdIwQY
MBaAFCrD2qGxSFDy5hxZKyGRkVpeZaR4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS3NQYW9iRklVUExtSEZrcklaR1JXbDVscEhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC80MDViYmQtNTkxMy00ZTk1LThlNzUt
ZmUwNjU5MTc2YTU2LzEvVGMyLWpkM05yMzdrU01tLW1TVGV0clBRMmg0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC80MDViYmQtNTkxMy00ZTk1LThlNzUtZmUwNjU5MTc2YTU2
LzEvS3NQYW9iRklVUExtSEZrcklaR1JXbDVscEhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQFvP1gMA0E
AgACMAcDBQMqBeyAMA0GCSqGSIb3DQEBCwUAA4IBAQBj0pYJR5yNVMKgP5GteTlp
hQ8dS+QGgv/krjO8htUW43xamFYsxybYhOWWA0lgjvzuIlZpu5211A8xsB00djaA
4xClEBcfvGWnjKQNtTeZnu0GwVNtrlpuxRuZAhG2eG0wepymiTxWQqTzWFpci/+P
1B+AbxIUDInWhuK4PjOLIoFY5rNhDnakS6LbO7udWes1iIca9yNxSQHSQ1dJtWpb
dbX4ZRDAF0/4yAFBpf7eExaW8OjNbF5TZ7+orXKQbyApUDLIiRJngyAM2B9wcHam
xpxK4xxB3LH2IYK7H+hlu7ZxpFBqFvZXtKWZLsVVg7C/l2IfHV9Ca1q6Zc51E0Fv
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:57:45 2023 by rpki-client on console-fra.rpki-client.org