Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/72/850961-dcfc-456c-bba6-2698f0601bb9/1/TiGHNWx7JUouHQD3RL0JG9KKXTI.roa
File: TiGHNWx7JUouHQD3RL0JG9KKXTI.roa (raw, json)
Hash identifier: CFcbZ+fXVcfHkCbUIx4D2lMxmJgqNymqdL2PxaN1KQw=
Subject key identifier: 4E:21:87:35:6C:7B:25:4A:2E:1D:00:F7:44:BD:09:1B:D2:8A:5D:32
Certificate issuer: /CN=d617ad35ef270efb14271357f3a675e87566bf3a
Certificate serial: 01830F9E49653682A1D04D243E575D5143B5
Authority key identifier: D6:17:AD:35:EF:27:0E:FB:14:27:13:57:F3:A6:75:E8:75:66:BF:3A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1hetNe8nDvsUJxNX86Z16HVmvzo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/72/850961-dcfc-456c-bba6-2698f0601bb9/1/TiGHNWx7JUouHQD3RL0JG9KKXTI.roa
Signing time: Mon 05 Sep 2022 21:46:15 +0000
ROA not before: Mon 05 Sep 2022 21:46:15 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 202909
IP address blocks: 185.227.88.0/22 maxlen: 24
185.209.204.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:0f:9e:49:65:36:82:a1:d0:4d:24:3e:57:5d:51:43:b5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d617ad35ef270efb14271357f3a675e87566bf3a
Validity
Not Before: Sep 5 21:46:15 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=4e2187356c7b254a2e1d00f744bd091bd28a5d32
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:05:cc:1d:a1:d5:48:f8:49:4b:0b:2f:dd:a9:
3b:f3:f2:dc:f7:44:bf:e6:f3:ac:b3:cf:75:f1:a3:
90:8e:a2:14:e1:e9:15:5a:d4:49:0f:9c:23:e9:17:
31:40:26:38:51:bb:24:14:b0:8b:dc:e3:c7:00:6b:
74:d9:45:da:cd:60:54:02:b8:05:09:5b:ef:a0:9f:
92:46:b3:48:a8:2b:51:62:08:19:dc:b7:1a:7c:4f:
30:da:05:ac:ce:07:8f:26:7e:83:28:64:0d:6b:04:
4f:5d:46:5e:bc:e9:bf:d7:83:32:01:2e:ff:0b:23:
d5:a1:a4:a4:8c:2d:92:64:35:08:da:6d:98:d7:e5:
32:58:24:66:ad:4d:ba:17:af:14:e4:4b:31:7c:79:
28:80:07:fd:b4:64:57:b3:fe:a4:44:6c:bd:6b:87:
55:1b:48:61:53:06:43:4c:10:88:0a:67:38:14:75:
19:7d:18:2e:65:ae:69:42:61:f1:18:1e:c0:fa:7b:
0b:b0:53:01:b8:41:c0:5c:50:5a:21:20:4b:ef:da:
c9:cf:fe:9b:e1:84:51:2f:e7:72:2e:72:eb:eb:43:
0d:1a:36:16:dd:0e:d3:e9:a7:22:30:62:98:fe:e7:
8b:e5:1f:16:f5:30:89:e0:8f:e1:c8:4f:5b:c6:77:
78:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:21:87:35:6C:7B:25:4A:2E:1D:00:F7:44:BD:09:1B:D2:8A:5D:32
X509v3 Authority Key Identifier:
keyid:D6:17:AD:35:EF:27:0E:FB:14:27:13:57:F3:A6:75:E8:75:66:BF:3A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1hetNe8nDvsUJxNX86Z16HVmvzo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/72/850961-dcfc-456c-bba6-2698f0601bb9/1/TiGHNWx7JUouHQD3RL0JG9KKXTI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/72/850961-dcfc-456c-bba6-2698f0601bb9/1/1hetNe8nDvsUJxNX86Z16HVmvzo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.209.204.0/22
185.227.88.0/22
Signature Algorithm: sha256WithRSAEncryption
11:23:79:07:eb:24:0c:c7:2f:ab:02:82:01:31:17:50:e1:b0:
bb:91:bc:f3:6c:fc:91:86:22:7c:1f:d9:4f:88:3e:81:20:bc:
12:0e:9d:85:ed:7e:ec:79:ea:08:0b:94:87:94:b3:44:b4:1f:
46:e9:fb:c2:b8:f7:7f:27:7f:97:a5:3b:03:6a:d4:77:14:c5:
3b:bb:1f:d9:16:b5:b5:32:28:2d:90:0b:ea:ab:c3:f3:1e:ce:
94:12:d2:41:de:9f:23:74:dd:0d:d7:ae:b0:40:3a:be:46:ca:
d2:4b:4f:97:e2:06:d2:fb:cc:8c:8b:f2:39:3f:21:87:01:f3:
73:a9:cd:cd:db:f3:58:3d:ba:ff:d3:ae:24:dc:9c:3f:47:98:
66:80:a4:50:24:4b:ff:13:5e:0f:e0:33:39:63:93:4c:6f:fc:
54:f9:39:5b:09:6e:e9:37:e4:5c:5c:b3:3f:73:19:1b:53:47:
6d:12:d6:4a:57:07:9b:e6:49:dd:3b:15:d3:ae:cf:96:dc:5e:
c3:04:99:9b:a3:49:ad:e5:7f:2f:f3:e6:f0:33:cb:de:77:a4:
74:35:f1:4b:85:de:60:a5:3f:c1:95:9f:51:1b:22:6b:ce:67:
15:01:59:f4:62:60:4e:8d:ac:9d:f0:8d:0b:ec:f8:58:81:83:
8f:94:c7:15
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYMPnkllNoKh0E0kPlddUUO1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ2MTdhZDM1ZWYyNzBlZmIxNDI3MTM1N2YzYTY3NWU4NzU2
NmJmM2EwHhcNMjIwOTA1MjE0NjE1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZTIxODczNTZjN2IyNTRhMmUxZDAwZjc0NGJkMDkxYmQyOGE1ZDMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxQXMHaHVSPhJSwsv3ak78/Lc90S/
5vOss8918aOQjqIU4ekVWtRJD5wj6RcxQCY4UbskFLCL3OPHAGt02UXazWBUArgF
CVvvoJ+SRrNIqCtRYggZ3LcafE8w2gWszgePJn6DKGQNawRPXUZevOm/14MyAS7/
CyPVoaSkjC2SZDUI2m2Y1+UyWCRmrU26F68U5EsxfHkogAf9tGRXs/6kRGy9a4dV
G0hhUwZDTBCICmc4FHUZfRguZa5pQmHxGB7A+nsLsFMBuEHAXFBaISBL79rJz/6b
4YRRL+dyLnLr60MNGjYW3Q7T6aciMGKY/ueL5R8W9TCJ4I/hyE9bxnd4vwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFE4hhzVseyVKLh0A90S9CRvSil0yMB8GA1UdIwQY
MBaAFNYXrTXvJw77FCcTV/Omdeh1Zr86MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMWhldE5lOG5EdnNVSnhOWDg2WjE2SFZtdnpvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Mi84NTA5NjEtZGNmYy00NTZjLWJiYTYt
MjY5OGYwNjAxYmI5LzEvVGlHSE5XeDdKVW91SFFEM1JMMEpHOUtLWFRJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Mi84NTA5NjEtZGNmYy00NTZjLWJiYTYtMjY5OGYwNjAxYmI5
LzEvMWhldE5lOG5EdnNVSnhOWDg2WjE2SFZtdnpvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCudHMAwQC
ueNYMA0GCSqGSIb3DQEBCwUAA4IBAQARI3kH6yQMxy+rAoIBMRdQ4bC7kbzzbPyR
hiJ8H9lPiD6BILwSDp2F7X7seeoIC5SHlLNEtB9G6fvCuPd/J3+XpTsDatR3FMU7
ux/ZFrW1MigtkAvqq8PzHs6UEtJB3p8jdN0N166wQDq+RsrSS0+X4gbS+8yMi/I5
PyGHAfNzqc3N2/NYPbr/064k3Jw/R5hmgKRQJEv/E14P4DM5Y5NMb/xU+TlbCW7p
N+RcXLM/cxkbU0dtEtZKVweb5kndOxXTrs+W3F7DBJmbo0mt5X8v8+bwM8ved6R0
NfFLhd5gpT/BlZ9RGyJrzmcVAVn0YmBOjayd8I0L7PhYgYOPlMcV
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:57:53 2023 by rpki-client on console-fra.rpki-client.org