Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/74/97b0bc-f4f8-4f90-8554-1e279f7b6023/1/TsmoGO6R9FupXx5Nlm0HniXQ9QI.roa
File: TsmoGO6R9FupXx5Nlm0HniXQ9QI.roa (raw, json)
Hash identifier: vfIQ9EgmSgSuxA7e2Qp4p627bKUm3u+aMGUPcmPQEd8=
Subject key identifier: 4E:C9:A8:18:EE:91:F4:5B:A9:5F:1E:4D:96:6D:07:9E:25:D0:F5:02
Certificate issuer: /CN=e5503498ff185d0c607353f43f55e911f62a6802
Certificate serial: 34F238FE
Authority key identifier: E5:50:34:98:FF:18:5D:0C:60:73:53:F4:3F:55:E9:11:F6:2A:68:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5VA0mP8YXQxgc1P0P1XpEfYqaAI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/74/97b0bc-f4f8-4f90-8554-1e279f7b6023/1/TsmoGO6R9FupXx5Nlm0HniXQ9QI.roa
Signing time: Sat 01 Jan 2022 07:02:16 +0000
ROA not before: Sat 01 Jan 2022 07:02:16 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 15943
IP address blocks: 149.233.128.0/17 maxlen: 24
84.242.16.0/20 maxlen: 24
185.82.16.0/22 maxlen: 24
213.21.32.0/20 maxlen: 24
149.249.16.0/20 maxlen: 24
185.29.240.0/22 maxlen: 24
216.83.208.0/20 maxlen: 24
192.119.48.0/20 maxlen: 24
192.196.192.0/20 maxlen: 24
185.232.32.0/22 maxlen: 24
185.220.216.0/22 maxlen: 24
95.163.160.0/20 maxlen: 24
185.23.224.0/22 maxlen: 24
185.215.236.0/22 maxlen: 24
81.25.160.0/20 maxlen: 24
149.224.0.0/17 maxlen: 24
46.22.0.0/20 maxlen: 24
95.81.0.0/19 maxlen: 24
149.249.248.0/22 maxlen: 24
193.218.16.0/20 maxlen: 24
213.209.64.0/18 maxlen: 24
195.123.96.0/20 maxlen: 24
134.101.128.0/17 maxlen: 24
188.136.224.0/19 maxlen: 24
149.224.128.0/17 maxlen: 24
31.29.32.0/19 maxlen: 24
84.46.0.0/17 maxlen: 24
46.59.128.0/17 maxlen: 24
31.172.104.0/21 maxlen: 24
2a04:4540::/29 maxlen: 29
2a02:2028::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 888289534 (0x34f238fe)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e5503498ff185d0c607353f43f55e911f62a6802
Validity
Not Before: Jan 1 07:02:16 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=4ec9a818ee91f45ba95f1e4d966d079e25d0f502
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:0d:91:bf:d8:cd:f2:08:9f:32:cc:d9:d3:03:
1b:23:1e:80:61:7f:c9:2c:45:76:21:c0:f5:84:59:
89:00:fe:38:24:1c:31:e2:62:1b:fe:51:e2:2d:00:
f7:b6:4c:e2:c1:99:4c:04:69:e7:9a:f6:33:3b:85:
47:0e:b8:41:19:ae:72:72:18:7c:1a:a6:7a:c6:27:
ec:7b:9c:9f:37:a1:4c:73:a8:aa:e9:a9:ab:43:e7:
2f:f5:f6:db:f9:81:7f:c4:02:e3:0b:42:5a:37:32:
c1:00:f1:fb:3b:94:cf:25:0c:83:85:8b:9c:4f:4b:
fe:cc:ff:18:63:97:dc:f5:ba:9b:af:e6:6e:a1:11:
98:8b:59:7f:ad:ab:c7:aa:f4:35:26:eb:c5:b4:0b:
a4:2d:a6:30:85:8e:53:b1:be:fe:16:96:9c:36:a9:
99:d8:2e:1e:9a:98:32:fa:2a:f0:88:f2:22:5e:72:
19:a9:94:a6:fe:00:6f:fe:b8:32:b4:87:98:da:ba:
93:b1:68:3c:b0:c8:fa:00:e0:05:74:c7:6d:cf:2d:
c5:3c:7b:e4:84:4e:df:32:24:fb:17:8d:f7:ca:80:
6d:02:02:af:2c:bb:c5:01:3e:58:24:b9:e5:cc:82:
78:84:0e:75:9c:69:f1:d7:65:25:0a:08:9c:56:24:
38:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:C9:A8:18:EE:91:F4:5B:A9:5F:1E:4D:96:6D:07:9E:25:D0:F5:02
X509v3 Authority Key Identifier:
keyid:E5:50:34:98:FF:18:5D:0C:60:73:53:F4:3F:55:E9:11:F6:2A:68:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5VA0mP8YXQxgc1P0P1XpEfYqaAI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/74/97b0bc-f4f8-4f90-8554-1e279f7b6023/1/TsmoGO6R9FupXx5Nlm0HniXQ9QI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/74/97b0bc-f4f8-4f90-8554-1e279f7b6023/1/5VA0mP8YXQxgc1P0P1XpEfYqaAI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.29.32.0/19
31.172.104.0/21
46.22.0.0/20
46.59.128.0/17
81.25.160.0/20
84.46.0.0/17
84.242.16.0/20
95.81.0.0/19
95.163.160.0/20
134.101.128.0/17
149.224.0.0/16
149.233.128.0/17
149.249.16.0/20
149.249.248.0/22
185.23.224.0/22
185.29.240.0/22
185.82.16.0/22
185.215.236.0/22
185.220.216.0/22
185.232.32.0/22
188.136.224.0/19
192.119.48.0/20
192.196.192.0/20
193.218.16.0/20
195.123.96.0/20
213.21.32.0/20
213.209.64.0/18
216.83.208.0/20
IPv6:
2a02:2028::/32
2a04:4540::/29
Signature Algorithm: sha256WithRSAEncryption
63:bd:c9:5c:43:03:0e:b6:f7:63:a4:f4:11:1a:91:9e:61:24:
cc:a5:da:6c:ad:3c:c5:d7:c2:72:56:03:16:1c:56:ca:6a:8c:
e5:ee:7a:7b:6f:2d:dd:57:15:53:3f:d9:24:d2:c4:c1:1d:47:
36:ef:fe:29:b2:9f:83:e9:70:0d:8b:0b:8a:9d:df:1a:65:f6:
5c:34:b0:d3:db:b8:c8:34:43:eb:f3:6b:df:ac:8d:16:a1:80:
0a:ff:2b:b9:51:d2:5e:21:be:cb:66:11:56:e8:5a:5d:38:7a:
55:50:38:77:58:0a:ad:05:c8:a5:7e:90:17:2d:bd:db:37:12:
9b:51:a1:e4:fe:ae:a3:45:5b:28:64:a7:2c:4d:6d:ee:63:da:
24:e9:7c:c9:e9:27:6d:c8:80:76:c6:81:ec:26:53:b0:67:7f:
23:cc:eb:d4:4c:e8:16:48:00:db:80:9e:04:4e:0a:2b:23:f2:
ca:4f:4f:23:93:29:48:98:b6:d9:d8:6d:75:ed:7b:78:76:d9:
2f:a0:bf:ad:49:55:1e:6c:bd:23:f8:ad:65:46:45:aa:65:ab:
09:ba:e8:5c:60:b8:23:e0:c4:6e:c6:7c:c8:ff:be:4c:cd:82:
d3:53:bb:58:83:e4:3b:aa:e4:7a:30:9e:b8:46:e2:95:dd:de:
4f:99:09:c2
-----BEGIN CERTIFICATE-----
MIIFqzCCBJOgAwIBAgIENPI4/jANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhl
NTUwMzQ5OGZmMTg1ZDBjNjA3MzUzZjQzZjU1ZTkxMWY2MmE2ODAyMB4XDTIyMDEw
MTA3MDIxNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNGVjOWE4MThlZTkx
ZjQ1YmE5NWYxZTRkOTY2ZDA3OWUyNWQwZjUwMjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJMNkb/YzfIInzLM2dMDGyMegGF/ySxFdiHA9YRZiQD+OCQc
MeJiG/5R4i0A97ZM4sGZTARp55r2MzuFRw64QRmucnIYfBqmesYn7HucnzehTHOo
qumpq0PnL/X22/mBf8QC4wtCWjcywQDx+zuUzyUMg4WLnE9L/sz/GGOX3PW6m6/m
bqERmItZf62rx6r0NSbrxbQLpC2mMIWOU7G+/haWnDapmdguHpqYMvoq8IjyIl5y
GamUpv4Ab/64MrSHmNq6k7FoPLDI+gDgBXTHbc8txTx75IRO3zIk+xeN98qAbQIC
ryy7xQE+WCS55cyCeIQOdZxp8ddlJQoInFYkOGUCAwEAAaOCAsUwggLBMB0GA1Ud
DgQWBBROyagY7pH0W6lfHk2WbQeeJdD1AjAfBgNVHSMEGDAWgBTlUDSY/xhdDGBz
U/Q/VekR9ipoAjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzVWQTBtUDhZWFF4Z2MxUDBQMVhwRWZZcWFBSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNzQvOTdiMGJjLWY0ZjgtNGY5MC04NTU0LTFlMjc5ZjdiNjAyMy8x
L1RzbW9HTzZSOUZ1cFh4NU5sbTBIbmlYUTlRSS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzQv
OTdiMGJjLWY0ZjgtNGY5MC04NTU0LTFlMjc5ZjdiNjAyMy8xLzVWQTBtUDhZWFF4
Z2MxUDBQMVhwRWZZcWFBSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCB
2gYIKwYBBQUHAQcBAf8Egcowgccwga4EAgABMIGnAwQFHx0gAwQDH6xoAwQELhYA
AwQHLjuAAwQEURmgAwQHVC4AAwQEVPIQAwQFX1EAAwQEX6OgAwQHhmWAAwMAleAD
BAeV6YADBASV+RADBAKV+fgDBAK5F+ADBAK5HfADBAK5UhADBAK51+wDBAK53NgD
BAK56CADBAW8iOADBATAdzADBATAxMADBATB2hADBATDe2ADBATVFSADBAbV0UAD
BATYU9AwFAQCAAIwDgMFACoCICgDBQMqBEVAMA0GCSqGSIb3DQEBCwUAA4IBAQBj
vclcQwMOtvdjpPQRGpGeYSTMpdpsrTzF18JyVgMWHFbKaozl7np7by3dVxVTP9kk
0sTBHUc27/4psp+D6XANiwuKnd8aZfZcNLDT27jINEPr82vfrI0WoYAK/yu5UdJe
Ib7LZhFW6FpdOHpVUDh3WAqtBcilfpAXLb3bNxKbUaHk/q6jRVsoZKcsTW3uY9ok
6XzJ6SdtyIB2xoHsJlOwZ38jzOvUTOgWSADbgJ4ETgorI/LKT08jkylImLbZ2G11
7Xt4dtkvoL+tSVUebL0j+K1lRkWqZasJuuhcYLgj4MRuxnzI/75MzYLTU7tYg+Q7
quR6MJ64RuKV3d5PmQnC
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:01:37 2023 by rpki-client on console-ams.rpki-client.org