Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/tkPjgy5TAMUuBhBeSygs-M4cq-I.roa
File: tkPjgy5TAMUuBhBeSygs-M4cq-I.roa (raw, json)
Hash identifier: ESHahqpICoJOcQu+j3f9ILMon7ZVJAJxoe16sEZYnDs=
Subject key identifier: B6:43:E3:83:2E:53:00:C5:2E:06:10:5E:4B:28:2C:F8:CE:1C:AB:E2
Certificate issuer: /CN=9aee15c33de358938d6900a1b3c14480a389e85b
Certificate serial: 0181F61B8E68F262ABBEF08DF210734D3812
Authority key identifier: 9A:EE:15:C3:3D:E3:58:93:8D:69:00:A1:B3:C1:44:80:A3:89:E8:5B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mu4Vwz3jWJONaQChs8FEgKOJ6Fs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/tkPjgy5TAMUuBhBeSygs-M4cq-I.roa
Signing time: Wed 13 Jul 2022 05:50:09 +0000
ROA not before: Wed 13 Jul 2022 05:50:09 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 7018
IP address blocks: 89.19.56.0/22 maxlen: 24
185.113.138.0/23 maxlen: 24
185.175.224.0/23 maxlen: 24
185.68.244.0/23 maxlen: 24
213.170.223.0/24 maxlen: 24
185.100.159.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:81:f6:1b:8e:68:f2:62:ab:be:f0:8d:f2:10:73:4d:38:12
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9aee15c33de358938d6900a1b3c14480a389e85b
Validity
Not Before: Jul 13 05:50:09 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=b643e3832e5300c52e06105e4b282cf8ce1cabe2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:6c:96:d6:dc:b3:5c:79:7d:10:b6:3c:98:00:
9c:1f:27:5c:8e:69:b8:a7:cc:ac:96:56:1b:77:27:
10:e8:bc:34:e2:3d:47:f7:77:f5:2a:e0:44:3f:72:
12:7f:78:97:9a:6e:38:b7:be:43:d4:8f:e8:69:d3:
1c:ee:0b:8d:87:fc:ad:10:f6:91:35:6c:f4:e5:28:
6f:f6:37:f3:22:38:13:d7:5d:8e:ee:54:e5:c1:63:
42:31:56:3a:7f:0e:3f:15:b9:3b:c3:7b:1e:77:6e:
0c:9b:aa:b0:d1:a0:a7:90:cc:84:cf:1c:1a:ba:5f:
16:2b:ac:f4:ae:81:3b:78:a0:80:06:61:2a:88:05:
6b:78:4a:91:e1:14:43:2e:c4:00:cf:42:73:e1:46:
90:f3:6f:bd:b3:ea:3c:a4:b0:50:42:d0:3a:1b:c9:
e8:8f:ce:a7:09:1b:32:23:c2:19:d8:a5:02:00:05:
68:da:7b:54:15:09:64:5e:02:d1:6c:a9:59:fd:6d:
ef:56:e9:28:a0:7c:bd:ee:6f:78:6f:29:b9:43:f2:
55:d9:17:b2:6b:0e:43:a1:09:49:4e:f1:a9:66:86:
c0:77:9c:1e:b4:68:93:40:11:79:3c:63:9f:5f:ce:
c9:33:ff:87:07:02:37:9e:08:23:92:3f:8e:c7:d8:
f0:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:43:E3:83:2E:53:00:C5:2E:06:10:5E:4B:28:2C:F8:CE:1C:AB:E2
X509v3 Authority Key Identifier:
keyid:9A:EE:15:C3:3D:E3:58:93:8D:69:00:A1:B3:C1:44:80:A3:89:E8:5B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mu4Vwz3jWJONaQChs8FEgKOJ6Fs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/tkPjgy5TAMUuBhBeSygs-M4cq-I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/mu4Vwz3jWJONaQChs8FEgKOJ6Fs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.19.56.0/22
185.68.244.0/23
185.100.159.0/24
185.113.138.0/23
185.175.224.0/23
213.170.223.0/24
Signature Algorithm: sha256WithRSAEncryption
31:dd:3b:bd:3e:da:ea:6a:77:ce:63:b5:f8:c3:f1:9d:71:a0:
2b:a2:5a:9a:75:5f:f8:4b:7f:87:52:c4:91:51:f0:d0:38:db:
ce:10:41:61:a3:7f:bc:4c:ee:1b:f1:1f:1a:1f:c1:fe:81:1d:
60:31:53:17:f4:bb:b2:63:51:df:e4:45:1d:21:e4:c0:5d:cf:
0c:07:75:47:ec:08:c0:86:5a:ae:f8:0a:d7:79:9e:40:91:25:
48:dd:2f:eb:c7:37:c8:35:aa:7d:aa:6f:45:fa:3e:9c:99:2e:
f0:a6:f9:31:0a:33:f9:fb:fb:2e:2f:2b:75:48:c1:52:e7:15:
68:67:01:d0:15:0c:40:c6:17:df:cc:96:9b:2d:b6:3e:d1:6a:
58:f3:b5:ca:30:26:e8:fc:99:2d:20:29:eb:07:8f:ed:2f:6e:
1a:d8:92:70:1f:2b:d9:b7:4a:d6:06:0a:c4:81:fc:d6:01:08:
30:08:f3:62:e9:9e:31:91:c0:f5:36:59:d9:23:0d:11:10:a1:
7d:82:d2:93:ea:28:43:f7:01:24:30:c5:49:50:72:40:55:af:
8d:56:11:b0:61:a0:7c:02:a0:83:ee:6b:fb:9c:51:01:3f:64:
32:e1:70:47:08:ab:cc:45:69:4b:1f:45:33:5b:d7:15:38:46:
22:0c:75:90
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYH2G45o8mKrvvCN8hBzTTgSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlhZWUxNWMzM2RlMzU4OTM4ZDY5MDBhMWIzYzE0NDgwYTM4
OWU4NWIwHhcNMjIwNzEzMDU1MDA5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNjQzZTM4MzJlNTMwMGM1MmUwNjEwNWU0YjI4MmNmOGNlMWNhYmUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlWyW1tyzXHl9ELY8mACcHydcjmm4
p8ysllYbdycQ6Lw04j1H93f1KuBEP3ISf3iXmm44t75D1I/oadMc7guNh/ytEPaR
NWz05Shv9jfzIjgT112O7lTlwWNCMVY6fw4/Fbk7w3sed24Mm6qw0aCnkMyEzxwa
ul8WK6z0roE7eKCABmEqiAVreEqR4RRDLsQAz0Jz4UaQ82+9s+o8pLBQQtA6G8no
j86nCRsyI8IZ2KUCAAVo2ntUFQlkXgLRbKlZ/W3vVukooHy97m94bym5Q/JV2Rey
aw5DoQlJTvGpZobAd5wetGiTQBF5PGOfX87JM/+HBwI3nggjkj+Ox9jwDQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFLZD44MuUwDFLgYQXksoLPjOHKviMB8GA1UdIwQY
MBaAFJruFcM941iTjWkAobPBRICjiehbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbXU0Vnd6M2pXSk9OYVFDaHM4RkVnS09KNkZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83YS83MmY3N2YtNzZhYi00ZTc5LWEwNjIt
NmVlNTM0ZDkyZTUyLzEvdGtQamd5NVRBTVV1QmhCZVN5Z3MtTTRjcS1JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83YS83MmY3N2YtNzZhYi00ZTc5LWEwNjItNmVlNTM0ZDkyZTUy
LzEvbXU0Vnd6M2pXSk9OYVFDaHM4RkVnS09KNkZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQCWRM4AwQB
uUT0AwQAuWSfAwQBuXGKAwQBua/gAwQA1arfMA0GCSqGSIb3DQEBCwUAA4IBAQAx
3Tu9PtrqanfOY7X4w/GdcaArolqadV/4S3+HUsSRUfDQONvOEEFho3+8TO4b8R8a
H8H+gR1gMVMX9LuyY1Hf5EUdIeTAXc8MB3VH7AjAhlqu+ArXeZ5AkSVI3S/rxzfI
Nap9qm9F+j6cmS7wpvkxCjP5+/suLyt1SMFS5xVoZwHQFQxAxhffzJabLbY+0WpY
87XKMCbo/JktICnrB4/tL24a2JJwHyvZt0rWBgrEgfzWAQgwCPNi6Z4xkcD1NlnZ
Iw0REKF9gtKT6ihD9wEkMMVJUHJAVa+NVhGwYaB8AqCD7mv7nFEBP2Qy4XBHCKvM
RWlLH0UzW9cVOEYiDHWQ
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:01:54 2023 by rpki-client on console-ams.rpki-client.org