Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/84/4f1b27-326a-4679-a64b-da6153885f3b/1/tTjDz-0ltnk8RuQM9U-QP5kt3yI.roa
File: tTjDz-0ltnk8RuQM9U-QP5kt3yI.roa (raw, json)
Hash identifier: zVjdrYsT2UOvS02RNid+A8/J8u+J6WKDdWk9dWpzCHw=
Subject key identifier: B5:38:C3:CF:ED:25:B6:79:3C:46:E4:0C:F5:4F:90:3F:99:2D:DF:22
Certificate issuer: /CN=583d76051017d0afa915fcfb790a00f4667b0a88
Certificate serial: 393E450D
Authority key identifier: 58:3D:76:05:10:17:D0:AF:A9:15:FC:FB:79:0A:00:F4:66:7B:0A:88
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WD12BRAX0K-pFfz7eQoA9GZ7Cog.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/84/4f1b27-326a-4679-a64b-da6153885f3b/1/tTjDz-0ltnk8RuQM9U-QP5kt3yI.roa
Signing time: Sat 01 Jan 2022 08:05:29 +0000
ROA not before: Sat 01 Jan 2022 08:05:29 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 12660
IP address blocks: 194.225.40.0/22 maxlen: 22
194.225.40.0/21 maxlen: 21
194.225.44.0/22 maxlen: 22
94.184.128.0/21 maxlen: 21
94.184.128.0/22 maxlen: 22
94.184.132.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 960382221 (0x393e450d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=583d76051017d0afa915fcfb790a00f4667b0a88
Validity
Not Before: Jan 1 08:05:29 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=b538c3cfed25b6793c46e40cf54f903f992ddf22
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:23:8b:05:5d:91:79:0e:ef:4f:e5:7e:0b:11:
28:f9:1d:98:5c:dc:05:4b:8f:00:97:a3:ef:30:eb:
6b:3f:b6:a5:51:02:1e:a4:f9:cd:f3:e5:35:d2:8f:
34:99:a0:eb:3e:d6:30:23:73:5a:38:40:36:07:a9:
5d:4b:38:76:7b:6c:87:68:f9:bf:55:db:d2:22:dc:
18:d0:91:c6:b9:8b:06:b4:b8:fa:dd:ae:60:f8:80:
d6:42:e3:6d:2d:4a:0c:65:e9:54:ec:37:fd:53:b1:
62:d7:51:93:4c:eb:43:76:b5:b6:07:9e:37:3a:9f:
f0:38:1d:f9:47:72:6d:1c:b1:fb:77:ef:48:24:be:
47:16:93:b9:4e:20:e6:c9:e1:82:d8:b6:7e:7f:bf:
50:d5:4e:79:87:76:b3:f4:f5:8b:13:74:9c:65:ee:
07:97:b5:d2:f4:99:f5:66:1d:f7:2e:05:22:11:c9:
a1:68:92:f8:c5:ff:aa:c7:c6:0c:d3:68:90:0e:35:
a6:19:5b:a9:1b:8a:ee:9a:4c:69:96:72:0b:0c:7f:
f4:5e:7c:0c:18:1e:d4:f8:15:df:2a:fa:1a:a4:58:
b2:2d:69:3e:3b:ac:15:ba:4c:63:03:e1:87:6c:a3:
8e:c2:21:7f:82:39:d3:f8:03:b5:f1:ea:81:8b:d0:
16:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:38:C3:CF:ED:25:B6:79:3C:46:E4:0C:F5:4F:90:3F:99:2D:DF:22
X509v3 Authority Key Identifier:
keyid:58:3D:76:05:10:17:D0:AF:A9:15:FC:FB:79:0A:00:F4:66:7B:0A:88
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WD12BRAX0K-pFfz7eQoA9GZ7Cog.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/84/4f1b27-326a-4679-a64b-da6153885f3b/1/tTjDz-0ltnk8RuQM9U-QP5kt3yI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/84/4f1b27-326a-4679-a64b-da6153885f3b/1/WD12BRAX0K-pFfz7eQoA9GZ7Cog.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.184.128.0/21
194.225.40.0/21
Signature Algorithm: sha256WithRSAEncryption
21:65:93:49:a7:52:81:d4:ce:84:05:cf:14:42:7c:b2:8d:d8:
c6:85:86:10:b6:bc:65:da:05:69:e0:c8:5b:0f:38:54:2d:73:
61:83:a7:67:33:8b:a7:41:b1:40:71:37:06:76:fa:67:27:30:
6b:fd:7a:89:91:e8:37:c8:b4:75:b1:49:50:10:be:90:0b:02:
7a:a4:51:4f:92:ff:07:b1:e7:23:4a:a9:6e:94:94:54:15:0f:
53:24:93:56:96:16:54:93:c4:cc:37:86:b8:89:8e:73:43:74:
4d:02:0a:e0:1e:69:72:d2:3b:39:5a:50:b0:0a:cf:36:2c:e1:
78:80:5e:88:29:6d:96:f2:6e:36:0e:bf:26:ad:b6:84:16:d0:
6a:b5:a4:9b:22:d3:6c:bb:c0:c0:30:6a:e2:5d:a7:d0:76:71:
7a:50:f6:95:61:a0:49:6b:0b:88:e5:47:0a:2c:b2:b5:13:86:
a8:2c:c7:9a:3d:4f:d2:48:a9:3f:51:88:2c:09:d6:48:3c:dd:
c4:c0:92:72:f9:d2:fe:69:be:15:7a:bb:83:67:e7:b1:80:b7:
1c:1c:24:6b:9d:32:11:17:4e:d7:cd:41:e5:3a:35:28:8c:b7:
1f:9a:10:42:e6:ff:c4:65:cc:87:56:ea:6e:83:f4:75:4a:f8:
7a:27:b5:1c
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIEOT5FDTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg1
ODNkNzYwNTEwMTdkMGFmYTkxNWZjZmI3OTBhMDBmNDY2N2IwYTg4MB4XDTIyMDEw
MTA4MDUyOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYjUzOGMzY2ZlZDI1
YjY3OTNjNDZlNDBjZjU0ZjkwM2Y5OTJkZGYyMjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANgjiwVdkXkO70/lfgsRKPkdmFzcBUuPAJej7zDraz+2pVEC
HqT5zfPlNdKPNJmg6z7WMCNzWjhANgepXUs4dntsh2j5v1Xb0iLcGNCRxrmLBrS4
+t2uYPiA1kLjbS1KDGXpVOw3/VOxYtdRk0zrQ3a1tgeeNzqf8Dgd+UdybRyx+3fv
SCS+RxaTuU4g5snhgti2fn+/UNVOeYd2s/T1ixN0nGXuB5e10vSZ9WYd9y4FIhHJ
oWiS+MX/qsfGDNNokA41phlbqRuK7ppMaZZyCwx/9F58DBge1PgV3yr6GqRYsi1p
PjusFbpMYwPhh2yjjsIhf4I50/gDtfHqgYvQFn8CAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBS1OMPP7SW2eTxG5Az1T5A/mS3fIjAfBgNVHSMEGDAWgBRYPXYFEBfQr6kV
/Pt5CgD0ZnsKiDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1dEMTJCUkFYMEstcEZmejdlUW9BOUdaN0NvZy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvODQvNGYxYjI3LTMyNmEtNDY3OS1hNjRiLWRhNjE1Mzg4NWYzYi8x
L3RUakR6LTBsdG5rOFJ1UU05VS1RUDVrdDN5SS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvODQv
NGYxYjI3LTMyNmEtNDY3OS1hNjRiLWRhNjE1Mzg4NWYzYi8xL1dEMTJCUkFYMEst
cEZmejdlUW9BOUdaN0NvZy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEA164gAMEA8LhKDANBgkqhkiG9w0B
AQsFAAOCAQEAIWWTSadSgdTOhAXPFEJ8so3YxoWGELa8ZdoFaeDIWw84VC1zYYOn
ZzOLp0GxQHE3Bnb6Zycwa/16iZHoN8i0dbFJUBC+kAsCeqRRT5L/B7HnI0qpbpSU
VBUPUySTVpYWVJPEzDeGuImOc0N0TQIK4B5pctI7OVpQsArPNizheIBeiCltlvJu
Ng6/Jq22hBbQarWkmyLTbLvAwDBq4l2n0HZxelD2lWGgSWsLiOVHCiyytROGqCzH
mj1P0kipP1GILAnWSDzdxMCScvnS/mm+FXq7g2fnsYC3HBwka50yERdO181B5To1
KIy3H5oQQub/xGXMh1bqboP0dUr4eie1HA==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:58:49 2023 by rpki-client on console-fra.rpki-client.org