Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/89/16571f-c485-4e73-9cdf-cc3db54f6a47/1/TdmlbNvfpBJwvQKgb-RK2_MbxiM.roa
File: TdmlbNvfpBJwvQKgb-RK2_MbxiM.roa (raw, json)
Hash identifier: v6jkDQ4HGUzP/tNSDYiGWdUal9r5PIYnC1LTp121lBE=
Subject key identifier: 4D:D9:A5:6C:DB:DF:A4:12:70:BD:02:A0:6F:E4:4A:DB:F3:1B:C6:23
Certificate issuer: /CN=19a6857c5ba3f51dbe38f4c4a0c77c84ff0fb355
Certificate serial: 051489FF
Authority key identifier: 19:A6:85:7C:5B:A3:F5:1D:BE:38:F4:C4:A0:C7:7C:84:FF:0F:B3:55
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GaaFfFuj9R2-OPTEoMd8hP8Ps1U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/89/16571f-c485-4e73-9cdf-cc3db54f6a47/1/TdmlbNvfpBJwvQKgb-RK2_MbxiM.roa
Signing time: Wed 13 Apr 2022 11:30:44 +0000
ROA not before: Wed 13 Apr 2022 11:30:44 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 206065
IP address blocks: 185.172.0.0/22 maxlen: 24
185.197.68.0/22 maxlen: 24
188.121.128.0/19 maxlen: 24
92.61.184.0/21 maxlen: 24
37.221.0.0/18 maxlen: 24
37.235.16.0/20 maxlen: 24
91.184.64.0/20 maxlen: 24
94.139.160.0/20 maxlen: 24
37.19.80.0/20 maxlen: 24
37.19.81.0/24 maxlen: 24
185.30.76.0/22 maxlen: 24
45.144.124.0/22 maxlen: 24
92.119.68.0/22 maxlen: 24
45.128.140.0/22 maxlen: 24
213.207.192.0/20 maxlen: 24
81.91.144.0/20 maxlen: 24
2a0c:100::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 85232127 (0x51489ff)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=19a6857c5ba3f51dbe38f4c4a0c77c84ff0fb355
Validity
Not Before: Apr 13 11:30:44 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=4dd9a56cdbdfa41270bd02a06fe44adbf31bc623
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ed:4a:34:b4:ac:48:77:86:a1:a2:b4:2d:a9:d2:
b4:f7:5e:c4:dd:8c:47:43:20:ad:a9:f4:88:c5:d5:
be:7c:68:42:1c:cd:e3:d7:7b:e5:4f:8a:97:92:54:
4e:1a:cb:89:df:76:55:be:93:64:29:ce:e7:f0:38:
3d:12:77:87:38:ca:8c:18:47:fd:05:12:35:4a:08:
db:ce:0e:e0:6f:8c:b5:7f:6f:1e:ff:10:41:5a:99:
73:7c:5f:c3:52:89:c2:27:00:5e:c8:57:aa:9c:d2:
85:a6:17:e0:03:b4:f2:f8:01:ba:3b:4e:d0:4e:d5:
b1:13:99:ba:f7:38:10:0b:78:1d:4a:52:72:8e:69:
e9:68:b3:70:51:3e:e3:90:e8:f3:1e:cc:7c:3b:f6:
56:0c:fe:32:69:42:87:5c:b5:bf:a1:40:65:ce:76:
1d:40:39:86:e4:e8:dd:1f:34:7e:05:2a:7e:cd:3d:
87:73:cc:fb:2e:a8:18:3a:7d:19:f3:f2:d8:c4:db:
fd:46:ea:d6:de:bc:05:8d:27:4b:bd:ad:90:16:50:
5c:d3:86:6f:ff:08:e8:28:b8:db:9c:8c:05:af:5c:
bc:8f:3a:59:3d:66:75:ba:ad:f2:d9:60:40:e0:c8:
1d:56:36:30:ea:b2:85:6b:58:18:87:ed:41:ac:a8:
17:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:D9:A5:6C:DB:DF:A4:12:70:BD:02:A0:6F:E4:4A:DB:F3:1B:C6:23
X509v3 Authority Key Identifier:
keyid:19:A6:85:7C:5B:A3:F5:1D:BE:38:F4:C4:A0:C7:7C:84:FF:0F:B3:55
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GaaFfFuj9R2-OPTEoMd8hP8Ps1U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/89/16571f-c485-4e73-9cdf-cc3db54f6a47/1/TdmlbNvfpBJwvQKgb-RK2_MbxiM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/89/16571f-c485-4e73-9cdf-cc3db54f6a47/1/GaaFfFuj9R2-OPTEoMd8hP8Ps1U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.19.80.0/20
37.221.0.0/18
37.235.16.0/20
45.128.140.0/22
45.144.124.0/22
81.91.144.0/20
91.184.64.0/20
92.61.184.0/21
92.119.68.0/22
94.139.160.0/20
185.30.76.0/22
185.172.0.0/22
185.197.68.0/22
188.121.128.0/19
213.207.192.0/20
IPv6:
2a0c:100::/29
Signature Algorithm: sha256WithRSAEncryption
20:28:87:51:b4:89:48:0e:66:54:b3:1c:de:15:d9:77:1f:c5:
ff:d9:d8:70:ec:9a:50:00:fd:b4:91:b4:74:6a:47:9d:26:aa:
8d:45:ad:60:9e:da:a7:42:88:d8:70:3c:e7:8d:04:a0:25:0d:
0b:86:98:df:36:b4:0a:8e:99:24:2d:ec:b3:86:00:ab:ae:14:
68:72:8d:68:9a:df:92:8b:6d:d6:59:8c:b7:36:cd:b9:8d:a6:
65:20:19:da:f0:3d:87:2c:17:e5:e0:9e:90:b3:39:e6:8d:cf:
13:98:39:9e:4b:ec:e6:27:47:6b:27:e7:7d:b2:e1:b3:0c:83:
c2:a1:e8:95:01:e9:a1:70:77:17:c9:d1:4f:43:24:3b:d4:54:
5d:34:f3:12:92:84:a1:7f:14:87:1d:d0:da:2f:c1:6a:f5:2f:
dd:de:6f:0c:ba:1e:91:ce:b9:e1:bd:5a:4c:d8:6e:a0:dd:ab:
27:77:55:b8:f0:ab:c0:46:26:f9:66:0e:a7:f5:4d:dd:19:f1:
2f:a8:b3:92:eb:af:b0:4a:c6:76:64:86:0b:8a:3c:1a:62:b5:
7a:54:17:9b:db:d2:46:85:20:60:54:23:17:03:11:29:b8:16:
60:9d:8d:dd:a8:7e:43:06:f1:12:ce:e5:0c:76:b7:4e:8f:3d:
00:3c:c0:46
-----BEGIN CERTIFICATE-----
MIIFUzCCBDugAwIBAgIEBRSJ/zANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
OWE2ODU3YzViYTNmNTFkYmUzOGY0YzRhMGM3N2M4NGZmMGZiMzU1MB4XDTIyMDQx
MzExMzA0NFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNGRkOWE1NmNkYmRm
YTQxMjcwYmQwMmEwNmZlNDRhZGJmMzFiYzYyMzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAO1KNLSsSHeGoaK0LanStPdexN2MR0Mgran0iMXVvnxoQhzN
49d75U+Kl5JUThrLid92Vb6TZCnO5/A4PRJ3hzjKjBhH/QUSNUoI284O4G+MtX9v
Hv8QQVqZc3xfw1KJwicAXshXqpzShaYX4AO08vgBujtO0E7VsROZuvc4EAt4HUpS
co5p6WizcFE+45Do8x7MfDv2Vgz+MmlCh1y1v6FAZc52HUA5huTo3R80fgUqfs09
h3PM+y6oGDp9GfPy2MTb/Ubq1t68BY0nS72tkBZQXNOGb/8I6Ci425yMBa9cvI86
WT1mdbqt8tlgQODIHVY2MOqyhWtYGIftQayoFxkCAwEAAaOCAm0wggJpMB0GA1Ud
DgQWBBRN2aVs29+kEnC9AqBv5Erb8xvGIzAfBgNVHSMEGDAWgBQZpoV8W6P1Hb44
9MSgx3yE/w+zVTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0dhYUZmRnVqOVIyLU9QVEVvTWQ4aFA4UHMxVS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvODkvMTY1NzFmLWM0ODUtNGU3My05Y2RmLWNjM2RiNTRmNmE0Ny8x
L1RkbWxiTnZmcEJKd3ZRS2diLVJLMl9NYnhpTS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvODkv
MTY1NzFmLWM0ODUtNGU3My05Y2RmLWNjM2RiNTRmNmE0Ny8xL0dhYUZmRnVqOVIy
LU9QVEVvTWQ4aFA4UHMxVS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCB
ggYIKwYBBQUHAQcBAf8EczBxMGAEAgABMFoDBAQlE1ADBAYl3QADBAQl6xADBAIt
gIwDBAItkHwDBARRW5ADBARbuEADBANcPbgDBAJcd0QDBARei6ADBAK5HkwDBAK5
rAADBAK5xUQDBAW8eYADBATVz8AwDQQCAAIwBwMFAyoMAQAwDQYJKoZIhvcNAQEL
BQADggEBACAoh1G0iUgOZlSzHN4V2Xcfxf/Z2HDsmlAA/bSRtHRqR50mqo1FrWCe
2qdCiNhwPOeNBKAlDQuGmN82tAqOmSQt7LOGAKuuFGhyjWia35KLbdZZjLc2zbmN
pmUgGdrwPYcsF+XgnpCzOeaNzxOYOZ5L7OYnR2sn532y4bMMg8Kh6JUB6aFwdxfJ
0U9DJDvUVF008xKShKF/FIcd0NovwWr1L93ebwy6HpHOueG9WkzYbqDdqyd3Vbjw
q8BGJvlmDqf1Td0Z8S+os5Lrr7BKxnZkhguKPBpitXpUF5vb0kaFIGBUIxcDESm4
FmCdjd2ofkMG8RLO5Qx2t06PPQA8wEY=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:59:02 2023 by rpki-client on console-fra.rpki-client.org