Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/91/dcc86a-5f51-4d12-963d-f27c628b8353/1/TZW1GXkCC5_8-lSBIJhQTilgDW0.roa
File: TZW1GXkCC5_8-lSBIJhQTilgDW0.roa (raw, json)
Hash identifier: oWxANAk/PJktorRZWdTIMnSvMWVLJ665l4qpHQ4bToc=
Subject key identifier: 4D:95:B5:19:79:02:0B:9F:FC:FA:54:81:20:98:50:4E:29:60:0D:6D
Certificate issuer: /CN=05eb8cbbaaf25a71bf2fcab6e11057ebf91f01e3
Certificate serial: 018571D7A2B6F852AF147E334B0948F1BA81
Authority key identifier: 05:EB:8C:BB:AA:F2:5A:71:BF:2F:CA:B6:E1:10:57:EB:F9:1F:01:E3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BeuMu6ryWnG_L8q24RBX6_kfAeM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/91/dcc86a-5f51-4d12-963d-f27c628b8353/1/TZW1GXkCC5_8-lSBIJhQTilgDW0.roa
Signing time: Mon 02 Jan 2023 09:37:15 +0000
ROA not before: Mon 02 Jan 2023 09:37:15 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 3301
IP address blocks: 193.241.244.0/23 maxlen: 23
193.241.252.0/23 maxlen: 24
193.241.212.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:d7:a2:b6:f8:52:af:14:7e:33:4b:09:48:f1:ba:81
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=05eb8cbbaaf25a71bf2fcab6e11057ebf91f01e3
Validity
Not Before: Jan 2 09:37:15 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4d95b51979020b9ffcfa54812098504e29600d6d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:83:07:6d:4a:3b:de:10:54:82:26:f6:98:04:
f3:15:8e:b2:ad:25:6f:4b:d5:55:c0:fd:16:b5:ca:
29:5a:98:67:88:26:31:2a:bb:16:f6:dc:ce:a8:4a:
25:bf:15:8a:e3:8d:1b:e1:9f:67:a0:56:96:33:c0:
fe:0f:e6:26:c8:93:06:74:90:b7:2b:4a:84:e1:0d:
6e:c8:5f:ec:70:3e:55:69:d8:6a:ba:2c:69:ae:05:
77:06:ea:70:79:22:9b:e7:e2:24:5e:5d:74:34:9e:
ec:20:39:4d:5b:1d:9f:1c:68:c0:1a:d6:a1:e7:6d:
b3:b7:22:33:33:50:84:88:7d:cf:37:f1:59:b4:a4:
df:89:a7:b9:33:e8:7a:5a:7a:9c:6b:5e:f9:f5:33:
f4:d7:74:1a:02:c0:de:cf:75:03:4a:f1:8c:d0:bf:
10:70:b9:de:cc:07:76:85:01:6a:53:94:e9:8c:f5:
90:ca:ed:77:16:33:44:e6:a9:ae:dc:f3:95:8f:6a:
95:b6:40:7f:3f:05:f8:d5:08:02:37:05:16:d4:ca:
7d:f8:57:8f:7e:99:4c:87:ba:79:e9:cb:f0:2d:76:
70:d7:66:cd:87:f5:82:74:56:51:43:5c:5c:7f:7b:
e5:e0:d4:84:3e:b9:db:a0:36:b8:3e:ad:83:e4:12:
12:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:95:B5:19:79:02:0B:9F:FC:FA:54:81:20:98:50:4E:29:60:0D:6D
X509v3 Authority Key Identifier:
keyid:05:EB:8C:BB:AA:F2:5A:71:BF:2F:CA:B6:E1:10:57:EB:F9:1F:01:E3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BeuMu6ryWnG_L8q24RBX6_kfAeM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/91/dcc86a-5f51-4d12-963d-f27c628b8353/1/TZW1GXkCC5_8-lSBIJhQTilgDW0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/91/dcc86a-5f51-4d12-963d-f27c628b8353/1/BeuMu6ryWnG_L8q24RBX6_kfAeM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.241.212.0/24
193.241.244.0/23
193.241.252.0/23
Signature Algorithm: sha256WithRSAEncryption
10:9b:5d:cf:a3:34:be:86:44:c8:d7:5b:45:c2:35:8e:52:7f:
c8:74:14:a2:ed:08:7e:a6:9b:9d:99:27:ad:9c:c3:ab:01:7b:
0b:2b:27:9b:25:43:4b:15:ad:28:be:51:4a:d2:74:3c:f9:7d:
9a:86:d0:f3:9d:d5:d9:d8:be:e8:c6:db:51:30:16:99:5d:b7:
04:1f:df:f9:01:c3:da:11:30:ce:4f:c3:b4:bf:aa:29:76:08:
ad:86:55:66:00:5f:49:7f:d8:9d:61:95:6d:dc:34:14:fc:f0:
30:fc:45:d1:ca:01:f8:26:7e:67:d4:5f:13:c1:f3:46:e1:f5:
7c:84:3e:28:3d:ed:b5:03:dc:13:f6:da:de:c5:3b:46:4d:3f:
e3:f2:9b:92:87:99:31:12:20:8b:25:5c:7d:e8:e5:a2:3e:7a:
6b:dc:c6:b4:54:b3:b1:b1:f7:b1:b7:4a:88:7d:63:e4:c3:af:
74:31:29:3a:01:a8:b8:2e:d6:bc:08:c6:9d:84:66:09:32:9b:
52:ad:3f:c2:15:36:70:7a:01:f7:fd:6c:fb:97:07:cf:00:67:
ed:34:b3:e9:ed:fd:92:ad:24:db:f2:e9:7c:31:7f:c5:a7:2e:
f7:93:96:9b:13:2d:ae:b9:39:9a:9b:8f:58:82:26:a5:9e:a6:
10:4e:47:90
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVx16K2+FKvFH4zSwlI8bqBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1ZWI4Y2JiYWFmMjVhNzFiZjJmY2FiNmUxMTA1N2ViZjkx
ZjAxZTMwHhcNMjMwMTAyMDkzNzE1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZDk1YjUxOTc5MDIwYjlmZmNmYTU0ODEyMDk4NTA0ZTI5NjAwZDZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq4MHbUo73hBUgib2mATzFY6yrSVv
S9VVwP0WtcopWphniCYxKrsW9tzOqEolvxWK440b4Z9noFaWM8D+D+YmyJMGdJC3
K0qE4Q1uyF/scD5VadhquixprgV3BupweSKb5+IkXl10NJ7sIDlNWx2fHGjAGtah
522ztyIzM1CEiH3PN/FZtKTfiae5M+h6Wnqca1759TP013QaAsDez3UDSvGM0L8Q
cLnezAd2hQFqU5TpjPWQyu13FjNE5qmu3POVj2qVtkB/PwX41QgCNwUW1Mp9+FeP
fplMh7p56cvwLXZw12bNh/WCdFZRQ1xcf3vl4NSEPrnboDa4Pq2D5BISIQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFE2VtRl5Aguf/PpUgSCYUE4pYA1tMB8GA1UdIwQY
MBaAFAXrjLuq8lpxvy/KtuEQV+v5HwHjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQmV1TXU2cnlXbkdfTDhxMjRSQlg2X2tmQWVNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MS9kY2M4NmEtNWY1MS00ZDEyLTk2M2Qt
ZjI3YzYyOGI4MzUzLzEvVFpXMUdYa0NDNV84LWxTQklKaFFUaWxnRFcwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MS9kY2M4NmEtNWY1MS00ZDEyLTk2M2QtZjI3YzYyOGI4MzUz
LzEvQmV1TXU2cnlXbkdfTDhxMjRSQlg2X2tmQWVNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAwfHUAwQB
wfH0AwQBwfH8MA0GCSqGSIb3DQEBCwUAA4IBAQAQm13PozS+hkTI11tFwjWOUn/I
dBSi7Qh+ppudmSetnMOrAXsLKyebJUNLFa0ovlFK0nQ8+X2ahtDzndXZ2L7oxttR
MBaZXbcEH9/5AcPaETDOT8O0v6opdgithlVmAF9Jf9idYZVt3DQU/PAw/EXRygH4
Jn5n1F8TwfNG4fV8hD4oPe21A9wT9trexTtGTT/j8puSh5kxEiCLJVx96OWiPnpr
3Ma0VLOxsfext0qIfWPkw690MSk6Aai4Lta8CMadhGYJMptSrT/CFTZwegH3/Wz7
lwfPAGftNLPp7f2SrSTb8ul8MX/Fpy73k5abEy2uuTmam49YgialnqYQTkeQ
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:19:39 2025 by rpki-client