Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9a/11c52c-41aa-4e95-ad67-a021a63ddfc3/1/TCicPWbRurkmCNXnosZkfgiC7dI.roa
File: TCicPWbRurkmCNXnosZkfgiC7dI.roa (raw, json)
Hash identifier: Pjv4gC75rnhf010DdRj2r5Fsivr86AbLWDfexZ35PYg=
Subject key identifier: 4C:28:9C:3D:66:D1:BA:B9:26:08:D5:E7:A2:C6:64:7E:08:82:ED:D2
Certificate issuer: /CN=1a0489dc9c0a74c2ed53e1d9e1fbfdd8c8773b94
Certificate serial: 0183F6011F5F1285586F29DE8C0C7979119B
Authority key identifier: 1A:04:89:DC:9C:0A:74:C2:ED:53:E1:D9:E1:FB:FD:D8:C8:77:3B:94
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GgSJ3JwKdMLtU-HZ4fv92Mh3O5Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9a/11c52c-41aa-4e95-ad67-a021a63ddfc3/1/TCicPWbRurkmCNXnosZkfgiC7dI.roa
Signing time: Thu 20 Oct 2022 15:26:52 +0000
ROA not before: Thu 20 Oct 2022 15:26:52 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 13335
IP address blocks: 185.146.172.0/24 maxlen: 24
185.146.173.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:f6:01:1f:5f:12:85:58:6f:29:de:8c:0c:79:79:11:9b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1a0489dc9c0a74c2ed53e1d9e1fbfdd8c8773b94
Validity
Not Before: Oct 20 15:26:52 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=4c289c3d66d1bab92608d5e7a2c6647e0882edd2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:a4:8c:4d:e0:ef:cb:e1:9b:21:58:1d:57:7e:
f2:89:53:64:5e:41:26:4a:89:74:eb:f0:2a:c7:75:
cf:21:b6:1d:ef:9e:50:33:db:28:ce:38:a7:bb:9e:
24:95:ee:31:1a:2f:47:8b:8c:4b:32:50:59:86:a4:
48:9f:b6:ee:dc:79:d8:b8:76:d6:2b:19:d1:6d:ad:
77:6f:e4:62:45:6b:48:c4:b4:2f:fd:05:fe:66:51:
17:4c:21:ef:d4:82:93:46:eb:99:86:80:59:22:60:
a7:83:0e:0a:0e:63:53:8b:43:42:86:dc:05:dd:b6:
75:13:a0:7e:7e:1e:89:08:d9:d1:f8:62:08:94:51:
c8:dc:fc:7f:58:ee:75:49:76:e3:8d:4d:04:54:08:
1c:9a:60:02:a6:a2:81:f4:62:f8:1e:9d:35:51:90:
53:65:43:a8:e9:de:65:50:35:ed:fe:73:6f:dc:56:
dd:8b:f1:61:fa:26:38:ba:41:a4:ea:1e:a0:96:52:
51:ce:eb:0f:15:98:98:7f:c3:40:24:67:cf:9c:c0:
24:fe:e5:5f:44:29:b1:b6:47:79:16:e9:b3:72:df:
f3:3f:65:08:de:4c:65:2a:91:d3:0d:e2:cb:c1:b6:
71:70:e2:85:56:e0:7c:61:4f:0b:f7:a6:e1:d7:02:
66:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:28:9C:3D:66:D1:BA:B9:26:08:D5:E7:A2:C6:64:7E:08:82:ED:D2
X509v3 Authority Key Identifier:
keyid:1A:04:89:DC:9C:0A:74:C2:ED:53:E1:D9:E1:FB:FD:D8:C8:77:3B:94
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GgSJ3JwKdMLtU-HZ4fv92Mh3O5Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/11c52c-41aa-4e95-ad67-a021a63ddfc3/1/TCicPWbRurkmCNXnosZkfgiC7dI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/11c52c-41aa-4e95-ad67-a021a63ddfc3/1/GgSJ3JwKdMLtU-HZ4fv92Mh3O5Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.146.172.0/23
Signature Algorithm: sha256WithRSAEncryption
3e:af:81:4a:12:8f:d5:1e:8c:fb:b5:50:59:62:67:3f:ff:91:
ba:b2:f4:be:ff:6b:27:e7:89:6b:68:b3:ee:df:03:b3:ec:7e:
56:dc:24:86:79:45:ab:51:dd:01:88:22:0d:f8:2e:ea:45:a0:
41:ac:8e:c1:a1:02:93:b7:72:92:c7:04:d3:fb:66:d6:2a:f9:
6c:29:c9:1b:4c:0d:08:fc:9b:a5:c1:ad:f4:6b:06:30:84:10:
6b:1a:b9:00:33:1d:4a:f1:97:74:bb:ca:59:a7:37:9e:da:5e:
38:69:0f:00:ef:53:46:42:c9:c2:d3:e8:ce:48:34:41:f9:34:
ca:ed:df:0b:3f:8f:c0:36:54:0d:12:0b:6c:23:d0:6b:6b:2f:
bb:07:69:cb:b6:2a:8c:41:e7:9d:44:73:f1:fb:53:f2:c3:21:
5b:3d:29:0f:c6:d3:4a:53:b4:a0:bd:15:8b:10:2d:cd:e3:22:
4a:90:05:30:4b:2f:b3:b7:d5:df:d4:03:95:84:80:10:d9:92:
db:96:62:c7:11:eb:85:f7:2c:28:38:a5:e7:e3:80:1b:22:4f:
cb:d0:7c:6d:a8:29:36:40:1d:65:48:8b:ce:86:07:d7:e7:45:
09:b9:a4:84:87:4f:8d:70:12:57:af:3e:00:ac:40:21:09:db:
3f:04:be:40
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYP2AR9fEoVYbynejAx5eRGbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFhMDQ4OWRjOWMwYTc0YzJlZDUzZTFkOWUxZmJmZGQ4Yzg3
NzNiOTQwHhcNMjIxMDIwMTUyNjUyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YzI4OWMzZDY2ZDFiYWI5MjYwOGQ1ZTdhMmM2NjQ3ZTA4ODJlZGQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlaSMTeDvy+GbIVgdV37yiVNkXkEm
Sol06/Aqx3XPIbYd755QM9sozjinu54kle4xGi9Hi4xLMlBZhqRIn7bu3HnYuHbW
KxnRba13b+RiRWtIxLQv/QX+ZlEXTCHv1IKTRuuZhoBZImCngw4KDmNTi0NChtwF
3bZ1E6B+fh6JCNnR+GIIlFHI3Px/WO51SXbjjU0EVAgcmmACpqKB9GL4Hp01UZBT
ZUOo6d5lUDXt/nNv3Fbdi/Fh+iY4ukGk6h6gllJRzusPFZiYf8NAJGfPnMAk/uVf
RCmxtkd5Fumzct/zP2UI3kxlKpHTDeLLwbZxcOKFVuB8YU8L96bh1wJmnwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEwonD1m0bq5JgjV56LGZH4Igu3SMB8GA1UdIwQY
MBaAFBoEidycCnTC7VPh2eH7/djIdzuUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR2dTSjNKd0tkTUx0VS1IWjRmdjkyTWgzTzVRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85YS8xMWM1MmMtNDFhYS00ZTk1LWFkNjct
YTAyMWE2M2RkZmMzLzEvVENpY1BXYlJ1cmttQ05Ybm9zWmtmZ2lDN2RJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85YS8xMWM1MmMtNDFhYS00ZTk1LWFkNjctYTAyMWE2M2RkZmMz
LzEvR2dTSjNKd0tkTUx0VS1IWjRmdjkyTWgzTzVRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBuZKsMA0G
CSqGSIb3DQEBCwUAA4IBAQA+r4FKEo/VHoz7tVBZYmc//5G6svS+/2sn54lraLPu
3wOz7H5W3CSGeUWrUd0BiCIN+C7qRaBBrI7BoQKTt3KSxwTT+2bWKvlsKckbTA0I
/Julwa30awYwhBBrGrkAMx1K8Zd0u8pZpzee2l44aQ8A71NGQsnC0+jOSDRB+TTK
7d8LP4/ANlQNEgtsI9Bray+7B2nLtiqMQeedRHPx+1PywyFbPSkPxtNKU7SgvRWL
EC3N4yJKkAUwSy+zt9Xf1AOVhIAQ2ZLblmLHEeuF9ywoOKXn44AbIk/L0HxtqCk2
QB1lSIvOhgfX50UJuaSEh0+NcBJXrz4ArEAhCds/BL5A
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:59:53 2023 by rpki-client on console-fra.rpki-client.org