Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9b/91af66-d394-42fa-a0c6-b16cb4dfadd3/1/TZA98kYTGX0pfC8VXq7xc5nuCy8.roa
File: TZA98kYTGX0pfC8VXq7xc5nuCy8.roa (raw, json)
Hash identifier: W/en2pdX3elfZo2HObEJ4Qs0h3UZ7ImB2GpVkkclCpU=
Subject key identifier: 4D:90:3D:F2:46:13:19:7D:29:7C:2F:15:5E:AE:F1:73:99:EE:0B:2F
Certificate issuer: /CN=827603a93bca31b018f511f6d4b0b7546e963362
Certificate serial: 018AFAAF299E87FA45DE1C002D2016446A67
Authority key identifier: 82:76:03:A9:3B:CA:31:B0:18:F5:11:F6:D4:B0:B7:54:6E:96:33:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gnYDqTvKMbAY9RH21LC3VG6WM2I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9b/91af66-d394-42fa-a0c6-b16cb4dfadd3/1/TZA98kYTGX0pfC8VXq7xc5nuCy8.roa
Signing time: Wed 04 Oct 2023 12:34:57 +0000
ROA not before: Wed 04 Oct 2023 12:34:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211432
IP address blocks: 31.40.232.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:fa:af:29:9e:87:fa:45:de:1c:00:2d:20:16:44:6a:67
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=827603a93bca31b018f511f6d4b0b7546e963362
Validity
Not Before: Oct 4 12:34:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4d903df24613197d297c2f155eaef17399ee0b2f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:31:6e:d2:31:36:4e:96:8e:ed:10:39:89:ca:
51:63:43:4c:95:16:78:bb:42:e5:d5:cb:43:39:37:
f2:b4:ee:aa:6e:c9:3e:02:c3:f3:b6:0f:f3:c2:52:
96:14:c0:71:d4:c8:19:3e:b6:ef:5b:84:f9:36:5a:
69:aa:1d:22:e2:13:76:41:a6:9a:a8:c7:c1:ce:e0:
1d:8b:78:c6:d7:59:fe:fb:ab:bb:1c:95:fb:17:92:
f2:ed:d6:06:8e:a4:5d:46:e9:60:28:43:32:ec:c8:
e4:b5:2b:ae:e7:ea:e0:1e:15:b3:fb:32:a9:1c:b5:
3b:71:3d:21:39:f4:0f:e3:e5:90:cb:03:4f:07:c6:
a4:64:2f:8f:95:2b:33:50:d2:bc:ee:28:83:94:18:
2e:7a:d6:f9:cf:dc:6c:aa:66:42:89:53:8b:e3:0a:
59:50:e6:ea:46:d7:68:12:62:42:89:47:d3:a7:68:
8f:5a:4e:ab:28:3d:9f:a7:7e:1f:c1:dd:87:49:0c:
a4:a4:98:91:60:c6:e5:81:1f:fd:44:53:93:ce:aa:
e2:65:f4:5b:7d:ca:d8:e1:4a:d7:76:9f:81:65:22:
b4:69:26:d7:15:c7:73:9f:64:a9:f3:a9:c7:94:6f:
6b:af:59:54:f8:3d:bc:79:7d:15:64:8f:b0:6f:ac:
21:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:90:3D:F2:46:13:19:7D:29:7C:2F:15:5E:AE:F1:73:99:EE:0B:2F
X509v3 Authority Key Identifier:
keyid:82:76:03:A9:3B:CA:31:B0:18:F5:11:F6:D4:B0:B7:54:6E:96:33:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gnYDqTvKMbAY9RH21LC3VG6WM2I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/91af66-d394-42fa-a0c6-b16cb4dfadd3/1/TZA98kYTGX0pfC8VXq7xc5nuCy8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/91af66-d394-42fa-a0c6-b16cb4dfadd3/1/gnYDqTvKMbAY9RH21LC3VG6WM2I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.40.232.0/22
Signature Algorithm: sha256WithRSAEncryption
0f:7c:6d:81:ac:d5:ba:ee:7e:31:e4:69:4e:8a:7f:cd:c6:31:
13:ac:aa:f3:9a:fa:9c:a1:9f:32:ba:8d:54:e0:ea:ec:ca:9d:
24:57:57:5a:63:21:f4:4c:8e:fd:c1:17:40:72:30:23:d0:09:
dd:19:e7:6d:99:b8:d4:d6:9d:11:e5:f2:7e:ef:fd:60:d2:89:
48:a9:dd:44:72:c3:b8:e8:46:fa:5f:9a:61:ad:a0:b3:b0:de:
0e:8d:ef:ae:5a:09:6b:1b:12:ee:df:36:f5:41:08:21:f5:30:
a3:2f:df:1d:24:70:b0:f3:d5:1f:ea:a6:52:7d:1c:b7:c6:84:
9c:c7:34:76:0d:78:46:81:e9:2b:3b:39:fc:46:32:74:6a:a3:
36:c8:a6:57:02:65:11:c7:87:8e:f5:4e:9f:97:6f:6e:15:bb:
4d:93:22:7e:f1:6d:d9:24:a8:57:ea:5f:c3:ff:6c:08:2f:76:
8d:37:fb:f3:b2:34:93:83:cc:fd:12:48:d1:f0:2b:db:34:ad:
a1:c1:64:e0:e3:38:0c:15:c6:a4:00:01:ce:58:f0:14:ab:4e:
a0:02:d5:c6:ad:73:b4:5c:3e:72:93:b0:e8:76:57:b7:31:d5:
ad:f7:71:0e:aa:6c:56:7e:b0:77:24:50:ff:4f:e9:f7:97:3b:
cb:7d:a1:d8
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYr6rymeh/pF3hwALSAWRGpnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgyNzYwM2E5M2JjYTMxYjAxOGY1MTFmNmQ0YjBiNzU0NmU5
NjMzNjIwHhcNMjMxMDA0MTIzNDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZDkwM2RmMjQ2MTMxOTdkMjk3YzJmMTU1ZWFlZjE3Mzk5ZWUwYjJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhTFu0jE2TpaO7RA5icpRY0NMlRZ4
u0Ll1ctDOTfytO6qbsk+AsPztg/zwlKWFMBx1MgZPrbvW4T5Nlppqh0i4hN2Qaaa
qMfBzuAdi3jG11n++6u7HJX7F5Ly7dYGjqRdRulgKEMy7MjktSuu5+rgHhWz+zKp
HLU7cT0hOfQP4+WQywNPB8akZC+PlSszUNK87iiDlBguetb5z9xsqmZCiVOL4wpZ
UObqRtdoEmJCiUfTp2iPWk6rKD2fp34fwd2HSQykpJiRYMblgR/9RFOTzqriZfRb
fcrY4UrXdp+BZSK0aSbXFcdzn2Sp86nHlG9rr1lU+D28eX0VZI+wb6whjQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFE2QPfJGExl9KXwvFV6u8XOZ7gsvMB8GA1UdIwQY
MBaAFIJ2A6k7yjGwGPUR9tSwt1RuljNiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ25ZRHFUdktNYkFZOVJIMjFMQzNWRzZXTTJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yi85MWFmNjYtZDM5NC00MmZhLWEwYzYt
YjE2Y2I0ZGZhZGQzLzEvVFpBOThrWVRHWDBwZkM4VlhxN3hjNW51Q3k4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yi85MWFmNjYtZDM5NC00MmZhLWEwYzYtYjE2Y2I0ZGZhZGQz
LzEvZ25ZRHFUdktNYkFZOVJIMjFMQzNWRzZXTTJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCHyjoMA0G
CSqGSIb3DQEBCwUAA4IBAQAPfG2BrNW67n4x5GlOin/NxjETrKrzmvqcoZ8yuo1U
4Orsyp0kV1daYyH0TI79wRdAcjAj0AndGedtmbjU1p0R5fJ+7/1g0olIqd1EcsO4
6Eb6X5phraCzsN4Oje+uWglrGxLu3zb1QQgh9TCjL98dJHCw89Uf6qZSfRy3xoSc
xzR2DXhGgekrOzn8RjJ0aqM2yKZXAmURx4eO9U6fl29uFbtNkyJ+8W3ZJKhX6l/D
/2wIL3aNN/vzsjSTg8z9EkjR8CvbNK2hwWTg4zgMFcakAAHOWPAUq06gAtXGrXO0
XD5yk7Dodle3MdWt93EOqmxWfrB3JFD/T+n3lzvLfaHY
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:38:15 2025 by rpki-client