Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a2/4df39a-783c-4d7d-b1be-bfd95a9a6e64/1/TjzxgRfGpD3vd8ebtaya8GANkMY.roa
File: TjzxgRfGpD3vd8ebtaya8GANkMY.roa (raw, json)
Hash identifier: ICuYlBq7TgDd4m0LbVZhP1IjWeQwPAi4gUxeaf9Emwc=
Subject key identifier: 4E:3C:F1:81:17:C6:A4:3D:EF:77:C7:9B:B5:AC:9A:F0:60:0D:90:C6
Certificate issuer: /CN=85f4ee14f6d38a7cf071279dff7b391702e37135
Certificate serial: 0184A4F7D5B48A941091A5B00DA3579E128C
Authority key identifier: 85:F4:EE:14:F6:D3:8A:7C:F0:71:27:9D:FF:7B:39:17:02:E3:71:35
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hfTuFPbTinzwcSed_3s5FwLjcTU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a2/4df39a-783c-4d7d-b1be-bfd95a9a6e64/1/TjzxgRfGpD3vd8ebtaya8GANkMY.roa
Signing time: Wed 23 Nov 2022 14:50:16 +0000
ROA not before: Wed 23 Nov 2022 14:50:16 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 210301
IP address blocks: 185.146.227.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:a4:f7:d5:b4:8a:94:10:91:a5:b0:0d:a3:57:9e:12:8c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=85f4ee14f6d38a7cf071279dff7b391702e37135
Validity
Not Before: Nov 23 14:50:16 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=4e3cf18117c6a43def77c79bb5ac9af0600d90c6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:2b:e8:81:2c:b2:82:e0:f2:7e:6b:b6:67:3b:
71:0d:41:1b:18:fd:ee:4c:27:68:d3:a4:ee:5b:eb:
af:b4:b8:a1:67:a5:41:cf:fa:66:91:8c:e2:20:35:
a9:e0:d8:1b:cb:6c:e0:25:df:da:09:97:f8:c9:ab:
67:9b:15:35:6a:cc:52:f5:0d:2b:98:da:f6:b0:7f:
1c:d5:0e:56:ec:20:67:5c:d6:64:18:1d:0e:c4:6f:
7b:0f:9f:2b:d2:f1:a8:6f:bc:e2:d6:27:c4:03:82:
48:57:72:d1:f1:05:d9:c2:87:ed:15:98:71:b8:53:
f1:aa:1c:44:9a:7a:4f:76:60:a5:22:8a:81:02:9c:
0e:30:c7:cb:51:9c:ed:6b:b3:cc:3b:e8:eb:62:67:
a7:e5:17:45:f2:b8:9f:c3:40:51:4f:6b:f6:aa:f6:
d9:3e:df:29:a0:d4:db:10:4e:a7:a8:da:ab:f8:08:
6b:6d:a5:9d:6d:b8:a4:00:29:74:66:f6:fd:2b:0b:
f9:a9:5a:13:ec:e1:9b:90:73:e6:b3:57:bb:77:4f:
d4:42:71:2d:52:59:1b:7f:68:16:7c:b5:6c:f6:84:
db:97:5a:07:3d:81:7d:d1:d7:aa:b0:60:8a:4f:fa:
ae:57:92:bd:f5:ff:44:1c:08:7c:7e:4a:79:a5:ee:
b6:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:3C:F1:81:17:C6:A4:3D:EF:77:C7:9B:B5:AC:9A:F0:60:0D:90:C6
X509v3 Authority Key Identifier:
keyid:85:F4:EE:14:F6:D3:8A:7C:F0:71:27:9D:FF:7B:39:17:02:E3:71:35
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hfTuFPbTinzwcSed_3s5FwLjcTU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/4df39a-783c-4d7d-b1be-bfd95a9a6e64/1/TjzxgRfGpD3vd8ebtaya8GANkMY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/4df39a-783c-4d7d-b1be-bfd95a9a6e64/1/hfTuFPbTinzwcSed_3s5FwLjcTU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.146.227.0/24
Signature Algorithm: sha256WithRSAEncryption
3f:68:f5:18:49:65:73:7a:14:dc:28:cc:76:07:f0:b8:9c:a4:
ac:ce:60:27:cd:d9:41:e4:8e:54:b6:33:7b:7e:5b:b6:22:6b:
c8:78:3d:5c:42:5a:fe:35:27:fa:8e:90:6e:13:7b:58:91:a1:
90:22:9a:03:99:e3:d5:0c:f4:2a:69:eb:39:95:0c:57:db:8b:
fb:ea:b0:54:1a:47:98:42:c9:aa:7f:73:4a:40:2e:3a:cb:8b:
88:0f:7c:02:7f:c2:7f:d5:1f:60:03:fd:af:13:8b:50:3f:f1:
df:be:99:ed:43:84:ce:59:b8:5f:7f:33:80:05:cd:2c:1e:1d:
3e:ea:b3:bd:e4:5d:f8:99:da:fb:45:d7:83:f0:89:85:65:8e:
80:90:6b:77:e1:19:c1:21:db:d2:2f:1c:d1:54:4e:7a:97:28:
b9:90:23:16:32:f4:f0:5a:90:fa:03:64:4e:0f:f7:c5:b2:d2:
e2:ac:c1:70:d7:b8:0e:dc:a4:19:14:da:2a:70:d8:f1:75:f6:
ba:c1:a7:a4:1c:38:1b:88:d1:9c:47:a2:07:4f:72:d6:41:cc:
94:4d:c1:eb:39:cd:ee:c2:00:3b:00:98:55:14:83:15:b3:21:
03:cf:93:3f:68:8c:7f:8a:5c:dd:d0:15:4c:e8:e1:a4:77:a6:
ce:6f:98:4b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYSk99W0ipQQkaWwDaNXnhKMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg1ZjRlZTE0ZjZkMzhhN2NmMDcxMjc5ZGZmN2IzOTE3MDJl
MzcxMzUwHhcNMjIxMTIzMTQ1MDE2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZTNjZjE4MTE3YzZhNDNkZWY3N2M3OWJiNWFjOWFmMDYwMGQ5MGM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjivogSyyguDyfmu2ZztxDUEbGP3u
TCdo06TuW+uvtLihZ6VBz/pmkYziIDWp4Ngby2zgJd/aCZf4yatnmxU1asxS9Q0r
mNr2sH8c1Q5W7CBnXNZkGB0OxG97D58r0vGob7zi1ifEA4JIV3LR8QXZwoftFZhx
uFPxqhxEmnpPdmClIoqBApwOMMfLUZzta7PMO+jrYmen5RdF8rifw0BRT2v2qvbZ
Pt8poNTbEE6nqNqr+AhrbaWdbbikACl0Zvb9Kwv5qVoT7OGbkHPms1e7d0/UQnEt
Ulkbf2gWfLVs9oTbl1oHPYF90deqsGCKT/quV5K99f9EHAh8fkp5pe62rwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFE488YEXxqQ973fHm7WsmvBgDZDGMB8GA1UdIwQY
MBaAFIX07hT204p88HEnnf97ORcC43E1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaGZUdUZQYlRpbnp3Y1NlZF8zczVGd0xqY1RVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMi80ZGYzOWEtNzgzYy00ZDdkLWIxYmUt
YmZkOTVhOWE2ZTY0LzEvVGp6eGdSZkdwRDN2ZDhlYnRheWE4R0FOa01ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMi80ZGYzOWEtNzgzYy00ZDdkLWIxYmUtYmZkOTVhOWE2ZTY0
LzEvaGZUdUZQYlRpbnp3Y1NlZF8zczVGd0xqY1RVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuZLjMA0G
CSqGSIb3DQEBCwUAA4IBAQA/aPUYSWVzehTcKMx2B/C4nKSszmAnzdlB5I5UtjN7
flu2ImvIeD1cQlr+NSf6jpBuE3tYkaGQIpoDmePVDPQqaes5lQxX24v76rBUGkeY
Qsmqf3NKQC46y4uID3wCf8J/1R9gA/2vE4tQP/HfvpntQ4TOWbhffzOABc0sHh0+
6rO95F34mdr7RdeD8ImFZY6AkGt34RnBIdvSLxzRVE56lyi5kCMWMvTwWpD6A2RO
D/fFstLirMFw17gO3KQZFNoqcNjxdfa6waekHDgbiNGcR6IHT3LWQcyUTcHrOc3u
wgA7AJhVFIMVsyEDz5M/aIx/ilzd0BVM6OGkd6bOb5hL
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:48:03 2024 by rpki-client on console-fra.rpki-client.org