Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a4/d4e8e9-0d47-419b-b3e2-054a363115f5/1/TL7ni_f_IQ2hisj0rJWlIt3XaQ0.roa
File: TL7ni_f_IQ2hisj0rJWlIt3XaQ0.roa (raw, json)
Hash identifier: mHsckVR8jpz0RluH4uStFewE26DpNPWt7cYeDmq/p8U=
Subject key identifier: 4C:BE:E7:8B:F7:FF:21:0D:A1:8A:C8:F4:AC:95:A5:22:DD:D7:69:0D
Certificate issuer: /CN=d50962035c5e951013ca0670ca569e79f8d63c15
Certificate serial: 02029FC6
Authority key identifier: D5:09:62:03:5C:5E:95:10:13:CA:06:70:CA:56:9E:79:F8:D6:3C:15
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1QliA1xelRATygZwylaeefjWPBU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a4/d4e8e9-0d47-419b-b3e2-054a363115f5/1/TL7ni_f_IQ2hisj0rJWlIt3XaQ0.roa
Signing time: Sat 01 Jan 2022 15:06:12 +0000
ROA not before: Sat 01 Jan 2022 15:06:12 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 35393
IP address blocks: 185.100.4.0/22 maxlen: 24
194.110.192.0/24 maxlen: 24
91.207.254.0/24 maxlen: 24
91.207.255.0/24 maxlen: 24
195.144.11.0/24 maxlen: 24
46.255.160.0/21 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 33726406 (0x2029fc6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d50962035c5e951013ca0670ca569e79f8d63c15
Validity
Not Before: Jan 1 15:06:12 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=4cbee78bf7ff210da18ac8f4ac95a522ddd7690d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:f2:59:e1:66:13:d9:47:b1:dc:39:ef:87:8b:
f2:1f:b0:ff:20:e1:cc:9d:ea:5e:5f:c9:59:c2:40:
5d:77:8c:17:8e:a0:56:37:a5:b4:cf:f5:81:11:6d:
4e:69:88:ba:2f:0f:ce:68:bb:15:d5:dc:60:e3:3d:
a3:7d:af:d3:16:fb:80:0f:18:8f:59:9f:d3:52:37:
12:44:6b:99:7e:c8:46:34:f3:6f:ff:29:1c:52:05:
3e:41:3c:cd:a4:1e:43:0b:44:21:ca:32:0c:5b:a0:
2a:a6:c6:dc:12:d2:11:4c:24:39:0f:53:6d:4b:2d:
fb:f3:3d:43:6d:d1:36:ec:33:a3:dd:26:e7:03:35:
ed:f5:57:25:06:0c:d0:6a:2c:c4:10:d3:f0:34:6c:
29:4f:55:55:b9:3d:73:26:29:88:47:91:de:a3:57:
aa:95:45:c6:d1:4f:44:2c:78:95:28:d8:63:c7:e5:
e2:c5:dc:81:55:14:f9:74:ae:2d:f3:b0:be:df:23:
56:e0:ca:13:07:4c:fa:73:16:18:ae:86:a5:13:b7:
4c:9b:0b:56:88:bd:aa:d0:66:97:5e:65:b8:23:f8:
a7:54:03:25:d7:44:60:4e:7e:84:5b:cb:af:21:55:
e3:f3:b0:8a:58:63:5f:d1:67:0a:bf:38:29:c2:8d:
9b:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:BE:E7:8B:F7:FF:21:0D:A1:8A:C8:F4:AC:95:A5:22:DD:D7:69:0D
X509v3 Authority Key Identifier:
keyid:D5:09:62:03:5C:5E:95:10:13:CA:06:70:CA:56:9E:79:F8:D6:3C:15
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1QliA1xelRATygZwylaeefjWPBU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/d4e8e9-0d47-419b-b3e2-054a363115f5/1/TL7ni_f_IQ2hisj0rJWlIt3XaQ0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/d4e8e9-0d47-419b-b3e2-054a363115f5/1/1QliA1xelRATygZwylaeefjWPBU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.255.160.0/21
91.207.254.0/23
185.100.4.0/22
194.110.192.0/24
195.144.11.0/24
Signature Algorithm: sha256WithRSAEncryption
6e:24:75:d0:fd:21:ab:06:9a:c3:6f:68:01:2e:17:7b:60:9e:
55:ed:f9:94:ee:0d:de:89:21:0a:22:83:8f:ad:b5:a5:4f:7d:
60:0f:3e:81:c1:fd:12:47:43:1c:51:78:0a:28:bd:12:41:c0:
65:54:46:87:16:0b:ed:43:1b:07:a2:d9:f0:75:01:90:0f:51:
2e:c4:0d:e2:f5:81:44:71:5d:b9:47:da:ab:cf:57:c9:b8:dd:
88:b5:79:86:00:4e:13:d5:5e:44:e9:a7:c5:9d:2c:0d:66:8c:
87:ef:e6:b2:0e:b2:79:2c:eb:d3:9d:1d:8f:82:88:0d:2f:66:
98:8d:38:71:e3:ba:e3:df:35:c6:bf:b0:57:72:7e:4c:b3:ae:
2b:24:1e:44:b6:9f:e1:30:8e:22:a3:48:7a:74:19:db:61:37:
9d:21:06:74:c9:89:9a:8c:c6:07:dc:37:83:24:63:ae:ec:b4:
e5:27:17:8a:2f:cd:5e:4e:1f:2b:c2:50:0f:75:44:06:66:b9:
da:df:f6:a5:b4:20:2f:7c:89:af:6a:2b:c2:41:53:20:cc:4e:
7f:ce:f0:ea:3e:a2:e5:a9:f1:38:f7:66:b1:02:2b:7b:d3:56:
02:dd:75:ce:59:bc:31:79:55:6c:29:82:2f:0b:4f:76:3b:7f:
44:5d:f0:f7
-----BEGIN CERTIFICATE-----
MIIFBzCCA++gAwIBAgIEAgKfxjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
NTA5NjIwMzVjNWU5NTEwMTNjYTA2NzBjYTU2OWU3OWY4ZDYzYzE1MB4XDTIyMDEw
MTE1MDYxMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNGNiZWU3OGJmN2Zm
MjEwZGExOGFjOGY0YWM5NWE1MjJkZGQ3NjkwZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMfyWeFmE9lHsdw574eL8h+w/yDhzJ3qXl/JWcJAXXeMF46g
VjeltM/1gRFtTmmIui8Pzmi7FdXcYOM9o32v0xb7gA8Yj1mf01I3EkRrmX7IRjTz
b/8pHFIFPkE8zaQeQwtEIcoyDFugKqbG3BLSEUwkOQ9TbUst+/M9Q23RNuwzo90m
5wM17fVXJQYM0GosxBDT8DRsKU9VVbk9cyYpiEeR3qNXqpVFxtFPRCx4lSjYY8fl
4sXcgVUU+XSuLfOwvt8jVuDKEwdM+nMWGK6GpRO3TJsLVoi9qtBml15luCP4p1QD
JddEYE5+hFvLryFV4/OwilhjX9FnCr84KcKNmx8CAwEAAaOCAiEwggIdMB0GA1Ud
DgQWBBRMvueL9/8hDaGKyPSslaUi3ddpDTAfBgNVHSMEGDAWgBTVCWIDXF6VEBPK
BnDKVp55+NY8FTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzFRbGlBMXhlbFJBVHlnWnd5bGFlZWZqV1BCVS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYTQvZDRlOGU5LTBkNDctNDE5Yi1iM2UyLTA1NGEzNjMxMTVmNS8x
L1RMN25pX2ZfSVEyaGlzajBySldsSXQzWGFRMC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYTQv
ZDRlOGU5LTBkNDctNDE5Yi1iM2UyLTA1NGEzNjMxMTVmNS8xLzFRbGlBMXhlbFJB
VHlnWnd5bGFlZWZqV1BCVS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA3
BggrBgEFBQcBBwEB/wQoMCYwJAQCAAEwHgMEAy7/oAMEAVvP/gMEArlkBAMEAMJu
wAMEAMOQCzANBgkqhkiG9w0BAQsFAAOCAQEAbiR10P0hqwaaw29oAS4Xe2CeVe35
lO4N3okhCiKDj621pU99YA8+gcH9EkdDHFF4Cii9EkHAZVRGhxYL7UMbB6LZ8HUB
kA9RLsQN4vWBRHFduUfaq89XybjdiLV5hgBOE9VeROmnxZ0sDWaMh+/msg6yeSzr
050dj4KIDS9mmI04ceO64981xr+wV3J+TLOuKyQeRLaf4TCOIqNIenQZ22E3nSEG
dMmJmozGB9w3gyRjruy05ScXii/NXk4fK8JQD3VEBma52t/2pbQgL3yJr2orwkFT
IMxOf87w6j6i5anxOPdmsQIre9NWAt11zlm8MXlVbCmCLwtPdjt/RF3w9w==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:01:44 2023 by rpki-client on console-fra.rpki-client.org