Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/46db3a-a573-4f28-b43b-37b62d223924/1/TusvrCHMQWUdFheY6H3ywZp8xRA.roa
File: TusvrCHMQWUdFheY6H3ywZp8xRA.roa (raw, json)
Hash identifier: EQcNLNd5PeBtsJpNHlRJgfdNQ01KtXp0g5IHHkc2Rsk=
Subject key identifier: 4E:EB:2F:AC:21:CC:41:65:1D:16:17:98:E8:7D:F2:C1:9A:7C:C5:10
Certificate issuer: /CN=e754c347d68d15493de71bb962f0a567e134d603
Certificate serial: 1B14B9AC
Authority key identifier: E7:54:C3:47:D6:8D:15:49:3D:E7:1B:B9:62:F0:A5:67:E1:34:D6:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/51TDR9aNFUk95xu5YvClZ-E01gM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/46db3a-a573-4f28-b43b-37b62d223924/1/TusvrCHMQWUdFheY6H3ywZp8xRA.roa
Signing time: Sat 05 Feb 2022 12:11:44 +0000
ROA not before: Sat 05 Feb 2022 12:11:44 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 61317
IP address blocks: 198.105.124.0/22 maxlen: 24
198.105.126.0/24 maxlen: 24
155.254.36.0/22 maxlen: 24
45.43.68.0/22 maxlen: 24
107.181.128.0/22 maxlen: 24
107.181.140.0/22 maxlen: 24
198.105.100.0/22 maxlen: 24
198.105.116.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 454343084 (0x1b14b9ac)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e754c347d68d15493de71bb962f0a567e134d603
Validity
Not Before: Feb 5 12:11:44 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=4eeb2fac21cc41651d161798e87df2c19a7cc510
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:e3:7f:da:b7:ba:78:fb:54:cd:38:71:17:9d:
7c:a0:35:cd:55:74:8b:76:9e:f6:0a:3b:8e:3c:db:
8b:23:ed:07:85:dd:c7:43:1e:16:44:67:22:db:be:
30:fa:5f:cf:54:9f:e9:cc:2d:78:f3:bf:ef:db:e5:
e9:9d:6a:96:e1:93:ae:3c:a4:1f:9c:c0:fa:89:16:
19:13:70:7d:f1:51:13:a0:d3:14:18:ac:25:9a:41:
e2:da:2b:e4:e8:2b:93:39:df:92:ed:e1:45:04:62:
e7:6e:48:d1:1f:8b:0c:00:56:af:e7:54:de:9e:ad:
0d:5e:55:d3:77:3c:b2:fa:84:a9:08:81:75:48:ff:
a1:51:96:cd:a1:0c:b8:04:5e:69:3e:3f:87:ec:69:
8f:82:13:c7:f8:a6:ec:66:93:14:78:86:7f:ce:eb:
d8:7a:a6:9d:73:9c:55:4c:02:f4:8d:f6:d8:da:ba:
b9:64:0f:6a:d5:46:2f:16:e3:a5:9d:eb:87:09:fa:
f4:f3:78:5e:0e:ae:55:3a:a9:0f:02:f6:73:b8:b4:
1e:a5:d6:93:0d:b2:b2:d6:71:7f:5a:19:e8:6c:cc:
b1:ae:9f:98:34:54:32:da:48:33:06:0a:2e:9f:52:
a3:00:23:ec:95:96:f8:09:4f:ba:70:fb:2b:b4:77:
53:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:EB:2F:AC:21:CC:41:65:1D:16:17:98:E8:7D:F2:C1:9A:7C:C5:10
X509v3 Authority Key Identifier:
keyid:E7:54:C3:47:D6:8D:15:49:3D:E7:1B:B9:62:F0:A5:67:E1:34:D6:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/51TDR9aNFUk95xu5YvClZ-E01gM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/46db3a-a573-4f28-b43b-37b62d223924/1/TusvrCHMQWUdFheY6H3ywZp8xRA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/46db3a-a573-4f28-b43b-37b62d223924/1/51TDR9aNFUk95xu5YvClZ-E01gM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.43.68.0/22
107.181.128.0/22
107.181.140.0/22
155.254.36.0/22
198.105.100.0/22
198.105.116.0/22
198.105.124.0/22
Signature Algorithm: sha256WithRSAEncryption
3f:91:d5:9a:cd:5e:29:59:88:29:67:9d:ac:f0:bc:5d:62:2f:
82:42:b7:7b:7c:76:bb:a3:2e:9a:81:4c:a4:ea:bd:94:48:3c:
c9:64:52:51:78:be:84:d1:21:aa:ea:8d:41:a3:86:87:ff:f2:
c7:4f:b7:ca:c5:7b:7c:ad:68:d2:ec:ad:c2:4e:1a:d3:05:1b:
bb:04:3a:05:45:02:d8:31:18:d2:67:0d:1a:e0:df:60:e4:df:
e0:4a:b2:b8:2e:b8:a8:af:d8:67:a1:c4:c8:e5:82:76:f4:83:
15:4f:0e:a4:25:d6:51:cf:37:af:77:aa:25:82:a1:f7:87:74:
47:ce:1e:25:52:db:73:32:2c:b2:72:d2:54:69:37:b6:a0:7d:
c0:2d:b6:2d:57:31:e8:7d:ce:26:c5:91:4c:bc:16:12:7f:27:
d6:4d:4f:84:43:91:60:45:e2:98:ae:07:55:03:76:f0:f3:6c:
a8:6c:f1:0f:e8:87:f3:39:8b:b0:46:d0:7f:67:72:9a:f4:97:
dc:c3:6f:48:7b:b0:f5:c8:3c:28:ef:b1:5a:e5:7b:44:2a:1c:
16:6b:4f:16:b2:1a:e9:24:c7:7f:23:e0:11:68:dd:d9:15:be:
21:99:b0:bf:f2:d2:59:0b:d6:30:1b:2f:26:4b:a0:f9:1b:8d:
b4:21:8a:b6
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgIEGxS5rDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhl
NzU0YzM0N2Q2OGQxNTQ5M2RlNzFiYjk2MmYwYTU2N2UxMzRkNjAzMB4XDTIyMDIw
NTEyMTE0NFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNGVlYjJmYWMyMWNj
NDE2NTFkMTYxNzk4ZTg3ZGYyYzE5YTdjYzUxMDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALvjf9q3unj7VM04cRedfKA1zVV0i3ae9go7jjzbiyPtB4Xd
x0MeFkRnItu+MPpfz1Sf6cwtePO/79vl6Z1qluGTrjykH5zA+okWGRNwffFRE6DT
FBisJZpB4tor5Ogrkznfku3hRQRi525I0R+LDABWr+dU3p6tDV5V03c8svqEqQiB
dUj/oVGWzaEMuAReaT4/h+xpj4ITx/im7GaTFHiGf87r2HqmnXOcVUwC9I322Nq6
uWQPatVGLxbjpZ3rhwn69PN4Xg6uVTqpDwL2c7i0HqXWkw2ystZxf1oZ6GzMsa6f
mDRUMtpIMwYKLp9SowAj7JWW+AlPunD7K7R3Ux0CAwEAAaOCAi0wggIpMB0GA1Ud
DgQWBBRO6y+sIcxBZR0WF5joffLBmnzFEDAfBgNVHSMEGDAWgBTnVMNH1o0VST3n
G7li8KVn4TTWAzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzUxVERSOWFORlVrOTV4dTVZdkNsWi1FMDFnTS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYjAvNDZkYjNhLWE1NzMtNGYyOC1iNDNiLTM3YjYyZDIyMzkyNC8x
L1R1c3ZyQ0hNUVdVZEZoZVk2SDN5d1pwOHhSQS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjAv
NDZkYjNhLWE1NzMtNGYyOC1iNDNiLTM3YjYyZDIyMzkyNC8xLzUxVERSOWFORlVr
OTV4dTVZdkNsWi1FMDFnTS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBD
BggrBgEFBQcBBwEB/wQ0MDIwMAQCAAEwKgMEAi0rRAMEAmu1gAMEAmu1jAMEApv+
JAMEAsZpZAMEAsZpdAMEAsZpfDANBgkqhkiG9w0BAQsFAAOCAQEAP5HVms1eKVmI
KWedrPC8XWIvgkK3e3x2u6MumoFMpOq9lEg8yWRSUXi+hNEhquqNQaOGh//yx0+3
ysV7fK1o0uytwk4a0wUbuwQ6BUUC2DEY0mcNGuDfYOTf4EqyuC64qK/YZ6HEyOWC
dvSDFU8OpCXWUc83r3eqJYKh94d0R84eJVLbczIssnLSVGk3tqB9wC22LVcx6H3O
JsWRTLwWEn8n1k1PhEORYEXimK4HVQN28PNsqGzxD+iH8zmLsEbQf2dymvSX3MNv
SHuw9cg8KO+xWuV7RCocFmtPFrIa6STHfyPgEWjd2RW+IZmwv/LSWQvWMBsvJkug
+RuNtCGKtg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:50:04 2024 by rpki-client on console-fra.rpki-client.org