Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b6/5360e7-f02a-4737-99c7-febb64b5e164/1/TXUAfkiqYqoeOB3LFgCOEvcJTj0.roa
File: TXUAfkiqYqoeOB3LFgCOEvcJTj0.roa (raw, json)
Hash identifier: wRcku0YCVOwSEtpWGkpFflNPVIkymlBMEvggp5KFzf4=
Subject key identifier: 4D:75:00:7E:48:AA:62:AA:1E:38:1D:CB:16:00:8E:12:F7:09:4E:3D
Certificate issuer: /CN=22f344a63dcb70e89057deb8e2761dc45165881a
Certificate serial: 0182631B334DF0945F81A28CAAA82713C1C1
Authority key identifier: 22:F3:44:A6:3D:CB:70:E8:90:57:DE:B8:E2:76:1D:C4:51:65:88:1A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IvNEpj3LcOiQV9644nYdxFFliBo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b6/5360e7-f02a-4737-99c7-febb64b5e164/1/TXUAfkiqYqoeOB3LFgCOEvcJTj0.roa
Signing time: Wed 03 Aug 2022 09:48:23 +0000
ROA not before: Wed 03 Aug 2022 09:48:23 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 43260
IP address blocks: 109.238.198.0/24 maxlen: 24
109.238.199.0/24 maxlen: 24
109.238.197.0/24 maxlen: 24
109.238.196.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:63:1b:33:4d:f0:94:5f:81:a2:8c:aa:a8:27:13:c1:c1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22f344a63dcb70e89057deb8e2761dc45165881a
Validity
Not Before: Aug 3 09:48:23 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=4d75007e48aa62aa1e381dcb16008e12f7094e3d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:47:27:10:d9:70:f9:03:a1:1f:af:ea:53:4e:
f4:3c:9b:a8:76:cb:de:42:10:c2:8d:79:6f:fd:96:
3b:b0:de:d3:e0:f9:94:bf:85:72:47:d1:75:40:25:
45:6f:35:34:a1:5d:da:78:de:b1:d6:31:02:cc:77:
32:3d:27:f8:7c:c1:a9:4b:e5:27:e4:14:64:2b:cb:
d4:ab:13:93:0b:ac:f6:0c:14:95:78:b8:9b:6f:ac:
d0:4a:28:ba:c0:24:4f:ab:68:5e:e0:33:da:3e:d2:
47:71:d4:9c:4a:c9:48:e1:11:35:bd:7b:52:ff:9d:
fb:54:07:bf:f6:1c:d5:e2:2a:b1:ee:05:78:8a:11:
c7:ae:9a:7f:35:04:87:e8:13:1b:55:c4:8e:7e:16:
1e:8d:af:df:0f:00:53:ae:30:b9:90:28:ee:3f:5b:
3f:43:a7:f9:a5:cd:e5:fe:e6:42:bb:cc:e4:93:bf:
64:18:71:fb:df:2a:93:ed:4b:38:5b:33:75:41:f5:
57:15:a9:90:38:eb:47:7a:69:44:3f:de:ef:8e:be:
a5:60:a2:fd:71:bd:a6:54:ae:2c:98:bc:fb:38:ff:
5f:26:a5:8f:90:0c:87:56:38:29:04:6b:7f:e5:eb:
17:ec:0b:54:cd:88:2b:1f:c2:e6:69:36:ea:32:bd:
8e:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:75:00:7E:48:AA:62:AA:1E:38:1D:CB:16:00:8E:12:F7:09:4E:3D
X509v3 Authority Key Identifier:
keyid:22:F3:44:A6:3D:CB:70:E8:90:57:DE:B8:E2:76:1D:C4:51:65:88:1A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IvNEpj3LcOiQV9644nYdxFFliBo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/5360e7-f02a-4737-99c7-febb64b5e164/1/TXUAfkiqYqoeOB3LFgCOEvcJTj0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/5360e7-f02a-4737-99c7-febb64b5e164/1/IvNEpj3LcOiQV9644nYdxFFliBo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.238.196.0/22
Signature Algorithm: sha256WithRSAEncryption
82:b1:a9:b7:10:65:0a:49:e5:85:fe:ff:03:47:1c:89:5f:ce:
df:e6:0c:99:c5:97:69:24:0a:8f:1c:23:d8:bd:db:00:34:0e:
9b:7e:c2:3b:bc:40:0b:5d:c6:e2:a8:07:1c:07:60:1b:74:28:
09:f7:4c:bc:df:d3:f6:85:da:43:bb:c9:b0:5c:70:20:fc:ca:
c7:7c:5a:87:4e:84:b1:a1:37:fe:ed:67:21:7a:d3:da:f4:0a:
47:bb:7c:9a:1b:e9:df:39:36:b9:1d:37:fc:21:f9:7b:64:af:
87:6e:c5:32:38:54:42:ce:46:32:59:43:21:42:f3:03:23:3a:
03:a1:d9:0e:13:10:7e:c3:7c:03:16:de:16:31:52:3d:81:7f:
ff:2f:45:5d:a7:f6:44:5c:29:ee:65:6d:a6:85:5f:c3:cb:e7:
c6:66:d3:02:d9:68:5b:12:82:51:b0:8a:44:37:bf:1e:98:de:
0f:d8:56:39:e2:be:b9:5f:ae:3c:d9:45:e8:e3:73:66:69:29:
43:c0:8b:59:dc:f6:b1:04:2e:b3:9d:34:a4:7a:a2:ac:bb:f4:
8c:01:87:04:e4:f7:1e:92:7a:ab:17:1c:e0:ea:28:be:c7:72:
54:21:fa:a6:a1:38:5b:20:1e:92:4a:c4:d0:0e:09:5c:c3:0f:
e4:fc:a8:27
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYJjGzNN8JRfgaKMqqgnE8HBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyZjM0NGE2M2RjYjcwZTg5MDU3ZGViOGUyNzYxZGM0NTE2
NTg4MWEwHhcNMjIwODAzMDk0ODIzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZDc1MDA3ZTQ4YWE2MmFhMWUzODFkY2IxNjAwOGUxMmY3MDk0ZTNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg0cnENlw+QOhH6/qU070PJuodsve
QhDCjXlv/ZY7sN7T4PmUv4VyR9F1QCVFbzU0oV3aeN6x1jECzHcyPSf4fMGpS+Un
5BRkK8vUqxOTC6z2DBSVeLibb6zQSii6wCRPq2he4DPaPtJHcdScSslI4RE1vXtS
/537VAe/9hzV4iqx7gV4ihHHrpp/NQSH6BMbVcSOfhYeja/fDwBTrjC5kCjuP1s/
Q6f5pc3l/uZCu8zkk79kGHH73yqT7Us4WzN1QfVXFamQOOtHemlEP97vjr6lYKL9
cb2mVK4smLz7OP9fJqWPkAyHVjgpBGt/5esX7AtUzYgrH8LmaTbqMr2OMwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFE11AH5IqmKqHjgdyxYAjhL3CU49MB8GA1UdIwQY
MBaAFCLzRKY9y3DokFfeuOJ2HcRRZYgaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXZORXBqM0xjT2lRVjk2NDRuWWR4RkZsaUJvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNi81MzYwZTctZjAyYS00NzM3LTk5Yzct
ZmViYjY0YjVlMTY0LzEvVFhVQWZraXFZcW9lT0IzTEZnQ09FdmNKVGowLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNi81MzYwZTctZjAyYS00NzM3LTk5YzctZmViYjY0YjVlMTY0
LzEvSXZORXBqM0xjT2lRVjk2NDRuWWR4RkZsaUJvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCbe7EMA0G
CSqGSIb3DQEBCwUAA4IBAQCCsam3EGUKSeWF/v8DRxyJX87f5gyZxZdpJAqPHCPY
vdsANA6bfsI7vEALXcbiqAccB2AbdCgJ90y839P2hdpDu8mwXHAg/MrHfFqHToSx
oTf+7WchetPa9ApHu3yaG+nfOTa5HTf8Ifl7ZK+HbsUyOFRCzkYyWUMhQvMDIzoD
odkOExB+w3wDFt4WMVI9gX//L0Vdp/ZEXCnuZW2mhV/Dy+fGZtMC2WhbEoJRsIpE
N78emN4P2FY54r65X6482UXo43NmaSlDwItZ3PaxBC6znTSkeqKsu/SMAYcE5Pce
knqrFxzg6ii+x3JUIfqmoThbIB6SSsTQDglcww/k/Kgn
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:02:38 2023 by rpki-client on console-fra.rpki-client.org