Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b7/334c56-2e69-4da2-b01d-030802641c67/1/TZFOMaVSGOZtaya9jez0QqVrZfw.roa
File: TZFOMaVSGOZtaya9jez0QqVrZfw.roa (raw, json)
Hash identifier: 1qg8CBj8M5OaxmD0aqwKU8mWlTFEouGHwY5L3OOR1JU=
Subject key identifier: 4D:91:4E:31:A5:52:18:E6:6D:6B:26:BD:8D:EC:F4:42:A5:6B:65:FC
Certificate issuer: /CN=e43f91b02152882bf9605d76bea421aa0bd4e628
Certificate serial: 01822002FD9A4B6ED0277F7EB055CB561464
Authority key identifier: E4:3F:91:B0:21:52:88:2B:F9:60:5D:76:BE:A4:21:AA:0B:D4:E6:28
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5D-RsCFSiCv5YF12vqQhqgvU5ig.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b7/334c56-2e69-4da2-b01d-030802641c67/1/TZFOMaVSGOZtaya9jez0QqVrZfw.roa
Signing time: Thu 21 Jul 2022 09:07:23 +0000
ROA not before: Thu 21 Jul 2022 09:07:23 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 212766
IP address blocks: 193.163.116.0/24 maxlen: 24
2a11:e340::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:20:02:fd:9a:4b:6e:d0:27:7f:7e:b0:55:cb:56:14:64
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e43f91b02152882bf9605d76bea421aa0bd4e628
Validity
Not Before: Jul 21 09:07:23 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=4d914e31a55218e66d6b26bd8decf442a56b65fc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:7c:4a:dd:90:ed:07:55:0c:71:50:77:3f:d2:
8d:0b:6a:fd:ee:c3:d7:67:00:c9:96:0b:28:6b:3a:
d5:71:c1:21:17:d0:65:70:91:4e:b4:f1:b8:0f:7f:
ae:ce:93:0a:b0:0d:9d:e0:4c:b1:a8:6e:b7:9b:bb:
e8:f6:6f:cb:c5:2d:ae:60:7a:e8:e0:5e:50:6b:93:
6a:c9:3a:d1:9f:71:62:56:84:69:53:37:86:63:22:
8a:56:3d:82:5a:10:77:27:22:75:64:88:5f:72:52:
2f:78:a0:99:e3:8f:56:86:61:a1:7a:b4:d2:d2:d0:
78:1b:32:d2:26:07:df:cb:48:aa:ff:33:f6:3b:a4:
91:7e:a8:33:1a:38:dd:7f:ea:5e:90:e6:87:68:f2:
7f:8d:bf:1d:5c:52:c0:f8:64:31:82:d7:13:c9:6d:
e2:41:62:04:c9:62:e3:f4:87:3e:ba:23:b1:94:91:
6d:80:3f:db:16:72:4c:c8:a8:54:ec:a9:dd:9d:1a:
3c:5d:06:da:e5:72:8f:3c:ca:12:c3:38:1d:d6:23:
87:0d:75:06:d9:d0:0a:93:db:d4:38:f9:a0:70:2d:
92:cb:88:a0:52:21:7b:5f:ff:c4:7e:14:fd:d4:55:
24:e5:5a:7c:61:81:4d:11:db:9b:36:e6:e5:bb:7c:
2c:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:91:4E:31:A5:52:18:E6:6D:6B:26:BD:8D:EC:F4:42:A5:6B:65:FC
X509v3 Authority Key Identifier:
keyid:E4:3F:91:B0:21:52:88:2B:F9:60:5D:76:BE:A4:21:AA:0B:D4:E6:28
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5D-RsCFSiCv5YF12vqQhqgvU5ig.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/334c56-2e69-4da2-b01d-030802641c67/1/TZFOMaVSGOZtaya9jez0QqVrZfw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/334c56-2e69-4da2-b01d-030802641c67/1/5D-RsCFSiCv5YF12vqQhqgvU5ig.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.163.116.0/24
IPv6:
2a11:e340::/29
Signature Algorithm: sha256WithRSAEncryption
4b:92:c3:c7:cc:1b:b7:06:a6:eb:07:7b:24:fe:f9:55:04:5a:
75:81:93:e4:0d:75:3d:79:e5:75:aa:25:c5:fa:68:24:d1:8b:
e6:39:05:7a:1d:d6:7b:b1:5d:7f:b1:07:2c:c2:47:55:89:4d:
b3:b7:2b:56:19:f0:47:a0:e0:0d:f1:56:77:4a:6e:47:74:2f:
cb:17:36:96:71:c8:99:af:47:1e:29:2c:fd:3e:56:ac:56:d7:
89:ca:03:57:d4:a7:15:89:b2:52:0c:fd:77:b2:7c:8c:35:f4:
b6:e8:d9:f3:18:00:19:10:f8:38:87:79:e0:73:37:64:0e:92:
12:71:85:09:4e:9c:c9:39:08:bd:f3:d0:92:b5:f6:54:2e:bf:
6f:10:39:0d:66:09:70:09:4e:99:ac:8a:0a:5c:8f:a7:4d:09:
5f:9c:c2:16:bb:14:d7:3d:5d:87:ed:42:b1:58:44:45:d4:01:
75:fe:17:c0:21:1a:56:22:c7:fc:ad:6a:70:9e:9c:64:bd:39:
93:ac:3f:7f:ae:0f:84:25:a5:ad:49:27:f3:91:36:22:38:67:
ed:ff:0f:06:e0:51:35:01:d9:d7:e1:60:3f:bd:1c:6b:4f:fa:
31:30:44:87:a6:de:97:b6:c1:0d:93:48:1c:32:48:28:4d:b3:
d0:08:4e:8a
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYIgAv2aS27QJ39+sFXLVhRkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU0M2Y5MWIwMjE1Mjg4MmJmOTYwNWQ3NmJlYTQyMWFhMGJk
NGU2MjgwHhcNMjIwNzIxMDkwNzIzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZDkxNGUzMWE1NTIxOGU2NmQ2YjI2YmQ4ZGVjZjQ0MmE1NmI2NWZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh3xK3ZDtB1UMcVB3P9KNC2r97sPX
ZwDJlgsoazrVccEhF9BlcJFOtPG4D3+uzpMKsA2d4EyxqG63m7vo9m/LxS2uYHro
4F5Qa5NqyTrRn3FiVoRpUzeGYyKKVj2CWhB3JyJ1ZIhfclIveKCZ449WhmGherTS
0tB4GzLSJgffy0iq/zP2O6SRfqgzGjjdf+pekOaHaPJ/jb8dXFLA+GQxgtcTyW3i
QWIEyWLj9Ic+uiOxlJFtgD/bFnJMyKhU7KndnRo8XQba5XKPPMoSwzgd1iOHDXUG
2dAKk9vUOPmgcC2Sy4igUiF7X//EfhT91FUk5Vp8YYFNEdubNublu3wsowIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFE2RTjGlUhjmbWsmvY3s9EKla2X8MB8GA1UdIwQY
MBaAFOQ/kbAhUogr+WBddr6kIaoL1OYoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNUQtUnNDRlNpQ3Y1WUYxMnZxUWhxZ3ZVNWlnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNy8zMzRjNTYtMmU2OS00ZGEyLWIwMWQt
MDMwODAyNjQxYzY3LzEvVFpGT01hVlNHT1p0YXlhOWplejBRcVZyWmZ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNy8zMzRjNTYtMmU2OS00ZGEyLWIwMWQtMDMwODAyNjQxYzY3
LzEvNUQtUnNDRlNpQ3Y1WUYxMnZxUWhxZ3ZVNWlnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAwaN0MA0E
AgACMAcDBQMqEeNAMA0GCSqGSIb3DQEBCwUAA4IBAQBLksPHzBu3BqbrB3sk/vlV
BFp1gZPkDXU9eeV1qiXF+mgk0YvmOQV6HdZ7sV1/sQcswkdViU2ztytWGfBHoOAN
8VZ3Sm5HdC/LFzaWcciZr0ceKSz9PlasVteJygNX1KcVibJSDP13snyMNfS26Nnz
GAAZEPg4h3ngczdkDpIScYUJTpzJOQi989CStfZULr9vEDkNZglwCU6ZrIoKXI+n
TQlfnMIWuxTXPV2H7UKxWERF1AF1/hfAIRpWIsf8rWpwnpxkvTmTrD9/rg+EJaWt
SSfzkTYiOGft/w8G4FE1AdnX4WA/vRxrT/oxMESHpt6XtsENk0gcMkgoTbPQCE6K
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:02:41 2023 by rpki-client on console-fra.rpki-client.org