Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/014f47-628b-4fb8-b344-a409e22a243e/1/tlkunhgyaydfYI5JpiTQAXdGapQ.roa
File: tlkunhgyaydfYI5JpiTQAXdGapQ.roa (raw, json)
Hash identifier: bNV3sZ7qL7youosLgD80y/HSUpFNDhbKHbesOs+SVbg=
Subject key identifier: B6:59:2E:9E:18:32:6B:27:5F:60:8E:49:A6:24:D0:01:77:46:6A:94
Certificate issuer: /CN=70a76929cbe21cedd94c012ba58bb0b6f129722e
Certificate serial: 0930A987
Authority key identifier: 70:A7:69:29:CB:E2:1C:ED:D9:4C:01:2B:A5:8B:B0:B6:F1:29:72:2E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cKdpKcviHO3ZTAErpYuwtvEpci4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/014f47-628b-4fb8-b344-a409e22a243e/1/tlkunhgyaydfYI5JpiTQAXdGapQ.roa
Signing time: Sat 01 Jan 2022 14:58:03 +0000
ROA not before: Sat 01 Jan 2022 14:58:03 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 60785
IP address blocks: 185.25.224.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 154184071 (0x930a987)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=70a76929cbe21cedd94c012ba58bb0b6f129722e
Validity
Not Before: Jan 1 14:58:03 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=b6592e9e18326b275f608e49a624d00177466a94
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:14:eb:01:a8:e5:b9:cb:04:b6:ce:00:0e:6e:
09:7f:8b:d8:e7:1e:e9:23:90:4f:5a:5e:ec:57:7d:
e2:e7:f5:e4:82:07:5e:7b:4d:79:4e:27:20:f4:a2:
59:05:a0:a7:74:ee:1d:67:69:e3:68:c8:a9:c7:0d:
a7:a5:cb:85:a6:31:93:99:32:a0:6a:03:1a:71:66:
ae:cf:87:80:27:fe:e7:98:c7:ed:e8:cd:b3:1a:7b:
53:b5:e1:95:cf:35:4e:09:42:7f:46:69:be:0c:20:
6b:50:60:7f:26:26:cd:46:f4:ab:ae:47:1f:d7:d3:
23:e1:d9:36:e8:52:bd:a6:ce:2d:2f:86:19:e5:58:
de:7a:30:82:8a:0b:9e:ea:ab:ee:23:f0:99:2a:b1:
ab:fa:90:36:0f:21:3a:ea:33:aa:82:60:df:85:12:
72:7b:1b:a8:2b:ff:ab:cb:c3:d7:3c:02:c1:c0:65:
ae:fd:cb:6a:f3:34:78:d8:96:95:c5:ed:10:df:c8:
c7:7c:b6:9e:b3:70:45:c5:a1:5a:da:2a:2a:b1:d8:
e1:c9:d9:e6:58:b4:8e:2b:d5:ee:b1:71:03:c5:d1:
35:d6:0f:31:16:13:5f:66:49:0d:73:79:0e:86:e6:
60:e6:3f:97:1b:a7:b1:09:a7:69:b3:aa:00:b5:ee:
2f:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:59:2E:9E:18:32:6B:27:5F:60:8E:49:A6:24:D0:01:77:46:6A:94
X509v3 Authority Key Identifier:
keyid:70:A7:69:29:CB:E2:1C:ED:D9:4C:01:2B:A5:8B:B0:B6:F1:29:72:2E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cKdpKcviHO3ZTAErpYuwtvEpci4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/014f47-628b-4fb8-b344-a409e22a243e/1/tlkunhgyaydfYI5JpiTQAXdGapQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/014f47-628b-4fb8-b344-a409e22a243e/1/cKdpKcviHO3ZTAErpYuwtvEpci4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.25.224.0/22
Signature Algorithm: sha256WithRSAEncryption
3d:55:df:2e:d5:d6:39:a8:c1:a4:a8:14:61:1a:be:a1:ad:bb:
80:c4:53:8f:e8:ff:77:7b:1a:ed:c5:bf:1f:40:46:39:65:a6:
ed:89:4a:a5:1b:b3:5f:66:7a:bb:0e:f4:c7:58:b6:4c:01:3c:
5e:76:64:03:4a:04:4e:19:04:30:ea:d2:44:97:7e:94:d7:21:
e5:d1:37:5f:7e:b5:0c:e4:43:ca:6d:02:96:0c:5c:e7:2e:c6:
bc:c3:bf:1e:fc:b8:c4:8b:c3:3e:0c:73:5a:d7:04:fe:f4:da:
1a:03:11:d7:10:03:70:ee:24:b4:a1:b7:27:78:67:1a:c2:24:
69:15:cc:7a:c3:7c:4b:d1:6c:a0:7d:3e:a4:bd:e7:4b:d2:3e:
f6:fd:6a:ae:4c:98:bc:9c:fe:fb:5f:67:43:ae:bf:3f:2e:7c:
70:3e:5d:c1:1c:46:12:4e:22:af:68:52:58:23:52:4f:ae:e0:
07:22:9f:f6:e0:a3:d1:2c:30:ac:aa:80:01:56:7f:70:c5:50:
a5:7d:4e:2d:cd:e8:69:15:92:4a:cc:a2:44:28:74:3d:a0:37:
b9:e3:87:74:9b:45:da:29:9a:fc:9d:3f:e8:03:31:64:1e:a2:
2b:c7:fd:f6:72:cb:58:62:2e:30:1c:4b:cd:fc:c9:14:2c:8a:
25:dd:57:db
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIECTCphzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
MGE3NjkyOWNiZTIxY2VkZDk0YzAxMmJhNThiYjBiNmYxMjk3MjJlMB4XDTIyMDEw
MTE0NTgwM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYjY1OTJlOWUxODMy
NmIyNzVmNjA4ZTQ5YTYyNGQwMDE3NzQ2NmE5NDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAK8U6wGo5bnLBLbOAA5uCX+L2Oce6SOQT1pe7Fd94uf15IIH
XntNeU4nIPSiWQWgp3TuHWdp42jIqccNp6XLhaYxk5kyoGoDGnFmrs+HgCf+55jH
7ejNsxp7U7Xhlc81TglCf0Zpvgwga1BgfyYmzUb0q65HH9fTI+HZNuhSvabOLS+G
GeVY3nowgooLnuqr7iPwmSqxq/qQNg8hOuozqoJg34UScnsbqCv/q8vD1zwCwcBl
rv3LavM0eNiWlcXtEN/Ix3y2nrNwRcWhWtoqKrHY4cnZ5li0jivV7rFxA8XRNdYP
MRYTX2ZJDXN5DobmYOY/lxunsQmnabOqALXuL8MCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBS2WS6eGDJrJ19gjkmmJNABd0ZqlDAfBgNVHSMEGDAWgBRwp2kpy+Ic7dlM
ASuli7C28SlyLjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2NLZHBLY3ZpSE8zWlRBRXJwWXV3dHZFcGNpNC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYzAvMDE0ZjQ3LTYyOGItNGZiOC1iMzQ0LWE0MDllMjJhMjQzZS8x
L3Rsa3VuaGd5YXlkZllJNUpwaVRRQVhkR2FwUS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYzAv
MDE0ZjQ3LTYyOGItNGZiOC1iMzQ0LWE0MDllMjJhMjQzZS8xL2NLZHBLY3ZpSE8z
WlRBRXJwWXV3dHZFcGNpNC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEArkZ4DANBgkqhkiG9w0BAQsFAAOC
AQEAPVXfLtXWOajBpKgUYRq+oa27gMRTj+j/d3sa7cW/H0BGOWWm7YlKpRuzX2Z6
uw70x1i2TAE8XnZkA0oEThkEMOrSRJd+lNch5dE3X361DORDym0Clgxc5y7GvMO/
Hvy4xIvDPgxzWtcE/vTaGgMR1xADcO4ktKG3J3hnGsIkaRXMesN8S9FsoH0+pL3n
S9I+9v1qrkyYvJz++19nQ66/Py58cD5dwRxGEk4ir2hSWCNST67gByKf9uCj0Sww
rKqAAVZ/cMVQpX1OLc3oaRWSSsyiRCh0PaA3ueOHdJtF2ima/J0/6AMxZB6iK8f9
9nLLWGIuMBxLzfzJFCyKJd1X2w==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:03:17 2023 by rpki-client on console-fra.rpki-client.org