Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c1/cf943d-c921-4ef7-9aa0-e3fcb23e3438/1/TcyccqO6Haz7e5isaVIaIDCE3cQ.roa
File: TcyccqO6Haz7e5isaVIaIDCE3cQ.roa (raw, json)
Hash identifier: lgjihEdEZK22yzJnR4Y9neC2zh09LvnL6pO01uVOmDc=
Subject key identifier: 4D:CC:9C:72:A3:BA:1D:AC:FB:7B:98:AC:69:52:1A:20:30:84:DD:C4
Certificate issuer: /CN=352f8919e6bc1ef5663489018fc875be34c0f24c
Certificate serial: 0731E485
Authority key identifier: 35:2F:89:19:E6:BC:1E:F5:66:34:89:01:8F:C8:75:BE:34:C0:F2:4C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NS-JGea8HvVmNIkBj8h1vjTA8kw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c1/cf943d-c921-4ef7-9aa0-e3fcb23e3438/1/TcyccqO6Haz7e5isaVIaIDCE3cQ.roa
Signing time: Sat 01 Jan 2022 13:03:34 +0000
ROA not before: Sat 01 Jan 2022 13:03:34 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 35600
IP address blocks: 185.56.176.0/22 maxlen: 22
194.117.246.0/23 maxlen: 23
2001:67c:184c::/48 maxlen: 48
2a02:5520::/32 maxlen: 32
2a00:4780::/32 maxlen: 32
2a0e:ac80::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 120710277 (0x731e485)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=352f8919e6bc1ef5663489018fc875be34c0f24c
Validity
Not Before: Jan 1 13:03:34 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=4dcc9c72a3ba1dacfb7b98ac69521a203084ddc4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:67:14:9c:18:f2:a3:42:3d:b9:5b:6e:b2:17:
0e:4b:27:b6:a1:7a:71:7f:d9:1f:dd:6f:a4:16:f3:
46:2d:36:5d:e1:67:83:29:62:9d:8b:26:17:2f:eb:
a9:b9:c0:87:bf:38:0e:87:ab:06:ff:60:6d:90:37:
7a:4d:5d:3b:0f:ea:c8:55:76:b6:ce:d1:ff:49:d9:
5d:f9:d9:a5:63:1d:8f:df:52:01:80:70:83:27:05:
08:3e:db:9d:3e:b4:0c:6e:58:63:66:60:33:22:c5:
3f:6e:f2:fc:9d:d5:22:1e:f0:a7:bc:2d:14:c2:09:
27:a3:c0:d9:39:14:85:66:7b:d1:d1:3d:ef:4e:57:
03:b4:a1:04:2e:65:61:18:84:f5:c6:cb:a6:e2:d6:
c8:cf:04:9f:0a:83:c8:47:15:f5:5b:43:a8:41:3e:
c0:c8:3f:fe:97:bd:77:e0:e9:93:38:1b:9d:9a:1a:
8e:d9:5c:d6:ce:ee:32:b7:0c:02:71:6c:ef:3a:13:
0b:d6:10:3c:8f:ca:62:c1:3d:5e:13:2a:12:bb:e4:
24:55:a5:65:a4:23:a7:29:c6:43:bd:07:06:ec:43:
68:08:b3:75:e2:b1:b4:64:9e:86:21:c7:7d:bb:46:
7f:c6:3e:22:6b:15:fa:51:57:06:de:f0:63:93:38:
f9:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:CC:9C:72:A3:BA:1D:AC:FB:7B:98:AC:69:52:1A:20:30:84:DD:C4
X509v3 Authority Key Identifier:
keyid:35:2F:89:19:E6:BC:1E:F5:66:34:89:01:8F:C8:75:BE:34:C0:F2:4C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NS-JGea8HvVmNIkBj8h1vjTA8kw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/cf943d-c921-4ef7-9aa0-e3fcb23e3438/1/TcyccqO6Haz7e5isaVIaIDCE3cQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/cf943d-c921-4ef7-9aa0-e3fcb23e3438/1/NS-JGea8HvVmNIkBj8h1vjTA8kw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.56.176.0/22
194.117.246.0/23
IPv6:
2001:67c:184c::/48
2a00:4780::/32
2a02:5520::/32
2a0e:ac80::/29
Signature Algorithm: sha256WithRSAEncryption
9a:ff:3b:38:4b:77:21:19:be:89:61:4d:a3:e6:b2:d9:76:52:
2c:85:12:e8:ad:3d:55:c7:48:b1:69:38:f9:5b:93:4d:3f:65:
80:a4:1a:b5:fd:20:e4:47:dd:98:a1:70:8d:1a:4e:92:47:02:
6d:8d:21:d0:62:af:d2:6b:2a:6a:97:84:a1:16:cf:0c:df:a6:
94:20:f0:13:91:ba:d4:0f:28:be:e3:5f:58:4d:af:f2:c6:d3:
69:30:63:10:3b:eb:94:c0:0e:5b:c3:74:d7:a1:25:4f:8e:13:
93:00:46:e4:55:a4:e8:c2:90:e4:03:d9:7b:1a:e3:bf:13:a3:
12:0a:a8:f1:63:6d:f3:11:91:2a:f1:92:a3:ce:f1:2a:8a:94:
32:a2:0a:b5:21:05:10:7d:0d:58:48:62:00:6b:f7:38:84:49:
ef:48:ef:ba:a7:6b:63:69:45:e0:2c:1a:6a:1f:c9:b7:8a:bd:
0c:e3:51:b6:81:f6:3c:23:46:7b:8e:63:16:d4:0f:e4:d6:f8:
f0:03:1f:9e:6d:0e:29:b8:fe:61:02:34:46:74:d4:5a:7f:a1:
c2:47:96:12:cb:f8:83:0d:41:39:f6:16:31:e1:d1:b0:62:2b:
03:d1:3b:e9:ec:a6:5f:fc:35:6c:f3:84:24:bb:bd:7d:1b:9f:
57:d4:05:98
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgIEBzHkhTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
NTJmODkxOWU2YmMxZWY1NjYzNDg5MDE4ZmM4NzViZTM0YzBmMjRjMB4XDTIyMDEw
MTEzMDMzNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNGRjYzljNzJhM2Jh
MWRhY2ZiN2I5OGFjNjk1MjFhMjAzMDg0ZGRjNDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKJnFJwY8qNCPblbbrIXDksntqF6cX/ZH91vpBbzRi02XeFn
gylinYsmFy/rqbnAh784DoerBv9gbZA3ek1dOw/qyFV2ts7R/0nZXfnZpWMdj99S
AYBwgycFCD7bnT60DG5YY2ZgMyLFP27y/J3VIh7wp7wtFMIJJ6PA2TkUhWZ70dE9
705XA7ShBC5lYRiE9cbLpuLWyM8EnwqDyEcV9VtDqEE+wMg//pe9d+DpkzgbnZoa
jtlc1s7uMrcMAnFs7zoTC9YQPI/KYsE9XhMqErvkJFWlZaQjpynGQ70HBuxDaAiz
deKxtGSehiHHfbtGf8Y+ImsV+lFXBt7wY5M4+UsCAwEAAaOCAjUwggIxMB0GA1Ud
DgQWBBRNzJxyo7odrPt7mKxpUhogMITdxDAfBgNVHSMEGDAWgBQ1L4kZ5rwe9WY0
iQGPyHW+NMDyTDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L05TLUpHZWE4SHZWbU5Ja0JqOGgxdmpUQThrdy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYzEvY2Y5NDNkLWM5MjEtNGVmNy05YWEwLWUzZmNiMjNlMzQzOC8x
L1RjeWNjcU82SGF6N2U1aXNhVklhSURDRTNjUS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYzEv
Y2Y5NDNkLWM5MjEtNGVmNy05YWEwLWUzZmNiMjNlMzQzOC8xL05TLUpHZWE4SHZW
bU5Ja0JqOGgxdmpUQThrdy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBL
BggrBgEFBQcBBwEB/wQ8MDowEgQCAAEwDAMEArk4sAMEAcJ19jAkBAIAAjAeAwcA
IAEGfBhMAwUAKgBHgAMFACoCVSADBQMqDqyAMA0GCSqGSIb3DQEBCwUAA4IBAQCa
/zs4S3chGb6JYU2j5rLZdlIshRLorT1Vx0ixaTj5W5NNP2WApBq1/SDkR92YoXCN
Gk6SRwJtjSHQYq/Saypql4ShFs8M36aUIPATkbrUDyi+419YTa/yxtNpMGMQO+uU
wA5bw3TXoSVPjhOTAEbkVaTowpDkA9l7GuO/E6MSCqjxY23zEZEq8ZKjzvEqipQy
ogq1IQUQfQ1YSGIAa/c4hEnvSO+6p2tjaUXgLBpqH8m3ir0M41G2gfY8I0Z7jmMW
1A/k1vjwAx+ebQ4puP5hAjRGdNRaf6HCR5YSy/iDDUE59hYx4dGwYisD0Tvp7KZf
/DVs84Qku719G59X1AWY
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:42:26 2024 by rpki-client on console-ams.rpki-client.org