Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/Tg2bxLaZP_DsxoLHU_haryNewDk.roa
File: Tg2bxLaZP_DsxoLHU_haryNewDk.roa (raw, json)
Hash identifier: l88L3h2HzX9DcH3QHGmdewHxKSpSmwFb/cUZ1R977r8=
Subject key identifier: 4E:0D:9B:C4:B6:99:3F:F0:EC:C6:82:C7:53:F8:5A:AF:23:5E:C0:39
Certificate issuer: /CN=92d7c2a1072d73507adbf6507de68aaac01785c0
Certificate serial: 0185061712C4C2E2AF4FEF6CBB7225BF0CFE
Authority key identifier: 92:D7:C2:A1:07:2D:73:50:7A:DB:F6:50:7D:E6:8A:AA:C0:17:85:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ktfCoQctc1B62_ZQfeaKqsAXhcA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/Tg2bxLaZP_DsxoLHU_haryNewDk.roa
Signing time: Mon 12 Dec 2022 11:27:33 +0000
ROA not before: Mon 12 Dec 2022 11:27:33 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 6854
IP address blocks: 212.69.96.0/19 maxlen: 19
213.243.64.0/18 maxlen: 18
195.230.64.0/19 maxlen: 19
80.253.0.0/20 maxlen: 20
83.222.192.0/19 maxlen: 19
83.229.128.0/17 maxlen: 17
62.64.16.0/20 maxlen: 20
62.64.24.0/21 maxlen: 21
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:06:17:12:c4:c2:e2:af:4f:ef:6c:bb:72:25:bf:0c:fe
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=92d7c2a1072d73507adbf6507de68aaac01785c0
Validity
Not Before: Dec 12 11:27:33 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=4e0d9bc4b6993ff0ecc682c753f85aaf235ec039
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:27:c3:a1:3a:1b:16:0b:a9:60:e3:ec:be:e2:
42:41:f8:c1:fd:b1:35:bd:ef:a1:8b:24:3a:b3:bc:
a8:8b:e8:21:06:a8:65:68:82:b0:4e:f4:78:2c:24:
f9:f9:9e:bf:5c:2c:01:9d:2b:0c:ea:ab:90:67:e3:
59:9b:66:24:f7:a7:77:31:65:97:2a:9b:30:41:56:
f9:1e:64:0f:b7:ff:15:97:78:86:08:f4:af:09:9d:
ec:22:46:23:11:2c:2e:0b:8e:ea:f6:7b:b6:bc:54:
44:c1:29:61:99:f2:81:aa:94:b3:ef:70:06:41:9f:
dd:c3:7d:93:90:db:04:5b:d7:12:6f:54:7f:3b:4b:
97:d6:73:05:b3:64:32:3a:b6:f0:4b:4f:ad:5d:20:
3a:2e:a3:32:73:e2:58:be:03:29:57:da:c5:a3:e2:
df:dd:20:7e:8f:79:d7:14:f3:f8:3b:5e:18:22:1a:
44:04:97:de:e3:5b:57:7f:62:7f:8d:0a:e2:26:b9:
0f:b5:83:c7:06:f0:c4:f6:a9:63:da:e2:4c:29:90:
e1:16:5a:28:47:28:fd:0f:4f:83:cc:40:59:cb:4e:
b0:f8:d5:d9:09:17:af:f2:67:d0:44:a1:23:79:a3:
92:dd:aa:bb:51:0b:4f:5b:25:44:5a:38:2a:6c:69:
57:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:0D:9B:C4:B6:99:3F:F0:EC:C6:82:C7:53:F8:5A:AF:23:5E:C0:39
X509v3 Authority Key Identifier:
keyid:92:D7:C2:A1:07:2D:73:50:7A:DB:F6:50:7D:E6:8A:AA:C0:17:85:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ktfCoQctc1B62_ZQfeaKqsAXhcA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/Tg2bxLaZP_DsxoLHU_haryNewDk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/ktfCoQctc1B62_ZQfeaKqsAXhcA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.64.16.0/20
80.253.0.0/20
83.222.192.0/19
83.229.128.0/17
195.230.64.0/19
212.69.96.0/19
213.243.64.0/18
Signature Algorithm: sha256WithRSAEncryption
4d:a9:ad:74:85:06:fe:59:14:32:68:73:73:c2:6e:da:9b:64:
9c:75:c6:14:f8:62:4c:e7:66:93:86:5a:72:52:d5:1e:02:6b:
20:2a:48:8a:92:4e:1f:04:f6:03:dc:7f:65:0a:f2:4a:f4:e8:
02:95:16:e6:8e:51:e6:97:b0:4f:8a:56:6d:1f:91:cf:4f:e9:
47:6c:5f:e5:d0:d7:7f:bc:4c:1a:9e:7a:a4:68:96:c9:39:f8:
f2:b9:06:34:21:75:ea:19:9b:02:b0:0d:28:bb:76:98:4e:c1:
8d:1a:b1:f7:05:c1:24:82:f1:03:be:5d:ba:62:98:81:40:b4:
07:34:21:76:61:54:fc:9d:4c:2f:c9:6c:72:49:26:50:ab:2a:
81:2e:c8:01:9e:f9:3b:cd:99:98:3c:d7:3f:3f:24:3e:5b:d7:
84:da:42:e3:5f:51:2b:ad:95:58:e7:73:ff:0a:b4:c8:71:42:
6f:bf:1d:64:a0:dd:19:86:81:92:6c:69:f5:22:be:ea:b3:c3:
2f:c3:c2:17:10:e3:f2:67:2a:df:51:f3:d0:58:cd:ce:fc:f8:
56:52:d1:25:75:a2:01:b3:f2:f9:92:ec:fb:71:21:07:82:ab:
13:54:16:6c:ab:88:1f:bf:d9:57:32:89:8a:4b:93:86:78:4f:
b9:3f:e7:11
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAYUGFxLEwuKvT+9su3Ilvwz+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyZDdjMmExMDcyZDczNTA3YWRiZjY1MDdkZTY4YWFhYzAx
Nzg1YzAwHhcNMjIxMjEyMTEyNzMzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZTBkOWJjNGI2OTkzZmYwZWNjNjgyYzc1M2Y4NWFhZjIzNWVjMDM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlCfDoTobFgupYOPsvuJCQfjB/bE1
ve+hiyQ6s7yoi+ghBqhlaIKwTvR4LCT5+Z6/XCwBnSsM6quQZ+NZm2Yk96d3MWWX
KpswQVb5HmQPt/8Vl3iGCPSvCZ3sIkYjESwuC47q9nu2vFREwSlhmfKBqpSz73AG
QZ/dw32TkNsEW9cSb1R/O0uX1nMFs2QyOrbwS0+tXSA6LqMyc+JYvgMpV9rFo+Lf
3SB+j3nXFPP4O14YIhpEBJfe41tXf2J/jQriJrkPtYPHBvDE9qlj2uJMKZDhFloo
Ryj9D0+DzEBZy06w+NXZCRev8mfQRKEjeaOS3aq7UQtPWyVEWjgqbGlXnQIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFE4Nm8S2mT/w7MaCx1P4Wq8jXsA5MB8GA1UdIwQY
MBaAFJLXwqEHLXNQetv2UH3miqrAF4XAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva3RmQ29RY3RjMUI2Ml9aUWZlYUtxc0FYaGNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy85Y2ZmN2MtZjA1YS00ZTAyLWJlYTct
ODllNTZjODBkMWQwLzEvVGcyYnhMYVpQX0RzeG9MSFVfaGFyeU5ld0RrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy85Y2ZmN2MtZjA1YS00ZTAyLWJlYTctODllNTZjODBkMWQw
LzEva3RmQ29RY3RjMUI2Ml9aUWZlYUtxc0FYaGNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQEPkAQAwQE
UP0AAwQFU97AAwQHU+WAAwQFw+ZAAwQF1EVgAwQG1fNAMA0GCSqGSIb3DQEBCwUA
A4IBAQBNqa10hQb+WRQyaHNzwm7am2ScdcYU+GJM52aThlpyUtUeAmsgKkiKkk4f
BPYD3H9lCvJK9OgClRbmjlHml7BPilZtH5HPT+lHbF/l0Nd/vEwannqkaJbJOfjy
uQY0IXXqGZsCsA0ou3aYTsGNGrH3BcEkgvEDvl26YpiBQLQHNCF2YVT8nUwvyWxy
SSZQqyqBLsgBnvk7zZmYPNc/PyQ+W9eE2kLjX1ErrZVY53P/CrTIcUJvvx1koN0Z
hoGSbGn1Ir7qs8Mvw8IXEOPyZyrfUfPQWM3O/PhWUtEldaIBs/L5kuz7cSEHgqsT
VBZsq4gfv9lXMomKS5OGeE+5P+cR
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:14:35 2025 by rpki-client