Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/tfNmciju16HC1OvzX23Xxvf5t4k.roa
File: tfNmciju16HC1OvzX23Xxvf5t4k.roa (raw, json)
Hash identifier: YzMPcXWqs6LWtoubMK9zItm0J65r4kqwuUKxZhiv9u4=
Subject key identifier: B5:F3:66:72:28:EE:D7:A1:C2:D4:EB:F3:5F:6D:D7:C6:F7:F9:B7:89
Certificate issuer: /CN=b4253c4f233ce9847699ae68ecbf5d7514b0fadb
Certificate serial: 17A7DEF3
Authority key identifier: B4:25:3C:4F:23:3C:E9:84:76:99:AE:68:EC:BF:5D:75:14:B0:FA:DB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tCU8TyM86YR2ma5o7L9ddRSw-ts.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/tfNmciju16HC1OvzX23Xxvf5t4k.roa
Signing time: Sat 01 Jan 2022 13:03:32 +0000
ROA not before: Sat 01 Jan 2022 13:03:32 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 213392
IP address blocks: 45.86.126.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 396877555 (0x17a7def3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4253c4f233ce9847699ae68ecbf5d7514b0fadb
Validity
Not Before: Jan 1 13:03:32 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=b5f3667228eed7a1c2d4ebf35f6dd7c6f7f9b789
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:1d:1c:fa:a6:25:e8:a9:fc:5e:d0:0a:85:a6:
96:89:78:48:e7:ff:dc:01:38:e5:3f:ae:ba:db:68:
4e:eb:a4:ac:37:21:a1:3b:4c:3f:e6:1b:e4:19:e7:
37:47:a3:7c:ae:bc:db:08:97:35:e2:3c:63:a2:da:
8f:dc:89:a7:fd:2a:73:b4:13:4b:8d:2a:c3:2c:50:
db:61:5f:db:fb:86:8b:fe:0e:15:a8:41:aa:84:f1:
57:fd:38:5d:d5:3a:5b:44:0a:55:de:5b:25:e5:ed:
fa:2d:8e:aa:45:ad:b1:b0:11:8d:1f:45:f7:00:b5:
7b:de:96:96:c0:94:b1:dc:56:64:9c:2d:94:29:7e:
66:41:2b:38:80:75:94:1b:41:4b:51:bd:19:12:f7:
fc:d4:04:a4:63:08:cd:2b:db:52:1d:fa:48:05:e8:
92:be:1e:6b:f5:4b:ff:2d:a9:dd:dc:e6:57:d8:bd:
30:92:8a:56:20:1b:46:55:b9:67:09:37:e2:44:64:
b8:2e:eb:1d:0a:1b:52:ef:4b:0a:9f:7c:af:da:bc:
09:64:9f:d6:3f:b0:09:7e:db:fe:90:df:12:b8:75:
44:a6:71:0e:7b:ac:b2:7a:b8:ba:b2:8f:9e:cb:d7:
72:64:08:e7:89:98:be:e2:bd:22:fb:30:be:a4:17:
16:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:F3:66:72:28:EE:D7:A1:C2:D4:EB:F3:5F:6D:D7:C6:F7:F9:B7:89
X509v3 Authority Key Identifier:
keyid:B4:25:3C:4F:23:3C:E9:84:76:99:AE:68:EC:BF:5D:75:14:B0:FA:DB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tCU8TyM86YR2ma5o7L9ddRSw-ts.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/tfNmciju16HC1OvzX23Xxvf5t4k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/tCU8TyM86YR2ma5o7L9ddRSw-ts.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.86.126.0/24
Signature Algorithm: sha256WithRSAEncryption
94:06:a0:dd:d7:23:dd:f8:56:4b:eb:c5:2c:d0:36:31:88:fa:
54:f4:f2:02:b5:eb:93:d3:11:a5:36:50:ab:16:53:cd:b1:33:
b7:16:11:48:1c:f5:9f:9b:b6:49:26:45:40:3e:27:40:ed:dc:
f8:ff:e7:91:28:cf:d7:5f:d6:ae:08:a8:0a:e2:3e:57:e4:2a:
19:b4:97:53:24:af:38:3c:1e:65:b0:0e:6b:88:75:47:eb:30:
1a:8e:e4:02:fd:4b:76:20:a9:6b:7e:d3:26:64:67:9c:6d:96:
4d:e6:48:de:47:92:ae:0a:a2:bc:e3:1e:30:c5:e5:0a:3e:aa:
e8:43:36:af:56:b8:00:6c:90:01:20:9a:47:cf:db:96:b6:2b:
5e:2c:88:a9:4d:18:2f:ea:cf:c9:81:e0:06:0a:c1:e5:d0:c0:
74:96:39:fa:5f:26:dc:1b:94:9d:c7:1a:9d:b1:0a:79:15:53:
e3:63:8e:82:68:2c:12:c6:0a:c4:bf:b6:b5:1e:9a:c7:17:ff:
1a:0b:4c:a6:21:ff:aa:08:25:d4:3d:ad:23:bf:36:7f:24:cb:
54:d6:39:13:68:82:9e:28:fe:d4:ca:7e:e7:55:89:2a:12:24:
a2:ee:dd:f9:aa:c7:c1:aa:e4:87:3f:38:7e:81:ea:dd:94:0a:
da:74:67:6f
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEF6fe8zANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
NDI1M2M0ZjIzM2NlOTg0NzY5OWFlNjhlY2JmNWQ3NTE0YjBmYWRiMB4XDTIyMDEw
MTEzMDMzMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYjVmMzY2NzIyOGVl
ZDdhMWMyZDRlYmYzNWY2ZGQ3YzZmN2Y5Yjc4OTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALQdHPqmJeip/F7QCoWmlol4SOf/3AE45T+uuttoTuukrDch
oTtMP+Yb5BnnN0ejfK682wiXNeI8Y6Laj9yJp/0qc7QTS40qwyxQ22Ff2/uGi/4O
FahBqoTxV/04XdU6W0QKVd5bJeXt+i2OqkWtsbARjR9F9wC1e96WlsCUsdxWZJwt
lCl+ZkErOIB1lBtBS1G9GRL3/NQEpGMIzSvbUh36SAXokr4ea/VL/y2p3dzmV9i9
MJKKViAbRlW5Zwk34kRkuC7rHQobUu9LCp98r9q8CWSf1j+wCX7b/pDfErh1RKZx
Dnussnq4urKPnsvXcmQI54mYvuK9IvswvqQXFg0CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBS182ZyKO7XocLU6/NfbdfG9/m3iTAfBgNVHSMEGDAWgBS0JTxPIzzphHaZ
rmjsv111FLD62zAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3RDVThUeU04NllSMm1hNW83TDlkZFJTdy10cy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZDAvNDFkNmUxLTVjYWQtNDBkYi05NzczLTU4YjM4ZjVhYzgwYi8x
L3RmTm1jaWp1MTZIQzFPdnpYMjNYeHZmNXQ0ay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDAv
NDFkNmUxLTVjYWQtNDBkYi05NzczLTU4YjM4ZjVhYzgwYi8xL3RDVThUeU04NllS
Mm1hNW83TDlkZFJTdy10cy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAC1WfjANBgkqhkiG9w0BAQsFAAOC
AQEAlAag3dcj3fhWS+vFLNA2MYj6VPTyArXrk9MRpTZQqxZTzbEztxYRSBz1n5u2
SSZFQD4nQO3c+P/nkSjP11/WrgioCuI+V+QqGbSXUySvODweZbAOa4h1R+swGo7k
Av1LdiCpa37TJmRnnG2WTeZI3keSrgqivOMeMMXlCj6q6EM2r1a4AGyQASCaR8/b
lrYrXiyIqU0YL+rPyYHgBgrB5dDAdJY5+l8m3BuUnccanbEKeRVT42OOgmgsEsYK
xL+2tR6axxf/GgtMpiH/qggl1D2tI782fyTLVNY5E2iCnij+1Mp+51WJKhIkou7d
+arHwarkhz84foHq3ZQK2nRnbw==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:04:17 2023 by rpki-client on console-fra.rpki-client.org