Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/TZl5fFOV0_4ElOC9V5afkhf2Yks.roa
File: TZl5fFOV0_4ElOC9V5afkhf2Yks.roa (raw, json)
Hash identifier: us5AO+K+HP2uHnub0SIpYKMV9Suw58e73QtpqFQh+O0=
Subject key identifier: 4D:99:79:7C:53:95:D3:FE:04:94:E0:BD:57:96:9F:92:17:F6:62:4B
Certificate issuer: /CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
Certificate serial: 179C7DB4
Authority key identifier: 6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/TZl5fFOV0_4ElOC9V5afkhf2Yks.roa
Signing time: Sat 01 Jan 2022 04:53:58 +0000
ROA not before: Sat 01 Jan 2022 04:53:58 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 26636
IP address blocks: 45.12.232.0/24 maxlen: 32
185.182.60.0/24 maxlen: 24
92.119.150.0/23 maxlen: 32
91.188.203.0/24 maxlen: 32
193.187.155.0/24 maxlen: 24
193.187.154.0/24 maxlen: 24
193.187.153.0/24 maxlen: 24
45.14.46.0/24 maxlen: 32
45.10.3.0/24 maxlen: 32
2.59.174.0/23 maxlen: 32
45.10.2.0/24 maxlen: 32
213.232.104.0/24 maxlen: 24
193.160.212.0/24 maxlen: 24
5.181.148.0/23 maxlen: 32
185.226.75.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 396131764 (0x179c7db4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
Validity
Not Before: Jan 1 04:53:58 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=4d99797c5395d3fe0494e0bd57969f9217f6624b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:c3:0a:b4:9f:46:05:49:1c:3c:c7:13:64:6f:
0e:42:b2:ea:ab:16:5b:e8:0c:f5:83:f9:db:37:a9:
71:0a:76:4c:8d:b0:97:a7:5b:f2:b9:76:e6:dd:5a:
b3:0c:a5:d7:3e:94:34:c3:af:2b:19:b0:13:aa:d9:
38:2e:f9:7b:bd:53:ad:da:87:90:1e:b0:12:fa:c2:
e1:33:95:89:68:61:55:9e:4b:15:01:97:ec:68:cd:
0d:81:85:14:a1:42:70:d3:68:8f:3c:a5:44:3e:27:
ea:fd:65:44:1f:bb:69:a5:d2:46:4d:9d:36:c5:58:
a6:7f:d2:3f:e6:08:6a:b7:2b:e6:8b:25:ff:06:59:
69:89:4c:b8:3f:bc:5d:4d:1c:8b:c6:98:39:49:39:
b8:1d:e2:a5:9f:0a:3d:5d:d4:e4:d4:f7:f8:69:4e:
e6:0a:5b:ed:33:55:c0:33:ff:da:72:ca:b2:7b:7a:
e2:55:cc:64:9c:ec:b7:ab:b9:42:d5:8d:52:9b:b7:
f8:b8:d2:ce:f2:fa:34:3b:0a:9e:f5:53:40:81:71:
92:65:94:d6:26:20:d0:18:f3:08:20:77:ae:38:70:
ab:0d:08:c1:4a:ab:f0:36:89:51:52:11:2c:57:ac:
e8:8c:5f:44:23:f3:66:27:84:d9:3a:6b:db:66:41:
5c:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:99:79:7C:53:95:D3:FE:04:94:E0:BD:57:96:9F:92:17:F6:62:4B
X509v3 Authority Key Identifier:
keyid:6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/TZl5fFOV0_4ElOC9V5afkhf2Yks.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/bI_RqK5ZlsHlaSwajEK_6cO6V0U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.59.174.0/23
5.181.148.0/23
45.10.2.0/23
45.12.232.0/24
45.14.46.0/24
91.188.203.0/24
92.119.150.0/23
185.182.60.0/24
185.226.75.0/24
193.160.212.0/24
193.187.153.0-193.187.155.255
213.232.104.0/24
Signature Algorithm: sha256WithRSAEncryption
85:22:0a:2e:7e:96:62:10:00:dc:ff:ec:f9:c7:ff:64:b9:4f:
3f:9d:41:67:53:d3:96:23:9b:35:26:41:9b:ff:c7:41:16:62:
ea:61:bc:dc:48:42:bb:00:5e:1f:56:77:e0:07:65:a3:32:d2:
d6:34:16:7f:bb:fe:1c:80:b3:4c:c4:4e:0d:40:9f:d2:ec:a4:
cd:be:57:ed:d5:d3:0f:28:2a:05:74:2a:4d:b1:76:6a:58:62:
d8:26:16:b8:d1:1f:96:98:77:0b:17:a3:cc:f4:d6:57:bd:03:
00:69:76:bd:9e:de:b0:9c:34:26:e1:fe:1b:26:34:ed:38:93:
cf:20:65:d0:39:ab:55:04:cf:bc:1e:18:4a:f5:6f:09:d4:06:
bd:90:88:e3:fa:4f:3e:40:fa:f5:72:06:87:a4:71:90:dc:c4:
46:8b:50:30:13:fa:ff:a9:41:be:6a:21:13:71:01:df:cc:fe:
06:69:93:95:77:29:95:5b:51:85:a5:18:0c:fc:16:db:4d:d8:
fc:1f:e5:7c:90:8c:52:22:2e:ac:05:97:51:8a:09:4f:c3:6a:
fa:82:6e:18:b1:15:96:98:d3:3a:7c:08:a5:90:41:bc:08:21:
02:20:29:19:71:8a:f2:32:93:94:d9:56:e5:b5:c8:96:dd:48:
27:52:0c:dc
-----BEGIN CERTIFICATE-----
MIIFOTCCBCGgAwIBAgIEF5x9tDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
YzhmZDFhOGFlNTk5NmMxZTU2OTJjMWE4YzQyYmZlOWMzYmE1NzQ1MB4XDTIyMDEw
MTA0NTM1OFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNGQ5OTc5N2M1Mzk1
ZDNmZTA0OTRlMGJkNTc5NjlmOTIxN2Y2NjI0YjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALzDCrSfRgVJHDzHE2RvDkKy6qsWW+gM9YP52zepcQp2TI2w
l6db8rl25t1aswyl1z6UNMOvKxmwE6rZOC75e71TrdqHkB6wEvrC4TOViWhhVZ5L
FQGX7GjNDYGFFKFCcNNojzylRD4n6v1lRB+7aaXSRk2dNsVYpn/SP+YIarcr5osl
/wZZaYlMuD+8XU0ci8aYOUk5uB3ipZ8KPV3U5NT3+GlO5gpb7TNVwDP/2nLKsnt6
4lXMZJzst6u5QtWNUpu3+LjSzvL6NDsKnvVTQIFxkmWU1iYg0BjzCCB3rjhwqw0I
wUqr8DaJUVIRLFes6IxfRCPzZieE2Tpr22ZBXI0CAwEAAaOCAlMwggJPMB0GA1Ud
DgQWBBRNmXl8U5XT/gSU4L1Xlp+SF/ZiSzAfBgNVHSMEGDAWgBRsj9GorlmWweVp
LBqMQr/pw7pXRTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2JJX1JxSzVabHNIbGFTd2FqRUtfNmNPNlYwVS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZDAvNDkyNTkwLWEwMmYtNDQzZS1hYWEzLWZlYWMyNmVhZWNjMi8x
L1RabDVmRk9WMF80RWxPQzlWNWFma2hmMllrcy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDAv
NDkyNTkwLWEwMmYtNDQzZS1hYWEzLWZlYWMyNmVhZWNjMi8xL2JJX1JxSzVabHNI
bGFTd2FqRUtfNmNPNlYwVS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBp
BggrBgEFBQcBBwEB/wRaMFgwVgQCAAEwUAMEAQI7rgMEAQW1lAMEAS0KAgMEAC0M
6AMEAC0OLgMEAFu8ywMEAVx3lgMEALm2PAMEALniSwMEAMGg1DAMAwQAwbuZAwQC
wbuYAwQA1ehoMA0GCSqGSIb3DQEBCwUAA4IBAQCFIgoufpZiEADc/+z5x/9kuU8/
nUFnU9OWI5s1JkGb/8dBFmLqYbzcSEK7AF4fVnfgB2WjMtLWNBZ/u/4cgLNMxE4N
QJ/S7KTNvlft1dMPKCoFdCpNsXZqWGLYJha40R+WmHcLF6PM9NZXvQMAaXa9nt6w
nDQm4f4bJjTtOJPPIGXQOatVBM+8HhhK9W8J1Aa9kIjj+k8+QPr1cgaHpHGQ3MRG
i1AwE/r/qUG+aiETcQHfzP4GaZOVdymVW1GFpRgM/BbbTdj8H+V8kIxSIi6sBZdR
iglPw2r6gm4YsRWWmNM6fAilkEG8CCECICkZcYryMpOU2VbltciW3UgnUgzc
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:04:18 2023 by rpki-client on console-fra.rpki-client.org