Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d2/4cae10-37a5-40ef-89d5-5701d01c1e87/1/tug_g9vB2is1LcvHIBR5AF1u-zg.roa
File: tug_g9vB2is1LcvHIBR5AF1u-zg.roa (raw, json)
Hash identifier: CwG8sSWHVLqxwZ6sHb1TR0vZm/ospH5pvFPhHfm+Bmg=
Subject key identifier: B6:E8:3F:83:DB:C1:DA:2B:35:2D:CB:C7:20:14:79:00:5D:6E:FB:38
Certificate issuer: /CN=9f5ff3de10a31bbf5701c0bdb26c6508017da2ca
Certificate serial: 01821A50379B1B4E1EC2BFAD5C7B16CF6096
Authority key identifier: 9F:5F:F3:DE:10:A3:1B:BF:57:01:C0:BD:B2:6C:65:08:01:7D:A2:CA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/n1_z3hCjG79XAcC9smxlCAF9oso.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d2/4cae10-37a5-40ef-89d5-5701d01c1e87/1/tug_g9vB2is1LcvHIBR5AF1u-zg.roa
Signing time: Wed 20 Jul 2022 06:34:00 +0000
ROA not before: Wed 20 Jul 2022 06:34:00 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 39431
IP address blocks: 193.93.17.0/24 maxlen: 24
193.93.16.0/24 maxlen: 24
193.93.19.0/24 maxlen: 24
193.93.18.0/24 maxlen: 24
193.93.18.0/23 maxlen: 23
2001:678:468::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:1a:50:37:9b:1b:4e:1e:c2:bf:ad:5c:7b:16:cf:60:96
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9f5ff3de10a31bbf5701c0bdb26c6508017da2ca
Validity
Not Before: Jul 20 06:34:00 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=b6e83f83dbc1da2b352dcbc7201479005d6efb38
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:0a:a4:53:01:9c:cd:f4:90:26:2c:65:d4:4a:
71:f5:0e:47:88:08:ab:70:33:46:83:55:70:3c:e6:
c3:34:d0:d5:b9:e2:e7:a2:03:ae:1a:fa:9e:f8:a8:
0a:d7:a5:9f:d6:c1:b9:dc:10:cc:2b:6f:aa:1c:18:
ea:14:e0:e6:56:e3:48:f5:70:1e:a2:b5:45:10:62:
66:c0:5c:ba:b1:fd:d4:08:99:a8:b9:17:47:14:92:
85:48:b7:7c:6d:b2:e6:37:42:e2:2e:b8:39:26:a2:
4f:8b:0a:19:d0:77:7c:b9:50:70:a1:29:86:b4:4a:
f8:d4:2f:7e:6f:92:5b:1e:f3:c4:bd:98:e0:cb:ed:
90:c9:bc:a8:e6:39:d3:77:4d:f4:ef:1f:cf:97:3f:
35:9b:a0:51:62:f3:e6:c5:f6:e1:bd:bc:4c:88:2b:
9c:77:cf:f3:b8:25:0e:89:e0:5c:76:ff:76:87:3e:
f5:0d:5f:38:71:d8:56:ec:23:8d:85:ac:c5:72:4d:
7a:29:02:62:ab:58:98:cc:f9:46:a1:e4:22:19:38:
11:ba:0d:2f:27:63:f2:71:8e:eb:0f:51:b6:34:ce:
f4:a8:01:82:32:0e:43:bd:d1:24:1d:62:41:50:00:
9b:f6:17:5e:13:1b:d1:23:9c:e7:00:9d:46:d4:ec:
ca:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:E8:3F:83:DB:C1:DA:2B:35:2D:CB:C7:20:14:79:00:5D:6E:FB:38
X509v3 Authority Key Identifier:
keyid:9F:5F:F3:DE:10:A3:1B:BF:57:01:C0:BD:B2:6C:65:08:01:7D:A2:CA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/n1_z3hCjG79XAcC9smxlCAF9oso.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/4cae10-37a5-40ef-89d5-5701d01c1e87/1/tug_g9vB2is1LcvHIBR5AF1u-zg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/4cae10-37a5-40ef-89d5-5701d01c1e87/1/n1_z3hCjG79XAcC9smxlCAF9oso.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.93.16.0/22
IPv6:
2001:678:468::/48
Signature Algorithm: sha256WithRSAEncryption
43:ba:32:41:c8:77:38:df:a6:ab:98:b6:01:99:19:22:8f:35:
96:3d:b8:a5:09:ec:94:88:d3:ef:70:2c:29:42:bc:e1:76:3f:
25:81:e2:97:60:08:24:e2:c9:68:b8:63:fc:b0:a1:5b:99:07:
6a:4f:f9:93:75:41:17:60:c6:0f:e5:10:37:d5:09:12:63:5f:
9d:95:2f:94:5d:fb:b1:90:be:e5:f0:6f:b8:e3:c1:a2:f8:be:
e5:74:67:38:c9:02:e6:96:21:d8:fe:5e:bb:59:c3:fc:00:cc:
81:f9:67:49:fa:27:39:cd:41:41:b6:af:6a:5c:80:e6:92:31:
4a:3d:ec:76:65:db:aa:0b:d5:06:32:b2:02:1c:5b:54:ae:27:
45:08:c4:93:ff:0b:17:b0:ed:f1:50:b9:c9:52:4a:f1:7e:78:
c5:f3:2d:28:0b:83:73:b5:d8:71:b3:d9:38:9a:5d:1e:65:59:
30:26:90:b2:e7:79:7f:73:5b:0f:db:c6:8c:fc:11:a7:d7:e7:
87:17:5f:56:e4:c8:29:d4:9e:e9:d8:c9:f7:ed:dc:c9:50:67:
06:6a:46:dd:11:c3:29:d9:2b:37:e4:ce:9e:d0:b6:c2:09:b7:
ca:7a:db:1a:3b:a2:bb:3b:80:44:13:5e:a9:5d:73:a2:70:05:
8f:8b:16:19
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYIaUDebG04ewr+tXHsWz2CWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlmNWZmM2RlMTBhMzFiYmY1NzAxYzBiZGIyNmM2NTA4MDE3
ZGEyY2EwHhcNMjIwNzIwMDYzNDAwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNmU4M2Y4M2RiYzFkYTJiMzUyZGNiYzcyMDE0NzkwMDVkNmVmYjM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2AqkUwGczfSQJixl1Epx9Q5HiAir
cDNGg1VwPObDNNDVueLnogOuGvqe+KgK16Wf1sG53BDMK2+qHBjqFODmVuNI9XAe
orVFEGJmwFy6sf3UCJmouRdHFJKFSLd8bbLmN0LiLrg5JqJPiwoZ0Hd8uVBwoSmG
tEr41C9+b5JbHvPEvZjgy+2Qybyo5jnTd0307x/Plz81m6BRYvPmxfbhvbxMiCuc
d8/zuCUOieBcdv92hz71DV84cdhW7CONhazFck16KQJiq1iYzPlGoeQiGTgRug0v
J2PycY7rD1G2NM70qAGCMg5DvdEkHWJBUACb9hdeExvRI5znAJ1G1OzKQQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFLboP4PbwdorNS3LxyAUeQBdbvs4MB8GA1UdIwQY
MBaAFJ9f894Qoxu/VwHAvbJsZQgBfaLKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbjFfejNoQ2pHNzlYQWNDOXNteGxDQUY5b3NvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMi80Y2FlMTAtMzdhNS00MGVmLTg5ZDUt
NTcwMWQwMWMxZTg3LzEvdHVnX2c5dkIyaXMxTGN2SElCUjVBRjF1LXpnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMi80Y2FlMTAtMzdhNS00MGVmLTg5ZDUtNTcwMWQwMWMxZTg3
LzEvbjFfejNoQ2pHNzlYQWNDOXNteGxDQUY5b3NvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQCwV0QMA8E
AgACMAkDBwAgAQZ4BGgwDQYJKoZIhvcNAQELBQADggEBAEO6MkHIdzjfpquYtgGZ
GSKPNZY9uKUJ7JSI0+9wLClCvOF2PyWB4pdgCCTiyWi4Y/ywoVuZB2pP+ZN1QRdg
xg/lEDfVCRJjX52VL5Rd+7GQvuXwb7jjwaL4vuV0ZzjJAuaWIdj+XrtZw/wAzIH5
Z0n6JznNQUG2r2pcgOaSMUo97HZl26oL1QYysgIcW1SuJ0UIxJP/Cxew7fFQuclS
SvF+eMXzLSgLg3O12HGz2TiaXR5lWTAmkLLneX9zWw/bxoz8EafX54cXX1bkyCnU
nunYyfft3MlQZwZqRt0RwynZKzfkzp7QtsIJt8p62xo7ors7gEQTXqldc6JwBY+L
Fhk=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:45:54 2024 by rpki-client on console-ams.rpki-client.org