Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d5/bf5e70-6665-49de-b9cf-4cfe40f07a6b/1/TDUxKOZXQ39CI5zzjPLED9x4HZ0.roa
File: TDUxKOZXQ39CI5zzjPLED9x4HZ0.roa (raw, json)
Hash identifier: TyREb2rLbqFZY4Mu8qLfw48d6+5WENGXp3PDRKJAtk8=
Subject key identifier: 4C:35:31:28:E6:57:43:7F:42:23:9C:F3:8C:F2:C4:0F:DC:78:1D:9D
Certificate issuer: /CN=16307d29f5543f21ea3009b9523fe71b8f1369ca
Certificate serial: 1145F9B1
Authority key identifier: 16:30:7D:29:F5:54:3F:21:EA:30:09:B9:52:3F:E7:1B:8F:13:69:CA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FjB9KfVUPyHqMAm5Uj_nG48Taco.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d5/bf5e70-6665-49de-b9cf-4cfe40f07a6b/1/TDUxKOZXQ39CI5zzjPLED9x4HZ0.roa
Signing time: Sat 01 Jan 2022 05:58:17 +0000
ROA not before: Sat 01 Jan 2022 05:58:17 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 51905
IP address blocks: 84.19.112.0/21 maxlen: 21
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 289798577 (0x1145f9b1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=16307d29f5543f21ea3009b9523fe71b8f1369ca
Validity
Not Before: Jan 1 05:58:17 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=4c353128e657437f42239cf38cf2c40fdc781d9d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:9a:07:c6:ba:b6:c6:d9:0d:5e:6b:6f:80:55:
f2:9d:d5:f1:0d:21:a6:88:da:a8:ce:b8:04:fb:4a:
45:cd:8e:1a:23:b1:98:b3:e0:bf:72:8b:d1:1b:7a:
16:bc:fb:2b:be:9d:f1:ff:3a:fb:32:7f:94:a6:ea:
e9:08:e2:63:68:62:d1:8a:35:9e:88:8a:f2:93:01:
c2:4d:0c:b8:ed:2a:23:8a:4f:a5:2e:c1:bf:97:ae:
84:03:78:78:37:8e:f0:b9:88:48:32:91:b9:0f:dd:
a4:ed:e6:25:94:dc:14:51:61:9b:9a:36:2e:84:96:
c8:e8:8b:b7:d4:ed:f2:97:99:73:e1:56:04:f0:2d:
d3:56:f1:22:d4:05:93:73:1a:4d:3a:b2:cb:d6:52:
87:f1:a8:df:26:70:17:7e:fc:3b:73:53:51:e0:fe:
b0:b2:bc:c7:7b:f5:4c:33:38:40:44:31:7e:a4:47:
a5:ef:76:bb:f6:60:f2:59:aa:5f:1e:c8:00:e4:81:
ca:8d:65:d1:02:3b:43:34:d6:af:0f:f9:b3:7f:49:
8a:d7:f8:25:9a:f9:b0:e5:fe:50:f1:39:73:27:00:
8d:04:7e:aa:e6:38:1c:9b:e1:a7:f4:13:e4:34:cd:
cc:9f:82:1f:64:bc:92:ff:07:e1:ed:7f:6a:bd:b3:
a7:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:35:31:28:E6:57:43:7F:42:23:9C:F3:8C:F2:C4:0F:DC:78:1D:9D
X509v3 Authority Key Identifier:
keyid:16:30:7D:29:F5:54:3F:21:EA:30:09:B9:52:3F:E7:1B:8F:13:69:CA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FjB9KfVUPyHqMAm5Uj_nG48Taco.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/bf5e70-6665-49de-b9cf-4cfe40f07a6b/1/TDUxKOZXQ39CI5zzjPLED9x4HZ0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/bf5e70-6665-49de-b9cf-4cfe40f07a6b/1/FjB9KfVUPyHqMAm5Uj_nG48Taco.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.19.112.0/21
Signature Algorithm: sha256WithRSAEncryption
24:75:72:64:d0:90:ca:74:b7:ad:36:e9:57:7a:2e:62:0d:17:
35:a9:5c:78:f1:67:9c:8d:93:c4:b3:7e:5c:2d:7c:b0:fa:12:
54:35:18:d4:5f:90:16:74:03:c5:9a:59:a6:e9:80:05:4a:1e:
10:94:00:ea:90:a9:10:f0:0f:ae:8e:a9:76:82:d1:a8:71:3a:
3c:a3:f2:7c:e4:b1:8b:0d:8f:ae:b1:ff:a1:69:b0:c8:99:9d:
d0:64:b1:1c:e9:88:e8:97:4c:7f:f0:5b:c5:4a:48:a6:79:bf:
29:55:d7:14:ef:6f:72:76:af:29:72:ff:21:85:5a:5f:0c:b5:
8e:30:29:94:c0:d4:34:af:37:77:4a:d7:aa:1d:16:bb:06:1a:
79:c8:f2:08:92:92:e1:1e:e3:5f:9e:e5:ad:ff:d1:8d:90:36:
87:00:66:f6:be:a8:11:c8:c4:08:04:5a:5a:fd:14:09:6f:d1:
05:86:7c:06:51:c8:e8:d2:ac:76:13:de:b6:7e:b4:32:30:dd:
55:24:f4:8d:1a:9e:63:1a:26:a6:49:13:ce:cc:bb:82:c6:14:
a1:69:ec:ae:32:30:47:e7:7f:1c:d8:8b:16:39:da:35:99:6b:
07:23:b9:59:b3:80:ae:63:2b:e3:79:3a:22:9c:50:ea:8f:43:
9a:04:7c:58
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEEUX5sTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
NjMwN2QyOWY1NTQzZjIxZWEzMDA5Yjk1MjNmZTcxYjhmMTM2OWNhMB4XDTIyMDEw
MTA1NTgxN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNGMzNTMxMjhlNjU3
NDM3ZjQyMjM5Y2YzOGNmMmM0MGZkYzc4MWQ5ZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANSaB8a6tsbZDV5rb4BV8p3V8Q0hpojaqM64BPtKRc2OGiOx
mLPgv3KL0Rt6Frz7K76d8f86+zJ/lKbq6QjiY2hi0Yo1noiK8pMBwk0MuO0qI4pP
pS7Bv5euhAN4eDeO8LmISDKRuQ/dpO3mJZTcFFFhm5o2LoSWyOiLt9Tt8peZc+FW
BPAt01bxItQFk3MaTTqyy9ZSh/Go3yZwF378O3NTUeD+sLK8x3v1TDM4QEQxfqRH
pe92u/Zg8lmqXx7IAOSByo1l0QI7QzTWrw/5s39Jitf4JZr5sOX+UPE5cycAjQR+
quY4HJvhp/QT5DTNzJ+CH2S8kv8H4e1/ar2zp9cCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRMNTEo5ldDf0IjnPOM8sQP3HgdnTAfBgNVHSMEGDAWgBQWMH0p9VQ/Ieow
CblSP+cbjxNpyjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0ZqQjlLZlZVUHlIcU1BbTVVal9uRzQ4VGFjby5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZDUvYmY1ZTcwLTY2NjUtNDlkZS1iOWNmLTRjZmU0MGYwN2E2Yi8x
L1REVXhLT1pYUTM5Q0k1enpqUExFRDl4NEhaMC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDUv
YmY1ZTcwLTY2NjUtNDlkZS1iOWNmLTRjZmU0MGYwN2E2Yi8xL0ZqQjlLZlZVUHlI
cU1BbTVVal9uRzQ4VGFjby5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEA1QTcDANBgkqhkiG9w0BAQsFAAOC
AQEAJHVyZNCQynS3rTbpV3ouYg0XNalcePFnnI2TxLN+XC18sPoSVDUY1F+QFnQD
xZpZpumABUoeEJQA6pCpEPAPro6pdoLRqHE6PKPyfOSxiw2PrrH/oWmwyJmd0GSx
HOmI6JdMf/BbxUpIpnm/KVXXFO9vcnavKXL/IYVaXwy1jjAplMDUNK83d0rXqh0W
uwYaecjyCJKS4R7jX57lrf/RjZA2hwBm9r6oEcjECARaWv0UCW/RBYZ8BlHI6NKs
dhPetn60MjDdVST0jRqeYxompkkTzsy7gsYUoWnsrjIwR+d/HNiLFjnaNZlrByO5
WbOArmMr43k6IpxQ6o9DmgR8WA==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:08:29 2023 by rpki-client on console-ams.rpki-client.org