Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/e8db6c-81ae-4ce2-af30-47b630953c50/1/Tf8xLqmLIO0WpvqlWOr_c0p0yHY.roa
File: Tf8xLqmLIO0WpvqlWOr_c0p0yHY.roa (raw, json)
Hash identifier: ysi+S3qAVzOLtKO7e3X/Mi37J0XpVxdenI0JPBxTirE=
Subject key identifier: 4D:FF:31:2E:A9:8B:20:ED:16:A6:FA:A5:58:EA:FF:73:4A:74:C8:76
Certificate issuer: /CN=169767585dcef73e1fa9f64da6c7f276ed87a71f
Certificate serial: 01849F8BE4633A6D87AC43B46ED78F16A68A
Authority key identifier: 16:97:67:58:5D:CE:F7:3E:1F:A9:F6:4D:A6:C7:F2:76:ED:87:A7:1F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FpdnWF3O9z4fqfZNpsfydu2Hpx8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/db/e8db6c-81ae-4ce2-af30-47b630953c50/1/Tf8xLqmLIO0WpvqlWOr_c0p0yHY.roa
Signing time: Tue 22 Nov 2022 13:34:16 +0000
ROA not before: Tue 22 Nov 2022 13:34:16 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 49381
IP address blocks: 91.229.196.0/22 maxlen: 22
193.169.44.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:9f:8b:e4:63:3a:6d:87:ac:43:b4:6e:d7:8f:16:a6:8a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=169767585dcef73e1fa9f64da6c7f276ed87a71f
Validity
Not Before: Nov 22 13:34:16 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=4dff312ea98b20ed16a6faa558eaff734a74c876
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:08:43:41:e5:66:6a:9e:ff:2f:b3:c2:8b:15:
db:49:a4:72:9d:0c:ae:df:1d:7a:d3:09:bd:e4:61:
35:95:b6:ef:a2:4d:17:d1:30:8d:e7:82:06:22:8a:
4c:7f:72:0f:0c:3d:db:92:1c:df:da:e4:ed:88:8f:
b4:25:fb:81:84:ce:d0:8b:94:ae:8f:c6:f1:9c:99:
a3:70:5e:d2:bd:83:17:11:da:49:5f:be:4c:52:32:
3d:6a:6c:8c:1d:98:ee:1c:83:ca:d5:61:54:a7:d8:
a4:af:6f:d5:7a:9d:38:51:f5:3d:29:6b:74:33:de:
c3:b4:9d:60:85:af:d9:b5:3c:3a:c5:16:af:25:17:
30:04:9d:a2:ad:30:65:2a:85:8b:f7:9e:46:d4:67:
72:af:83:65:03:c2:23:87:4d:85:06:f7:9d:e6:e5:
db:60:ed:fa:0f:43:af:01:e2:d0:e7:e2:2e:62:89:
de:93:79:90:06:8f:39:57:69:59:97:f5:2e:f7:7e:
6e:83:7e:98:b1:95:c8:88:3c:8c:b6:d4:a9:d6:5d:
bc:67:8e:5e:68:40:a5:9c:fc:10:ef:ca:0f:26:7e:
c0:4d:18:10:39:52:8f:37:14:77:e0:7e:a5:c8:1b:
b7:3f:ed:9a:9a:da:ce:f9:92:73:60:8d:2c:d0:76:
58:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:FF:31:2E:A9:8B:20:ED:16:A6:FA:A5:58:EA:FF:73:4A:74:C8:76
X509v3 Authority Key Identifier:
keyid:16:97:67:58:5D:CE:F7:3E:1F:A9:F6:4D:A6:C7:F2:76:ED:87:A7:1F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FpdnWF3O9z4fqfZNpsfydu2Hpx8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/e8db6c-81ae-4ce2-af30-47b630953c50/1/Tf8xLqmLIO0WpvqlWOr_c0p0yHY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/db/e8db6c-81ae-4ce2-af30-47b630953c50/1/FpdnWF3O9z4fqfZNpsfydu2Hpx8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.229.196.0/22
193.169.44.0/23
Signature Algorithm: sha256WithRSAEncryption
2a:7a:d7:0f:6d:58:93:39:ff:93:2d:e9:b9:7a:6b:e6:8d:9d:
20:23:f6:19:cc:94:b9:11:63:77:a7:92:06:64:55:4d:34:94:
aa:cb:c0:8d:c5:e2:57:8b:9d:3d:95:ec:65:43:87:1a:66:bc:
c7:ba:1a:e8:8b:b8:03:a7:da:c1:79:09:cb:f5:7c:3e:72:28:
03:bb:d2:e1:b3:57:cb:67:65:b1:0c:14:27:81:88:a3:ff:b4:
bf:19:88:05:1d:e5:e0:8f:83:d2:bd:d6:7a:57:d5:44:9b:bc:
5b:e7:b5:69:16:57:96:57:36:d1:1d:51:de:dd:b1:72:d2:75:
3a:55:86:6f:9f:8c:c4:dd:51:86:93:6f:50:f7:f4:06:49:e4:
4f:87:7d:77:7f:cd:36:a2:b2:b6:fc:12:0b:b5:ae:35:2c:6f:
65:40:b7:90:8f:35:fa:59:03:c1:0d:d6:64:fd:4c:9e:24:e1:
75:b6:69:f4:59:48:b4:4b:20:e5:3f:01:14:da:4b:c0:0c:03:
52:f7:95:2a:b9:c3:7a:05:05:da:6a:67:cd:de:38:5d:5d:5d:
9d:ff:42:67:ed:68:e6:68:da:2d:52:57:d6:4d:e7:ee:1c:24:
99:d1:0f:75:8a:1d:0f:ec:c6:9d:c1:a8:b8:a7:f5:3c:64:01:
d1:4b:e3:79
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYSfi+RjOm2HrEO0btePFqaKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE2OTc2NzU4NWRjZWY3M2UxZmE5ZjY0ZGE2YzdmMjc2ZWQ4
N2E3MWYwHhcNMjIxMTIyMTMzNDE2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZGZmMzEyZWE5OGIyMGVkMTZhNmZhYTU1OGVhZmY3MzRhNzRjODc2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtghDQeVmap7/L7PCixXbSaRynQyu
3x160wm95GE1lbbvok0X0TCN54IGIopMf3IPDD3bkhzf2uTtiI+0JfuBhM7Qi5Su
j8bxnJmjcF7SvYMXEdpJX75MUjI9amyMHZjuHIPK1WFUp9ikr2/Vep04UfU9KWt0
M97DtJ1gha/ZtTw6xRavJRcwBJ2irTBlKoWL955G1Gdyr4NlA8Ijh02FBved5uXb
YO36D0OvAeLQ5+IuYonek3mQBo85V2lZl/Uu935ug36YsZXIiDyMttSp1l28Z45e
aEClnPwQ78oPJn7ATRgQOVKPNxR34H6lyBu3P+2amtrO+ZJzYI0s0HZYqQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFE3/MS6piyDtFqb6pVjq/3NKdMh2MB8GA1UdIwQY
MBaAFBaXZ1hdzvc+H6n2TabH8nbth6cfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRnBkbldGM085ejRmcWZaTnBzZnlkdTJIcHg4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi9lOGRiNmMtODFhZS00Y2UyLWFmMzAt
NDdiNjMwOTUzYzUwLzEvVGY4eExxbUxJTzBXcHZxbFdPcl9jMHAweUhZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYi9lOGRiNmMtODFhZS00Y2UyLWFmMzAtNDdiNjMwOTUzYzUw
LzEvRnBkbldGM085ejRmcWZaTnBzZnlkdTJIcHg4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCW+XEAwQB
waksMA0GCSqGSIb3DQEBCwUAA4IBAQAqetcPbViTOf+TLem5emvmjZ0gI/YZzJS5
EWN3p5IGZFVNNJSqy8CNxeJXi509lexlQ4caZrzHuhroi7gDp9rBeQnL9Xw+cigD
u9Lhs1fLZ2WxDBQngYij/7S/GYgFHeXgj4PSvdZ6V9VEm7xb57VpFleWVzbRHVHe
3bFy0nU6VYZvn4zE3VGGk29Q9/QGSeRPh313f802orK2/BILta41LG9lQLeQjzX6
WQPBDdZk/UyeJOF1tmn0WUi0SyDlPwEU2kvADANS95UqucN6BQXaamfN3jhdXV2d
/0Jn7WjmaNotUlfWTefuHCSZ0Q91ih0P7Madwai4p/U8ZAHRS+N5
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:04:56 2023 by rpki-client on console-fra.rpki-client.org