Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/TodzX73qqxxXg40-arQbp5LvZKY.roa
File: TodzX73qqxxXg40-arQbp5LvZKY.roa (raw, json)
Hash identifier: pxP1NjLDFwY/mKSawMHwpwR74hSc7WnkLMOTZF/VA90=
Subject key identifier: 4E:87:73:5F:BD:EA:AB:1C:57:83:8D:3E:6A:B4:1B:A7:92:EF:64:A6
Certificate issuer: /CN=2d1caa69358f8c98f7a719f2597d5daddbd0018c
Certificate serial: 018287797DED941717B0B78BEE588FFC052E
Authority key identifier: 2D:1C:AA:69:35:8F:8C:98:F7:A7:19:F2:59:7D:5D:AD:DB:D0:01:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LRyqaTWPjJj3pxnyWX1drdvQAYw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/TodzX73qqxxXg40-arQbp5LvZKY.roa
Signing time: Wed 10 Aug 2022 11:17:42 +0000
ROA not before: Wed 10 Aug 2022 11:17:42 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 211936
IP address blocks: 91.92.34.0/24 maxlen: 24
93.152.207.0/24 maxlen: 24
45.141.232.0/24 maxlen: 24
93.152.219.0/24 maxlen: 24
93.152.223.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:87:79:7d:ed:94:17:17:b0:b7:8b:ee:58:8f:fc:05:2e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2d1caa69358f8c98f7a719f2597d5daddbd0018c
Validity
Not Before: Aug 10 11:17:42 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=4e87735fbdeaab1c57838d3e6ab41ba792ef64a6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:ef:99:01:21:1d:95:35:1d:13:ae:a7:70:01:
f3:25:a8:6d:8d:69:55:c2:77:d5:78:0e:24:88:f3:
3a:20:9d:c7:c9:99:1c:e0:71:14:31:57:0d:01:49:
7b:fa:51:1e:2b:ff:83:8f:6b:f5:c0:27:62:73:83:
74:63:83:fe:f9:2a:0e:8b:05:34:cd:5d:09:fc:71:
b4:41:f8:0d:cd:2a:5c:51:68:bc:d2:81:93:8d:2c:
7d:9f:a6:d7:cc:bb:ed:60:80:d2:34:70:f9:ce:3b:
c1:24:49:f4:21:b3:bb:ca:1f:e2:d8:cb:31:13:af:
fc:ac:96:f0:0b:40:dc:bf:04:37:18:bc:b1:f8:3f:
00:0f:78:8d:2a:a6:e7:52:cb:91:49:3f:8b:3c:9a:
9d:04:17:fe:31:27:35:6a:19:8c:4d:dc:44:2d:74:
39:a4:22:77:24:e5:c9:53:50:59:d9:15:d0:85:be:
77:88:f5:b2:01:d7:ee:c8:ec:ad:1c:9b:74:d6:1e:
ca:12:db:68:f7:3b:84:08:10:18:8f:9f:1f:48:f7:
7a:5a:86:58:e3:b6:7d:33:54:33:cb:e5:ba:fc:8f:
fe:84:34:9b:64:0a:66:f4:7d:2c:19:58:ec:e2:ef:
82:f4:ad:ed:74:f7:69:45:03:ea:87:c5:9e:37:23:
73:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:87:73:5F:BD:EA:AB:1C:57:83:8D:3E:6A:B4:1B:A7:92:EF:64:A6
X509v3 Authority Key Identifier:
keyid:2D:1C:AA:69:35:8F:8C:98:F7:A7:19:F2:59:7D:5D:AD:DB:D0:01:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LRyqaTWPjJj3pxnyWX1drdvQAYw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/TodzX73qqxxXg40-arQbp5LvZKY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/LRyqaTWPjJj3pxnyWX1drdvQAYw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.141.232.0/24
91.92.34.0/24
93.152.207.0/24
93.152.219.0/24
93.152.223.0/24
Signature Algorithm: sha256WithRSAEncryption
a9:e1:0d:44:2c:aa:df:f7:cb:94:b8:7d:2e:f5:bc:63:c3:c0:
8c:d8:a0:71:35:70:17:65:b5:c4:05:b7:b5:bf:8c:b3:b4:b1:
d8:38:57:cb:81:5e:45:de:fa:d1:e4:ac:74:f9:2b:7e:61:e4:
f4:bf:38:93:68:93:5c:d4:36:b0:e8:11:65:e7:c0:70:df:51:
5f:ec:c9:c3:1d:0d:20:97:7e:66:77:4d:cf:8a:3e:7a:bd:d9:
0e:ff:b8:a5:d9:8f:f5:13:50:5a:26:50:3f:98:bd:9a:a4:01:
4f:58:6c:fa:02:da:de:00:49:40:37:f8:a4:73:cc:f7:1a:90:
ca:e4:64:2f:64:17:3c:2f:e1:5e:a8:73:b7:13:db:89:b2:46:
82:fc:ac:10:6c:56:98:b2:8b:78:66:05:28:22:f0:a3:29:a7:
17:a8:32:be:a7:a3:04:a6:0f:62:d1:9b:1d:c9:19:5f:37:c0:
ee:08:b4:2b:a2:51:de:c0:c8:50:e2:f3:65:8a:c3:96:47:e3:
6e:e3:44:59:f7:16:e3:b8:c8:1d:4d:36:39:97:5b:fa:a1:89:
c8:96:dd:b8:71:54:6e:8b:7b:56:18:cd:48:20:ac:d0:4a:f7:
bf:64:a8:74:47:36:e9:a6:c9:86:c1:1b:fb:8f:20:5f:8a:43:
a6:8a:a4:81
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYKHeX3tlBcXsLeL7liP/AUuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJkMWNhYTY5MzU4ZjhjOThmN2E3MTlmMjU5N2Q1ZGFkZGJk
MDAxOGMwHhcNMjIwODEwMTExNzQyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZTg3NzM1ZmJkZWFhYjFjNTc4MzhkM2U2YWI0MWJhNzkyZWY2NGE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAle+ZASEdlTUdE66ncAHzJahtjWlV
wnfVeA4kiPM6IJ3HyZkc4HEUMVcNAUl7+lEeK/+Dj2v1wCdic4N0Y4P++SoOiwU0
zV0J/HG0QfgNzSpcUWi80oGTjSx9n6bXzLvtYIDSNHD5zjvBJEn0IbO7yh/i2Msx
E6/8rJbwC0DcvwQ3GLyx+D8AD3iNKqbnUsuRST+LPJqdBBf+MSc1ahmMTdxELXQ5
pCJ3JOXJU1BZ2RXQhb53iPWyAdfuyOytHJt01h7KEtto9zuECBAYj58fSPd6WoZY
47Z9M1Qzy+W6/I/+hDSbZApm9H0sGVjs4u+C9K3tdPdpRQPqh8WeNyNznQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFE6Hc1+96qscV4ONPmq0G6eS72SmMB8GA1UdIwQY
MBaAFC0cqmk1j4yY96cZ8ll9Xa3b0AGMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTFJ5cWFUV1BqSmozcHhueVdYMWRyZHZRQVl3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi9hOTM2OTktMTg4Yi00NzBhLTk2Yjct
MjliMDg1ZGQyM2FkLzEvVG9kelg3M3FxeHhYZzQwLWFyUWJwNUx2WktZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZi9hOTM2OTktMTg4Yi00NzBhLTk2YjctMjliMDg1ZGQyM2Fk
LzEvTFJ5cWFUV1BqSmozcHhueVdYMWRyZHZRQVl3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQALY3oAwQA
W1wiAwQAXZjPAwQAXZjbAwQAXZjfMA0GCSqGSIb3DQEBCwUAA4IBAQCp4Q1ELKrf
98uUuH0u9bxjw8CM2KBxNXAXZbXEBbe1v4yztLHYOFfLgV5F3vrR5Kx0+St+YeT0
vziTaJNc1Daw6BFl58Bw31Ff7MnDHQ0gl35md03Pij56vdkO/7il2Y/1E1BaJlA/
mL2apAFPWGz6AtreAElAN/ikc8z3GpDK5GQvZBc8L+FeqHO3E9uJskaC/KwQbFaY
sot4ZgUoIvCjKacXqDK+p6MEpg9i0ZsdyRlfN8DuCLQrolHewMhQ4vNlisOWR+Nu
40RZ9xbjuMgdTTY5l1v6oYnIlt24cVRui3tWGM1IIKzQSve/ZKh0RzbppsmGwRv7
jyBfikOmiqSB
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:08:58 2023 by rpki-client on console-ams.rpki-client.org