Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/a98fc7-7935-4eae-962a-461ab0ecee01/1/ToSbq02kUW8ErH3vFDs7-oHggWE.roa
File: ToSbq02kUW8ErH3vFDs7-oHggWE.roa (raw, json)
Hash identifier: 7oultpxBVQy7JSGMTvzNC5kxCgEVSV9PxBuksmxQWz8=
Subject key identifier: 4E:84:9B:AB:4D:A4:51:6F:04:AC:7D:EF:14:3B:3B:FA:81:E0:81:61
Certificate issuer: /CN=4d70af1a99886c9101d135f54bd2bdef358b266e
Certificate serial: 18FA11
Authority key identifier: 4D:70:AF:1A:99:88:6C:91:01:D1:35:F5:4B:D2:BD:EF:35:8B:26:6E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TXCvGpmIbJEB0TX1S9K97zWLJm4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e2/a98fc7-7935-4eae-962a-461ab0ecee01/1/ToSbq02kUW8ErH3vFDs7-oHggWE.roa
Signing time: Mon 02 May 2022 18:01:57 +0000
ROA not before: Mon 02 May 2022 18:01:57 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 39345
IP address blocks: 89.39.14.0/24 maxlen: 32
89.39.15.0/24 maxlen: 32
89.39.12.0/24 maxlen: 32
89.39.13.0/24 maxlen: 32
86.107.246.0/24 maxlen: 32
86.107.247.0/24 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1636881 (0x18fa11)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4d70af1a99886c9101d135f54bd2bdef358b266e
Validity
Not Before: May 2 18:01:57 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=4e849bab4da4516f04ac7def143b3bfa81e08161
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:91:0f:72:d8:b2:15:39:fe:57:b8:81:1d:8d:
a4:15:d8:2b:7e:af:35:de:32:60:20:5f:71:f5:cc:
83:61:1c:32:8e:d6:db:22:57:31:fb:30:b6:f7:82:
48:4f:04:9a:79:a0:7d:3e:ab:f7:82:59:80:dc:89:
9a:26:4a:41:1e:c8:dd:e9:6f:34:63:b6:3c:92:c7:
ea:21:5b:6f:e9:f9:93:d3:f4:01:45:19:ca:1d:ea:
c7:48:92:7d:3a:40:07:4b:45:e9:d5:e2:ed:f5:1c:
53:be:7b:73:4a:59:f1:49:8d:b0:2d:b5:80:6a:8c:
63:56:1f:c9:a5:6f:75:eb:de:e6:5e:0b:4f:58:5b:
3a:2a:a5:b8:bd:86:2e:7f:11:8c:aa:71:f2:2e:ef:
49:38:8b:c6:61:4c:eb:9e:20:94:6f:b4:98:bd:cb:
c4:6c:06:6a:61:f2:e5:b2:a8:6b:d1:03:b8:84:6e:
ac:00:61:d7:3c:a9:56:1d:2b:6f:77:5c:f3:8b:b6:
6d:31:e7:97:45:73:7c:29:86:ca:e6:cc:c3:fb:85:
7a:a0:fc:b6:ec:94:6b:41:e5:44:30:24:52:1a:dc:
fa:6d:0b:59:f6:59:d1:c8:94:09:99:5b:50:ee:ff:
41:26:16:2b:a8:f0:21:e7:ab:26:74:9a:79:6d:78:
34:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:84:9B:AB:4D:A4:51:6F:04:AC:7D:EF:14:3B:3B:FA:81:E0:81:61
X509v3 Authority Key Identifier:
keyid:4D:70:AF:1A:99:88:6C:91:01:D1:35:F5:4B:D2:BD:EF:35:8B:26:6E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TXCvGpmIbJEB0TX1S9K97zWLJm4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/a98fc7-7935-4eae-962a-461ab0ecee01/1/ToSbq02kUW8ErH3vFDs7-oHggWE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/a98fc7-7935-4eae-962a-461ab0ecee01/1/TXCvGpmIbJEB0TX1S9K97zWLJm4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
86.107.246.0/23
89.39.12.0/22
Signature Algorithm: sha256WithRSAEncryption
8b:c5:9a:10:88:87:b3:ec:1a:8a:07:09:16:b5:25:83:ce:26:
da:48:43:9d:76:92:25:d6:74:63:3d:a9:1c:f3:07:e4:58:3f:
6b:fc:da:22:a0:a7:b3:40:57:5d:0c:ac:e4:cf:cc:44:22:40:
f4:84:97:35:ae:50:52:23:0f:5e:e0:d3:21:ff:e7:76:f6:49:
07:46:14:41:65:f6:f1:81:95:8f:ac:e3:2c:e0:a8:52:46:fc:
99:73:d2:27:c6:3a:60:72:62:d3:8c:1d:6e:03:10:ca:ad:ab:
17:d7:c2:03:16:84:1b:4e:f3:6f:9a:6e:1f:ec:c7:c3:7e:53:
dc:b9:62:17:68:9d:02:c9:39:ef:ec:ea:fe:80:78:45:4f:47:
22:46:ed:74:2c:c6:88:ba:ee:51:2b:1a:22:41:34:d1:60:c6:
18:af:df:6d:ae:02:58:a8:2b:f4:d5:62:31:e0:bf:7e:a2:14:
ef:f3:ed:1c:89:38:44:5e:58:60:56:c6:21:40:84:5f:ad:83:
ca:d9:db:07:a6:91:4b:42:b5:28:ed:e0:d2:36:29:15:a4:3a:
22:76:e9:31:a0:1d:d7:ee:0a:ff:46:a4:d8:b0:93:43:0a:fb:
eb:19:ac:06:20:21:24:db:70:db:55:3b:d9:f9:fa:95:22:62:
04:1a:0b:31
-----BEGIN CERTIFICATE-----
MIIE9DCCA9ygAwIBAgIDGPoRMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDRk
NzBhZjFhOTk4ODZjOTEwMWQxMzVmNTRiZDJiZGVmMzU4YjI2NmUwHhcNMjIwNTAy
MTgwMTU3WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyg0ZTg0OWJhYjRkYTQ1
MTZmMDRhYzdkZWYxNDNiM2JmYTgxZTA4MTYxMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAw5EPctiyFTn+V7iBHY2kFdgrfq813jJgIF9x9cyDYRwyjtbb
Ilcx+zC294JITwSaeaB9Pqv3glmA3ImaJkpBHsjd6W80Y7Y8ksfqIVtv6fmT0/QB
RRnKHerHSJJ9OkAHS0Xp1eLt9RxTvntzSlnxSY2wLbWAaoxjVh/JpW91697mXgtP
WFs6KqW4vYYufxGMqnHyLu9JOIvGYUzrniCUb7SYvcvEbAZqYfLlsqhr0QO4hG6s
AGHXPKlWHStvd1zzi7ZtMeeXRXN8KYbK5szD+4V6oPy27JRrQeVEMCRSGtz6bQtZ
9lnRyJQJmVtQ7v9BJhYrqPAh56smdJp5bXg0+wIDAQABo4ICDzCCAgswHQYDVR0O
BBYEFE6Em6tNpFFvBKx97xQ7O/qB4IFhMB8GA1UdIwQYMBaAFE1wrxqZiGyRAdE1
9UvSve81iyZuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
VFhDdkdwbUliSkVCMFRYMVM5Szk3eldMSm00LmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9lMi9hOThmYzctNzkzNS00ZWFlLTk2MmEtNDYxYWIwZWNlZTAxLzEv
VG9TYnEwMmtVVzhFckgzdkZEczctb0hnZ1dFLnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMi9h
OThmYzctNzkzNS00ZWFlLTk2MmEtNDYxYWIwZWNlZTAxLzEvVFhDdkdwbUliSkVC
MFRYMVM5Szk3eldMSm00LmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCUG
CCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBVmv2AwQCWScMMA0GCSqGSIb3DQEB
CwUAA4IBAQCLxZoQiIez7BqKBwkWtSWDzibaSEOddpIl1nRjPakc8wfkWD9r/Noi
oKezQFddDKzkz8xEIkD0hJc1rlBSIw9e4NMh/+d29kkHRhRBZfbxgZWPrOMs4KhS
RvyZc9InxjpgcmLTjB1uAxDKrasX18IDFoQbTvNvmm4f7MfDflPcuWIXaJ0CyTnv
7Or+gHhFT0ciRu10LMaIuu5RKxoiQTTRYMYYr99trgJYqCv01WIx4L9+ohTv8+0c
iThEXlhgVsYhQIRfrYPK2dsHppFLQrUo7eDSNikVpDoidukxoB3X7gr/RqTYsJND
CvvrGawGICEk23DbVTvZ+fqVImIEGgsx
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:57:12 2024 by rpki-client on console-fra.rpki-client.org