Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/TyFOgL_Baa3KwtMFINU5Jsw9uhs.roa
File: TyFOgL_Baa3KwtMFINU5Jsw9uhs.roa (raw, json)
Hash identifier: FMXG6FnmXB2j0pOhWYlDgD4BbzfG6PEbngW126SdAjk=
Subject key identifier: 4F:21:4E:80:BF:C1:69:AD:CA:C2:D3:05:20:D5:39:26:CC:3D:BA:1B
Certificate issuer: /CN=7d06a42bb2446e51f192ea375bdf7eec5a51c77f
Certificate serial: 0182E4FAABF2CF3726F731408082BC6935FE
Authority key identifier: 7D:06:A4:2B:B2:44:6E:51:F1:92:EA:37:5B:DF:7E:EC:5A:51:C7:7F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fQakK7JEblHxkuo3W99-7FpRx38.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/TyFOgL_Baa3KwtMFINU5Jsw9uhs.roa
Signing time: Sun 28 Aug 2022 15:03:29 +0000
ROA not before: Sun 28 Aug 2022 15:03:29 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 15723
IP address blocks: 46.23.103.0/24 maxlen: 24
46.23.101.0/24 maxlen: 24
46.23.102.0/24 maxlen: 24
46.23.100.0/24 maxlen: 24
37.128.203.0/24 maxlen: 24
37.128.202.0/24 maxlen: 24
37.128.200.0/24 maxlen: 24
37.128.201.0/24 maxlen: 24
88.151.195.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:e4:fa:ab:f2:cf:37:26:f7:31:40:80:82:bc:69:35:fe
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d06a42bb2446e51f192ea375bdf7eec5a51c77f
Validity
Not Before: Aug 28 15:03:29 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=4f214e80bfc169adcac2d30520d53926cc3dba1b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:be:0b:9c:73:bd:a2:23:3b:e2:49:65:78:6d:
e3:f2:f8:f3:21:cf:0b:68:30:1d:b3:28:a6:a9:ab:
ac:0f:c6:db:f2:4b:f9:6f:e0:c6:eb:a7:c8:4a:e8:
8c:4d:fe:36:65:9c:c3:8d:1c:fd:59:99:f1:07:02:
49:9b:c3:e2:73:b6:ae:bd:87:6c:59:3f:eb:96:cc:
29:9e:5b:b4:df:76:b1:e3:2e:a3:36:7e:29:9a:01:
ff:1b:d6:ae:49:4c:99:4d:8c:b2:40:0e:94:c8:f2:
68:77:ba:90:50:a5:b6:01:8d:9e:75:fe:0e:20:8d:
0d:5b:39:ee:96:09:53:d1:6c:94:75:27:41:46:92:
90:2d:bd:70:bf:dd:fd:db:e6:7c:5d:c6:5d:34:d2:
a0:69:ff:d2:86:f7:df:51:71:7b:8c:56:e7:98:47:
5c:3f:fc:95:fa:08:32:e6:65:7a:f6:f3:a0:15:96:
24:fa:d2:7b:79:d1:02:f0:e1:5f:08:ae:f0:ce:a2:
31:e3:c0:02:bf:4b:be:4e:2f:b4:56:cf:c3:ed:bc:
74:72:8a:4f:bd:ab:5a:2f:2b:82:de:4d:3e:6e:67:
4c:d1:c5:8d:e1:f1:11:96:38:a8:91:8a:85:62:26:
69:e7:b4:da:d9:b4:e8:52:5e:c2:e1:c2:22:51:75:
a0:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4F:21:4E:80:BF:C1:69:AD:CA:C2:D3:05:20:D5:39:26:CC:3D:BA:1B
X509v3 Authority Key Identifier:
keyid:7D:06:A4:2B:B2:44:6E:51:F1:92:EA:37:5B:DF:7E:EC:5A:51:C7:7F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fQakK7JEblHxkuo3W99-7FpRx38.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/TyFOgL_Baa3KwtMFINU5Jsw9uhs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/fQakK7JEblHxkuo3W99-7FpRx38.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.128.200.0/22
46.23.100.0/22
88.151.195.0/24
Signature Algorithm: sha256WithRSAEncryption
d3:a4:b5:f4:19:22:5b:52:79:20:9f:65:02:d2:7d:e2:99:92:
da:62:6c:c7:c8:50:35:cc:34:be:bf:ed:6e:af:73:8b:ad:c7:
13:ec:77:a8:b7:09:f9:85:24:d7:92:f2:e7:24:39:61:aa:e5:
f5:a2:f5:c3:27:25:7d:10:ea:c2:ae:96:cb:22:6a:c2:e6:a3:
d4:37:af:6e:12:57:22:c3:87:fd:e2:d3:51:88:ba:e1:17:0b:
d9:6d:b9:ac:24:cd:ab:e7:eb:e0:9e:5f:02:c9:70:5f:0e:26:
81:ed:de:64:36:a9:63:28:ed:43:30:5f:cf:1b:ab:e8:b3:89:
85:db:a2:ba:7f:91:c2:21:82:07:62:09:3d:f1:80:48:90:da:
82:9b:be:d1:2d:36:11:d0:49:19:17:f2:b7:e0:4b:e9:c8:90:
e7:8c:b7:90:ec:01:54:c9:80:33:04:f5:21:59:17:83:76:4d:
1b:68:a6:83:24:0f:5d:d0:b8:96:ce:ef:be:4f:a3:d2:e1:ee:
06:14:ba:4a:31:b0:fb:b4:4c:99:df:e5:ac:b4:52:3f:6d:70:
04:83:59:6e:85:29:0b:5c:01:90:eb:b1:b0:d9:04:53:72:87:
83:95:df:66:99:24:2e:57:32:34:fe:31:d2:b4:98:db:f4:ff:
dd:c9:27:68
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYLk+qvyzzcm9zFAgIK8aTX+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkMDZhNDJiYjI0NDZlNTFmMTkyZWEzNzViZGY3ZWVjNWE1
MWM3N2YwHhcNMjIwODI4MTUwMzI5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZjIxNGU4MGJmYzE2OWFkY2FjMmQzMDUyMGQ1MzkyNmNjM2RiYTFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqb4LnHO9oiM74klleG3j8vjzIc8L
aDAdsyimqausD8bb8kv5b+DG66fISuiMTf42ZZzDjRz9WZnxBwJJm8Pic7auvYds
WT/rlswpnlu033ax4y6jNn4pmgH/G9auSUyZTYyyQA6UyPJod7qQUKW2AY2edf4O
II0NWznulglT0WyUdSdBRpKQLb1wv9392+Z8XcZdNNKgaf/ShvffUXF7jFbnmEdc
P/yV+ggy5mV69vOgFZYk+tJ7edEC8OFfCK7wzqIx48ACv0u+Ti+0Vs/D7bx0copP
vataLyuC3k0+bmdM0cWN4fERljiokYqFYiZp57Ta2bToUl7C4cIiUXWgYQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFE8hToC/wWmtysLTBSDVOSbMPbobMB8GA1UdIwQY
MBaAFH0GpCuyRG5R8ZLqN1vffuxaUcd/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlFha0s3SkVibEh4a3VvM1c5OS03RnBSeDM4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYy83ODAwMmEtNGZjMC00ZGJmLTg1ODUt
MmNmODA2YjJkMGYyLzEvVHlGT2dMX0JhYTNLd3RNRklOVTVKc3c5dWhzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYy83ODAwMmEtNGZjMC00ZGJmLTg1ODUtMmNmODA2YjJkMGYy
LzEvZlFha0s3SkVibEh4a3VvM1c5OS03RnBSeDM4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCJYDIAwQC
LhdkAwQAWJfDMA0GCSqGSIb3DQEBCwUAA4IBAQDTpLX0GSJbUnkgn2UC0n3imZLa
YmzHyFA1zDS+v+1ur3OLrccT7Heotwn5hSTXkvLnJDlhquX1ovXDJyV9EOrCrpbL
ImrC5qPUN69uElciw4f94tNRiLrhFwvZbbmsJM2r5+vgnl8CyXBfDiaB7d5kNqlj
KO1DMF/PG6vos4mF26K6f5HCIYIHYgk98YBIkNqCm77RLTYR0EkZF/K34EvpyJDn
jLeQ7AFUyYAzBPUhWReDdk0baKaDJA9d0LiWzu++T6PS4e4GFLpKMbD7tEyZ3+Ws
tFI/bXAEg1luhSkLXAGQ67Gw2QRTcoeDld9mmSQuVzI0/jHStJjb9P/dySdo
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:06:00 2023 by rpki-client on console-fra.rpki-client.org