Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ed/24be1a-16da-481c-8bcb-340d625c6dba/1/tf1hMRMJvsJWrIqiljaC3RkASLM.roa
File: tf1hMRMJvsJWrIqiljaC3RkASLM.roa (raw, json)
Hash identifier: 3I99FV9/nIY8+QAHJdRNl1MTpyCFSu/2j/yx+mWJJe0=
Subject key identifier: B5:FD:61:31:13:09:BE:C2:56:AC:8A:A2:96:36:82:DD:19:00:48:B3
Certificate issuer: /CN=1a7f036e2592391fb45a3dd33caf0b07956973cf
Certificate serial: 017859F7
Authority key identifier: 1A:7F:03:6E:25:92:39:1F:B4:5A:3D:D3:3C:AF:0B:07:95:69:73:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Gn8DbiWSOR-0Wj3TPK8LB5Vpc88.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ed/24be1a-16da-481c-8bcb-340d625c6dba/1/tf1hMRMJvsJWrIqiljaC3RkASLM.roa
Signing time: Fri 17 Jun 2022 06:17:41 +0000
ROA not before: Fri 17 Jun 2022 06:17:41 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 206246
IP address blocks: 2.59.180.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 24664567 (0x17859f7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1a7f036e2592391fb45a3dd33caf0b07956973cf
Validity
Not Before: Jun 17 06:17:41 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=b5fd61311309bec256ac8aa2963682dd190048b3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:99:ea:85:e6:e0:86:96:bc:ec:49:90:5d:0c:
20:cd:03:62:78:c5:96:b8:ba:35:d9:91:1e:b8:8d:
f0:7e:ff:bf:8a:fa:9b:64:84:8d:86:c3:17:fa:87:
79:7c:ac:7a:f3:47:78:44:3f:dc:4e:8f:5d:83:69:
70:8d:3d:f1:f0:7a:a0:28:ab:b5:ee:3b:f3:d1:bd:
09:37:ae:73:3d:50:6c:4f:fd:ad:ea:ac:67:b3:64:
7a:49:b9:19:77:21:f0:a8:d8:58:f9:8f:cf:38:d9:
22:16:4d:af:16:81:89:b5:8f:11:ca:6c:4d:25:3f:
a5:be:5e:63:d0:d2:f4:0f:1f:c5:05:3b:44:1c:36:
1c:bb:17:fd:34:f9:55:e3:6a:0e:dc:80:18:08:c9:
4b:74:51:67:d2:3a:8e:59:47:b7:c9:88:da:a6:4c:
44:af:77:fb:01:40:ee:d3:fc:94:34:92:10:55:f8:
ba:30:91:b6:a2:10:2c:a3:16:91:69:63:c0:30:35:
80:ff:63:8d:5b:31:8d:a3:9e:f8:4f:4e:8f:48:91:
13:c7:64:c6:69:b1:3d:70:cb:e2:47:c6:59:58:d7:
cf:92:67:82:f6:b0:d2:b3:df:91:4f:f6:2d:a6:b1:
e4:5d:05:cf:06:38:98:8f:ac:58:b7:a1:c0:40:0c:
6c:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:FD:61:31:13:09:BE:C2:56:AC:8A:A2:96:36:82:DD:19:00:48:B3
X509v3 Authority Key Identifier:
keyid:1A:7F:03:6E:25:92:39:1F:B4:5A:3D:D3:3C:AF:0B:07:95:69:73:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Gn8DbiWSOR-0Wj3TPK8LB5Vpc88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/24be1a-16da-481c-8bcb-340d625c6dba/1/tf1hMRMJvsJWrIqiljaC3RkASLM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/24be1a-16da-481c-8bcb-340d625c6dba/1/Gn8DbiWSOR-0Wj3TPK8LB5Vpc88.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.59.180.0/24
Signature Algorithm: sha256WithRSAEncryption
5a:20:01:1b:3a:4d:21:6a:2e:e1:42:46:dc:37:fd:82:11:b6:
93:ab:e2:80:a8:b8:a3:75:bd:ac:ee:4d:35:51:fb:64:30:ab:
dc:f8:1a:0c:4d:6d:71:ca:92:7f:a3:e3:c5:1e:ce:fd:44:00:
bf:94:a1:00:d5:8c:b5:7f:ce:ae:c1:0e:d8:b5:c5:ba:b7:46:
5a:fe:d9:14:9c:af:8f:78:9b:cb:1c:32:e6:1f:2e:23:f8:d9:
23:e4:75:5a:db:b2:43:27:a6:73:8f:64:b7:5b:50:15:f1:74:
f6:b6:1b:49:87:1b:7b:c2:e8:66:05:4c:93:b1:cf:60:3c:f3:
ec:f5:27:78:46:86:42:f7:67:3e:01:a5:fc:3d:50:fc:5b:51:
07:d4:aa:80:b9:6e:62:4c:0f:41:e6:2b:ed:6f:ac:52:61:c7:
c5:36:88:18:1d:f3:ea:c0:e5:2b:32:52:fa:6f:ca:73:8d:7a:
4a:fb:e1:15:7b:86:13:23:f5:16:c3:b3:f8:06:49:28:e2:d1:
23:d9:3e:b9:71:61:31:1a:47:0a:b4:b7:6e:5f:18:9c:2e:df:
95:18:76:9a:d3:e8:82:17:6c:76:41:64:dc:9e:d4:2a:20:eb:
0c:de:1d:d9:e2:0d:73:01:59:d6:5b:68:72:4b:7f:77:85:b5:
e9:6e:bb:66
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAXhZ9zANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
YTdmMDM2ZTI1OTIzOTFmYjQ1YTNkZDMzY2FmMGIwNzk1Njk3M2NmMB4XDTIyMDYx
NzA2MTc0MVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYjVmZDYxMzExMzA5
YmVjMjU2YWM4YWEyOTYzNjgyZGQxOTAwNDhiMzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALSZ6oXm4IaWvOxJkF0MIM0DYnjFlri6NdmRHriN8H7/v4r6
m2SEjYbDF/qHeXysevNHeEQ/3E6PXYNpcI098fB6oCirte4789G9CTeucz1QbE/9
reqsZ7Nkekm5GXch8KjYWPmPzzjZIhZNrxaBibWPEcpsTSU/pb5eY9DS9A8fxQU7
RBw2HLsX/TT5VeNqDtyAGAjJS3RRZ9I6jllHt8mI2qZMRK93+wFA7tP8lDSSEFX4
ujCRtqIQLKMWkWljwDA1gP9jjVsxjaOe+E9Oj0iRE8dkxmmxPXDL4kfGWVjXz5Jn
gvaw0rPfkU/2Laax5F0FzwY4mI+sWLehwEAMbAsCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBS1/WExEwm+wlasiqKWNoLdGQBIszAfBgNVHSMEGDAWgBQafwNuJZI5H7Ra
PdM8rwsHlWlzzzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0duOERiaVdTT1ItMFdqM1RQSzhMQjVWcGM4OC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZWQvMjRiZTFhLTE2ZGEtNDgxYy04YmNiLTM0MGQ2MjVjNmRiYS8x
L3RmMWhNUk1KdnNKV3JJcWlsamFDM1JrQVNMTS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZWQv
MjRiZTFhLTE2ZGEtNDgxYy04YmNiLTM0MGQ2MjVjNmRiYS8xL0duOERiaVdTT1It
MFdqM1RQSzhMQjVWcGM4OC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAAI7tDANBgkqhkiG9w0BAQsFAAOC
AQEAWiABGzpNIWou4UJG3Df9ghG2k6vigKi4o3W9rO5NNVH7ZDCr3PgaDE1tccqS
f6PjxR7O/UQAv5ShANWMtX/OrsEO2LXFurdGWv7ZFJyvj3ibyxwy5h8uI/jZI+R1
WtuyQyemc49kt1tQFfF09rYbSYcbe8LoZgVMk7HPYDzz7PUneEaGQvdnPgGl/D1Q
/FtRB9SqgLluYkwPQeYr7W+sUmHHxTaIGB3z6sDlKzJS+m/Kc416SvvhFXuGEyP1
FsOz+AZJKOLRI9k+uXFhMRpHCrS3bl8YnC7flRh2mtPoghdsdkFk3J7UKiDrDN4d
2eINcwFZ1ltockt/d4W16W67Zg==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:06:03 2023 by rpki-client on console-fra.rpki-client.org