Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f1/c2ee7a-cbb7-470e-b965-907daa46463b/1/tSGENdflQx8hxMcjeHHV773GohE.roa
File: tSGENdflQx8hxMcjeHHV773GohE.roa (raw, json)
Hash identifier: o6kNFq+ci7Op44rUfFEVdkrJ7glYoSBslfBvdUKq8dc=
Subject key identifier: B5:21:84:35:D7:E5:43:1F:21:C4:C7:23:78:71:D5:EF:BD:C6:A2:11
Certificate issuer: /CN=70797db07bf6d4597ac2dc8be34f89298008f2cd
Certificate serial: 0B3C08B7
Authority key identifier: 70:79:7D:B0:7B:F6:D4:59:7A:C2:DC:8B:E3:4F:89:29:80:08:F2:CD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cHl9sHv21Fl6wtyL40-JKYAI8s0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f1/c2ee7a-cbb7-470e-b965-907daa46463b/1/tSGENdflQx8hxMcjeHHV773GohE.roa
Signing time: Sat 01 Jan 2022 13:54:36 +0000
ROA not before: Sat 01 Jan 2022 13:54:36 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 200044
IP address blocks: 185.159.64.0/24 maxlen: 24
185.159.64.0/22 maxlen: 24
109.238.246.0/24 maxlen: 24
109.238.240.0/20 maxlen: 24
89.249.16.0/20 maxlen: 24
89.249.31.0/24 maxlen: 24
93.158.192.0/22 maxlen: 22
93.158.192.0/21 maxlen: 21
93.158.192.0/23 maxlen: 23
93.158.192.0/24 maxlen: 24
93.158.198.0/23 maxlen: 23
93.158.198.0/24 maxlen: 24
93.158.196.0/24 maxlen: 24
93.158.197.0/24 maxlen: 24
93.158.194.0/24 maxlen: 24
93.158.194.0/23 maxlen: 23
93.158.195.0/24 maxlen: 24
93.158.199.0/24 maxlen: 24
93.158.193.0/24 maxlen: 24
2a0d:380::/29 maxlen: 29
2a00:eb8::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 188483767 (0xb3c08b7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=70797db07bf6d4597ac2dc8be34f89298008f2cd
Validity
Not Before: Jan 1 13:54:36 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=b5218435d7e5431f21c4c7237871d5efbdc6a211
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:9f:db:2e:33:eb:de:39:c2:14:8e:d1:87:7a:
71:40:a6:7e:72:7e:02:ad:03:1d:73:15:12:0e:ae:
2d:26:a1:42:6a:00:14:b0:c3:b9:1b:03:25:ab:a4:
7f:f1:e1:c9:f2:66:e1:17:4f:c3:14:66:73:d4:5b:
3b:6d:a2:93:1f:50:07:63:a7:33:92:9e:a5:ff:48:
3c:5f:86:36:8b:1a:a4:ad:1d:03:0c:c8:85:75:31:
c8:4b:d3:16:41:76:78:6a:8b:06:44:61:76:af:62:
09:e6:d3:2b:3e:80:11:7c:2a:47:3c:e3:6b:b5:0c:
46:fc:96:75:a1:8e:82:b5:b3:07:69:06:eb:81:b8:
d3:02:ee:72:ec:8e:78:8a:09:d9:a3:81:97:97:9d:
fa:c6:fe:1d:ee:e1:01:0f:69:52:df:1e:12:5e:ea:
ff:69:6d:7e:eb:d5:14:be:bf:4a:07:7e:2a:c2:c9:
75:dd:29:d3:18:d2:43:25:54:ca:8a:5f:98:2f:2b:
52:7e:44:ac:18:2d:be:4c:0b:93:c6:a0:ba:a4:1a:
48:11:03:c3:26:fb:e3:be:f2:04:bc:15:04:d5:ea:
de:be:34:5d:3f:6e:d1:28:81:dc:2f:f8:b9:e8:b0:
d1:03:22:90:9f:65:48:a9:9e:06:d1:19:4d:e0:07:
51:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:21:84:35:D7:E5:43:1F:21:C4:C7:23:78:71:D5:EF:BD:C6:A2:11
X509v3 Authority Key Identifier:
keyid:70:79:7D:B0:7B:F6:D4:59:7A:C2:DC:8B:E3:4F:89:29:80:08:F2:CD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cHl9sHv21Fl6wtyL40-JKYAI8s0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/c2ee7a-cbb7-470e-b965-907daa46463b/1/tSGENdflQx8hxMcjeHHV773GohE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/c2ee7a-cbb7-470e-b965-907daa46463b/1/cHl9sHv21Fl6wtyL40-JKYAI8s0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.249.16.0/20
93.158.192.0/21
109.238.240.0/20
185.159.64.0/22
IPv6:
2a00:eb8::/32
2a0d:380::/29
Signature Algorithm: sha256WithRSAEncryption
05:03:c5:80:d2:a1:58:10:81:dc:48:44:5d:4b:95:01:71:0e:
a1:db:f1:d2:8a:7c:4a:c7:c8:9e:01:a6:ab:fd:b6:66:7b:f1:
57:a3:67:03:2a:c9:fe:10:01:67:47:0a:31:e8:57:90:d8:9b:
c5:7f:4f:2a:e0:78:41:cb:29:19:89:3d:56:f4:36:60:80:36:
4c:28:71:54:ff:1e:67:52:74:c8:6b:6e:f0:c1:30:4e:3b:5f:
5c:36:02:8e:5e:61:21:4f:f3:43:50:c5:33:e8:db:7d:2e:d2:
be:a3:bb:49:fb:13:1a:51:82:2e:05:e2:2d:b5:70:e2:f9:f0:
61:2c:19:05:c6:1e:71:51:e4:4c:fe:d8:04:88:64:63:99:cf:
fa:62:6d:11:6d:e5:95:34:65:6e:ac:78:47:9b:28:1b:bc:4c:
f4:1a:c0:a6:c9:fc:f8:57:2f:ce:1a:95:6b:94:6e:88:31:a9:
23:64:e0:a7:5e:81:10:d5:4b:1c:cb:5f:a8:00:34:a4:70:70:
e6:0b:2f:71:46:a0:ec:29:a0:96:f0:cf:1d:d2:ea:91:7b:2d:
04:be:7d:67:83:22:4e:8f:72:06:36:ef:3c:76:8c:c5:74:f3:
47:9d:bf:34:93:d4:fb:f0:ed:fe:2a:ad:23:9f:7b:12:d4:fe:
59:33:31:7c
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgIECzwItzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
MDc5N2RiMDdiZjZkNDU5N2FjMmRjOGJlMzRmODkyOTgwMDhmMmNkMB4XDTIyMDEw
MTEzNTQzNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYjUyMTg0MzVkN2U1
NDMxZjIxYzRjNzIzNzg3MWQ1ZWZiZGM2YTIxMTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMWf2y4z6945whSO0Yd6cUCmfnJ+Aq0DHXMVEg6uLSahQmoA
FLDDuRsDJaukf/HhyfJm4RdPwxRmc9RbO22ikx9QB2OnM5Kepf9IPF+GNosapK0d
AwzIhXUxyEvTFkF2eGqLBkRhdq9iCebTKz6AEXwqRzzja7UMRvyWdaGOgrWzB2kG
64G40wLucuyOeIoJ2aOBl5ed+sb+He7hAQ9pUt8eEl7q/2ltfuvVFL6/Sgd+KsLJ
dd0p0xjSQyVUyopfmC8rUn5ErBgtvkwLk8aguqQaSBEDwyb7477yBLwVBNXq3r40
XT9u0SiB3C/4ueiw0QMikJ9lSKmeBtEZTeAHUR8CAwEAAaOCAjEwggItMB0GA1Ud
DgQWBBS1IYQ11+VDHyHExyN4cdXvvcaiETAfBgNVHSMEGDAWgBRweX2we/bUWXrC
3IvjT4kpgAjyzTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2NIbDlzSHYyMUZsNnd0eUw0MC1KS1lBSThzMC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZjEvYzJlZTdhLWNiYjctNDcwZS1iOTY1LTkwN2RhYTQ2NDYzYi8x
L3RTR0VOZGZsUXg4aHhNY2plSEhWNzczR29oRS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZjEv
YzJlZTdhLWNiYjctNDcwZS1iOTY1LTkwN2RhYTQ2NDYzYi8xL2NIbDlzSHYyMUZs
Nnd0eUw0MC1KS1lBSThzMC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBH
BggrBgEFBQcBBwEB/wQ4MDYwHgQCAAEwGAMEBFn5EAMEA12ewAMEBG3u8AMEArmf
QDAUBAIAAjAOAwUAKgAOuAMFAyoNA4AwDQYJKoZIhvcNAQELBQADggEBAAUDxYDS
oVgQgdxIRF1LlQFxDqHb8dKKfErHyJ4Bpqv9tmZ78VejZwMqyf4QAWdHCjHoV5DY
m8V/TyrgeEHLKRmJPVb0NmCANkwocVT/HmdSdMhrbvDBME47X1w2Ao5eYSFP80NQ
xTPo230u0r6ju0n7ExpRgi4F4i21cOL58GEsGQXGHnFR5Ez+2ASIZGOZz/pibRFt
5ZU0ZW6seEebKBu8TPQawKbJ/PhXL84alWuUbogxqSNk4KdegRDVSxzLX6gANKRw
cOYLL3FGoOwpoJbwzx3S6pF7LQS+fWeDIk6PcgY27zx2jMV080edvzST1Pvw7f4q
rSOfexLU/lkzMXw=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:52:09 2024 by rpki-client on console-ams.rpki-client.org