Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f3/babef9-079d-40f4-a211-3586aae13da7/1/tsaBSCAQz5R8SEDrES5mfoHPeHs.roa
File: tsaBSCAQz5R8SEDrES5mfoHPeHs.roa (raw, json)
Hash identifier: aLWgxP1/U+9aQLiznQvmxK0Fh7OxrO6GPaABqLXW2x4=
Subject key identifier: B6:C6:81:48:20:10:CF:94:7C:48:40:EB:11:2E:66:7E:81:CF:78:7B
Certificate issuer: /CN=93b91eefa6d8046d918e364045604952640bc15d
Certificate serial: 0185057A056FCAD157B2C2EEAFCA0FB03B26
Authority key identifier: 93:B9:1E:EF:A6:D8:04:6D:91:8E:36:40:45:60:49:52:64:0B:C1:5D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/k7ke76bYBG2RjjZARWBJUmQLwV0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f3/babef9-079d-40f4-a211-3586aae13da7/1/tsaBSCAQz5R8SEDrES5mfoHPeHs.roa
Signing time: Mon 12 Dec 2022 08:36:00 +0000
ROA not before: Mon 12 Dec 2022 08:36:00 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 56911
IP address blocks: 139.28.158.0/24 maxlen: 24
139.28.157.0/24 maxlen: 24
139.28.159.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:05:7a:05:6f:ca:d1:57:b2:c2:ee:af:ca:0f:b0:3b:26
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=93b91eefa6d8046d918e364045604952640bc15d
Validity
Not Before: Dec 12 08:36:00 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=b6c681482010cf947c4840eb112e667e81cf787b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:67:36:fe:96:19:df:cf:c8:ee:23:85:2e:13:
d0:1a:a6:e1:e8:07:b2:f1:15:33:f8:3a:56:91:49:
d8:f3:c6:1a:ac:15:b3:af:e7:a8:6a:8b:be:38:34:
f2:f5:a1:22:26:cc:b6:3b:3d:97:ee:07:9a:99:9a:
81:20:0e:1a:5e:1f:61:57:b5:f1:e8:33:39:1b:15:
74:dc:a6:16:7b:cd:d5:af:73:ba:16:c6:d0:a5:75:
91:8b:bc:66:43:41:52:3c:5d:d1:bc:f9:69:49:07:
0a:67:77:37:3b:cd:1d:1c:3e:59:54:45:60:0e:d9:
d2:b9:86:68:54:d8:4e:be:d1:68:8e:04:66:5e:e7:
b4:11:ce:03:b2:f3:df:33:4b:c9:61:a7:c7:f9:ef:
f0:8a:11:24:5e:a5:91:64:96:ce:35:2d:0d:32:09:
cc:d1:66:e3:2a:b3:e3:d9:9b:47:53:8d:57:c1:0f:
18:2f:33:df:91:a6:17:9f:93:58:e6:d1:fe:10:66:
f4:3d:ff:6c:ef:1f:31:90:c4:5e:3e:6f:fc:09:97:
28:b2:55:f6:68:3f:cd:b2:0e:67:b9:55:05:b1:fa:
6c:38:d8:e2:e2:1d:48:54:a7:93:53:67:63:89:e1:
58:82:36:bc:7d:b3:20:0c:f4:a6:49:55:3b:4e:16:
a9:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:C6:81:48:20:10:CF:94:7C:48:40:EB:11:2E:66:7E:81:CF:78:7B
X509v3 Authority Key Identifier:
keyid:93:B9:1E:EF:A6:D8:04:6D:91:8E:36:40:45:60:49:52:64:0B:C1:5D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/k7ke76bYBG2RjjZARWBJUmQLwV0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/babef9-079d-40f4-a211-3586aae13da7/1/tsaBSCAQz5R8SEDrES5mfoHPeHs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/babef9-079d-40f4-a211-3586aae13da7/1/k7ke76bYBG2RjjZARWBJUmQLwV0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
139.28.157.0-139.28.159.255
Signature Algorithm: sha256WithRSAEncryption
21:17:cd:fb:af:20:56:f5:cb:b7:ce:ef:b4:19:a4:b7:8a:a3:
e3:8b:ca:9e:2c:36:47:bc:a2:8d:20:d8:d8:3f:d9:9c:b8:3e:
40:b6:37:c4:f1:f8:54:b3:6a:b0:f5:a5:b6:27:91:98:94:d1:
9a:ad:b4:f1:0d:ef:b2:76:16:b0:58:93:81:61:85:a0:f2:4c:
47:a0:e5:1c:6e:6f:ac:18:bc:ad:0e:8d:bd:d8:3f:af:9d:da:
90:7d:d7:5a:5a:28:e5:59:1d:03:6c:e5:69:e7:cc:7b:49:6d:
33:33:d1:6b:22:0b:fb:9e:42:fd:6f:31:7e:ce:a7:05:1d:a4:
0f:0e:50:94:d9:fd:4f:c4:45:8e:5f:60:00:3d:cf:4b:59:fe:
e6:07:6e:1d:de:cd:77:d2:01:b5:87:ea:84:f5:08:68:03:e6:
0e:a5:94:9a:8a:ef:e4:67:c5:c7:49:48:28:9a:f1:a8:da:56:
b4:44:66:37:ea:65:fe:0f:8c:af:b2:65:af:ba:be:5f:96:d1:
42:14:0b:27:5e:c5:08:5e:bf:e6:c0:8e:6b:07:56:cb:5b:56:
eb:cc:82:b7:d5:c3:17:13:b3:2e:8a:6f:34:de:24:08:f9:30:
66:54:c6:90:bc:81:8b:b6:67:4b:56:f7:5c:22:37:1f:55:5e:
cd:8b:65:11
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYUFegVvytFXssLur8oPsDsmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkzYjkxZWVmYTZkODA0NmQ5MThlMzY0MDQ1NjA0OTUyNjQw
YmMxNWQwHhcNMjIxMjEyMDgzNjAwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNmM2ODE0ODIwMTBjZjk0N2M0ODQwZWIxMTJlNjY3ZTgxY2Y3ODdiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr2c2/pYZ38/I7iOFLhPQGqbh6Aey
8RUz+DpWkUnY88YarBWzr+eoaou+ODTy9aEiJsy2Oz2X7geamZqBIA4aXh9hV7Xx
6DM5GxV03KYWe83Vr3O6FsbQpXWRi7xmQ0FSPF3RvPlpSQcKZ3c3O80dHD5ZVEVg
DtnSuYZoVNhOvtFojgRmXue0Ec4DsvPfM0vJYafH+e/wihEkXqWRZJbONS0NMgnM
0WbjKrPj2ZtHU41XwQ8YLzPfkaYXn5NY5tH+EGb0Pf9s7x8xkMRePm/8CZcoslX2
aD/Nsg5nuVUFsfpsONji4h1IVKeTU2djieFYgja8fbMgDPSmSVU7Thap/wIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFLbGgUggEM+UfEhA6xEuZn6Bz3h7MB8GA1UdIwQY
MBaAFJO5Hu+m2ARtkY42QEVgSVJkC8FdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvazdrZTc2YllCRzJSampaQVJXQkpVbVFMd1YwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMy9iYWJlZjktMDc5ZC00MGY0LWEyMTEt
MzU4NmFhZTEzZGE3LzEvdHNhQlNDQVF6NVI4U0VEckVTNW1mb0hQZUhzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMy9iYWJlZjktMDc5ZC00MGY0LWEyMTEtMzU4NmFhZTEzZGE3
LzEvazdrZTc2YllCRzJSampaQVJXQkpVbVFMd1YwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBACLHJ0D
BAWLHIAwDQYJKoZIhvcNAQELBQADggEBACEXzfuvIFb1y7fO77QZpLeKo+OLyp4s
Nke8oo0g2Ng/2Zy4PkC2N8Tx+FSzarD1pbYnkZiU0ZqttPEN77J2FrBYk4FhhaDy
TEeg5Rxub6wYvK0Ojb3YP6+d2pB911paKOVZHQNs5WnnzHtJbTMz0WsiC/ueQv1v
MX7OpwUdpA8OUJTZ/U/ERY5fYAA9z0tZ/uYHbh3ezXfSAbWH6oT1CGgD5g6llJqK
7+RnxcdJSCia8ajaVrREZjfqZf4PjK+yZa+6vl+W0UIUCydexQhev+bAjmsHVstb
VuvMgrfVwxcTsy6KbzTeJAj5MGZUxpC8gYu2Z0tW91wiNx9VXs2LZRE=
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:06:24 2023 by rpki-client on console-fra.rpki-client.org