Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f5/6e51cb-517f-4cb1-a3a0-d721bd2e9d53/1/TsgTD_9kAtJcYpEjyBkpPkvfn_o.roa
File: TsgTD_9kAtJcYpEjyBkpPkvfn_o.roa (raw, json)
Hash identifier: eGoWgmlVZAVnE4v0pe9TePAKU8GTFBekemcvRLeo93k=
Subject key identifier: 4E:C8:13:0F:FF:64:02:D2:5C:62:91:23:C8:19:29:3E:4B:DF:9F:FA
Certificate issuer: /CN=d22f3bd0bae603ab790602a96bbbc42b5322e88f
Certificate serial: 020508
Authority key identifier: D2:2F:3B:D0:BA:E6:03:AB:79:06:02:A9:6B:BB:C4:2B:53:22:E8:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0i870LrmA6t5BgKpa7vEK1Mi6I8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f5/6e51cb-517f-4cb1-a3a0-d721bd2e9d53/1/TsgTD_9kAtJcYpEjyBkpPkvfn_o.roa
Signing time: Tue 31 May 2022 18:14:13 +0000
ROA not before: Tue 31 May 2022 18:14:13 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 12125
IP address blocks: 194.38.4.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 132360 (0x20508)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d22f3bd0bae603ab790602a96bbbc42b5322e88f
Validity
Not Before: May 31 18:14:13 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=4ec8130fff6402d25c629123c819293e4bdf9ffa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ef:2a:67:e5:fc:23:3b:7f:34:67:fb:56:ef:66:
e7:a2:7d:ba:75:57:cd:fd:f3:32:ca:60:83:be:82:
6a:a1:d8:d8:eb:a9:a7:66:50:f1:72:bf:ef:c4:31:
59:a3:55:03:0a:f6:e9:76:93:0e:25:4c:cd:7c:10:
5a:01:5c:e9:b4:ee:14:0c:29:1a:75:57:d1:31:92:
69:98:93:8f:85:39:5e:8c:9d:0b:b1:c3:fa:e0:87:
d8:e9:12:67:29:3c:37:20:b8:f3:11:8c:0f:5f:82:
6d:94:4c:15:1c:0a:3e:bd:f0:a1:08:39:44:8e:23:
97:a7:af:9d:81:69:ee:bb:49:c7:34:d6:38:dd:1c:
1e:4e:cb:8f:f6:7f:5c:85:08:db:ee:3a:ec:9f:c7:
d9:48:11:5a:1b:78:6c:f8:75:30:3e:aa:8b:67:cc:
97:97:39:f9:2d:eb:46:9e:09:ca:36:b3:13:e8:65:
5e:f0:95:4a:61:2d:db:c0:13:a0:32:38:8f:1c:d3:
47:bc:1c:b0:d5:2b:39:61:84:4f:da:8d:a9:21:83:
f7:97:94:07:7d:72:ef:ad:c1:13:00:6a:a2:e0:fd:
98:d4:69:91:15:50:51:e4:0c:6b:68:d9:9a:e0:2a:
36:ce:86:dc:99:a9:08:b9:8b:04:41:d7:fa:3e:76:
ba:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:C8:13:0F:FF:64:02:D2:5C:62:91:23:C8:19:29:3E:4B:DF:9F:FA
X509v3 Authority Key Identifier:
keyid:D2:2F:3B:D0:BA:E6:03:AB:79:06:02:A9:6B:BB:C4:2B:53:22:E8:8F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0i870LrmA6t5BgKpa7vEK1Mi6I8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/6e51cb-517f-4cb1-a3a0-d721bd2e9d53/1/TsgTD_9kAtJcYpEjyBkpPkvfn_o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/6e51cb-517f-4cb1-a3a0-d721bd2e9d53/1/0i870LrmA6t5BgKpa7vEK1Mi6I8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.38.4.0/22
Signature Algorithm: sha256WithRSAEncryption
22:33:e2:d2:d6:c5:86:28:82:9e:59:2e:5f:28:83:b7:09:65:
0b:ca:ae:61:87:e7:04:a6:75:33:47:7a:6e:01:cb:f9:f6:5a:
7d:af:1d:3c:83:13:87:64:6d:8e:87:cb:47:78:4a:83:b9:f5:
6e:b1:69:81:f1:06:7a:78:2c:a8:bd:24:27:66:fd:c1:4c:f8:
6e:3a:75:2c:7e:72:73:b2:f9:1f:82:1a:35:9d:17:72:45:68:
02:47:0d:cd:9b:5d:83:90:54:dc:26:88:26:54:5c:7f:56:61:
b5:d0:f2:b1:9c:cb:8c:cc:62:fa:33:87:27:1f:c1:51:74:aa:
45:9f:64:55:02:be:1f:71:47:8d:37:07:d5:c2:5d:e3:0f:fd:
75:f3:c0:bc:d6:2d:ac:8a:2e:70:a3:66:38:c0:01:ee:3e:a2:
21:63:14:5e:c4:5e:6b:34:93:a5:0a:c2:3d:3e:60:d7:b5:4a:
7b:03:50:ac:3e:dd:4b:95:1f:44:22:e0:e9:13:75:ef:f8:25:
cd:1b:49:87:c8:73:25:75:a2:11:5f:c2:48:cd:04:40:51:03:
3b:40:cb:39:cc:37:17:b8:56:02:0e:03:b4:3f:9c:6a:f7:24:
c7:65:b7:06:38:3b:96:6e:00:65:e2:49:22:be:52:53:3b:c6:
87:19:a3:9e
-----BEGIN CERTIFICATE-----
MIIE7jCCA9agAwIBAgIDAgUIMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGQy
MmYzYmQwYmFlNjAzYWI3OTA2MDJhOTZiYmJjNDJiNTMyMmU4OGYwHhcNMjIwNTMx
MTgxNDEzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyg0ZWM4MTMwZmZmNjQw
MmQyNWM2MjkxMjNjODE5MjkzZTRiZGY5ZmZhMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEA7ypn5fwjO380Z/tW72bnon26dVfN/fMyymCDvoJqodjY66mn
ZlDxcr/vxDFZo1UDCvbpdpMOJUzNfBBaAVzptO4UDCkadVfRMZJpmJOPhTlejJ0L
scP64IfY6RJnKTw3ILjzEYwPX4JtlEwVHAo+vfChCDlEjiOXp6+dgWnuu0nHNNY4
3RweTsuP9n9chQjb7jrsn8fZSBFaG3hs+HUwPqqLZ8yXlzn5LetGngnKNrMT6GVe
8JVKYS3bwBOgMjiPHNNHvByw1Ss5YYRP2o2pIYP3l5QHfXLvrcETAGqi4P2Y1GmR
FVBR5AxraNma4Co2zobcmakIuYsEQdf6Pna6AQIDAQABo4ICCTCCAgUwHQYDVR0O
BBYEFE7IEw//ZALSXGKRI8gZKT5L35/6MB8GA1UdIwQYMBaAFNIvO9C65gOreQYC
qWu7xCtTIuiPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
MGk4NzBMcm1BNnQ1QmdLcGE3dkVLMU1pNkk4LmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9mNS82ZTUxY2ItNTE3Zi00Y2IxLWEzYTAtZDcyMWJkMmU5ZDUzLzEv
VHNnVERfOWtBdEpjWXBFanlCa3BQa3Zmbl9vLnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNS82
ZTUxY2ItNTE3Zi00Y2IxLWEzYTAtZDcyMWJkMmU5ZDUzLzEvMGk4NzBMcm1BNnQ1
QmdLcGE3dkVLMU1pNkk4LmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8G
CCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCwiYEMA0GCSqGSIb3DQEBCwUAA4IB
AQAiM+LS1sWGKIKeWS5fKIO3CWULyq5hh+cEpnUzR3puAcv59lp9rx08gxOHZG2O
h8tHeEqDufVusWmB8QZ6eCyovSQnZv3BTPhuOnUsfnJzsvkfgho1nRdyRWgCRw3N
m12DkFTcJogmVFx/VmG10PKxnMuMzGL6M4cnH8FRdKpFn2RVAr4fcUeNNwfVwl3j
D/1188C81i2sii5wo2Y4wAHuPqIhYxRexF5rNJOlCsI9PmDXtUp7A1CsPt1LlR9E
IuDpE3Xv+CXNG0mHyHMldaIRX8JIzQRAUQM7QMs5zDcXuFYCDgO0P5xq9yTHZbcG
ODuWbgBl4kkivlJTO8aHGaOe
-----END CERTIFICATE-----
Generated at Sat Apr 19 12:27:57 2025 by rpki-client