Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/d1f172-2def-4797-805f-b494664724ad/1/tWzy9tCQlhM0uKf5vPnmFT2f1M0.roa
File: tWzy9tCQlhM0uKf5vPnmFT2f1M0.roa (raw, json)
Hash identifier: A5x+4BYNxP6ei7GR3TgxS1xvSgbkLtXTg6h1mrfK1l0=
Subject key identifier: B5:6C:F2:F6:D0:90:96:13:34:B8:A7:F9:BC:F9:E6:15:3D:9F:D4:CD
Certificate issuer: /CN=3def11bb8a8d480a0313e1f218a66bdf4e95f627
Certificate serial: 351FD7C6
Authority key identifier: 3D:EF:11:BB:8A:8D:48:0A:03:13:E1:F2:18:A6:6B:DF:4E:95:F6:27
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Pe8Ru4qNSAoDE-HyGKZr306V9ic.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/d1f172-2def-4797-805f-b494664724ad/1/tWzy9tCQlhM0uKf5vPnmFT2f1M0.roa
Signing time: Sat 01 Jan 2022 11:02:02 +0000
ROA not before: Sat 01 Jan 2022 11:02:02 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 9121
IP address blocks: 194.54.32.0/19 maxlen: 24
212.156.0.0/16 maxlen: 24
81.212.0.0/14 maxlen: 24
62.248.0.0/17 maxlen: 24
78.160.0.0/11 maxlen: 24
88.224.0.0/11 maxlen: 24
95.0.0.0/12 maxlen: 24
85.96.0.0/12 maxlen: 24
176.52.176.0/22 maxlen: 24
212.174.0.0/15 maxlen: 24
195.174.0.0/15 maxlen: 24
2a01:358::/29 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 891279302 (0x351fd7c6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3def11bb8a8d480a0313e1f218a66bdf4e95f627
Validity
Not Before: Jan 1 11:02:02 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=b56cf2f6d090961334b8a7f9bcf9e6153d9fd4cd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:fa:b5:0a:ff:83:11:e6:c5:50:14:d2:9b:e4:
a0:1e:a0:39:1f:22:8b:ca:7b:52:bd:c1:d6:87:1d:
90:ee:25:99:f2:12:39:3f:a3:6c:1f:60:ed:63:aa:
29:4b:ce:c0:6f:12:dd:1b:d4:64:1a:db:ab:d7:9f:
a4:9e:62:df:51:19:96:fb:f6:00:82:3d:6a:b6:89:
06:5a:51:43:84:7e:77:2e:66:4a:d2:d8:37:de:bb:
20:78:86:90:59:d9:4f:87:e5:0c:29:13:df:8c:78:
de:2b:ee:a2:5c:5b:92:19:27:7c:fe:7f:5a:54:64:
be:0c:2f:67:40:84:e3:a8:21:f1:67:71:70:0e:12:
b6:ed:5f:a5:ca:c8:4f:7b:19:96:3d:60:8e:ec:59:
a1:a4:a9:e0:57:df:69:cf:37:2a:ac:1a:c9:b9:a7:
11:38:73:3a:24:59:28:f3:40:02:7c:46:f0:24:c2:
07:3e:8f:ce:7b:3f:5c:8d:6a:5c:9b:72:71:41:fe:
9f:58:9f:f0:88:57:9a:29:cc:e5:99:7c:ea:4b:3f:
06:37:7a:c9:9c:3e:31:06:f2:65:12:a9:19:d9:31:
39:31:49:32:6e:85:33:6c:a9:b3:93:dd:70:18:5e:
0f:ed:ec:cd:19:76:49:50:8e:66:55:f0:07:1b:da:
c9:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:6C:F2:F6:D0:90:96:13:34:B8:A7:F9:BC:F9:E6:15:3D:9F:D4:CD
X509v3 Authority Key Identifier:
keyid:3D:EF:11:BB:8A:8D:48:0A:03:13:E1:F2:18:A6:6B:DF:4E:95:F6:27
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Pe8Ru4qNSAoDE-HyGKZr306V9ic.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/d1f172-2def-4797-805f-b494664724ad/1/tWzy9tCQlhM0uKf5vPnmFT2f1M0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/d1f172-2def-4797-805f-b494664724ad/1/Pe8Ru4qNSAoDE-HyGKZr306V9ic.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.248.0.0/17
78.160.0.0/11
81.212.0.0/14
85.96.0.0/12
88.224.0.0/11
95.0.0.0/12
176.52.176.0/22
194.54.32.0/19
195.174.0.0/15
212.156.0.0/16
212.174.0.0/15
IPv6:
2a01:358::/29
Signature Algorithm: sha256WithRSAEncryption
3d:33:42:57:da:61:e7:c0:45:15:f1:91:07:56:1d:42:7f:a7:
53:97:5f:c1:6c:62:75:69:9e:7f:92:f8:e5:9c:e7:8a:aa:fe:
6a:88:2d:f2:de:c5:97:5c:4d:b9:82:c8:56:1b:01:4d:d5:8a:
d2:3a:05:54:68:f0:29:30:ff:9c:18:90:73:51:1d:91:0c:db:
28:f0:4d:09:a9:4f:38:52:16:d3:c3:38:4c:77:cb:97:cc:56:
b5:f0:b7:09:4b:78:56:7c:06:49:23:7c:b9:3c:e4:02:21:b4:
91:e1:91:c5:c8:24:99:b9:7e:43:29:c5:23:4f:e8:f5:67:88:
3e:b8:03:10:2f:be:59:40:ce:ca:45:d5:43:13:85:40:af:01:
00:2f:f7:72:1f:55:28:7a:f0:ba:43:16:fb:9b:ea:10:2e:53:
2f:a8:6b:7b:f9:48:5b:66:e2:61:ac:00:37:dc:12:80:21:e0:
28:33:61:b5:bd:d5:e9:08:0d:f7:98:38:a9:63:db:3e:17:25:
5a:c7:d0:63:4b:8d:86:9e:3a:9b:34:76:24:6e:50:77:bb:40:
0f:df:f4:08:7d:7b:a9:f9:20:42:c1:99:94:ff:ef:9d:f1:67:
b5:cd:fe:e2:cf:69:7e:88:65:27:35:fd:3e:a4:b1:1d:a4:f5:
39:21:c3:db
-----BEGIN CERTIFICATE-----
MIIFMjCCBBqgAwIBAgIENR/XxjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
ZGVmMTFiYjhhOGQ0ODBhMDMxM2UxZjIxOGE2NmJkZjRlOTVmNjI3MB4XDTIyMDEw
MTExMDIwMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYjU2Y2YyZjZkMDkw
OTYxMzM0YjhhN2Y5YmNmOWU2MTUzZDlmZDRjZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALL6tQr/gxHmxVAU0pvkoB6gOR8ii8p7Ur3B1ocdkO4lmfIS
OT+jbB9g7WOqKUvOwG8S3RvUZBrbq9efpJ5i31EZlvv2AII9araJBlpRQ4R+dy5m
StLYN967IHiGkFnZT4flDCkT34x43ivuolxbkhknfP5/WlRkvgwvZ0CE46gh8Wdx
cA4Stu1fpcrIT3sZlj1gjuxZoaSp4Fffac83KqwaybmnEThzOiRZKPNAAnxG8CTC
Bz6Pzns/XI1qXJtycUH+n1if8IhXminM5Zl86ks/Bjd6yZw+MQbyZRKpGdkxOTFJ
Mm6FM2yps5PdcBheD+3szRl2SVCOZlXwBxvayQ0CAwEAAaOCAkwwggJIMB0GA1Ud
DgQWBBS1bPL20JCWEzS4p/m8+eYVPZ/UzTAfBgNVHSMEGDAWgBQ97xG7io1ICgMT
4fIYpmvfTpX2JzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1BlOFJ1NHFOU0FvREUtSHlHS1pyMzA2VjlpYy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZjYvZDFmMTcyLTJkZWYtNDc5Ny04MDVmLWI0OTQ2NjQ3MjRhZC8x
L3RXenk5dENRbGhNMHVLZjV2UG5tRlQyZjFNMC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZjYv
ZDFmMTcyLTJkZWYtNDc5Ny04MDVmLWI0OTQ2NjQ3MjRhZC8xL1BlOFJ1NHFOU0Fv
REUtSHlHS1pyMzA2VjlpYy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBi
BggrBgEFBQcBBwEB/wRTMFEwQAQCAAEwOgMEBz74AAMDBU6gAwMCUdQDAwRVYAMD
BVjgAwMEXwADBAKwNLADBAXCNiADAwHDrgMDANScAwMB1K4wDQQCAAIwBwMFAyoB
A1gwDQYJKoZIhvcNAQELBQADggEBAD0zQlfaYefARRXxkQdWHUJ/p1OXX8FsYnVp
nn+S+OWc54qq/mqILfLexZdcTbmCyFYbAU3VitI6BVRo8Ckw/5wYkHNRHZEM2yjw
TQmpTzhSFtPDOEx3y5fMVrXwtwlLeFZ8BkkjfLk85AIhtJHhkcXIJJm5fkMpxSNP
6PVniD64AxAvvllAzspF1UMThUCvAQAv93IfVSh68LpDFvub6hAuUy+oa3v5SFtm
4mGsADfcEoAh4CgzYbW91ekIDfeYOKlj2z4XJVrH0GNLjYaeOps0diRuUHe7QA/f
9Ah9e6n5IELBmZT/753xZ7XN/uLPaX6IZSc1/T6ksR2k9Tkhw9s=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:53:06 2024 by rpki-client on console-ams.rpki-client.org