Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d6/c2a48a-3a89-46b5-ae62-abeed70fabd1/1/tfsaQv1GSaLbliTKyIgYAPc29tI.roa
File: tfsaQv1GSaLbliTKyIgYAPc29tI.roa (raw, json)
Hash identifier: KGvfmJb2FRDYTmIOSnNx0LGiYsKjMxMsLZyKtd5yNwo=
Subject key identifier: B5:FB:1A:42:FD:46:49:A2:DB:96:24:CA:C8:88:18:00:F7:36:F6:D2
Certificate issuer: /CN=2fd971a27c6fc2c662f065dd8bfa8b8a132c1eae
Certificate serial: A9986B
Authority key identifier: 2F:D9:71:A2:7C:6F:C2:C6:62:F0:65:DD:8B:FA:8B:8A:13:2C:1E:AE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/L9lxonxvwsZi8GXdi_qLihMsHq4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d6/c2a48a-3a89-46b5-ae62-abeed70fabd1/1/tfsaQv1GSaLbliTKyIgYAPc29tI.roa
Signing time: Thu 07 Apr 2022 00:33:12 +0000
ROA not before: Thu 07 Apr 2022 00:33:12 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 49581
IP address blocks: 80.91.223.0/24 maxlen: 24
2a12:b180::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 11114603 (0xa9986b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2fd971a27c6fc2c662f065dd8bfa8b8a132c1eae
Validity
Not Before: Apr 7 00:33:12 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=b5fb1a42fd4649a2db9624cac8881800f736f6d2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:42:00:b9:1a:7c:12:c7:53:7c:31:7c:d9:6e:
bf:ae:4f:a2:db:b8:d8:90:c2:5c:c0:40:1f:77:7e:
d2:dd:c0:34:15:45:ef:75:41:4a:38:b3:37:dc:7d:
c5:30:39:11:97:b5:ae:c6:da:db:aa:14:89:8e:58:
a7:e2:f1:ce:6f:46:26:0d:65:e8:40:0a:f4:10:cc:
32:d0:0e:3d:ec:7b:de:d9:0f:f9:36:a7:33:b8:cf:
64:ae:ab:0b:a0:41:89:13:b4:5a:f2:01:ce:04:e0:
12:3e:68:a6:db:97:57:b9:ce:01:8e:dd:17:62:b1:
42:bf:0f:d9:21:44:5a:6f:25:a3:cd:59:83:8f:88:
ec:32:88:01:1f:d5:25:18:b0:cf:6f:84:f5:aa:91:
9d:52:38:96:26:8a:de:ed:87:42:87:ea:f1:be:91:
a9:ac:73:24:18:9f:f5:b3:b4:ee:98:87:b9:ee:68:
27:93:cc:14:e9:be:bb:20:e8:9b:1a:09:61:b4:fd:
5a:ea:a7:18:39:ec:60:1a:9b:ff:13:8b:ee:2b:18:
94:26:c8:70:7e:0c:d9:a9:ab:15:a9:32:07:52:0b:
d2:3b:f8:c1:c8:0d:80:13:5d:74:45:31:04:af:9e:
7e:46:c9:3c:f2:09:a4:af:b2:99:10:4f:b5:c5:67:
84:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:FB:1A:42:FD:46:49:A2:DB:96:24:CA:C8:88:18:00:F7:36:F6:D2
X509v3 Authority Key Identifier:
keyid:2F:D9:71:A2:7C:6F:C2:C6:62:F0:65:DD:8B:FA:8B:8A:13:2C:1E:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/L9lxonxvwsZi8GXdi_qLihMsHq4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d6/c2a48a-3a89-46b5-ae62-abeed70fabd1/1/tfsaQv1GSaLbliTKyIgYAPc29tI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d6/c2a48a-3a89-46b5-ae62-abeed70fabd1/1/L9lxonxvwsZi8GXdi_qLihMsHq4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.91.223.0/24
IPv6:
2a12:b180::/29
Signature Algorithm: sha256WithRSAEncryption
b1:dc:af:ce:3b:b6:69:6e:ef:c2:82:37:0d:f5:b2:57:ca:9f:
00:3b:46:c9:7b:43:c7:cd:cc:a0:c1:5d:85:ac:19:22:87:a1:
9b:8b:43:d8:e8:2c:6e:7e:08:08:76:c2:3a:b1:ca:87:16:aa:
a8:ac:6f:be:65:7f:ad:00:ba:1a:e6:54:c0:f3:14:2c:3b:34:
1d:ee:c1:c9:5b:6c:8d:1a:11:8d:9a:f1:9b:51:61:3b:88:e6:
b0:f3:19:b5:5e:9f:1f:23:07:08:ec:03:44:06:09:d2:a7:c8:
67:56:74:d4:82:db:8d:79:16:2a:3b:d3:6c:93:c0:9b:21:e9:
1a:7d:a1:85:7a:5f:a5:b4:5d:df:6c:fc:8a:6b:78:40:9d:b7:
57:2b:dd:50:e7:3c:47:55:05:c7:a9:82:f7:2c:e8:57:8e:bb:
5d:14:ee:95:2f:fb:54:17:b7:63:ad:43:7c:14:ba:d6:ff:55:
22:a5:d3:1f:24:34:42:fb:d8:94:dc:0d:3a:b0:b3:f5:6a:42:
6d:54:69:27:a9:13:82:1b:a4:16:6b:0f:60:52:6c:d8:7b:29:
f7:25:bf:49:25:07:2a:66:cc:ed:77:f1:1a:7a:fb:a4:27:1c:
9a:15:6a:71:3c:3c:8c:df:2e:cb:b4:2d:e3:ad:12:b7:34:d3:
1b:58:2f:23
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIEAKmYazANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
ZmQ5NzFhMjdjNmZjMmM2NjJmMDY1ZGQ4YmZhOGI4YTEzMmMxZWFlMB4XDTIyMDQw
NzAwMzMxMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYjVmYjFhNDJmZDQ2
NDlhMmRiOTYyNGNhYzg4ODE4MDBmNzM2ZjZkMjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANRCALkafBLHU3wxfNluv65Potu42JDCXMBAH3d+0t3ANBVF
73VBSjizN9x9xTA5EZe1rsba26oUiY5Yp+Lxzm9GJg1l6EAK9BDMMtAOPex73tkP
+TanM7jPZK6rC6BBiRO0WvIBzgTgEj5optuXV7nOAY7dF2KxQr8P2SFEWm8lo81Z
g4+I7DKIAR/VJRiwz2+E9aqRnVI4liaK3u2HQofq8b6RqaxzJBif9bO07piHue5o
J5PMFOm+uyDomxoJYbT9WuqnGDnsYBqb/xOL7isYlCbIcH4M2amrFakyB1IL0jv4
wcgNgBNddEUxBK+efkbJPPIJpK+ymRBPtcVnhLMCAwEAAaOCAhgwggIUMB0GA1Ud
DgQWBBS1+xpC/UZJotuWJMrIiBgA9zb20jAfBgNVHSMEGDAWgBQv2XGifG/CxmLw
Zd2L+ouKEywerjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0w5bHhvbnh2d3NaaThHWGRpX3FMaWhNc0hxNC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZDYvYzJhNDhhLTNhODktNDZiNS1hZTYyLWFiZWVkNzBmYWJkMS8x
L3Rmc2FRdjFHU2FMYmxpVEt5SWdZQVBjMjl0SS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDYv
YzJhNDhhLTNhODktNDZiNS1hZTYyLWFiZWVkNzBmYWJkMS8xL0w5bHhvbnh2d3Na
aThHWGRpX3FMaWhNc0hxNC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAu
BggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEAFBb3zANBAIAAjAHAwUDKhKxgDAN
BgkqhkiG9w0BAQsFAAOCAQEAsdyvzju2aW7vwoI3DfWyV8qfADtGyXtDx83MoMFd
hawZIoehm4tD2Ogsbn4ICHbCOrHKhxaqqKxvvmV/rQC6GuZUwPMULDs0He7ByVts
jRoRjZrxm1FhO4jmsPMZtV6fHyMHCOwDRAYJ0qfIZ1Z01ILbjXkWKjvTbJPAmyHp
Gn2hhXpfpbRd32z8imt4QJ23VyvdUOc8R1UFx6mC9yzoV467XRTulS/7VBe3Y61D
fBS61v9VIqXTHyQ0QvvYlNwNOrCz9WpCbVRpJ6kTghukFmsPYFJs2Hsp9yW/SSUH
KmbM7XfxGnr7pCccmhVqcTw8jN8uy7Qt460StzTTG1gvIw==
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:42:35 2023 by rpki-client on console.sobornost.net