Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/15/3a3b2c-76b9-49b4-8218-d12f1e2456ba/1/Atko-5TmCjsDKvr0Bnln9tmlGYw.roa
File: Atko-5TmCjsDKvr0Bnln9tmlGYw.roa (raw, json)
Hash identifier: IPWkDfYS/gT11r6ewAO13d7SbB/btMLVh0oJCl6kplI=
Subject key identifier: 02:D9:28:FB:94:E6:0A:3B:03:2A:FA:F4:06:79:67:F6:D9:A5:19:8C
Certificate issuer: /CN=c5a7c3f4b14693512202595a8a4f95b0d6b7a101
Certificate serial: 0FEA8AEC
Authority key identifier: C5:A7:C3:F4:B1:46:93:51:22:02:59:5A:8A:4F:95:B0:D6:B7:A1:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xafD9LFGk1EiAllaik-VsNa3oQE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/15/3a3b2c-76b9-49b4-8218-d12f1e2456ba/1/Atko-5TmCjsDKvr0Bnln9tmlGYw.roa
Signing time: Sat 01 Jan 2022 07:00:29 +0000
ROA not before: Sat 01 Jan 2022 07:00:29 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2200
IP address blocks: 134.158.159.0/24 maxlen: 24
134.158.72.0/23 maxlen: 23
134.158.78.0/24 maxlen: 24
134.158.195.0/24 maxlen: 24
134.158.120.0/21 maxlen: 21
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 267029228 (0xfea8aec)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c5a7c3f4b14693512202595a8a4f95b0d6b7a101
Validity
Not Before: Jan 1 07:00:29 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=02d928fb94e60a3b032afaf4067967f6d9a5198c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ed:4b:f9:f9:4b:d1:b2:5e:55:d9:5a:9c:48:22:
f8:aa:65:8d:68:06:f3:da:cc:3a:a8:20:c9:a1:b8:
d3:fd:0a:49:ac:f6:11:ba:ef:bb:be:b7:02:58:0f:
03:81:c0:40:08:fd:5a:c8:30:af:eb:2f:9a:93:5a:
33:65:b2:93:4a:67:e7:9d:f2:b0:f2:de:67:bc:3d:
ca:4d:db:13:c0:44:46:57:b7:8c:e9:dc:f4:10:1c:
d6:10:ca:37:7f:ec:de:b7:90:e6:a1:2a:78:eb:8b:
e4:3b:92:1a:a9:69:15:08:70:83:41:ca:f0:ba:1d:
c7:16:e7:53:c6:34:f3:42:bc:8c:26:20:fd:c1:78:
1e:10:d8:8c:c8:9a:37:6e:3a:54:9c:87:82:79:c3:
64:ac:23:87:eb:aa:c7:d4:31:db:2e:9a:52:cf:1a:
63:1e:9c:ab:d5:49:e8:3b:ba:9e:cd:75:9b:fd:a1:
fa:b6:57:8b:a1:d4:36:f6:7a:46:85:f0:25:fd:11:
4c:c3:b0:97:76:50:e8:8b:2d:98:ff:48:e0:e2:12:
f6:ab:5c:f5:b7:8f:87:77:d3:62:86:b8:8e:12:30:
14:91:cc:b8:46:75:95:07:f9:50:47:37:06:06:3f:
44:0e:88:98:9a:ac:85:fc:af:81:1f:75:c1:55:eb:
c8:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:D9:28:FB:94:E6:0A:3B:03:2A:FA:F4:06:79:67:F6:D9:A5:19:8C
X509v3 Authority Key Identifier:
keyid:C5:A7:C3:F4:B1:46:93:51:22:02:59:5A:8A:4F:95:B0:D6:B7:A1:01
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xafD9LFGk1EiAllaik-VsNa3oQE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/15/3a3b2c-76b9-49b4-8218-d12f1e2456ba/1/Atko-5TmCjsDKvr0Bnln9tmlGYw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/15/3a3b2c-76b9-49b4-8218-d12f1e2456ba/1/xafD9LFGk1EiAllaik-VsNa3oQE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
134.158.72.0/23
134.158.78.0/24
134.158.120.0/21
134.158.159.0/24
134.158.195.0/24
Signature Algorithm: sha256WithRSAEncryption
54:19:12:8b:ef:9a:85:1a:7b:5e:96:aa:34:5c:de:cf:cf:61:
de:6c:1e:c1:1a:f5:68:68:d0:3a:e0:b8:56:1a:24:2b:6d:20:
6b:33:e3:b1:6b:38:fd:91:00:d6:c6:cc:d2:11:5b:f5:c7:f7:
c0:a6:f0:e6:88:a4:d4:a2:13:b1:17:1d:15:ca:d2:5d:78:bc:
47:d4:4e:a9:c1:70:4d:9a:57:bc:c9:a5:cf:c4:33:dd:38:ca:
e6:82:b7:3b:71:df:64:78:28:9d:ab:fb:3a:46:13:f4:40:3c:
e9:46:4a:14:12:07:e3:45:3c:78:ef:db:c7:0c:fd:c7:a1:89:
0b:73:b4:7d:2f:35:47:a7:35:ae:06:2f:1a:41:c1:67:2e:26:
d5:db:14:64:dc:96:20:84:48:d8:40:70:ef:48:15:7c:ac:f4:
38:09:d0:af:9f:65:ab:c4:37:cd:c8:e8:79:2e:93:f4:3e:d7:
57:83:39:47:b8:69:08:0b:01:ca:c6:c6:a1:e5:61:17:0a:50:
b3:e8:b4:d8:ec:fd:1b:ad:a0:4b:9c:c1:01:53:98:6c:2e:d5:
67:87:7e:c9:6a:45:a9:34:c9:0d:49:cc:01:ee:88:bd:9e:6c:
d0:12:ca:aa:3a:fd:be:4b:51:2b:8e:b5:42:bd:de:d1:44:ab:
61:e3:ad:61
-----BEGIN CERTIFICATE-----
MIIFBzCCA++gAwIBAgIED+qK7DANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhj
NWE3YzNmNGIxNDY5MzUxMjIwMjU5NWE4YTRmOTViMGQ2YjdhMTAxMB4XDTIyMDEw
MTA3MDAyOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMDJkOTI4ZmI5NGU2
MGEzYjAzMmFmYWY0MDY3OTY3ZjZkOWE1MTk4YzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAO1L+flL0bJeVdlanEgi+KpljWgG89rMOqggyaG40/0KSaz2
Ebrvu763AlgPA4HAQAj9Wsgwr+svmpNaM2Wyk0pn553ysPLeZ7w9yk3bE8BERle3
jOnc9BAc1hDKN3/s3reQ5qEqeOuL5DuSGqlpFQhwg0HK8LodxxbnU8Y080K8jCYg
/cF4HhDYjMiaN246VJyHgnnDZKwjh+uqx9Qx2y6aUs8aYx6cq9VJ6Du6ns11m/2h
+rZXi6HUNvZ6RoXwJf0RTMOwl3ZQ6IstmP9I4OIS9qtc9bePh3fTYoa4jhIwFJHM
uEZ1lQf5UEc3BgY/RA6ImJqshfyvgR91wVXryCMCAwEAAaOCAiEwggIdMB0GA1Ud
DgQWBBQC2Sj7lOYKOwMq+vQGeWf22aUZjDAfBgNVHSMEGDAWgBTFp8P0sUaTUSIC
WVqKT5Ww1rehATAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3hhZkQ5TEZHazFFaUFsbGFpay1Wc05hM29RRS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMTUvM2EzYjJjLTc2YjktNDliNC04MjE4LWQxMmYxZTI0NTZiYS8x
L0F0a28tNVRtQ2pzREt2cjBCbmxuOXRtbEdZdy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMTUv
M2EzYjJjLTc2YjktNDliNC04MjE4LWQxMmYxZTI0NTZiYS8xL3hhZkQ5TEZHazFF
aUFsbGFpay1Wc05hM29RRS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA3
BggrBgEFBQcBBwEB/wQoMCYwJAQCAAEwHgMEAYaeSAMEAIaeTgMEA4aeeAMEAIae
nwMEAIaewzANBgkqhkiG9w0BAQsFAAOCAQEAVBkSi++ahRp7XpaqNFzez89h3mwe
wRr1aGjQOuC4VhokK20gazPjsWs4/ZEA1sbM0hFb9cf3wKbw5oik1KITsRcdFcrS
XXi8R9ROqcFwTZpXvMmlz8Qz3TjK5oK3O3HfZHgonav7OkYT9EA86UZKFBIH40U8
eO/bxwz9x6GJC3O0fS81R6c1rgYvGkHBZy4m1dsUZNyWIIRI2EBw70gVfKz0OAnQ
r59lq8Q3zcjoeS6T9D7XV4M5R7hpCAsBysbGoeVhFwpQs+i02Oz9G62gS5zBAVOY
bC7VZ4d+yWpFqTTJDUnMAe6IvZ5s0BLKqjr9vktRK461Qr3e0USrYeOtYQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:55:01 2024 by rpki-client on console-ams.rpki-client.org