Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3b/e10057-99bb-44f9-9774-2752b3759066/1/TzcH_tqFKy11opXRhf7J1WIOgZQ.roa
File: TzcH_tqFKy11opXRhf7J1WIOgZQ.roa (raw, json)
Hash identifier: GgvkVJD5nB7qDNFZU95j4ZpF8Vzi2cs4+IGaCU82Q7s=
Subject key identifier: 4F:37:07:FE:DA:85:2B:2D:75:A2:95:D1:85:FE:C9:D5:62:0E:81:94
Certificate issuer: /CN=5a1a31909780e81734af6607272d18525db7657d
Certificate serial: 01840A6A69EA7F5477F8865A99538D2E070A
Authority key identifier: 5A:1A:31:90:97:80:E8:17:34:AF:66:07:27:2D:18:52:5D:B7:65:7D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WhoxkJeA6Bc0r2YHJy0YUl23ZX0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3b/e10057-99bb-44f9-9774-2752b3759066/1/TzcH_tqFKy11opXRhf7J1WIOgZQ.roa
Signing time: Mon 24 Oct 2022 14:34:16 +0000
ROA not before: Mon 24 Oct 2022 14:34:16 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 39730
IP address blocks: 185.195.132.0/22 maxlen: 22
178.250.176.0/21 maxlen: 21
2a0a:23c0::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:0a:6a:69:ea:7f:54:77:f8:86:5a:99:53:8d:2e:07:0a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5a1a31909780e81734af6607272d18525db7657d
Validity
Not Before: Oct 24 14:34:16 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=4f3707feda852b2d75a295d185fec9d5620e8194
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:15:25:4a:9b:3c:a9:de:fa:34:4c:4c:79:9c:
31:2f:cf:38:6c:94:46:8e:57:b9:db:2f:f7:51:a4:
dd:3c:b1:c4:fe:2f:df:86:0f:19:b2:e4:d9:4e:87:
94:af:5e:16:d8:1a:fe:81:e8:3e:ea:b4:cf:8f:6c:
f9:49:4b:ee:c8:18:38:56:87:a0:e3:4a:50:5b:9f:
c6:bd:c1:ad:d0:5f:13:0e:6b:19:63:35:7a:50:66:
86:e1:79:58:74:7d:77:1d:a1:2d:f1:5e:84:98:54:
9a:9a:ee:4c:5a:b0:c8:5b:fa:52:3b:21:57:e4:e8:
35:12:4a:6a:f9:af:0f:39:c7:07:e1:d5:d6:aa:56:
2e:76:50:22:1b:6e:fd:0c:06:c5:8d:60:25:5e:e7:
14:0b:e9:3a:71:c4:7f:37:5a:30:2c:47:6e:08:69:
af:f4:1d:cb:d0:d0:1d:42:80:3e:d4:0a:69:96:dc:
80:fb:a2:01:75:2f:2c:d4:b8:62:48:6f:36:b9:56:
a2:1a:08:c4:af:d2:cf:9b:af:34:a0:7d:ba:76:72:
bc:03:0f:1d:08:8e:27:99:47:0c:20:bd:1e:b3:f0:
90:df:e3:20:cf:c8:1a:ec:34:f4:bd:a2:31:ec:0a:
f9:ad:4c:5a:2c:65:d5:a0:35:b6:21:23:09:3d:59:
eb:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4F:37:07:FE:DA:85:2B:2D:75:A2:95:D1:85:FE:C9:D5:62:0E:81:94
X509v3 Authority Key Identifier:
keyid:5A:1A:31:90:97:80:E8:17:34:AF:66:07:27:2D:18:52:5D:B7:65:7D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WhoxkJeA6Bc0r2YHJy0YUl23ZX0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/e10057-99bb-44f9-9774-2752b3759066/1/TzcH_tqFKy11opXRhf7J1WIOgZQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/e10057-99bb-44f9-9774-2752b3759066/1/WhoxkJeA6Bc0r2YHJy0YUl23ZX0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.250.176.0/21
185.195.132.0/22
IPv6:
2a0a:23c0::/29
Signature Algorithm: sha256WithRSAEncryption
3b:b1:8f:73:9f:fd:e5:4e:d8:96:82:86:79:c1:39:3e:65:3e:
7b:cd:5d:d4:fd:8f:cd:52:83:79:64:92:bd:c1:5e:c0:9a:7b:
68:d1:33:fd:53:8b:73:50:7b:c4:73:8b:8d:b7:2c:7d:7f:8a:
d5:11:06:70:91:e1:85:7e:2f:4e:f1:7e:0d:dd:ba:63:ef:24:
94:86:39:92:7e:42:69:43:63:e6:98:11:ae:dc:49:90:90:c3:
84:b5:a2:c5:db:c0:c7:6e:29:43:50:c1:d3:32:27:c0:67:55:
8c:3f:02:c3:e0:3a:5f:c0:fb:2f:e3:21:cc:c3:1e:25:b1:5f:
ad:b4:cd:63:ce:68:fb:45:b1:e1:a8:fb:65:cb:f4:ce:7a:be:
22:2f:a7:ce:4e:70:94:e3:76:a1:90:69:17:7c:2f:6d:9e:e4:
af:55:81:6f:45:2c:05:dc:67:8b:dd:93:86:35:57:c8:af:f1:
47:d6:a6:27:da:55:f2:1d:eb:b3:29:42:b9:89:0c:94:a1:97:
01:18:30:6e:e0:03:04:5b:54:c5:e2:e8:5b:e4:fa:49:aa:44:
d1:9a:17:8e:9d:3d:0b:3e:e9:25:c3:4e:b0:56:df:4a:0b:8b:
7c:9d:60:22:27:93:00:a2:2a:c6:f9:c5:48:86:1f:d0:a0:25:
25:4f:a2:c4
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYQKamnqf1R3+IZamVONLgcKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVhMWEzMTkwOTc4MGU4MTczNGFmNjYwNzI3MmQxODUyNWRi
NzY1N2QwHhcNMjIxMDI0MTQzNDE2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZjM3MDdmZWRhODUyYjJkNzVhMjk1ZDE4NWZlYzlkNTYyMGU4MTk0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkRUlSps8qd76NExMeZwxL884bJRG
jle52y/3UaTdPLHE/i/fhg8ZsuTZToeUr14W2Br+geg+6rTPj2z5SUvuyBg4Voeg
40pQW5/GvcGt0F8TDmsZYzV6UGaG4XlYdH13HaEt8V6EmFSamu5MWrDIW/pSOyFX
5Og1Ekpq+a8POccH4dXWqlYudlAiG279DAbFjWAlXucUC+k6ccR/N1owLEduCGmv
9B3L0NAdQoA+1AppltyA+6IBdS8s1LhiSG82uVaiGgjEr9LPm680oH26dnK8Aw8d
CI4nmUcMIL0es/CQ3+Mgz8ga7DT0vaIx7Ar5rUxaLGXVoDW2ISMJPVnrSwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFE83B/7ahSstdaKV0YX+ydViDoGUMB8GA1UdIwQY
MBaAFFoaMZCXgOgXNK9mByctGFJdt2V9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV2hveGtKZUE2QmMwcjJZSEp5MFlVbDIzWlgwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYi9lMTAwNTctOTliYi00NGY5LTk3NzQt
Mjc1MmIzNzU5MDY2LzEvVHpjSF90cUZLeTExb3BYUmhmN0oxV0lPZ1pRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYi9lMTAwNTctOTliYi00NGY5LTk3NzQtMjc1MmIzNzU5MDY2
LzEvV2hveGtKZUE2QmMwcjJZSEp5MFlVbDIzWlgwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQDsvqwAwQC
ucOEMA0EAgACMAcDBQMqCiPAMA0GCSqGSIb3DQEBCwUAA4IBAQA7sY9zn/3lTtiW
goZ5wTk+ZT57zV3U/Y/NUoN5ZJK9wV7Amnto0TP9U4tzUHvEc4uNtyx9f4rVEQZw
keGFfi9O8X4N3bpj7ySUhjmSfkJpQ2PmmBGu3EmQkMOEtaLF28DHbilDUMHTMifA
Z1WMPwLD4DpfwPsv4yHMwx4lsV+ttM1jzmj7RbHhqPtly/TOer4iL6fOTnCU43ah
kGkXfC9tnuSvVYFvRSwF3GeL3ZOGNVfIr/FH1qYn2lXyHeuzKUK5iQyUoZcBGDBu
4AMEW1TF4uhb5PpJqkTRmheOnT0LPuklw06wVt9KC4t8nWAiJ5MAoirG+cVIhh/Q
oCUlT6LE
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:04:07 2024 by rpki-client on console-ams.rpki-client.org