Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/46/5d8915-c448-40e7-8caa-ba771ffd269c/1/TDGsVlQXvTpDdslWnqTjGAchbRw.roa
File: TDGsVlQXvTpDdslWnqTjGAchbRw.roa (raw, json)
Hash identifier: qsDHEsx+G9Ibjhe4EZaLEvaBWgfqYyx1nsyRcJmaNb8=
Subject key identifier: 4C:31:AC:56:54:17:BD:3A:43:76:C9:56:9E:A4:E3:18:07:21:6D:1C
Certificate issuer: /CN=8d11cb015df9baab61228dbbce17dd4e00e63c13
Certificate serial: 018386EF8894B8CA99FFE3B3DDFB91794D03
Authority key identifier: 8D:11:CB:01:5D:F9:BA:AB:61:22:8D:BB:CE:17:DD:4E:00:E6:3C:13
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jRHLAV35uqthIo27zhfdTgDmPBM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/46/5d8915-c448-40e7-8caa-ba771ffd269c/1/TDGsVlQXvTpDdslWnqTjGAchbRw.roa
Signing time: Thu 29 Sep 2022 01:49:48 +0000
ROA not before: Thu 29 Sep 2022 01:49:48 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 62240
IP address blocks: 158.46.179.0/24 maxlen: 24
158.46.178.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:86:ef:88:94:b8:ca:99:ff:e3:b3:dd:fb:91:79:4d:03
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8d11cb015df9baab61228dbbce17dd4e00e63c13
Validity
Not Before: Sep 29 01:49:48 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=4c31ac565417bd3a4376c9569ea4e31807216d1c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:5d:49:0d:4e:90:4e:9a:19:b8:ab:aa:f8:be:
3e:35:4d:01:85:fe:16:28:42:cd:a4:e2:cb:3a:27:
c8:1d:f8:f6:f3:1a:1f:ec:55:70:64:90:a9:15:e4:
c7:a5:89:32:1f:99:e8:54:00:ad:ba:40:c8:bf:52:
a0:f8:45:c3:8a:c8:ae:80:05:ec:e9:62:65:6b:2e:
f3:48:8a:d4:6c:77:a6:25:58:1e:86:77:28:02:34:
95:9f:c6:a9:28:35:ad:12:63:3b:dd:ad:65:3d:4e:
21:c3:10:1a:8b:79:5d:b1:55:9e:34:8e:39:e8:49:
c4:3e:29:e3:08:f7:0b:b2:56:3a:e4:29:58:fb:0b:
aa:50:e6:7e:71:15:a2:20:77:cb:1a:5e:c1:69:ac:
b1:7d:90:ed:4f:5d:46:e8:b7:45:e2:0d:78:9a:b2:
59:d7:a5:30:a8:b2:4d:96:b1:af:b8:d9:62:7c:48:
3a:d9:f3:1f:9a:ee:b8:d5:11:80:6d:b8:43:ed:0a:
2e:20:17:d5:6d:ac:ec:8d:64:83:14:bd:f0:9c:1a:
c7:03:fb:ef:db:66:f9:13:6e:11:07:5a:f7:75:a1:
6d:da:f9:60:4e:e1:92:80:da:f4:d8:97:05:64:fd:
e0:97:63:e3:31:3b:2b:c9:d9:ac:b5:c9:e3:ca:e6:
8e:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:31:AC:56:54:17:BD:3A:43:76:C9:56:9E:A4:E3:18:07:21:6D:1C
X509v3 Authority Key Identifier:
keyid:8D:11:CB:01:5D:F9:BA:AB:61:22:8D:BB:CE:17:DD:4E:00:E6:3C:13
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jRHLAV35uqthIo27zhfdTgDmPBM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/46/5d8915-c448-40e7-8caa-ba771ffd269c/1/TDGsVlQXvTpDdslWnqTjGAchbRw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/46/5d8915-c448-40e7-8caa-ba771ffd269c/1/jRHLAV35uqthIo27zhfdTgDmPBM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
158.46.178.0/23
Signature Algorithm: sha256WithRSAEncryption
56:74:56:99:ff:49:7e:1a:9f:74:a9:f6:ba:ba:5c:a8:d0:c2:
5b:69:42:f9:53:46:5b:54:43:69:f2:e6:a3:55:2c:6c:8c:f7:
d7:5f:b2:d7:98:36:9e:b5:62:2e:a7:1a:4c:64:f1:70:88:45:
d3:65:90:f6:30:bf:48:07:e5:d8:24:0f:3c:9b:42:ec:7f:d2:
a2:e5:67:00:ae:7a:91:7a:80:f7:fc:bf:63:e5:85:1e:ad:c1:
b1:3c:f5:1a:bd:1a:04:23:ec:2b:68:83:12:26:43:f3:90:d9:
aa:fc:4b:40:89:a2:3c:6c:8d:ab:51:b5:1a:27:91:04:50:8e:
00:51:01:ee:75:ef:d8:a1:8a:cd:01:b8:df:9f:f2:b1:d3:12:
f3:0a:ff:d6:c9:0b:35:b8:1c:b8:81:3e:7f:c9:97:ec:43:95:
b7:1e:14:3b:32:a8:fb:45:e4:5b:2d:82:ff:a2:68:a3:63:37:
e1:c9:db:2f:8a:f8:bb:1b:c7:4e:cf:ff:66:8f:ed:af:40:1b:
a2:10:a5:5b:8d:dc:97:91:79:fe:f9:14:40:07:8f:0b:c5:0f:
8e:1b:02:81:e9:e0:e1:9f:c3:2d:12:c8:e6:85:d9:e1:3c:1f:
2b:6f:3f:49:74:3b:66:a0:23:6e:4a:71:c6:e6:7b:1d:76:8c:
73:13:82:39
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYOG74iUuMqZ/+Oz3fuReU0DMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhkMTFjYjAxNWRmOWJhYWI2MTIyOGRiYmNlMTdkZDRlMDBl
NjNjMTMwHhcNMjIwOTI5MDE0OTQ4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YzMxYWM1NjU0MTdiZDNhNDM3NmM5NTY5ZWE0ZTMxODA3MjE2ZDFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAul1JDU6QTpoZuKuq+L4+NU0Bhf4W
KELNpOLLOifIHfj28xof7FVwZJCpFeTHpYkyH5noVACtukDIv1Kg+EXDisiugAXs
6WJlay7zSIrUbHemJVgehncoAjSVn8apKDWtEmM73a1lPU4hwxAai3ldsVWeNI45
6EnEPinjCPcLslY65ClY+wuqUOZ+cRWiIHfLGl7BaayxfZDtT11G6LdF4g14mrJZ
16UwqLJNlrGvuNlifEg62fMfmu641RGAbbhD7QouIBfVbazsjWSDFL3wnBrHA/vv
22b5E24RB1r3daFt2vlgTuGSgNr02JcFZP3gl2PjMTsrydmstcnjyuaO1wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEwxrFZUF706Q3bJVp6k4xgHIW0cMB8GA1UdIwQY
MBaAFI0RywFd+bqrYSKNu84X3U4A5jwTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvalJITEFWMzV1cXRoSW8yN3poZmRUZ0RtUEJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ni81ZDg5MTUtYzQ0OC00MGU3LThjYWEt
YmE3NzFmZmQyNjljLzEvVERHc1ZsUVh2VHBEZHNsV25xVGpHQWNoYlJ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ni81ZDg5MTUtYzQ0OC00MGU3LThjYWEtYmE3NzFmZmQyNjlj
LzEvalJITEFWMzV1cXRoSW8yN3poZmRUZ0RtUEJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBni6yMA0G
CSqGSIb3DQEBCwUAA4IBAQBWdFaZ/0l+Gp90qfa6ulyo0MJbaUL5U0ZbVENp8uaj
VSxsjPfXX7LXmDaetWIupxpMZPFwiEXTZZD2ML9IB+XYJA88m0Lsf9Ki5WcArnqR
eoD3/L9j5YUercGxPPUavRoEI+wraIMSJkPzkNmq/EtAiaI8bI2rUbUaJ5EEUI4A
UQHude/YoYrNAbjfn/Kx0xLzCv/WyQs1uBy4gT5/yZfsQ5W3HhQ7Mqj7ReRbLYL/
omijYzfhydsvivi7G8dOz/9mj+2vQBuiEKVbjdyXkXn++RRAB48LxQ+OGwKB6eDh
n8MtEsjmhdnhPB8rbz9JdDtmoCNuSnHG5nsddoxzE4I5
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:27:39 2024 by rpki-client on console-fra.rpki-client.org