Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/46/5d8915-c448-40e7-8caa-ba771ffd269c/1/osTZ-13SEj0QXWctZvmdOIlFxJ8.roa
File: osTZ-13SEj0QXWctZvmdOIlFxJ8.roa (raw, json)
Hash identifier: b/PAlfb7S58+cuBJ3FBaOdndUgGOqfFHTF8Rk+enQbk=
Subject key identifier: A2:C4:D9:FB:5D:D2:12:3D:10:5D:67:2D:66:F9:9D:38:89:45:C4:9F
Certificate issuer: /CN=8d11cb015df9baab61228dbbce17dd4e00e63c13
Certificate serial: 066EE66F
Authority key identifier: 8D:11:CB:01:5D:F9:BA:AB:61:22:8D:BB:CE:17:DD:4E:00:E6:3C:13
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jRHLAV35uqthIo27zhfdTgDmPBM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/46/5d8915-c448-40e7-8caa-ba771ffd269c/1/osTZ-13SEj0QXWctZvmdOIlFxJ8.roa
Signing time: Tue 29 Mar 2022 08:22:19 +0000
ROA not before: Tue 29 Mar 2022 08:22:19 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 1239
IP address blocks: 178.171.50.0/23 maxlen: 23
178.171.48.0/22 maxlen: 22
178.171.48.0/23 maxlen: 23
178.171.60.0/23 maxlen: 23
178.171.60.0/22 maxlen: 22
178.171.62.0/23 maxlen: 23
158.46.176.0/22 maxlen: 22
178.171.119.0/24 maxlen: 24
178.171.32.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 107931247 (0x66ee66f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8d11cb015df9baab61228dbbce17dd4e00e63c13
Validity
Not Before: Mar 29 08:22:19 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a2c4d9fb5dd2123d105d672d66f99d388945c49f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:37:df:d0:7f:f7:45:f4:aa:c2:fc:e8:51:b8:
0e:03:ac:bb:83:c7:3c:3f:75:f2:ba:80:61:e6:29:
18:4f:b9:44:2e:df:90:f1:70:8a:79:07:58:05:3e:
ca:3d:c2:4c:a1:7c:b9:9b:0c:85:13:90:a5:bc:88:
76:25:b1:84:d1:6a:6b:54:8b:52:42:1f:a9:c3:8a:
4d:bb:9b:eb:d4:90:ed:f8:f1:6f:a8:37:88:9a:6e:
b2:55:04:c1:9c:8a:d8:56:5e:49:14:85:c5:7c:93:
d2:6c:ad:13:9a:4f:f5:a1:b9:85:73:0c:5b:fa:61:
68:94:de:d4:03:60:56:2c:63:b4:e0:30:d2:d4:c5:
07:ea:d3:d4:50:47:34:02:ed:a7:f6:83:2a:ff:bc:
90:91:e1:51:67:f8:d6:4b:2a:c2:46:c9:99:8c:02:
68:d0:cf:3d:7e:ae:e8:c4:06:b3:1b:6c:c2:7c:88:
0c:61:26:da:7c:fd:14:d9:fa:7c:45:99:6a:18:ad:
1d:74:f8:f1:41:cf:f4:bc:cb:6d:c5:77:68:d8:9b:
1b:b5:9e:43:6d:ca:22:d3:67:ef:ac:de:c8:8c:27:
0e:9c:a6:fa:d2:ff:0a:d8:b5:8c:3b:32:82:5d:37:
f4:db:2c:39:34:a3:c1:f9:7d:b6:e2:ef:2b:bc:f6:
90:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:C4:D9:FB:5D:D2:12:3D:10:5D:67:2D:66:F9:9D:38:89:45:C4:9F
X509v3 Authority Key Identifier:
keyid:8D:11:CB:01:5D:F9:BA:AB:61:22:8D:BB:CE:17:DD:4E:00:E6:3C:13
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jRHLAV35uqthIo27zhfdTgDmPBM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/46/5d8915-c448-40e7-8caa-ba771ffd269c/1/osTZ-13SEj0QXWctZvmdOIlFxJ8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/46/5d8915-c448-40e7-8caa-ba771ffd269c/1/jRHLAV35uqthIo27zhfdTgDmPBM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
158.46.176.0/22
178.171.32.0/22
178.171.48.0/22
178.171.60.0/22
178.171.119.0/24
Signature Algorithm: sha256WithRSAEncryption
46:f8:72:ef:f0:ab:ac:1f:7c:33:17:62:2b:a5:4c:c9:86:1d:
94:3a:3d:40:aa:98:64:96:27:42:43:0b:46:1a:18:b5:ed:8e:
cc:a7:a7:ae:59:47:e7:ec:27:ec:d8:b0:ab:80:e8:a2:27:d6:
b3:4d:ef:d3:b8:2b:c0:06:4d:77:84:5e:3d:8b:19:36:11:cd:
db:95:39:a5:ff:94:1c:b0:80:b5:5d:73:62:71:fc:0a:de:7c:
cd:47:8d:a3:bc:28:bc:b6:17:f2:c7:a4:83:28:69:62:59:d8:
de:3a:f0:93:59:9c:66:71:a3:5c:a8:95:9b:0f:0b:80:6f:9e:
2d:fb:46:c2:ae:10:2d:fe:49:6e:4d:4e:9f:dd:e7:12:d6:22:
45:9a:59:98:38:5c:18:e6:88:5e:ea:2e:fa:7e:3b:0d:c9:7d:
82:2a:0a:8c:ec:ee:76:bf:7e:a2:6b:53:57:06:85:df:64:72:
f4:2b:77:ed:a9:70:82:00:cd:39:44:9e:74:f7:e9:c2:b8:d7:
99:a5:fc:71:b7:54:65:6c:92:0e:68:df:df:7b:25:75:d2:5a:
42:e7:af:84:71:31:4c:8c:36:96:43:7e:e7:1f:8e:b0:03:b2:
c8:f2:77:10:67:be:8f:cc:ff:b9:43:cf:d9:ea:e3:bb:5d:7a:
7a:56:f2:cd
-----BEGIN CERTIFICATE-----
MIIFBzCCA++gAwIBAgIEBm7mbzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
ZDExY2IwMTVkZjliYWFiNjEyMjhkYmJjZTE3ZGQ0ZTAwZTYzYzEzMB4XDTIyMDMy
OTA4MjIxOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYTJjNGQ5ZmI1ZGQy
MTIzZDEwNWQ2NzJkNjZmOTlkMzg4OTQ1YzQ5ZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJs339B/90X0qsL86FG4DgOsu4PHPD918rqAYeYpGE+5RC7f
kPFwinkHWAU+yj3CTKF8uZsMhROQpbyIdiWxhNFqa1SLUkIfqcOKTbub69SQ7fjx
b6g3iJpuslUEwZyK2FZeSRSFxXyT0mytE5pP9aG5hXMMW/phaJTe1ANgVixjtOAw
0tTFB+rT1FBHNALtp/aDKv+8kJHhUWf41ksqwkbJmYwCaNDPPX6u6MQGsxtswnyI
DGEm2nz9FNn6fEWZahitHXT48UHP9LzLbcV3aNibG7WeQ23KItNn76zeyIwnDpym
+tL/Cti1jDsygl039NssOTSjwfl9tuLvK7z2kCkCAwEAAaOCAiEwggIdMB0GA1Ud
DgQWBBSixNn7XdISPRBdZy1m+Z04iUXEnzAfBgNVHSMEGDAWgBSNEcsBXfm6q2Ei
jbvOF91OAOY8EzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2pSSExBVjM1dXF0aElvMjd6aGZkVGdEbVBCTS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNDYvNWQ4OTE1LWM0NDgtNDBlNy04Y2FhLWJhNzcxZmZkMjY5Yy8x
L29zVFotMTNTRWowUVhXY3Radm1kT0lsRnhKOC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNDYv
NWQ4OTE1LWM0NDgtNDBlNy04Y2FhLWJhNzcxZmZkMjY5Yy8xL2pSSExBVjM1dXF0
aElvMjd6aGZkVGdEbVBCTS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA3
BggrBgEFBQcBBwEB/wQoMCYwJAQCAAEwHgMEAp4usAMEArKrIAMEArKrMAMEArKr
PAMEALKrdzANBgkqhkiG9w0BAQsFAAOCAQEARvhy7/CrrB98MxdiK6VMyYYdlDo9
QKqYZJYnQkMLRhoYte2OzKenrllH5+wn7Niwq4DooifWs03v07grwAZNd4RePYsZ
NhHN25U5pf+UHLCAtV1zYnH8Ct58zUeNo7wovLYX8sekgyhpYlnY3jrwk1mcZnGj
XKiVmw8LgG+eLftGwq4QLf5Jbk1On93nEtYiRZpZmDhcGOaIXuou+n47Dcl9gioK
jOzudr9+omtTVwaF32Ry9Ct37alwggDNOUSedPfpwrjXmaX8cbdUZWySDmjf33sl
ddJaQuevhHExTIw2lkN+5x+OsAOyyPJ3EGe+j8z/uUPP2erju116elbyzQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:06:09 2024 by rpki-client on console-ams.rpki-client.org