Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/c16f55-b44d-40c3-9dac-cc2fafe3a8b4/1/TK18vvXHloD1wDwWcyxgN4e99mg.roa
File: TK18vvXHloD1wDwWcyxgN4e99mg.roa (raw, json)
Hash identifier: lO+Rgb5bgyT6FF54nqIFFYdmz50l2C2sZUCqQn/w5Ok=
Subject key identifier: 4C:AD:7C:BE:F5:C7:96:80:F5:C0:3C:16:73:2C:60:37:87:BD:F6:68
Certificate issuer: /CN=5b698c4b612afee2cbb1cdd509e4f0246fbb80e1
Certificate serial: 0184BEDCD2241F1BFE4F0F8BBD9184497448
Authority key identifier: 5B:69:8C:4B:61:2A:FE:E2:CB:B1:CD:D5:09:E4:F0:24:6F:BB:80:E1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/W2mMS2Eq_uLLsc3VCeTwJG-7gOE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/c16f55-b44d-40c3-9dac-cc2fafe3a8b4/1/TK18vvXHloD1wDwWcyxgN4e99mg.roa
Signing time: Mon 28 Nov 2022 15:30:53 +0000
ROA not before: Mon 28 Nov 2022 15:30:53 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 204834
IP address blocks: 188.75.108.0/22 maxlen: 24
188.75.111.0/24 maxlen: 24
188.75.110.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:be:dc:d2:24:1f:1b:fe:4f:0f:8b:bd:91:84:49:74:48
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5b698c4b612afee2cbb1cdd509e4f0246fbb80e1
Validity
Not Before: Nov 28 15:30:53 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=4cad7cbef5c79680f5c03c16732c603787bdf668
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:40:4a:3c:98:12:1d:83:c3:e6:d8:ca:e5:2c:
82:3e:56:52:4f:a2:2c:c6:8b:ec:b1:dd:9d:01:06:
0b:04:79:37:11:e0:e3:cc:d9:2c:d4:c8:d2:a9:8a:
ae:cd:a4:64:4f:6f:86:53:41:cf:56:a3:08:b3:eb:
c5:1e:e4:be:d6:5b:66:57:57:48:d0:f9:40:77:1f:
6b:84:74:0d:2f:5b:db:19:16:91:e5:fb:1a:fd:1a:
41:60:1f:c5:c8:39:71:9b:37:76:17:76:41:40:9e:
fc:6c:21:3c:c3:ea:0b:80:d0:b3:7d:59:d2:95:a4:
d1:dd:0c:b7:af:b9:f4:f2:be:96:b4:a7:0a:ed:67:
84:45:e3:03:87:64:dc:3e:1b:e6:6c:e1:ca:06:5a:
ed:b5:37:aa:d2:86:fb:b2:7c:98:01:79:8c:6b:01:
2e:65:da:09:83:c4:45:72:40:02:51:86:59:b3:bf:
1d:6c:76:ef:46:be:50:7a:17:bd:b8:c2:11:98:c3:
d8:be:d7:fd:33:f3:0f:2c:be:ce:d5:77:13:8a:b8:
93:53:34:d5:3a:c1:96:2f:a2:c3:70:4e:c8:fc:05:
d4:5f:ab:83:00:4b:88:e8:b5:29:0e:f5:dd:05:5e:
29:d9:83:27:57:be:78:6e:ef:53:28:01:44:63:d0:
21:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:AD:7C:BE:F5:C7:96:80:F5:C0:3C:16:73:2C:60:37:87:BD:F6:68
X509v3 Authority Key Identifier:
keyid:5B:69:8C:4B:61:2A:FE:E2:CB:B1:CD:D5:09:E4:F0:24:6F:BB:80:E1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/W2mMS2Eq_uLLsc3VCeTwJG-7gOE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/c16f55-b44d-40c3-9dac-cc2fafe3a8b4/1/TK18vvXHloD1wDwWcyxgN4e99mg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/c16f55-b44d-40c3-9dac-cc2fafe3a8b4/1/W2mMS2Eq_uLLsc3VCeTwJG-7gOE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.75.108.0/22
Signature Algorithm: sha256WithRSAEncryption
28:8a:e3:64:50:d1:06:e3:cd:bf:d8:e2:70:bf:e5:14:cc:eb:
50:15:4b:d3:cd:5b:39:62:6b:b5:89:e0:3c:8f:76:6d:6d:2f:
d4:c4:b9:39:51:3f:ee:63:b7:b0:16:7f:88:2a:32:19:59:79:
51:99:fa:c9:ad:60:9c:5e:ec:38:c4:57:10:fd:f3:05:f2:45:
df:12:3f:cc:23:a3:c9:17:84:e1:80:2b:bf:8a:61:1b:a8:6d:
d1:42:18:b5:5e:5a:e2:96:73:92:3e:79:98:e4:9c:4d:67:ef:
4c:72:d5:40:f3:55:9d:7e:f2:25:fb:a3:dc:5e:c0:f8:fe:a8:
a8:b0:88:6c:4d:e1:df:29:d2:0b:aa:88:06:3b:8a:bb:0b:53:
2c:c7:e7:5a:0d:e9:7d:da:f9:79:61:c3:f5:a3:6e:07:83:23:
6b:bb:78:6e:20:7b:3a:0b:1b:fc:78:dd:7f:14:4e:ac:7b:9f:
ba:85:54:c9:b4:4e:e6:c3:e3:f8:3d:43:5a:b2:68:40:80:11:
9c:76:1f:c1:54:c6:bb:44:cd:9e:30:7e:71:a4:4e:e3:97:05:
41:c5:02:c5:d1:df:df:43:fa:e5:9d:09:03:92:ff:c0:23:11:
5e:25:9d:89:28:4b:d2:ef:38:da:87:46:0e:8a:90:8a:cd:9a:
d2:5f:17:ba
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYS+3NIkHxv+Tw+LvZGESXRIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDViNjk4YzRiNjEyYWZlZTJjYmIxY2RkNTA5ZTRmMDI0NmZi
YjgwZTEwHhcNMjIxMTI4MTUzMDUzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0Y2FkN2NiZWY1Yzc5NjgwZjVjMDNjMTY3MzJjNjAzNzg3YmRmNjY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAokBKPJgSHYPD5tjK5SyCPlZST6Is
xovssd2dAQYLBHk3EeDjzNks1MjSqYquzaRkT2+GU0HPVqMIs+vFHuS+1ltmV1dI
0PlAdx9rhHQNL1vbGRaR5fsa/RpBYB/FyDlxmzd2F3ZBQJ78bCE8w+oLgNCzfVnS
laTR3Qy3r7n08r6WtKcK7WeEReMDh2TcPhvmbOHKBlrttTeq0ob7snyYAXmMawEu
ZdoJg8RFckACUYZZs78dbHbvRr5Qehe9uMIRmMPYvtf9M/MPLL7O1XcTiriTUzTV
OsGWL6LDcE7I/AXUX6uDAEuI6LUpDvXdBV4p2YMnV754bu9TKAFEY9AhWQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEytfL71x5aA9cA8FnMsYDeHvfZoMB8GA1UdIwQY
MBaAFFtpjEthKv7iy7HN1Qnk8CRvu4DhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVzJtTVMyRXFfdUxMc2MzVkNlVHdKRy03Z09FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS9jMTZmNTUtYjQ0ZC00MGMzLTlkYWMt
Y2MyZmFmZTNhOGI0LzEvVEsxOHZ2WEhsb0Qxd0R3V2N5eGdONGU5OW1nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS9jMTZmNTUtYjQ0ZC00MGMzLTlkYWMtY2MyZmFmZTNhOGI0
LzEvVzJtTVMyRXFfdUxMc2MzVkNlVHdKRy03Z09FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCvEtsMA0G
CSqGSIb3DQEBCwUAA4IBAQAoiuNkUNEG482/2OJwv+UUzOtQFUvTzVs5Ymu1ieA8
j3ZtbS/UxLk5UT/uY7ewFn+IKjIZWXlRmfrJrWCcXuw4xFcQ/fMF8kXfEj/MI6PJ
F4ThgCu/imEbqG3RQhi1XlrilnOSPnmY5JxNZ+9MctVA81WdfvIl+6PcXsD4/qio
sIhsTeHfKdILqogGO4q7C1Msx+daDel92vl5YcP1o24HgyNru3huIHs6Cxv8eN1/
FE6se5+6hVTJtE7mw+P4PUNasmhAgBGcdh/BVMa7RM2eMH5xpE7jlwVBxQLF0d/f
Q/rlnQkDkv/AIxFeJZ2JKEvS7zjah0YOipCKzZrSXxe6
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:15:06 2024 by rpki-client on console-ams.rpki-client.org