Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/69/5f2f0b-fd82-44fa-b634-52766b24baa4/1/TKB3PJQjLc87A2t4MblooDhSllE.roa
File: TKB3PJQjLc87A2t4MblooDhSllE.roa (raw, json)
Hash identifier: qXYd6sc9UJFHL+e13a8OqqXbH80nQXV/XJf5TjaxZAU=
Subject key identifier: 4C:A0:77:3C:94:23:2D:CF:3B:03:6B:78:31:B9:68:A0:38:52:96:51
Certificate issuer: /CN=546834e68890f3986a1b0457ce0f54ae03c2d76b
Certificate serial: 3A840ED6
Authority key identifier: 54:68:34:E6:88:90:F3:98:6A:1B:04:57:CE:0F:54:AE:03:C2:D7:6B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VGg05oiQ85hqGwRXzg9UrgPC12s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/69/5f2f0b-fd82-44fa-b634-52766b24baa4/1/TKB3PJQjLc87A2t4MblooDhSllE.roa
Signing time: Sat 01 Jan 2022 04:52:05 +0000
ROA not before: Sat 01 Jan 2022 04:52:05 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 199390
IP address blocks: 195.136.176.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 981733078 (0x3a840ed6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=546834e68890f3986a1b0457ce0f54ae03c2d76b
Validity
Not Before: Jan 1 04:52:05 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=4ca0773c94232dcf3b036b7831b968a038529651
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:a5:d4:53:c8:7f:bf:bd:de:fb:db:50:e8:7b:
8b:75:d3:4a:3d:c5:ec:31:c0:52:e1:14:09:86:b7:
2e:17:2d:95:ee:0f:21:86:7e:90:95:fe:46:b4:03:
c9:08:e6:05:20:47:6b:2a:da:8f:3b:8f:ec:b9:d7:
e2:85:af:f0:76:d9:72:04:40:21:8f:f1:32:c2:2b:
96:ec:43:70:de:92:fc:d7:30:0f:c9:d6:d5:f8:35:
f3:a2:9c:e8:9d:3a:1c:e2:da:b8:52:d1:56:f0:ac:
01:62:92:55:f3:05:9d:71:2d:94:1e:1d:54:1e:76:
34:86:19:ab:1e:66:3e:09:2c:1c:d1:0b:f0:ad:42:
f9:ca:d3:59:f4:ee:77:a6:a1:e2:af:5e:22:0d:49:
ba:cf:d2:1b:68:c2:3b:e3:cc:62:bf:cc:73:6b:b9:
79:b7:88:59:2c:86:94:58:df:9b:b5:f8:5b:cd:95:
c6:48:9c:28:6a:39:ad:ae:df:c8:f9:de:79:09:2e:
ff:67:5d:30:b1:f4:be:1b:73:55:d0:77:2a:de:20:
8a:9c:9d:4e:fc:a9:ca:44:fd:90:8d:7a:86:fe:17:
a3:86:e5:14:86:76:c6:45:07:5f:68:4c:a3:88:3e:
ba:38:36:bf:4d:6e:43:03:5d:d5:e5:87:20:1a:2b:
2e:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:A0:77:3C:94:23:2D:CF:3B:03:6B:78:31:B9:68:A0:38:52:96:51
X509v3 Authority Key Identifier:
keyid:54:68:34:E6:88:90:F3:98:6A:1B:04:57:CE:0F:54:AE:03:C2:D7:6B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VGg05oiQ85hqGwRXzg9UrgPC12s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/69/5f2f0b-fd82-44fa-b634-52766b24baa4/1/TKB3PJQjLc87A2t4MblooDhSllE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/69/5f2f0b-fd82-44fa-b634-52766b24baa4/1/VGg05oiQ85hqGwRXzg9UrgPC12s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.136.176.0/22
Signature Algorithm: sha256WithRSAEncryption
58:c7:bf:40:eb:66:96:dc:c5:23:89:76:f7:5d:9a:dc:4b:f1:
14:12:60:a9:b6:cc:0a:f2:ac:ef:8e:b9:c5:86:39:07:d2:1b:
f8:b7:e9:60:1b:34:3c:89:b9:08:ab:dc:b9:2d:34:b4:31:03:
d6:03:5d:2e:39:a5:78:a7:76:5b:2b:8c:ff:8f:12:91:aa:dd:
13:7a:e3:6b:4e:25:27:10:4a:4f:7f:00:b6:d9:80:09:4a:4e:
4b:ae:82:f5:f4:73:56:74:16:d0:a0:a4:4e:24:a6:00:1f:88:
7a:bf:ac:cd:03:f5:c3:45:fc:e4:f0:12:bc:ea:e9:cc:60:56:
d1:87:61:af:1a:6d:8a:14:95:ee:38:1c:d2:2d:ee:59:fc:00:
f0:44:91:18:d2:fe:28:35:c7:f2:1f:65:44:e4:f8:29:81:1c:
b6:8c:77:5d:6a:d3:c8:f8:ae:eb:5e:8f:14:21:13:f1:c0:85:
c6:ea:63:2f:1b:b7:8c:03:9d:b8:c8:3a:6c:23:59:55:7b:32:
b7:2d:6e:a0:d9:95:da:93:3d:3c:07:e7:35:1d:23:46:22:8d:
39:34:27:59:c2:5e:ae:6e:12:7f:a7:db:a2:63:4f:51:5a:7c:
e6:e0:62:d0:e8:bf:5b:16:31:58:0b:c3:aa:2f:b8:d0:ba:86:
05:d3:87:48
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEOoQO1jANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg1
NDY4MzRlNjg4OTBmMzk4NmExYjA0NTdjZTBmNTRhZTAzYzJkNzZiMB4XDTIyMDEw
MTA0NTIwNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNGNhMDc3M2M5NDIz
MmRjZjNiMDM2Yjc4MzFiOTY4YTAzODUyOTY1MTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKil1FPIf7+93vvbUOh7i3XTSj3F7DHAUuEUCYa3Lhctle4P
IYZ+kJX+RrQDyQjmBSBHayrajzuP7LnX4oWv8HbZcgRAIY/xMsIrluxDcN6S/Ncw
D8nW1fg186Kc6J06HOLauFLRVvCsAWKSVfMFnXEtlB4dVB52NIYZqx5mPgksHNEL
8K1C+crTWfTud6ah4q9eIg1Jus/SG2jCO+PMYr/Mc2u5ebeIWSyGlFjfm7X4W82V
xkicKGo5ra7fyPneeQku/2ddMLH0vhtzVdB3Kt4gipydTvypykT9kI16hv4Xo4bl
FIZ2xkUHX2hMo4g+ujg2v01uQwNd1eWHIBorLlsCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRMoHc8lCMtzzsDa3gxuWigOFKWUTAfBgNVHSMEGDAWgBRUaDTmiJDzmGob
BFfOD1SuA8LXazAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1ZHZzA1b2lRODVocUd3Ulh6ZzlVcmdQQzEycy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNjkvNWYyZjBiLWZkODItNDRmYS1iNjM0LTUyNzY2YjI0YmFhNC8x
L1RLQjNQSlFqTGM4N0EydDRNYmxvb0RoU2xsRS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNjkv
NWYyZjBiLWZkODItNDRmYS1iNjM0LTUyNzY2YjI0YmFhNC8xL1ZHZzA1b2lRODVo
cUd3Ulh6ZzlVcmdQQzEycy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAsOIsDANBgkqhkiG9w0BAQsFAAOC
AQEAWMe/QOtmltzFI4l2912a3EvxFBJgqbbMCvKs7465xYY5B9Ib+LfpYBs0PIm5
CKvcuS00tDED1gNdLjmleKd2WyuM/48SkardE3rja04lJxBKT38AttmACUpOS66C
9fRzVnQW0KCkTiSmAB+Ier+szQP1w0X85PASvOrpzGBW0YdhrxptihSV7jgc0i3u
WfwA8ESRGNL+KDXH8h9lROT4KYEctox3XWrTyPiu616PFCET8cCFxupjLxu3jAOd
uMg6bCNZVXsyty1uoNmV2pM9PAfnNR0jRiKNOTQnWcJerm4Sf6fbomNPUVp85uBi
0Oi/WxYxWAvDqi+40LqGBdOHSA==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:01:02 2023 by rpki-client on console-ams.rpki-client.org