Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/tl3o2_QXtpNcvzHvbjwdGeQAF9U.roa
File: tl3o2_QXtpNcvzHvbjwdGeQAF9U.roa (raw, json)
Hash identifier: Ba1fpL5W3wqZt/9j9ONXMRtpDt/nItA9jkmUcaXZlAk=
Subject key identifier: B6:5D:E8:DB:F4:17:B6:93:5C:BF:31:EF:6E:3C:1D:19:E4:00:17:D5
Certificate issuer: /CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Certificate serial: 018494904F8330A6D4EF1F82706FD3146E5E
Authority key identifier: 86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/tl3o2_QXtpNcvzHvbjwdGeQAF9U.roa
Signing time: Sun 20 Nov 2022 10:23:16 +0000
ROA not before: Sun 20 Nov 2022 10:23:16 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 7018
IP address blocks: 185.86.142.0/23 maxlen: 24
185.86.140.0/23 maxlen: 24
37.218.216.0/21 maxlen: 24
188.215.124.0/22 maxlen: 24
89.46.180.0/22 maxlen: 24
130.255.64.0/22 maxlen: 24
130.255.68.0/22 maxlen: 24
31.186.180.0/22 maxlen: 24
46.20.210.0/23 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:94:90:4f:83:30:a6:d4:ef:1f:82:70:6f:d3:14:6e:5e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Validity
Not Before: Nov 20 10:23:16 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=b65de8dbf417b6935cbf31ef6e3c1d19e40017d5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:7e:34:0e:6f:0e:29:f4:50:63:18:70:18:07:
48:18:69:48:12:6a:ba:80:ee:f2:8b:03:a9:68:73:
8b:d4:7a:bf:83:a3:db:bb:44:1d:39:10:b4:7e:a7:
05:de:82:69:12:e5:e8:48:eb:2f:6e:c4:cb:19:d4:
5a:1a:2e:4c:2d:a0:1a:3f:7e:1d:f0:c9:7f:7f:a7:
59:f9:ac:c1:b6:a2:cc:e9:c1:98:4b:bf:ff:45:e5:
6b:b1:69:8f:1e:aa:f3:72:5c:50:f7:ac:14:fb:8b:
14:74:37:d7:24:67:7b:94:83:69:a1:73:b0:43:8f:
9a:cf:9e:3a:55:51:8c:ae:79:af:16:06:3b:ce:4c:
bd:fa:90:f2:c7:ee:1b:19:97:f7:b5:03:9f:ee:69:
5f:57:63:77:00:9b:fc:46:f8:ae:b2:00:cf:79:cf:
4b:5a:9c:24:3f:3d:3c:e7:88:37:4e:72:57:83:19:
a7:31:6c:c1:71:a8:f3:46:9c:10:24:c2:96:2d:a5:
c3:4f:d8:34:0f:26:85:c2:4d:11:e7:35:d4:53:53:
ff:f5:3b:8f:46:01:39:ad:22:c0:6c:29:cb:ec:58:
d6:a5:3c:5a:a5:63:9e:27:c2:02:2a:e2:ee:f7:19:
e9:c2:aa:db:7c:86:88:ad:be:7c:09:24:db:40:3a:
25:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:5D:E8:DB:F4:17:B6:93:5C:BF:31:EF:6E:3C:1D:19:E4:00:17:D5
X509v3 Authority Key Identifier:
keyid:86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/tl3o2_QXtpNcvzHvbjwdGeQAF9U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/hszgbnDflw2Qq_48vn-ogvRnseQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.186.180.0/22
37.218.216.0/21
46.20.210.0/23
89.46.180.0/22
130.255.64.0/21
185.86.140.0/22
188.215.124.0/22
Signature Algorithm: sha256WithRSAEncryption
95:f5:20:49:fa:ba:bd:aa:2f:0a:6c:33:50:1f:d5:73:28:c5:
5e:19:13:a4:5d:5e:c8:81:9e:01:ac:4b:ae:ba:81:bd:2f:3d:
18:8c:50:11:12:80:99:39:34:c2:eb:7e:6a:32:69:08:92:aa:
74:4e:ed:41:3d:d5:9d:90:88:c5:59:11:9f:55:ad:47:cb:7d:
61:27:90:96:37:77:a6:2f:69:64:aa:01:09:a1:0f:0d:3b:71:
f8:13:e2:f1:18:bd:5f:7e:36:e3:4b:9d:e1:7e:3b:87:f1:fa:
c2:ec:26:33:36:f2:d6:8a:8b:5c:4b:03:ed:6f:72:36:63:38:
de:9a:cd:ae:32:a0:67:74:96:0f:81:f5:88:66:e4:07:83:e8:
45:93:02:39:0f:c4:77:9c:e6:7c:e7:c9:4b:ac:ad:e6:7e:e1:
06:07:8b:0b:c1:3d:fc:13:8f:dc:df:c6:30:28:f7:94:ad:7c:
bc:f5:23:80:76:b8:fe:f3:7b:80:66:e9:73:e3:7d:65:b9:f8:
cc:80:83:6f:ae:a0:00:04:4f:d7:64:78:f5:87:96:a1:2e:64:
78:75:5b:ce:c0:86:c7:a3:5d:5f:d5:21:66:15:b4:99:26:b8:
78:10:13:92:62:d7:d5:c8:a9:f5:b9:48:4f:d7:75:a6:46:89:
19:f0:9f:e5
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAYSUkE+DMKbU7x+CcG/TFG5eMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2Y2NlMDZlNzBkZjk3MGQ5MGFiZmUzY2JlN2ZhODgyZjQ2
N2IxZTQwHhcNMjIxMTIwMTAyMzE2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNjVkZThkYmY0MTdiNjkzNWNiZjMxZWY2ZTNjMWQxOWU0MDAxN2Q1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqX40Dm8OKfRQYxhwGAdIGGlIEmq6
gO7yiwOpaHOL1Hq/g6Pbu0QdORC0fqcF3oJpEuXoSOsvbsTLGdRaGi5MLaAaP34d
8Ml/f6dZ+azBtqLM6cGYS7//ReVrsWmPHqrzclxQ96wU+4sUdDfXJGd7lINpoXOw
Q4+az546VVGMrnmvFgY7zky9+pDyx+4bGZf3tQOf7mlfV2N3AJv8RviusgDPec9L
WpwkPz0854g3TnJXgxmnMWzBcajzRpwQJMKWLaXDT9g0DyaFwk0R5zXUU1P/9TuP
RgE5rSLAbCnL7FjWpTxapWOeJ8ICKuLu9xnpwqrbfIaIrb58CSTbQDol5wIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFLZd6Nv0F7aTXL8x7248HRnkABfVMB8GA1UdIwQY
MBaAFIbM4G5w35cNkKv+PL5/qIL0Z7HkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2Ut
ODk3MTRhN2U4ZDU4LzEvdGwzbzJfUVh0cE5jdnpIdmJqd2RHZVFBRjlVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2UtODk3MTRhN2U4ZDU4
LzEvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQCH7q0AwQD
JdrYAwQBLhTSAwQCWS60AwQDgv9AAwQCuVaMAwQCvNd8MA0GCSqGSIb3DQEBCwUA
A4IBAQCV9SBJ+rq9qi8KbDNQH9VzKMVeGROkXV7IgZ4BrEuuuoG9Lz0YjFAREoCZ
OTTC635qMmkIkqp0Tu1BPdWdkIjFWRGfVa1Hy31hJ5CWN3emL2lkqgEJoQ8NO3H4
E+LxGL1ffjbjS53hfjuH8frC7CYzNvLWiotcSwPtb3I2Yzjems2uMqBndJYPgfWI
ZuQHg+hFkwI5D8R3nOZ858lLrK3mfuEGB4sLwT38E4/c38YwKPeUrXy89SOAdrj+
83uAZulz431lufjMgINvrqAABE/XZHj1h5ahLmR4dVvOwIbHo11f1SFmFbSZJrh4
EBOSYtfVyKn1uUhP13WmRokZ8J/l
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:35:39 2024 by rpki-client on console-fra.rpki-client.org