Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/1f6458-dc75-4add-ae72-91e3184bb0ab/1/TFOk824uET3dcPENQO7woCWGoJE.roa
File: TFOk824uET3dcPENQO7woCWGoJE.roa (raw, json)
Hash identifier: oQgStyexloCXa8p8Mq6UtvtfWEJl4kKFXQJQFArXpD8=
Subject key identifier: 4C:53:A4:F3:6E:2E:11:3D:DD:70:F1:0D:40:EE:F0:A0:25:86:A0:91
Certificate issuer: /CN=1aca63df248b7adf3ddd07e8c2d3eedd02cef933
Certificate serial: 3A0A008D
Authority key identifier: 1A:CA:63:DF:24:8B:7A:DF:3D:DD:07:E8:C2:D3:EE:DD:02:CE:F9:33
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Gspj3ySLet893QfowtPu3QLO-TM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/1f6458-dc75-4add-ae72-91e3184bb0ab/1/TFOk824uET3dcPENQO7woCWGoJE.roa
Signing time: Sat 01 Jan 2022 14:00:42 +0000
ROA not before: Sat 01 Jan 2022 14:00:42 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 202389
IP address blocks: 78.133.212.0/24 maxlen: 24
78.133.212.0/23 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 973734029 (0x3a0a008d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1aca63df248b7adf3ddd07e8c2d3eedd02cef933
Validity
Not Before: Jan 1 14:00:42 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=4c53a4f36e2e113ddd70f10d40eef0a02586a091
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:be:7d:15:36:a4:d9:5c:38:91:77:c1:01:b0:
ef:15:0e:4a:d9:74:b2:19:a1:3d:20:23:2f:64:4b:
6e:ae:5b:26:21:22:fa:f8:16:4a:f9:66:a0:59:77:
9a:f2:8c:5d:0d:e5:34:06:c2:2a:75:aa:94:d2:d9:
05:3e:73:fd:88:ab:f5:f8:30:45:da:64:f7:33:c3:
83:f6:3a:bb:e5:73:74:a8:6c:cd:2d:81:ce:8c:b9:
99:80:7e:73:e0:ef:0b:8c:f5:60:ad:e6:91:d4:5f:
21:cd:9b:01:da:12:e9:5a:c6:26:be:10:7c:10:7b:
93:2c:6f:bb:1e:64:b5:e0:fe:34:ee:fe:52:43:e6:
37:43:40:e5:a1:bc:46:5d:55:3f:1b:53:f5:2f:30:
c5:f3:4c:7d:df:2c:34:41:f4:3e:7f:7c:1e:7c:fb:
90:f4:83:36:1e:9d:5b:db:57:c0:70:87:16:2a:73:
24:7b:35:e3:e9:61:12:1f:12:7a:92:a3:ab:87:b1:
68:18:2b:b7:15:11:51:a8:4e:bb:34:26:39:06:36:
51:b7:d4:ec:6d:12:33:9d:d1:df:94:e6:0b:b3:66:
7a:1d:87:0a:5d:39:b0:13:ca:2f:af:ca:73:df:66:
20:25:6e:04:aa:ee:bc:2f:2e:e7:b6:23:b6:c6:23:
6a:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:53:A4:F3:6E:2E:11:3D:DD:70:F1:0D:40:EE:F0:A0:25:86:A0:91
X509v3 Authority Key Identifier:
keyid:1A:CA:63:DF:24:8B:7A:DF:3D:DD:07:E8:C2:D3:EE:DD:02:CE:F9:33
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Gspj3ySLet893QfowtPu3QLO-TM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/1f6458-dc75-4add-ae72-91e3184bb0ab/1/TFOk824uET3dcPENQO7woCWGoJE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/be/1f6458-dc75-4add-ae72-91e3184bb0ab/1/Gspj3ySLet893QfowtPu3QLO-TM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.133.212.0/23
Signature Algorithm: sha256WithRSAEncryption
97:ba:11:0f:f0:79:08:43:22:79:86:f4:df:ea:5b:e5:95:ca:
1f:12:be:ef:dc:75:94:5e:84:8d:d5:ac:6d:1c:bf:3f:72:f0:
13:7d:41:ac:cf:72:ed:00:03:5c:7c:6b:72:12:7b:14:f5:2f:
9a:27:9a:b8:1e:1d:64:60:77:92:a7:17:e4:82:00:d0:e9:01:
fc:de:bb:cc:af:3a:20:1c:29:2f:1e:e7:0a:e6:c2:08:fd:3f:
82:ff:73:21:e6:60:d3:f1:e1:65:57:03:e4:db:9d:aa:1d:92:
50:8c:fe:d5:35:66:7f:e3:32:88:62:a6:3f:d1:f2:99:f8:8b:
a5:bd:b8:ef:ef:bf:e2:c0:e6:cd:71:12:62:05:8a:7d:8c:92:
e8:99:af:f5:cb:db:0a:96:92:23:c5:c0:d3:4b:36:98:df:b6:
14:d6:c0:94:33:1b:eb:16:fe:b1:13:6c:16:e0:80:5f:da:4d:
f7:7c:05:52:f2:f6:83:ed:64:a5:9c:7c:30:3a:3a:91:0f:63:
a3:a8:77:ed:26:0b:23:9a:ec:a8:99:9b:d1:a9:11:2b:51:25:
e7:a9:c5:6b:62:41:0d:95:6e:e0:fd:41:d1:e0:59:d1:0f:f6:
e1:cc:2f:be:a9:af:d5:66:02:57:64:44:fc:11:27:db:89:ac:
45:a1:8c:89
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEOgoAjTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
YWNhNjNkZjI0OGI3YWRmM2RkZDA3ZThjMmQzZWVkZDAyY2VmOTMzMB4XDTIyMDEw
MTE0MDA0MloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNGM1M2E0ZjM2ZTJl
MTEzZGRkNzBmMTBkNDBlZWYwYTAyNTg2YTA5MTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJK+fRU2pNlcOJF3wQGw7xUOStl0shmhPSAjL2RLbq5bJiEi
+vgWSvlmoFl3mvKMXQ3lNAbCKnWqlNLZBT5z/Yir9fgwRdpk9zPDg/Y6u+VzdKhs
zS2Bzoy5mYB+c+DvC4z1YK3mkdRfIc2bAdoS6VrGJr4QfBB7kyxvux5kteD+NO7+
UkPmN0NA5aG8Rl1VPxtT9S8wxfNMfd8sNEH0Pn98Hnz7kPSDNh6dW9tXwHCHFipz
JHs14+lhEh8SepKjq4exaBgrtxURUahOuzQmOQY2UbfU7G0SM53R35TmC7Nmeh2H
Cl05sBPKL6/Kc99mICVuBKruvC8u57YjtsYjatcCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRMU6Tzbi4RPd1w8Q1A7vCgJYagkTAfBgNVHSMEGDAWgBQaymPfJIt63z3d
B+jC0+7dAs75MzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0dzcGozeVNMZXQ4OTNRZm93dFB1M1FMTy1UTS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYmUvMWY2NDU4LWRjNzUtNGFkZC1hZTcyLTkxZTMxODRiYjBhYi8x
L1RGT2s4MjR1RVQzZGNQRU5RTzd3b0NXR29KRS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYmUv
MWY2NDU4LWRjNzUtNGFkZC1hZTcyLTkxZTMxODRiYjBhYi8xL0dzcGozeVNMZXQ4
OTNRZm93dFB1M1FMTy1UTS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAU6F1DANBgkqhkiG9w0BAQsFAAOC
AQEAl7oRD/B5CEMieYb03+pb5ZXKHxK+79x1lF6EjdWsbRy/P3LwE31BrM9y7QAD
XHxrchJ7FPUvmieauB4dZGB3kqcX5IIA0OkB/N67zK86IBwpLx7nCubCCP0/gv9z
IeZg0/HhZVcD5Nudqh2SUIz+1TVmf+MyiGKmP9HymfiLpb247++/4sDmzXESYgWK
fYyS6Jmv9cvbCpaSI8XA00s2mN+2FNbAlDMb6xb+sRNsFuCAX9pN93wFUvL2g+1k
pZx8MDo6kQ9jo6h37SYLI5rsqJmb0akRK1El56nFa2JBDZVu4P1B0eBZ0Q/24cwv
vqmv1WYCV2RE/BEn24msRaGMiQ==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:03:09 2023 by rpki-client on console-fra.rpki-client.org