Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/a1f212-ba35-466b-b52e-3853d340c9a6/1/TlOZACREtAfZjG0DNa7shazWo1Q.roa
File: TlOZACREtAfZjG0DNa7shazWo1Q.roa (raw, json)
Hash identifier: 0v8oXMYisBi59cUcY7r3n0c6K7DcTVAVbxEgAlF8LCo=
Subject key identifier: 4E:53:99:00:24:44:B4:07:D9:8C:6D:03:35:AE:EC:85:AC:D6:A3:54
Certificate issuer: /CN=ab4f00f5c3ab3df4c674a410d8a0f0182fb5e918
Certificate serial: 38EA6668
Authority key identifier: AB:4F:00:F5:C3:AB:3D:F4:C6:74:A4:10:D8:A0:F0:18:2F:B5:E9:18
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/q08A9cOrPfTGdKQQ2KDwGC-16Rg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ca/a1f212-ba35-466b-b52e-3853d340c9a6/1/TlOZACREtAfZjG0DNa7shazWo1Q.roa
Signing time: Wed 23 Mar 2022 14:10:39 +0000
ROA not before: Wed 23 Mar 2022 14:10:39 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 43554
IP address blocks: 178.209.64.0/22 maxlen: 22
178.209.69.0/24 maxlen: 24
178.209.70.0/23 maxlen: 23
178.209.76.0/22 maxlen: 22
178.209.72.0/22 maxlen: 22
178.209.80.0/21 maxlen: 21
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 954885736 (0x38ea6668)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab4f00f5c3ab3df4c674a410d8a0f0182fb5e918
Validity
Not Before: Mar 23 14:10:39 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=4e5399002444b407d98c6d0335aeec85acd6a354
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:32:18:9f:20:69:45:40:0f:bf:a7:13:6d:f1:
d6:ae:5e:e5:89:63:8e:ed:32:70:36:1c:8b:85:71:
08:c3:b5:b1:54:b4:1a:dc:f4:1b:10:8d:f6:40:d5:
bf:38:5a:36:13:55:6f:dd:7b:e6:78:61:87:3c:f7:
12:f5:e2:53:40:ad:4e:ee:03:63:12:f1:81:fb:c5:
ae:be:81:b4:5c:97:d8:c5:ce:c7:ea:2d:8c:72:00:
d7:df:4b:2e:53:96:2a:80:eb:9c:6c:78:10:de:94:
57:83:ca:6d:fa:43:b5:b7:c8:db:b1:a0:be:2b:7f:
b7:62:9b:7c:8f:07:50:75:05:21:55:dd:cb:d0:74:
20:34:b0:e6:5e:3e:3a:99:93:34:e5:2e:8e:41:b5:
cc:24:4f:a7:4f:05:62:99:47:ef:03:bc:6a:18:25:
47:d2:fe:df:16:c0:99:36:aa:a8:7b:27:c5:1b:d9:
3b:a7:f1:1c:fd:67:e6:7c:3b:10:a0:e5:62:cd:5f:
9a:2d:41:dc:4e:9a:a4:1e:af:8d:33:1d:26:2c:ab:
cd:58:3f:c0:36:4e:dd:42:19:65:9f:81:fd:01:54:
0c:b3:61:32:67:ae:ea:cb:bc:74:88:6b:d5:d9:4f:
e2:81:7c:ac:d4:60:b7:14:1a:1b:94:13:92:21:da:
72:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:53:99:00:24:44:B4:07:D9:8C:6D:03:35:AE:EC:85:AC:D6:A3:54
X509v3 Authority Key Identifier:
keyid:AB:4F:00:F5:C3:AB:3D:F4:C6:74:A4:10:D8:A0:F0:18:2F:B5:E9:18
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/q08A9cOrPfTGdKQQ2KDwGC-16Rg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/a1f212-ba35-466b-b52e-3853d340c9a6/1/TlOZACREtAfZjG0DNa7shazWo1Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/a1f212-ba35-466b-b52e-3853d340c9a6/1/q08A9cOrPfTGdKQQ2KDwGC-16Rg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.209.64.0/22
178.209.69.0-178.209.87.255
Signature Algorithm: sha256WithRSAEncryption
10:04:c5:82:bb:15:16:e9:6d:fa:b4:8e:b3:d7:ab:f4:8e:f3:
d1:33:6f:64:48:94:50:0b:11:16:d0:09:4d:04:1c:6b:dd:a5:
ff:b7:fe:70:27:0d:6e:ef:2e:4d:5b:a8:36:83:77:84:3b:4f:
e3:48:d8:3c:16:dd:5d:f5:58:81:26:c2:fa:b7:0c:db:8e:67:
52:90:99:9e:1d:61:d8:6b:54:45:49:31:04:ce:48:be:bb:8e:
7d:fe:ec:d8:d8:10:7e:ea:09:77:ba:26:93:d3:dd:75:73:9e:
56:f3:64:d5:e7:14:1c:ab:a5:bc:2a:c8:40:1e:c6:58:98:f4:
0f:c3:4c:a5:7c:b6:0a:50:12:a7:0b:78:dd:1e:bd:c3:af:7d:
d7:65:4a:b3:d4:37:e0:3d:ef:b9:8e:4a:f7:0e:49:e2:a4:15:
16:c0:13:96:85:5a:0c:5d:59:7e:ee:a8:26:2e:38:ed:b5:94:
f7:73:ac:55:e7:0b:0c:c8:fd:b8:9d:e7:12:c6:27:7c:3d:f8:
9d:01:3f:eb:63:12:c5:e0:c7:c4:fe:8f:c5:b4:fc:dd:0e:ba:
7f:0a:40:8a:5f:c4:ff:56:8c:20:af:d3:01:97:0d:5a:c8:63:
c7:3e:8e:65:e2:cc:e2:cc:64:6d:ae:62:08:08:3a:51:80:2f:
0d:70:b9:1b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgIEOOpmaDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
YjRmMDBmNWMzYWIzZGY0YzY3NGE0MTBkOGEwZjAxODJmYjVlOTE4MB4XDTIyMDMy
MzE0MTAzOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNGU1Mzk5MDAyNDQ0
YjQwN2Q5OGM2ZDAzMzVhZWVjODVhY2Q2YTM1NDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALEyGJ8gaUVAD7+nE23x1q5e5Yljju0ycDYci4VxCMO1sVS0
Gtz0GxCN9kDVvzhaNhNVb9175nhhhzz3EvXiU0CtTu4DYxLxgfvFrr6BtFyX2MXO
x+otjHIA199LLlOWKoDrnGx4EN6UV4PKbfpDtbfI27Ggvit/t2KbfI8HUHUFIVXd
y9B0IDSw5l4+OpmTNOUujkG1zCRPp08FYplH7wO8ahglR9L+3xbAmTaqqHsnxRvZ
O6fxHP1n5nw7EKDlYs1fmi1B3E6apB6vjTMdJiyrzVg/wDZO3UIZZZ+B/QFUDLNh
Mmeu6su8dIhr1dlP4oF8rNRgtxQaG5QTkiHaciMCAwEAAaOCAhcwggITMB0GA1Ud
DgQWBBROU5kAJES0B9mMbQM1ruyFrNajVDAfBgNVHSMEGDAWgBSrTwD1w6s99MZ0
pBDYoPAYL7XpGDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3EwOEE5Y09yUGZUR2RLUVEyS0R3R0MtMTZSZy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvY2EvYTFmMjEyLWJhMzUtNDY2Yi1iNTJlLTM4NTNkMzQwYzlhNi8x
L1RsT1pBQ1JFdEFmWmpHMEROYTdzaGF6V28xUS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvY2Ev
YTFmMjEyLWJhMzUtNDY2Yi1iNTJlLTM4NTNkMzQwYzlhNi8xL3EwOEE5Y09yUGZU
R2RLUVEyS0R3R0MtMTZSZy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAt
BggrBgEFBQcBBwEB/wQeMBwwGgQCAAEwFAMEArLRQDAMAwQAstFFAwQDstFQMA0G
CSqGSIb3DQEBCwUAA4IBAQAQBMWCuxUW6W36tI6z16v0jvPRM29kSJRQCxEW0AlN
BBxr3aX/t/5wJw1u7y5NW6g2g3eEO0/jSNg8Ft1d9ViBJsL6twzbjmdSkJmeHWHY
a1RFSTEEzki+u459/uzY2BB+6gl3uiaT0911c55W82TV5xQcq6W8KshAHsZYmPQP
w0ylfLYKUBKnC3jdHr3Dr33XZUqz1DfgPe+5jkr3DknipBUWwBOWhVoMXVl+7qgm
LjjttZT3c6xV5wsMyP24necSxid8PfidAT/rYxLF4MfE/o/FtPzdDrp/CkCKX8T/
Vowgr9MBlw1ayGPHPo5l4szizGRtrmIICDpRgC8NcLkb
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:44:20 2024 by rpki-client on console-ams.rpki-client.org