Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/a1f212-ba35-466b-b52e-3853d340c9a6/1/fOTSZqoF4tHEbnB3z5LAapFemk4.roa
File: fOTSZqoF4tHEbnB3z5LAapFemk4.roa (raw, json)
Hash identifier: whnIpMcsoIpWF6iEzr0uZxXT6zK7SPsuRHVn1E4Wb2s=
Subject key identifier: 7C:E4:D2:66:AA:05:E2:D1:C4:6E:70:77:CF:92:C0:6A:91:5E:9A:4E
Certificate issuer: /CN=ab4f00f5c3ab3df4c674a410d8a0f0182fb5e918
Certificate serial: 38236FA7
Authority key identifier: AB:4F:00:F5:C3:AB:3D:F4:C6:74:A4:10:D8:A0:F0:18:2F:B5:E9:18
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/q08A9cOrPfTGdKQQ2KDwGC-16Rg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ca/a1f212-ba35-466b-b52e-3853d340c9a6/1/fOTSZqoF4tHEbnB3z5LAapFemk4.roa
Signing time: Sat 01 Jan 2022 10:04:44 +0000
ROA not before: Sat 01 Jan 2022 10:04:44 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 204384
IP address blocks: 178.209.69.0/24 maxlen: 24
178.209.68.0/24 maxlen: 24
178.209.80.0/21 maxlen: 21
178.209.87.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 941846439 (0x38236fa7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab4f00f5c3ab3df4c674a410d8a0f0182fb5e918
Validity
Not Before: Jan 1 10:04:44 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=7ce4d266aa05e2d1c46e7077cf92c06a915e9a4e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:60:87:24:09:98:84:50:7a:bc:e4:72:0a:3d:
e8:0c:ee:4e:8b:3f:1e:7a:a3:39:76:f0:d2:c9:02:
8e:a3:83:17:1c:e3:43:96:f2:6c:55:d2:c4:73:fc:
8f:69:88:86:98:24:b6:6e:e1:57:09:f4:e7:d4:24:
33:fa:41:d9:a3:d4:07:61:fd:e4:3d:52:bf:b3:26:
ae:79:af:b9:72:90:43:5a:cb:b1:d0:7c:64:d5:4a:
45:07:fc:7d:49:71:cd:61:62:70:40:6f:97:24:44:
42:15:92:c5:c5:be:e5:53:7e:7c:05:29:36:1b:ac:
6f:aa:9f:fb:d5:33:c8:12:7f:47:b8:d5:7d:a3:dc:
96:aa:5f:fb:d5:da:42:fd:f8:b6:dc:0f:a5:66:0e:
fb:e7:39:6a:af:d4:ad:0f:61:29:4b:4c:b2:34:7b:
76:a7:d9:a6:b5:69:93:86:66:21:49:f6:f5:28:78:
6b:59:1d:e9:19:b1:d0:eb:88:3a:77:51:d4:18:01:
a7:d5:e4:27:4c:b6:dc:b2:94:40:73:96:23:b3:bc:
28:30:1f:73:d0:01:23:7d:48:63:8c:38:82:7e:c7:
0c:00:81:68:e6:9d:85:65:81:87:b0:8e:6f:78:1a:
62:d9:13:c2:ae:ae:93:e1:c3:d0:d5:cd:c1:43:04:
47:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7C:E4:D2:66:AA:05:E2:D1:C4:6E:70:77:CF:92:C0:6A:91:5E:9A:4E
X509v3 Authority Key Identifier:
keyid:AB:4F:00:F5:C3:AB:3D:F4:C6:74:A4:10:D8:A0:F0:18:2F:B5:E9:18
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/q08A9cOrPfTGdKQQ2KDwGC-16Rg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/a1f212-ba35-466b-b52e-3853d340c9a6/1/fOTSZqoF4tHEbnB3z5LAapFemk4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/a1f212-ba35-466b-b52e-3853d340c9a6/1/q08A9cOrPfTGdKQQ2KDwGC-16Rg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.209.68.0/23
178.209.80.0/21
Signature Algorithm: sha256WithRSAEncryption
70:17:ed:b2:4e:b6:37:c7:2e:ba:09:91:84:c6:23:de:d9:59:
dc:24:74:de:8b:1b:e2:a7:d0:4d:8c:10:bd:20:87:26:fd:74:
20:fc:4b:df:17:6e:e2:10:6a:18:02:a3:7b:55:ae:86:8e:e1:
25:c2:a5:0e:50:ae:f2:47:2b:90:98:eb:6b:d5:80:3e:cb:72:
79:4f:01:9d:34:f3:18:c9:03:36:f8:2b:b6:19:09:33:3f:7e:
9c:8b:38:8f:a5:c5:85:0d:f9:9b:93:51:4c:68:15:06:62:19:
27:48:1e:53:0b:4b:e1:01:14:7c:6d:dd:c7:0a:cd:8c:96:30:
0a:7e:7d:a9:66:03:a8:d0:aa:ed:d2:9f:00:5b:4c:18:49:4a:
9e:e0:6e:96:81:cd:28:a6:04:eb:53:f6:48:ed:9a:62:80:6a:
ea:f8:39:4a:5e:61:46:d6:7c:4b:40:64:fa:cf:38:a0:aa:51:
56:e7:4c:91:28:a1:2e:6f:4d:b5:24:29:47:84:c2:b2:5f:b5:
27:68:a5:36:ac:3a:d2:fe:f4:05:54:77:db:f8:a2:c4:59:3a:
f4:2b:e3:7f:9f:12:92:93:b3:5f:b5:32:b2:74:a4:ee:7d:e4:
12:69:1f:80:8a:0b:2b:6a:35:33:0e:91:c6:89:2a:81:b9:6a:
ca:c9:76:cf
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIEOCNvpzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
YjRmMDBmNWMzYWIzZGY0YzY3NGE0MTBkOGEwZjAxODJmYjVlOTE4MB4XDTIyMDEw
MTEwMDQ0NFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoN2NlNGQyNjZhYTA1
ZTJkMWM0NmU3MDc3Y2Y5MmMwNmE5MTVlOWE0ZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANpghyQJmIRQerzkcgo96AzuTos/HnqjOXbw0skCjqODFxzj
Q5bybFXSxHP8j2mIhpgktm7hVwn059QkM/pB2aPUB2H95D1Sv7MmrnmvuXKQQ1rL
sdB8ZNVKRQf8fUlxzWFicEBvlyREQhWSxcW+5VN+fAUpNhusb6qf+9UzyBJ/R7jV
faPclqpf+9XaQv34ttwPpWYO++c5aq/UrQ9hKUtMsjR7dqfZprVpk4ZmIUn29Sh4
a1kd6Rmx0OuIOndR1BgBp9XkJ0y23LKUQHOWI7O8KDAfc9ABI31IY4w4gn7HDACB
aOadhWWBh7COb3gaYtkTwq6uk+HD0NXNwUMER6ECAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBR85NJmqgXi0cRucHfPksBqkV6aTjAfBgNVHSMEGDAWgBSrTwD1w6s99MZ0
pBDYoPAYL7XpGDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3EwOEE5Y09yUGZUR2RLUVEyS0R3R0MtMTZSZy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvY2EvYTFmMjEyLWJhMzUtNDY2Yi1iNTJlLTM4NTNkMzQwYzlhNi8x
L2ZPVFNacW9GNHRIRWJuQjN6NUxBYXBGZW1rNC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvY2Ev
YTFmMjEyLWJhMzUtNDY2Yi1iNTJlLTM4NTNkMzQwYzlhNi8xL3EwOEE5Y09yUGZU
R2RLUVEyS0R3R0MtMTZSZy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEAbLRRAMEA7LRUDANBgkqhkiG9w0B
AQsFAAOCAQEAcBftsk62N8cuugmRhMYj3tlZ3CR03osb4qfQTYwQvSCHJv10IPxL
3xdu4hBqGAKje1Wuho7hJcKlDlCu8kcrkJjra9WAPstyeU8BnTTzGMkDNvgrthkJ
Mz9+nIs4j6XFhQ35m5NRTGgVBmIZJ0geUwtL4QEUfG3dxwrNjJYwCn59qWYDqNCq
7dKfAFtMGElKnuBuloHNKKYE61P2SO2aYoBq6vg5Sl5hRtZ8S0Bk+s84oKpRVudM
kSihLm9NtSQpR4TCsl+1J2ilNqw60v70BVR32/iixFk69Cvjf58SkpOzX7UysnSk
7n3kEmkfgIoLK2o1Mw6Rxokqgblqysl2zw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:53:57 2024 by rpki-client on console-fra.rpki-client.org