Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/72/fe915c-bf70-4602-8a3c-0292b020150a/1/CMqdjVL7x3j0u_m9noqoyLfBOTw.roa
File: CMqdjVL7x3j0u_m9noqoyLfBOTw.roa (raw, json)
Hash identifier: 799v0yzk1iyNbrN4rtUzx3chLh3Obu0hqxeNSSHaZ80=
Subject key identifier: 08:CA:9D:8D:52:FB:C7:78:F4:BB:F9:BD:9E:8A:A8:C8:B7:C1:39:3C
Certificate issuer: /CN=a0ef5fbbfca7a93cfee965eeb6bdee6fb43c403e
Certificate serial: 018200F19AF38E3AF61C5C013257067F18FE
Authority key identifier: A0:EF:5F:BB:FC:A7:A9:3C:FE:E9:65:EE:B6:BD:EE:6F:B4:3C:40:3E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oO9fu_ynqTz-6WXutr3ub7Q8QD4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/72/fe915c-bf70-4602-8a3c-0292b020150a/1/CMqdjVL7x3j0u_m9noqoyLfBOTw.roa
Signing time: Fri 15 Jul 2022 08:20:09 +0000
ROA not before: Fri 15 Jul 2022 08:20:09 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 43698
IP address blocks: 78.159.0.0/19 maxlen: 19
82.151.0.0/19 maxlen: 19
95.168.0.0/19 maxlen: 19
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:00:f1:9a:f3:8e:3a:f6:1c:5c:01:32:57:06:7f:18:fe
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a0ef5fbbfca7a93cfee965eeb6bdee6fb43c403e
Validity
Not Before: Jul 15 08:20:09 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=08ca9d8d52fbc778f4bbf9bd9e8aa8c8b7c1393c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:c6:41:4e:67:b5:c7:75:2f:97:cf:0d:e1:5e:
dd:bd:37:b5:2d:3c:04:17:70:3b:df:e2:95:5c:a2:
2f:ce:01:bc:ed:cf:29:e8:22:73:b0:fe:b3:7c:63:
f0:5a:69:f0:23:67:e2:83:79:84:49:21:dc:5e:6f:
3e:1b:3f:a6:fd:2c:44:9c:b7:53:1f:6a:db:3b:cf:
35:6f:54:a9:0e:51:0f:1e:af:bd:fb:da:19:af:22:
b3:c9:3f:f6:b7:f4:c8:67:37:99:27:64:32:bd:14:
b7:1c:b6:af:3c:eb:3f:7c:53:c2:29:3b:d1:7f:c5:
98:c1:b8:37:d8:cb:d0:d2:19:04:2e:9e:2d:c4:61:
2a:dc:f2:6d:95:59:65:1b:13:ea:c2:3b:21:1a:0c:
8d:21:de:17:29:b8:01:15:1e:8d:8b:e9:cf:6e:4d:
94:2e:09:5f:fb:ab:93:4c:34:fc:85:e8:53:18:35:
13:90:58:1d:cc:0f:09:6d:4c:5b:34:2e:66:5b:e2:
49:56:76:8b:73:56:a3:60:fe:e9:4a:bf:64:8f:c8:
72:79:46:37:60:93:fb:db:35:85:6c:7c:51:5e:c7:
72:7d:d4:e1:0a:8b:2d:5a:ca:8e:3f:f0:f6:f7:0c:
9d:82:46:c2:04:3c:86:95:9a:8f:47:a3:5f:08:5b:
2a:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:CA:9D:8D:52:FB:C7:78:F4:BB:F9:BD:9E:8A:A8:C8:B7:C1:39:3C
X509v3 Authority Key Identifier:
keyid:A0:EF:5F:BB:FC:A7:A9:3C:FE:E9:65:EE:B6:BD:EE:6F:B4:3C:40:3E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oO9fu_ynqTz-6WXutr3ub7Q8QD4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/72/fe915c-bf70-4602-8a3c-0292b020150a/1/CMqdjVL7x3j0u_m9noqoyLfBOTw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/72/fe915c-bf70-4602-8a3c-0292b020150a/1/oO9fu_ynqTz-6WXutr3ub7Q8QD4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.159.0.0/19
82.151.0.0/19
95.168.0.0/19
Signature Algorithm: sha256WithRSAEncryption
2c:9e:59:e2:a7:ef:ba:1d:ae:74:4a:52:8c:5a:c7:26:9d:d8:
5b:5a:15:03:ab:09:f2:cd:d0:8d:d7:c3:02:f3:dd:38:d1:8a:
15:f6:e6:cc:0e:f3:02:55:ca:c3:03:08:0e:55:af:bd:83:f8:
d9:6e:79:f1:fc:e6:c1:23:34:63:ec:d8:74:fe:8d:fa:2a:66:
2a:e9:ef:00:7e:1e:ef:bc:3f:c9:ee:ac:ae:74:ab:86:d9:50:
93:e1:f3:5c:36:e4:a3:77:44:7c:68:44:24:3d:6c:d8:42:90:
fd:37:45:8e:3f:a1:9e:4e:de:b2:58:fb:6a:de:58:bc:00:71:
50:62:39:46:49:8a:ab:d1:81:1e:bb:75:79:28:6e:b2:67:37:
22:1d:47:63:e7:dc:ed:31:cc:55:15:58:0d:b0:e9:01:da:10:
20:ff:13:7b:4d:2b:f8:b1:ed:70:75:86:ef:82:0a:b1:d8:52:
c0:3c:97:15:05:d1:ca:d0:97:f6:2c:7d:62:9c:1f:64:6f:bf:
5b:2f:37:bd:b7:4d:72:f8:e3:1f:54:3a:25:fe:8d:17:d1:0a:
b6:80:59:4e:da:63:46:b6:94:e3:bd:e2:34:35:78:ef:0d:ce:
38:57:22:6a:38:83:59:24:96:3a:03:a7:c4:57:87:7f:45:1d:
ed:6f:cc:07
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYIA8Zrzjjr2HFwBMlcGfxj+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEwZWY1ZmJiZmNhN2E5M2NmZWU5NjVlZWI2YmRlZTZmYjQz
YzQwM2UwHhcNMjIwNzE1MDgyMDA5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOGNhOWQ4ZDUyZmJjNzc4ZjRiYmY5YmQ5ZThhYThjOGI3YzEzOTNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAisZBTme1x3Uvl88N4V7dvTe1LTwE
F3A73+KVXKIvzgG87c8p6CJzsP6zfGPwWmnwI2fig3mESSHcXm8+Gz+m/SxEnLdT
H2rbO881b1SpDlEPHq+9+9oZryKzyT/2t/TIZzeZJ2QyvRS3HLavPOs/fFPCKTvR
f8WYwbg32MvQ0hkELp4txGEq3PJtlVllGxPqwjshGgyNId4XKbgBFR6Ni+nPbk2U
Lglf+6uTTDT8hehTGDUTkFgdzA8JbUxbNC5mW+JJVnaLc1ajYP7pSr9kj8hyeUY3
YJP72zWFbHxRXsdyfdThCostWsqOP/D29wydgkbCBDyGlZqPR6NfCFsqpwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFAjKnY1S+8d49Lv5vZ6KqMi3wTk8MB8GA1UdIwQY
MBaAFKDvX7v8p6k8/ull7ra97m+0PEA+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb085ZnVfeW5xVHotNldYdXRyM3ViN1E4UUQ0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Mi9mZTkxNWMtYmY3MC00NjAyLThhM2Mt
MDI5MmIwMjAxNTBhLzEvQ01xZGpWTDd4M2owdV9tOW5vcW95TGZCT1R3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Mi9mZTkxNWMtYmY3MC00NjAyLThhM2MtMDI5MmIwMjAxNTBh
LzEvb085ZnVfeW5xVHotNldYdXRyM3ViN1E4UUQ0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQFTp8AAwQF
UpcAAwQFX6gAMA0GCSqGSIb3DQEBCwUAA4IBAQAsnlnip++6Ha50SlKMWscmndhb
WhUDqwnyzdCN18MC89040YoV9ubMDvMCVcrDAwgOVa+9g/jZbnnx/ObBIzRj7Nh0
/o36KmYq6e8Afh7vvD/J7qyudKuG2VCT4fNcNuSjd0R8aEQkPWzYQpD9N0WOP6Ge
Tt6yWPtq3li8AHFQYjlGSYqr0YEeu3V5KG6yZzciHUdj59ztMcxVFVgNsOkB2hAg
/xN7TSv4se1wdYbvggqx2FLAPJcVBdHK0Jf2LH1inB9kb79bLze9t01y+OMfVDol
/o0X0Qq2gFlO2mNGtpTjveI0NXjvDc44VyJqOINZJJY6A6fEV4d/RR3tb8wH
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:17:50 2024 by rpki-client on console-ams.rpki-client.org