Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/CUcHpyM5ucq7Kpf6orpuWyqQp4c.roa
File: CUcHpyM5ucq7Kpf6orpuWyqQp4c.roa (raw, json)
Hash identifier: UIC3GFc+oLHEEoPDhx3kNUFqN/EJDc4GSnDbcU2quk4=
Subject key identifier: 09:47:07:A7:23:39:B9:CA:BB:2A:97:FA:A2:BA:6E:5B:2A:90:A7:87
Certificate issuer: /CN=b1a7b0d8de8251d36d7c83faf6bc7efec73b5034
Certificate serial: 01843A4856D80EE270A71805139204CCB551
Authority key identifier: B1:A7:B0:D8:DE:82:51:D3:6D:7C:83:FA:F6:BC:7E:FE:C7:3B:50:34
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/CUcHpyM5ucq7Kpf6orpuWyqQp4c.roa
Signing time: Wed 02 Nov 2022 21:38:50 +0000
ROA not before: Wed 02 Nov 2022 21:38:50 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 210715
IP address blocks: 78.108.218.0/24 maxlen: 24
193.31.31.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:3a:48:56:d8:0e:e2:70:a7:18:05:13:92:04:cc:b5:51
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b1a7b0d8de8251d36d7c83faf6bc7efec73b5034
Validity
Not Before: Nov 2 21:38:50 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=094707a72339b9cabb2a97faa2ba6e5b2a90a787
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:b5:62:83:2e:8d:2f:7c:02:87:34:93:d8:00:
3f:1e:ef:b0:de:c7:f8:1a:28:49:2f:e7:71:c8:7b:
7e:6b:b1:97:80:ad:d7:1a:af:8b:44:01:44:4f:a5:
08:03:93:ea:95:ca:bf:b8:57:1b:9b:90:ce:d0:78:
78:d0:ee:96:95:ed:3c:8d:6d:99:bd:da:b4:30:d1:
8f:b5:21:bf:cc:bc:33:44:cf:69:23:38:33:07:72:
79:dc:dd:9a:fe:9c:2b:9a:0b:a6:f3:ea:aa:39:0e:
ac:a7:02:db:00:49:8f:d1:82:72:e2:e8:a1:bc:7c:
36:3e:9a:48:a6:44:7c:24:b4:ae:0f:9d:f5:ee:91:
da:5e:3c:ec:76:45:ce:e5:d0:d7:29:b3:1a:7f:82:
d5:ff:b6:9e:3c:4c:06:df:bd:24:b1:96:98:ed:65:
f1:ae:bc:95:6a:7d:cd:bc:6c:83:a2:ad:e2:df:34:
f7:51:f9:b2:fe:53:c7:9e:35:28:0b:15:e9:3b:e5:
2d:b7:ca:44:51:ac:c3:1c:43:a5:3b:8d:75:c5:24:
62:95:f4:d3:15:18:a0:6c:b1:6e:a2:8c:9c:38:64:
2f:b5:45:53:ef:f3:07:f8:1d:d7:ef:ae:53:42:48:
17:68:a8:d5:a8:d0:4b:33:e4:b0:eb:c2:35:eb:d7:
40:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:47:07:A7:23:39:B9:CA:BB:2A:97:FA:A2:BA:6E:5B:2A:90:A7:87
X509v3 Authority Key Identifier:
keyid:B1:A7:B0:D8:DE:82:51:D3:6D:7C:83:FA:F6:BC:7E:FE:C7:3B:50:34
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/CUcHpyM5ucq7Kpf6orpuWyqQp4c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/saew2N6CUdNtfIP69rx-_sc7UDQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.108.218.0/24
193.31.31.0/24
Signature Algorithm: sha256WithRSAEncryption
aa:e7:c9:f6:23:d1:bb:87:72:fb:74:38:98:2d:a2:48:c7:15:
c4:91:12:ce:8a:8e:69:02:27:f0:20:38:ed:eb:97:37:87:6f:
c4:35:31:44:8e:df:e6:ab:f4:07:85:94:ce:22:3f:30:73:df:
3d:55:15:de:4e:18:7d:a9:af:ad:cf:55:70:0c:2f:7e:27:65:
fa:1b:4b:16:91:f1:a3:e7:80:df:2f:fd:50:a5:61:83:22:c4:
ca:9d:0b:f9:fb:13:e4:ab:5d:7b:e5:01:17:7b:d6:67:63:e7:
16:5c:ad:e6:e9:dd:be:dd:af:a0:a4:cb:13:7e:91:83:da:ad:
7b:3f:f6:d3:d9:5f:69:41:bc:7c:aa:4b:df:84:05:38:b2:f0:
35:56:07:d9:d6:4c:96:73:68:8f:0e:5f:50:dd:47:b0:b7:c5:
03:1a:d1:eb:ad:f9:e1:ac:dd:7f:c3:88:0c:88:30:61:05:ec:
d9:be:cb:e8:39:05:f7:38:38:98:39:0e:3e:d1:1e:c1:f2:14:
64:3c:f6:f1:73:bf:1b:c5:f6:b5:c7:e1:4d:bd:e7:c3:c6:5f:
f2:75:bd:61:9a:5a:71:92:1c:c8:2a:33:82:f7:a2:8b:d1:31:
45:40:f8:c1:68:a5:16:67:cd:3f:5a:7d:0b:e5:a2:cc:78:ce:
4e:7b:00:16
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYQ6SFbYDuJwpxgFE5IEzLVRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxYTdiMGQ4ZGU4MjUxZDM2ZDdjODNmYWY2YmM3ZWZlYzcz
YjUwMzQwHhcNMjIxMTAyMjEzODUwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOTQ3MDdhNzIzMzliOWNhYmIyYTk3ZmFhMmJhNmU1YjJhOTBhNzg3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnbVigy6NL3wChzST2AA/Hu+w3sf4
GihJL+dxyHt+a7GXgK3XGq+LRAFET6UIA5Pqlcq/uFcbm5DO0Hh40O6Wle08jW2Z
vdq0MNGPtSG/zLwzRM9pIzgzB3J53N2a/pwrmgum8+qqOQ6spwLbAEmP0YJy4uih
vHw2PppIpkR8JLSuD5317pHaXjzsdkXO5dDXKbMaf4LV/7aePEwG370ksZaY7WXx
rryVan3NvGyDoq3i3zT3Ufmy/lPHnjUoCxXpO+Utt8pEUazDHEOlO411xSRilfTT
FRigbLFuooycOGQvtUVT7/MH+B3X765TQkgXaKjVqNBLM+Sw68I169dAAQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFAlHB6cjObnKuyqX+qK6blsqkKeHMB8GA1UdIwQY
MBaAFLGnsNjeglHTbXyD+va8fv7HO1A0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc2FldzJONkNVZE50ZklQNjlyeC1fc2M3VURRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy9mMTM0YzgtZjgxNC00YjcxLTk1N2It
Mzk0YWNkMjFmMzliLzEvQ1VjSHB5TTV1Y3E3S3BmNm9ycHVXeXFRcDRjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy9mMTM0YzgtZjgxNC00YjcxLTk1N2ItMzk0YWNkMjFmMzli
LzEvc2FldzJONkNVZE50ZklQNjlyeC1fc2M3VURRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQATmzaAwQA
wR8fMA0GCSqGSIb3DQEBCwUAA4IBAQCq58n2I9G7h3L7dDiYLaJIxxXEkRLOio5p
AifwIDjt65c3h2/ENTFEjt/mq/QHhZTOIj8wc989VRXeThh9qa+tz1VwDC9+J2X6
G0sWkfGj54DfL/1QpWGDIsTKnQv5+xPkq1175QEXe9ZnY+cWXK3m6d2+3a+gpMsT
fpGD2q17P/bT2V9pQbx8qkvfhAU4svA1VgfZ1kyWc2iPDl9Q3Uewt8UDGtHrrfnh
rN1/w4gMiDBhBezZvsvoOQX3ODiYOQ4+0R7B8hRkPPbxc78bxfa1x+FNvefDxl/y
db1hmlpxkhzIKjOC96KL0TFFQPjBaKUWZ80/Wn0L5aLMeM5OewAW
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:48 2024 by rpki-client on console-fra.rpki-client.org