Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1e/3a3e9d-6d7f-4923-afef-136c9ffcb82c/1/apnPprn67QdbeBo2FgLPfBBXfLk.roa
File: apnPprn67QdbeBo2FgLPfBBXfLk.roa (raw, json)
Hash identifier: 6F4kMpdZjEjAtXqKtN7agB/3DxCeQGpRpYkx84yk1GI=
Subject key identifier: 6A:99:CF:A6:B9:FA:ED:07:5B:78:1A:36:16:02:CF:7C:10:57:7C:B9
Certificate issuer: /CN=75bce8f08b5efc44afaf8d7063e1ae951825142b
Certificate serial: 2FB4EE5D
Authority key identifier: 75:BC:E8:F0:8B:5E:FC:44:AF:AF:8D:70:63:E1:AE:95:18:25:14:2B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dbzo8Ite_ESvr41wY-GulRglFCs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1e/3a3e9d-6d7f-4923-afef-136c9ffcb82c/1/apnPprn67QdbeBo2FgLPfBBXfLk.roa
Signing time: Sat 01 Jan 2022 06:02:07 +0000
ROA not before: Sat 01 Jan 2022 06:02:07 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 198916
IP address blocks: 178.23.201.0/24 maxlen: 24
178.23.204.0/23 maxlen: 24
185.109.68.0/22 maxlen: 24
178.23.206.0/24 maxlen: 24
178.23.206.0/23 maxlen: 24
178.23.202.0/23 maxlen: 24
178.23.200.0/24 maxlen: 24
178.23.207.0/24 maxlen: 24
2a01:6080::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 800386653 (0x2fb4ee5d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=75bce8f08b5efc44afaf8d7063e1ae951825142b
Validity
Not Before: Jan 1 06:02:07 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=6a99cfa6b9faed075b781a361602cf7c10577cb9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:81:36:08:5a:1e:cd:23:42:64:5d:ae:1a:65:
bb:ff:58:c7:46:95:91:fd:5d:29:69:6a:fb:95:c6:
c3:bf:82:39:16:f0:ef:79:fa:3d:22:cc:cd:7f:18:
c5:62:5f:80:aa:a1:ce:ae:55:a0:ce:38:a5:40:70:
fa:38:fb:89:de:8d:6c:8c:39:ad:13:20:04:1d:b7:
46:f6:a3:a7:b5:27:bc:1a:e3:55:3e:04:48:57:76:
34:b7:7c:b0:89:94:ec:70:3e:c4:4d:38:0c:50:35:
23:b1:9f:73:e0:4d:ab:c7:4f:db:96:94:7b:f1:51:
0d:d0:e9:db:df:3e:a6:3f:13:bb:d7:56:1c:c7:04:
ad:47:b2:1c:86:ef:8b:d8:1b:b1:73:26:00:19:10:
d2:e8:43:00:5f:84:e7:67:d0:21:cd:99:ec:24:87:
fa:1b:fc:02:a3:49:be:5a:02:f2:6e:93:9a:20:10:
d5:63:a2:5c:4b:ce:d7:c7:10:06:e0:f3:61:68:a6:
4e:c9:8e:4c:de:ea:e1:08:e2:28:82:c8:0f:85:03:
e9:df:d2:76:df:fc:41:8d:46:a7:f8:a5:ee:af:87:
b6:b1:62:46:1e:a2:45:18:bc:7c:15:4d:4b:5c:c6:
f1:34:57:eb:7c:0a:94:af:63:60:79:8f:39:bf:8a:
d5:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:99:CF:A6:B9:FA:ED:07:5B:78:1A:36:16:02:CF:7C:10:57:7C:B9
X509v3 Authority Key Identifier:
keyid:75:BC:E8:F0:8B:5E:FC:44:AF:AF:8D:70:63:E1:AE:95:18:25:14:2B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dbzo8Ite_ESvr41wY-GulRglFCs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/3a3e9d-6d7f-4923-afef-136c9ffcb82c/1/apnPprn67QdbeBo2FgLPfBBXfLk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/3a3e9d-6d7f-4923-afef-136c9ffcb82c/1/dbzo8Ite_ESvr41wY-GulRglFCs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.23.200.0/21
185.109.68.0/22
IPv6:
2a01:6080::/32
Signature Algorithm: sha256WithRSAEncryption
8a:fc:2d:16:4e:f4:2f:1b:06:f3:f3:e8:52:ed:67:ec:d0:19:
fa:14:ae:d7:e7:d5:4a:02:f2:76:a9:20:fe:19:90:5b:5f:5f:
5d:8f:09:4a:65:b8:60:5d:c2:88:99:91:0f:90:a3:1e:f5:d3:
2c:59:3d:20:f7:ff:a9:5c:30:4e:15:4e:1c:5c:95:c9:0b:c5:
9f:23:e6:be:d9:26:0f:b2:95:bc:a1:cd:67:0d:bc:16:f7:2e:
23:dd:0f:9f:98:f3:12:23:86:b3:58:32:d5:8c:f6:c4:19:91:
72:e7:ec:83:6d:2d:02:bb:a3:f8:68:ac:a3:91:5e:3b:52:55:
89:6f:d6:52:96:e3:8e:f6:3c:bd:61:df:69:a6:aa:e0:6e:35:
a9:19:84:86:3c:74:63:2d:7f:4e:1f:fe:e4:05:34:4c:70:9e:
e7:1b:5b:2a:5a:d2:c6:f6:07:a7:42:a3:dc:26:b0:47:65:a6:
ae:99:fa:08:e4:5f:61:9e:f2:ef:3b:fe:73:5f:bc:a8:52:9c:
b8:88:08:75:db:ea:7f:ba:23:e4:a8:11:cd:aa:81:6b:29:cd:
40:03:2a:07:c4:6b:c8:c4:ba:a8:b2:17:ae:a3:bf:57:23:e9:
05:40:89:87:f8:06:06:cd:65:6f:11:07:d4:ee:45:6c:48:35:
54:c6:88:9a
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgIEL7TuXTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
NWJjZThmMDhiNWVmYzQ0YWZhZjhkNzA2M2UxYWU5NTE4MjUxNDJiMB4XDTIyMDEw
MTA2MDIwN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNmE5OWNmYTZiOWZh
ZWQwNzViNzgxYTM2MTYwMmNmN2MxMDU3N2NiOTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJ2BNghaHs0jQmRdrhplu/9Yx0aVkf1dKWlq+5XGw7+CORbw
73n6PSLMzX8YxWJfgKqhzq5VoM44pUBw+jj7id6NbIw5rRMgBB23Rvajp7UnvBrj
VT4ESFd2NLd8sImU7HA+xE04DFA1I7Gfc+BNq8dP25aUe/FRDdDp298+pj8Tu9dW
HMcErUeyHIbvi9gbsXMmABkQ0uhDAF+E52fQIc2Z7CSH+hv8AqNJvloC8m6TmiAQ
1WOiXEvO18cQBuDzYWimTsmOTN7q4QjiKILID4UD6d/Sdt/8QY1Gp/il7q+HtrFi
Rh6iRRi8fBVNS1zG8TRX63wKlK9jYHmPOb+K1U0CAwEAAaOCAh4wggIaMB0GA1Ud
DgQWBBRqmc+mufrtB1t4GjYWAs98EFd8uTAfBgNVHSMEGDAWgBR1vOjwi178RK+v
jXBj4a6VGCUUKzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2Riem84SXRlX0VTdnI0MXdZLUd1bFJnbEZDcy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMWUvM2EzZTlkLTZkN2YtNDkyMy1hZmVmLTEzNmM5ZmZjYjgyYy8x
L2FwblBwcm42N1FkYmVCbzJGZ0xQZkJCWGZMay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMWUv
M2EzZTlkLTZkN2YtNDkyMy1hZmVmLTEzNmM5ZmZjYjgyYy8xL2Riem84SXRlX0VT
dnI0MXdZLUd1bFJnbEZDcy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA0
BggrBgEFBQcBBwEB/wQlMCMwEgQCAAEwDAMEA7IXyAMEArltRDANBAIAAjAHAwUA
KgFggDANBgkqhkiG9w0BAQsFAAOCAQEAivwtFk70LxsG8/PoUu1n7NAZ+hSu1+fV
SgLydqkg/hmQW19fXY8JSmW4YF3CiJmRD5CjHvXTLFk9IPf/qVwwThVOHFyVyQvF
nyPmvtkmD7KVvKHNZw28FvcuI90Pn5jzEiOGs1gy1Yz2xBmRcufsg20tAruj+Gis
o5FeO1JViW/WUpbjjvY8vWHfaaaq4G41qRmEhjx0Yy1/Th/+5AU0THCe5xtbKlrS
xvYHp0Kj3CawR2Wmrpn6CORfYZ7y7zv+c1+8qFKcuIgIddvqf7oj5KgRzaqBaynN
QAMqB8RryMS6qLIXrqO/VyPpBUCJh/gGBs1lbxEH1O5FbEg1VMaImg==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:45:03 2023 by rpki-client on console-fra.rpki-client.org