Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/31/b8cae4-b5af-4380-9817-46538ca5383c/1/7mZ7fRZsVaiMlW9MxBO6iGN_L2o.roa
File: 7mZ7fRZsVaiMlW9MxBO6iGN_L2o.roa (raw, json)
Hash identifier: eNRLMLqhEiy8xK+g1VjrmcHXwfsfEQEYVaWMngyRSFI=
Subject key identifier: EE:66:7B:7D:16:6C:55:A8:8C:95:6F:4C:C4:13:BA:88:63:7F:2F:6A
Certificate issuer: /CN=3ad65216812ed24fd1c719871a59a971dec30a26
Certificate serial: 0182584527125A851729DA29E0E3C429C5A2
Authority key identifier: 3A:D6:52:16:81:2E:D2:4F:D1:C7:19:87:1A:59:A9:71:DE:C3:0A:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OtZSFoEu0k_RxxmHGlmpcd7DCiY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/31/b8cae4-b5af-4380-9817-46538ca5383c/1/7mZ7fRZsVaiMlW9MxBO6iGN_L2o.roa
Signing time: Mon 01 Aug 2022 07:18:23 +0000
ROA not before: Mon 01 Aug 2022 07:18:23 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 35579
IP address blocks: 78.142.85.0/24 maxlen: 24
78.142.80.0/22 maxlen: 24
78.142.90.0/24 maxlen: 24
78.142.88.0/23 maxlen: 23
2a04:5080::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:58:45:27:12:5a:85:17:29:da:29:e0:e3:c4:29:c5:a2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3ad65216812ed24fd1c719871a59a971dec30a26
Validity
Not Before: Aug 1 07:18:23 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=ee667b7d166c55a88c956f4cc413ba88637f2f6a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:79:90:07:bd:20:99:f1:41:15:12:77:f1:87:
c1:1e:a8:f6:21:0d:fe:01:79:d3:b3:1e:3f:12:8b:
4d:48:b3:e4:11:b3:49:82:68:c7:07:bc:e9:a6:32:
87:28:02:20:e9:4a:d9:b8:77:da:4b:8b:2d:b1:b9:
b9:ac:0e:d6:86:28:ea:65:49:31:22:98:9f:fa:7b:
a4:cd:70:c4:8e:76:3b:0f:9f:71:dd:3f:57:c3:98:
ef:a0:d7:e5:15:18:b3:22:3e:12:58:85:ac:39:1b:
ca:b9:99:28:f0:0c:9f:bf:32:96:ad:ec:1c:50:40:
6f:89:19:da:a6:2c:97:34:18:35:28:16:24:ba:d6:
3c:5a:40:36:da:5d:c0:e7:57:37:91:32:ea:52:b1:
6f:46:8c:8d:43:28:62:18:a9:0b:58:ec:4c:0c:a5:
4c:0d:14:88:c9:84:f3:c7:27:58:75:49:48:3e:d1:
92:4d:0c:ff:9b:38:ff:c5:10:41:10:8f:9c:79:67:
bf:ef:41:0e:0a:79:a6:82:d3:e1:c5:c0:25:5c:e5:
06:a0:13:6e:a5:4b:95:65:bc:5a:f9:60:26:43:d8:
08:e1:2a:45:9f:f3:3e:db:d1:a9:da:19:f1:ec:ae:
71:1e:53:b8:a0:ed:c8:80:60:3c:b8:44:16:a9:c9:
10:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EE:66:7B:7D:16:6C:55:A8:8C:95:6F:4C:C4:13:BA:88:63:7F:2F:6A
X509v3 Authority Key Identifier:
keyid:3A:D6:52:16:81:2E:D2:4F:D1:C7:19:87:1A:59:A9:71:DE:C3:0A:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OtZSFoEu0k_RxxmHGlmpcd7DCiY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/31/b8cae4-b5af-4380-9817-46538ca5383c/1/7mZ7fRZsVaiMlW9MxBO6iGN_L2o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/31/b8cae4-b5af-4380-9817-46538ca5383c/1/OtZSFoEu0k_RxxmHGlmpcd7DCiY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.142.80.0/22
78.142.85.0/24
78.142.88.0-78.142.90.255
IPv6:
2a04:5080::/29
Signature Algorithm: sha256WithRSAEncryption
4e:cc:9c:66:bd:cc:95:9a:24:3b:31:45:20:4e:2b:c0:ab:8d:
50:d3:8e:7c:de:e5:52:17:11:aa:96:0d:cc:06:5c:47:74:41:
26:a8:a5:60:ca:e6:b2:67:29:09:1d:74:4b:16:82:03:06:62:
bb:43:96:5c:d0:4c:20:14:93:d1:98:2e:f3:21:4d:9d:07:9e:
1a:19:8f:82:fe:76:d9:4d:9d:22:35:db:49:e1:19:17:11:cb:
6e:03:4f:56:21:98:f7:2c:27:7b:0b:e7:82:c4:f2:8d:a1:61:
b2:4b:e3:97:b6:8e:20:4d:ae:94:57:a9:9e:9c:ff:42:00:e0:
a9:04:e0:95:7c:c3:26:5e:1d:b1:07:58:48:11:f8:22:af:78:
95:7a:0e:d6:b8:24:23:6c:92:db:fd:bb:4a:89:b5:30:e6:e5:
4b:e2:ce:e8:6a:56:2d:60:1a:cf:b1:a5:ab:2c:3c:b6:19:3c:
ce:f8:b2:5f:03:60:b0:bf:99:99:7e:50:83:ce:73:20:f1:ba:
dd:1c:82:ff:d4:25:79:e1:2f:e9:fe:9e:44:6a:21:d7:17:9f:
db:cf:95:22:dd:73:5a:18:80:66:9d:92:62:ea:35:c0:1e:e3:
64:07:78:f6:a8:56:6a:f9:ed:1c:47:f0:5e:6a:69:59:03:5c:
c9:3f:4b:d4
-----BEGIN CERTIFICATE-----
MIIFIDCCBAigAwIBAgISAYJYRScSWoUXKdop4OPEKcWiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhZDY1MjE2ODEyZWQyNGZkMWM3MTk4NzFhNTlhOTcxZGVj
MzBhMjYwHhcNMjIwODAxMDcxODIzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZTY2N2I3ZDE2NmM1NWE4OGM5NTZmNGNjNDEzYmE4ODYzN2YyZjZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApnmQB70gmfFBFRJ38YfBHqj2IQ3+
AXnTsx4/EotNSLPkEbNJgmjHB7zppjKHKAIg6UrZuHfaS4stsbm5rA7WhijqZUkx
Ipif+nukzXDEjnY7D59x3T9Xw5jvoNflFRizIj4SWIWsORvKuZko8AyfvzKWrewc
UEBviRnapiyXNBg1KBYkutY8WkA22l3A51c3kTLqUrFvRoyNQyhiGKkLWOxMDKVM
DRSIyYTzxydYdUlIPtGSTQz/mzj/xRBBEI+ceWe/70EOCnmmgtPhxcAlXOUGoBNu
pUuVZbxa+WAmQ9gI4SpFn/M+29Gp2hnx7K5xHlO4oO3IgGA8uEQWqckQnwIDAQAB
o4ICLDCCAigwHQYDVR0OBBYEFO5me30WbFWojJVvTMQTuohjfy9qMB8GA1UdIwQY
MBaAFDrWUhaBLtJP0ccZhxpZqXHewwomMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT3RaU0ZvRXUwa19SeHhtSEdsbXBjZDdEQ2lZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMS9iOGNhZTQtYjVhZi00MzgwLTk4MTct
NDY1MzhjYTUzODNjLzEvN21aN2ZSWnNWYWlNbFc5TXhCTzZpR05fTDJvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMS9iOGNhZTQtYjVhZi00MzgwLTk4MTctNDY1MzhjYTUzODNj
LzEvT3RaU0ZvRXUwa19SeHhtSEdsbXBjZDdEQ2lZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEIGCCsGAQUFBwEHAQH/BDMwMTAgBAIAATAaAwQCTo5QAwQA
To5VMAwDBANOjlgDBABOjlowDQQCAAIwBwMFAyoEUIAwDQYJKoZIhvcNAQELBQAD
ggEBAE7MnGa9zJWaJDsxRSBOK8CrjVDTjnze5VIXEaqWDcwGXEd0QSaopWDK5rJn
KQkddEsWggMGYrtDllzQTCAUk9GYLvMhTZ0HnhoZj4L+dtlNnSI120nhGRcRy24D
T1YhmPcsJ3sL54LE8o2hYbJL45e2jiBNrpRXqZ6c/0IA4KkE4JV8wyZeHbEHWEgR
+CKveJV6Dta4JCNsktv9u0qJtTDm5UvizuhqVi1gGs+xpassPLYZPM74sl8DYLC/
mZl+UIPOcyDxut0cgv/UJXnhL+n+nkRqIdcXn9vPlSLdc1oYgGadkmLqNcAe42QH
ePaoVmr57RxH8F5qaVkDXMk/S9Q=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:01:49 2024 by rpki-client on console-ams.rpki-client.org