Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/31/b8cae4-b5af-4380-9817-46538ca5383c/1/_Mzcg3w6PHFiX2404nWDEIxsJ5g.roa
File: _Mzcg3w6PHFiX2404nWDEIxsJ5g.roa (raw, json)
Hash identifier: ngCeYrTocohCFrkDWSpIHGZytdyZj0+tzPoKhbdL9xY=
Subject key identifier: FC:CC:DC:83:7C:3A:3C:71:62:5F:6E:34:E2:75:83:10:8C:6C:27:98
Certificate issuer: /CN=3ad65216812ed24fd1c719871a59a971dec30a26
Certificate serial: 0182C515D12CB9E1383A4F5DE28069199038
Authority key identifier: 3A:D6:52:16:81:2E:D2:4F:D1:C7:19:87:1A:59:A9:71:DE:C3:0A:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OtZSFoEu0k_RxxmHGlmpcd7DCiY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/31/b8cae4-b5af-4380-9817-46538ca5383c/1/_Mzcg3w6PHFiX2404nWDEIxsJ5g.roa
Signing time: Mon 22 Aug 2022 10:25:17 +0000
ROA not before: Mon 22 Aug 2022 10:25:17 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 35579
IP address blocks: 78.142.85.0/24 maxlen: 24
78.142.80.0/22 maxlen: 24
78.142.86.0/23 maxlen: 23
78.142.90.0/24 maxlen: 24
78.142.88.0/23 maxlen: 23
2a04:5080::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:c5:15:d1:2c:b9:e1:38:3a:4f:5d:e2:80:69:19:90:38
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3ad65216812ed24fd1c719871a59a971dec30a26
Validity
Not Before: Aug 22 10:25:17 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=fcccdc837c3a3c71625f6e34e27583108c6c2798
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:59:53:62:7c:2a:b5:33:3a:ec:23:9f:59:a2:
b1:0f:09:9d:8c:d5:ce:3b:30:46:7a:3c:53:79:11:
7d:f5:79:2a:86:a3:c2:4a:1d:d6:cb:e5:03:b1:7f:
16:9c:fc:4b:6f:5b:22:61:a0:4c:59:b8:29:1f:b6:
9f:10:10:ff:60:df:48:ad:fc:0a:07:a7:c4:5e:86:
f1:24:33:92:15:a3:cd:e2:b0:a1:de:9c:41:bd:72:
c7:d9:c1:cc:ae:18:b0:81:69:22:7f:e0:66:2b:dc:
cc:0b:dd:a2:1f:4c:4a:4b:2a:ed:82:07:b0:75:0a:
4c:3a:f6:55:5c:44:b7:78:90:4d:f9:e8:a5:31:ec:
fc:6c:e6:28:71:a6:db:bd:a7:da:43:bb:13:b1:36:
a8:5d:63:10:66:7b:34:fa:0a:b0:13:b8:5c:9d:ca:
a1:3e:df:bc:82:16:83:84:06:c2:f7:fa:e0:52:b6:
60:7a:e3:3c:41:b2:8b:57:11:bd:05:9e:64:14:f5:
e9:14:85:4d:17:1a:af:a0:af:3a:5e:5b:9b:e7:25:
4f:cb:15:64:4d:e1:c3:d9:41:f8:59:5a:6b:d3:49:
99:5e:6e:9b:a8:f2:7b:81:23:74:76:6d:00:fb:9b:
7e:4d:27:00:10:32:1a:c8:eb:70:3f:f5:f7:e5:5a:
8d:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FC:CC:DC:83:7C:3A:3C:71:62:5F:6E:34:E2:75:83:10:8C:6C:27:98
X509v3 Authority Key Identifier:
keyid:3A:D6:52:16:81:2E:D2:4F:D1:C7:19:87:1A:59:A9:71:DE:C3:0A:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OtZSFoEu0k_RxxmHGlmpcd7DCiY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/31/b8cae4-b5af-4380-9817-46538ca5383c/1/_Mzcg3w6PHFiX2404nWDEIxsJ5g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/31/b8cae4-b5af-4380-9817-46538ca5383c/1/OtZSFoEu0k_RxxmHGlmpcd7DCiY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.142.80.0/22
78.142.85.0-78.142.90.255
IPv6:
2a04:5080::/29
Signature Algorithm: sha256WithRSAEncryption
6a:71:c9:e5:bd:32:b1:64:14:47:8d:53:44:34:23:46:06:f9:
03:02:d3:76:fa:e3:ed:13:1e:2f:4e:65:78:93:37:5f:02:e8:
0e:c5:35:f1:4b:87:cc:09:a8:84:b6:9c:4b:b0:11:fa:53:83:
2f:5b:58:99:ae:86:34:e7:80:6e:f7:57:2a:79:c7:d8:2a:2d:
bb:a8:91:f8:1f:4b:fc:88:4c:00:3b:4c:a4:23:37:3f:17:d6:
ad:62:bf:c5:97:8a:fb:de:da:d7:79:07:ac:a6:7c:f5:ce:ca:
74:67:da:b5:c8:4e:0c:a7:e4:b6:ad:28:9c:a6:08:5d:84:3b:
8b:90:fd:06:eb:09:18:61:69:a1:6d:40:d6:48:c3:25:37:4f:
3d:0a:ee:ab:b7:75:bb:a9:1d:06:ac:ec:2b:90:09:9f:b6:79:
a2:b8:e1:60:6d:3d:9e:11:72:a2:c9:be:dd:87:b9:5a:f8:ff:
09:43:58:51:b0:9c:c5:7b:81:bc:76:ef:63:29:2c:33:d2:5f:
14:7e:27:ea:6e:05:80:4b:ff:bc:90:da:3b:02:79:98:e7:03:
29:83:e8:08:c0:7c:8a:43:58:30:4d:73:10:15:26:15:cd:67:
76:4a:e8:d7:f0:3c:05:1d:f5:5f:97:ee:29:df:a3:52:9c:cb:
bc:88:ef:29
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAYLFFdEsueE4Ok9d4oBpGZA4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhZDY1MjE2ODEyZWQyNGZkMWM3MTk4NzFhNTlhOTcxZGVj
MzBhMjYwHhcNMjIwODIyMTAyNTE3WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmY2NjZGM4MzdjM2EzYzcxNjI1ZjZlMzRlMjc1ODMxMDhjNmMyNzk4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAollTYnwqtTM67COfWaKxDwmdjNXO
OzBGejxTeRF99XkqhqPCSh3Wy+UDsX8WnPxLb1siYaBMWbgpH7afEBD/YN9IrfwK
B6fEXobxJDOSFaPN4rCh3pxBvXLH2cHMrhiwgWkif+BmK9zMC92iH0xKSyrtggew
dQpMOvZVXES3eJBN+eilMez8bOYocabbvafaQ7sTsTaoXWMQZns0+gqwE7hcncqh
Pt+8ghaDhAbC9/rgUrZgeuM8QbKLVxG9BZ5kFPXpFIVNFxqvoK86Xlub5yVPyxVk
TeHD2UH4WVpr00mZXm6bqPJ7gSN0dm0A+5t+TScAEDIayOtwP/X35VqNcQIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFPzM3IN8OjxxYl9uNOJ1gxCMbCeYMB8GA1UdIwQY
MBaAFDrWUhaBLtJP0ccZhxpZqXHewwomMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT3RaU0ZvRXUwa19SeHhtSEdsbXBjZDdEQ2lZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMS9iOGNhZTQtYjVhZi00MzgwLTk4MTct
NDY1MzhjYTUzODNjLzEvX016Y2czdzZQSEZpWDI0MDRuV0RFSXhzSjVnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMS9iOGNhZTQtYjVhZi00MzgwLTk4MTctNDY1MzhjYTUzODNj
LzEvT3RaU0ZvRXUwa19SeHhtSEdsbXBjZDdEQ2lZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzAaBAIAATAUAwQCTo5QMAwD
BABOjlUDBABOjlowDQQCAAIwBwMFAyoEUIAwDQYJKoZIhvcNAQELBQADggEBAGpx
yeW9MrFkFEeNU0Q0I0YG+QMC03b64+0THi9OZXiTN18C6A7FNfFLh8wJqIS2nEuw
EfpTgy9bWJmuhjTngG73Vyp5x9gqLbuokfgfS/yITAA7TKQjNz8X1q1iv8WXivve
2td5B6ymfPXOynRn2rXITgyn5LatKJymCF2EO4uQ/QbrCRhhaaFtQNZIwyU3Tz0K
7qu3dbupHQas7CuQCZ+2eaK44WBtPZ4RcqLJvt2HuVr4/wlDWFGwnMV7gbx272Mp
LDPSXxR+J+puBYBL/7yQ2jsCeZjnAymD6AjAfIpDWDBNcxAVJhXNZ3ZK6NfwPAUd
9V+X7info1Kcy7yI7yk=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:49:58 2023 by rpki-client on console-ams.rpki-client.org