Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/31/b8cae4-b5af-4380-9817-46538ca5383c/1/gtM0B0NIwFWXy6p-vBC3nVuyhIo.roa
File: gtM0B0NIwFWXy6p-vBC3nVuyhIo.roa (raw, json)
Hash identifier: 8/NkowvFwjM11VkFVIFtP9Dp6MY7G+CiySLpa98yKQM=
Subject key identifier: 82:D3:34:07:43:48:C0:55:97:CB:AA:7E:BC:10:B7:9D:5B:B2:84:8A
Certificate issuer: /CN=3ad65216812ed24fd1c719871a59a971dec30a26
Certificate serial: 0181D3780B55E02DF77F8DD051ECED87A6CB
Authority key identifier: 3A:D6:52:16:81:2E:D2:4F:D1:C7:19:87:1A:59:A9:71:DE:C3:0A:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OtZSFoEu0k_RxxmHGlmpcd7DCiY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/31/b8cae4-b5af-4380-9817-46538ca5383c/1/gtM0B0NIwFWXy6p-vBC3nVuyhIo.roa
Signing time: Wed 06 Jul 2022 12:24:28 +0000
ROA not before: Wed 06 Jul 2022 12:24:28 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 35579
IP address blocks: 78.142.85.0/24 maxlen: 24
78.142.80.0/22 maxlen: 24
78.142.90.0/24 maxlen: 24
2a04:5080::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:81:d3:78:0b:55:e0:2d:f7:7f:8d:d0:51:ec:ed:87:a6:cb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3ad65216812ed24fd1c719871a59a971dec30a26
Validity
Not Before: Jul 6 12:24:28 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=82d334074348c05597cbaa7ebc10b79d5bb2848a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:0c:2f:9f:a8:a9:61:02:8f:12:1b:09:1a:a9:
ba:f6:27:c5:30:ec:0d:33:1b:af:37:de:46:0f:2e:
d8:4b:1a:b8:72:b6:5a:7b:50:82:04:77:d8:3c:24:
74:c1:b7:b0:b5:47:f0:f8:48:25:01:73:a9:27:05:
86:e2:47:52:1f:4d:86:95:1c:a0:41:5f:2f:55:cb:
55:7f:76:55:34:a8:d4:27:6b:d5:3e:f5:41:77:07:
b9:fe:ad:d7:6c:11:c9:d6:33:37:ec:73:e4:9e:24:
fa:c2:5b:e0:d9:61:c9:32:19:c9:fb:5e:5b:eb:58:
25:9e:b4:65:98:ee:24:08:03:25:2e:92:f2:67:e8:
61:1e:0f:47:33:4f:f1:71:6d:bc:9c:e3:da:e5:8c:
44:56:08:c0:93:ae:e1:d3:d7:c8:d2:fa:08:18:2b:
6d:58:78:59:c8:de:e1:7e:82:f4:1d:d7:0f:d5:82:
cd:fe:eb:8b:d6:46:f9:26:a6:0f:be:21:a1:53:7d:
ce:f6:34:77:9a:d4:75:10:46:54:68:1b:82:6d:3e:
c6:20:53:ec:bc:15:d8:8b:4f:e8:39:38:27:82:c7:
30:13:fd:9b:88:7b:4a:07:7d:d8:7d:0f:4e:e2:f8:
f2:31:dc:02:6f:7b:9d:a6:e4:d3:31:9d:f8:4d:91:
6c:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
82:D3:34:07:43:48:C0:55:97:CB:AA:7E:BC:10:B7:9D:5B:B2:84:8A
X509v3 Authority Key Identifier:
keyid:3A:D6:52:16:81:2E:D2:4F:D1:C7:19:87:1A:59:A9:71:DE:C3:0A:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OtZSFoEu0k_RxxmHGlmpcd7DCiY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/31/b8cae4-b5af-4380-9817-46538ca5383c/1/gtM0B0NIwFWXy6p-vBC3nVuyhIo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/31/b8cae4-b5af-4380-9817-46538ca5383c/1/OtZSFoEu0k_RxxmHGlmpcd7DCiY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.142.80.0/22
78.142.85.0/24
78.142.90.0/24
IPv6:
2a04:5080::/29
Signature Algorithm: sha256WithRSAEncryption
46:2d:c4:c7:24:c0:77:34:ed:c8:15:37:7f:8b:77:7a:9a:5e:
d8:af:d3:ef:15:93:e3:c6:27:20:24:0b:6c:ac:1a:ef:25:4f:
b8:ee:e1:d1:ec:2c:ff:35:03:95:06:d5:d1:55:e9:3a:c1:6f:
5c:69:d7:9d:ed:27:6f:c4:a7:5c:cd:be:92:49:8c:0a:01:55:
96:70:43:6b:98:8d:13:11:81:bf:1a:42:af:49:17:62:c1:4c:
15:d0:1a:69:e3:5b:1d:73:78:d0:7d:5b:92:fd:07:c9:af:c5:
02:1e:73:30:57:75:e1:db:7c:3a:54:84:0c:42:29:1a:92:be:
cc:02:b3:6f:69:27:55:53:d6:96:6d:b9:f9:2a:a8:6c:5e:12:
21:c6:b9:5e:95:9e:42:fe:d0:ec:18:df:1b:5e:61:33:47:e9:
5d:ed:74:a9:74:37:55:46:0e:55:c6:51:b1:44:fd:d8:0e:70:
83:d5:93:56:d7:3b:6d:64:7f:30:06:50:7a:2c:09:7e:9f:30:
f8:70:63:26:fa:5a:3a:51:6f:1f:98:bf:cc:30:31:93:12:53:
1b:99:78:ab:1e:6a:74:7e:1f:3f:ee:5a:92:7d:79:c4:ed:43:
a4:20:67:07:cc:4a:95:ab:29:b8:1e:21:ec:6c:cf:97:0f:46:
a6:17:ac:51
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYHTeAtV4C33f43QUezth6bLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhZDY1MjE2ODEyZWQyNGZkMWM3MTk4NzFhNTlhOTcxZGVj
MzBhMjYwHhcNMjIwNzA2MTIyNDI4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MmQzMzQwNzQzNDhjMDU1OTdjYmFhN2ViYzEwYjc5ZDViYjI4NDhhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkQwvn6ipYQKPEhsJGqm69ifFMOwN
MxuvN95GDy7YSxq4crZae1CCBHfYPCR0wbewtUfw+EglAXOpJwWG4kdSH02GlRyg
QV8vVctVf3ZVNKjUJ2vVPvVBdwe5/q3XbBHJ1jM37HPkniT6wlvg2WHJMhnJ+15b
61glnrRlmO4kCAMlLpLyZ+hhHg9HM0/xcW28nOPa5YxEVgjAk67h09fI0voIGCtt
WHhZyN7hfoL0HdcP1YLN/uuL1kb5JqYPviGhU33O9jR3mtR1EEZUaBuCbT7GIFPs
vBXYi0/oOTgngscwE/2biHtKB33YfQ9O4vjyMdwCb3udpuTTMZ34TZFslQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFILTNAdDSMBVl8uqfrwQt51bsoSKMB8GA1UdIwQY
MBaAFDrWUhaBLtJP0ccZhxpZqXHewwomMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT3RaU0ZvRXUwa19SeHhtSEdsbXBjZDdEQ2lZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMS9iOGNhZTQtYjVhZi00MzgwLTk4MTct
NDY1MzhjYTUzODNjLzEvZ3RNMEIwTkl3RldYeTZwLXZCQzNuVnV5aElvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMS9iOGNhZTQtYjVhZi00MzgwLTk4MTctNDY1MzhjYTUzODNj
LzEvT3RaU0ZvRXUwa19SeHhtSEdsbXBjZDdEQ2lZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQCTo5QAwQA
To5VAwQATo5aMA0EAgACMAcDBQMqBFCAMA0GCSqGSIb3DQEBCwUAA4IBAQBGLcTH
JMB3NO3IFTd/i3d6ml7Yr9PvFZPjxicgJAtsrBrvJU+47uHR7Cz/NQOVBtXRVek6
wW9caded7SdvxKdczb6SSYwKAVWWcENrmI0TEYG/GkKvSRdiwUwV0Bpp41sdc3jQ
fVuS/QfJr8UCHnMwV3Xh23w6VIQMQikakr7MArNvaSdVU9aWbbn5KqhsXhIhxrle
lZ5C/tDsGN8bXmEzR+ld7XSpdDdVRg5VxlGxRP3YDnCD1ZNW1zttZH8wBlB6LAl+
nzD4cGMm+lo6UW8fmL/MMDGTElMbmXirHmp0fh8/7lqSfXnE7UOkIGcHzEqVqym4
HiHsbM+XD0amF6xR
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:24:37 2024 by rpki-client on console-fra.rpki-client.org