Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/37/d2974f-7efa-4611-8827-260c377a314a/1/K_SJ7AbFCSO0TH7oGr2CuJulYYk.roa
File: K_SJ7AbFCSO0TH7oGr2CuJulYYk.roa (raw, json)
Hash identifier: jlopDGFyEuAnXWdfA0v+K6pg27aSJvmg16nWoQWMTU4=
Subject key identifier: 2B:F4:89:EC:06:C5:09:23:B4:4C:7E:E8:1A:BD:82:B8:9B:A5:61:89
Certificate issuer: /CN=706b7fea8ad35111ca687a9cd00a49f9a4f0459b
Certificate serial: 05D56C7D
Authority key identifier: 70:6B:7F:EA:8A:D3:51:11:CA:68:7A:9C:D0:0A:49:F9:A4:F0:45:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cGt_6orTURHKaHqc0ApJ-aTwRZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/37/d2974f-7efa-4611-8827-260c377a314a/1/K_SJ7AbFCSO0TH7oGr2CuJulYYk.roa
Signing time: Sat 01 Jan 2022 05:03:07 +0000
ROA not before: Sat 01 Jan 2022 05:03:07 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 43824
IP address blocks: 78.40.179.0/24 maxlen: 24
78.40.178.0/24 maxlen: 24
78.40.177.0/24 maxlen: 24
78.40.176.0/24 maxlen: 24
78.40.181.0/24 maxlen: 24
78.40.180.0/24 maxlen: 24
78.40.183.0/24 maxlen: 24
78.40.182.0/24 maxlen: 24
185.160.226.0/24 maxlen: 24
185.160.225.0/24 maxlen: 24
185.160.224.0/24 maxlen: 24
185.160.227.0/24 maxlen: 24
185.87.170.0/24 maxlen: 24
185.87.168.0/24 maxlen: 24
2a0b:8e80:1::/48 maxlen: 48
2a0b:8e80::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 97873021 (0x5d56c7d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=706b7fea8ad35111ca687a9cd00a49f9a4f0459b
Validity
Not Before: Jan 1 05:03:07 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=2bf489ec06c50923b44c7ee81abd82b89ba56189
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:c5:84:03:a7:2a:79:8b:ca:12:0c:42:15:b9:
25:13:57:d5:d6:c0:28:04:f2:1e:cf:cb:13:d4:37:
1d:69:2b:98:22:e6:f6:70:cc:15:d4:0c:30:62:6c:
ae:92:0b:14:5a:61:cb:27:16:b2:27:a9:68:c5:8b:
17:a3:9e:f3:27:3c:3e:6b:00:e3:e9:1b:dd:16:f2:
d3:22:cf:92:d7:0d:80:be:bb:8a:d8:45:01:0f:31:
8b:a9:be:86:57:ff:a9:0f:15:cc:62:56:b8:26:71:
a4:d7:d3:82:5d:be:15:1f:89:0e:36:a6:bb:da:d9:
18:5e:f8:b5:0c:c6:40:57:82:7d:3f:53:89:77:eb:
b8:64:b7:0f:e1:b7:17:79:23:c4:10:72:0b:d9:ba:
d4:8c:41:08:87:be:e0:8c:b3:40:50:8e:24:9e:24:
42:94:92:a9:4a:34:33:ff:d4:a4:8a:90:d0:8e:4f:
83:3e:97:95:ee:54:4f:48:06:19:d9:a6:08:fe:db:
b5:c4:b1:92:38:64:28:88:e3:83:f7:4e:3d:87:b4:
38:9d:43:8e:e3:1b:b4:76:c2:8e:32:3c:b1:9e:c8:
b8:b5:ad:ab:f3:4e:65:a1:09:da:50:04:16:af:e5:
4e:76:bc:3d:72:d8:cb:88:57:8e:71:6c:67:43:80:
af:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:F4:89:EC:06:C5:09:23:B4:4C:7E:E8:1A:BD:82:B8:9B:A5:61:89
X509v3 Authority Key Identifier:
keyid:70:6B:7F:EA:8A:D3:51:11:CA:68:7A:9C:D0:0A:49:F9:A4:F0:45:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cGt_6orTURHKaHqc0ApJ-aTwRZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/37/d2974f-7efa-4611-8827-260c377a314a/1/K_SJ7AbFCSO0TH7oGr2CuJulYYk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/37/d2974f-7efa-4611-8827-260c377a314a/1/cGt_6orTURHKaHqc0ApJ-aTwRZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.40.176.0/21
185.87.168.0/24
185.87.170.0/24
185.160.224.0/22
IPv6:
2a0b:8e80::/47
Signature Algorithm: sha256WithRSAEncryption
a7:f8:8c:49:aa:57:07:d0:ea:5d:03:0f:3d:7d:f0:03:00:b5:
76:de:ee:e6:80:6c:fe:88:99:00:b7:9a:59:40:da:cc:77:1b:
81:59:a4:3a:c7:d2:fd:81:4d:dd:dd:e5:ae:de:93:b8:09:bb:
d8:e6:2e:23:32:9e:ab:7c:80:70:5f:b3:79:ba:2e:d2:71:3b:
1b:aa:43:dc:ab:2b:8c:0f:94:69:ff:17:dc:32:a8:de:91:67:
2c:63:5c:ff:9d:60:aa:95:48:75:91:49:22:8e:e7:3b:dd:8b:
bb:f5:47:13:8d:0d:46:d1:9f:d5:da:fa:f0:fb:5b:32:01:5f:
93:bc:a0:0f:81:32:df:b7:ff:4f:f9:3e:92:82:e0:8e:bb:38:
96:e0:1a:b6:7b:ee:0c:f2:4c:c2:c6:76:13:5c:b8:68:13:f1:
44:bd:2a:62:32:3f:06:c0:a8:1c:d3:62:a5:f3:5d:f5:dc:98:
cf:08:59:80:22:a7:ba:76:d3:84:1e:42:fc:e2:0f:02:17:87:
42:20:ea:98:38:8b:06:af:15:35:67:e7:88:9d:4f:98:a8:24:
66:39:35:f9:f8:0c:6d:e3:35:12:81:8d:d7:c2:e9:cc:c8:0e:
ad:8f:a8:dd:b9:c6:73:46:3e:2d:ae:6b:45:4f:78:36:41:5e:
77:75:9c:ea
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgIEBdVsfTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
MDZiN2ZlYThhZDM1MTExY2E2ODdhOWNkMDBhNDlmOWE0ZjA0NTliMB4XDTIyMDEw
MTA1MDMwN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMmJmNDg5ZWMwNmM1
MDkyM2I0NGM3ZWU4MWFiZDgyYjg5YmE1NjE4OTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALLFhAOnKnmLyhIMQhW5JRNX1dbAKATyHs/LE9Q3HWkrmCLm
9nDMFdQMMGJsrpILFFphyycWsiepaMWLF6Oe8yc8PmsA4+kb3Rby0yLPktcNgL67
ithFAQ8xi6m+hlf/qQ8VzGJWuCZxpNfTgl2+FR+JDjamu9rZGF74tQzGQFeCfT9T
iXfruGS3D+G3F3kjxBByC9m61IxBCIe+4IyzQFCOJJ4kQpSSqUo0M//UpIqQ0I5P
gz6Xle5UT0gGGdmmCP7btcSxkjhkKIjjg/dOPYe0OJ1DjuMbtHbCjjI8sZ7IuLWt
q/NOZaEJ2lAEFq/lTna8PXLYy4hXjnFsZ0OAr7MCAwEAAaOCAiwwggIoMB0GA1Ud
DgQWBBQr9InsBsUJI7RMfugavYK4m6VhiTAfBgNVHSMEGDAWgBRwa3/qitNREcpo
epzQCkn5pPBFmzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2NHdF82b3JUVVJIS2FIcWMwQXBKLWFUd1Jacy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzcvZDI5NzRmLTdlZmEtNDYxMS04ODI3LTI2MGMzNzdhMzE0YS8x
L0tfU0o3QWJGQ1NPMFRIN29HcjJDdUp1bFlZay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzcv
ZDI5NzRmLTdlZmEtNDYxMS04ODI3LTI2MGMzNzdhMzE0YS8xL2NHdF82b3JUVVJI
S2FIcWMwQXBKLWFUd1Jacy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBC
BggrBgEFBQcBBwEB/wQzMDEwHgQCAAEwGAMEA04osAMEALlXqAMEALlXqgMEArmg
4DAPBAIAAjAJAwcBKguOgAAAMA0GCSqGSIb3DQEBCwUAA4IBAQCn+IxJqlcH0Opd
Aw89ffADALV23u7mgGz+iJkAt5pZQNrMdxuBWaQ6x9L9gU3d3eWu3pO4CbvY5i4j
Mp6rfIBwX7N5ui7ScTsbqkPcqyuMD5Rp/xfcMqjekWcsY1z/nWCqlUh1kUkijuc7
3Yu79UcTjQ1G0Z/V2vrw+1syAV+TvKAPgTLft/9P+T6SguCOuziW4Bq2e+4M8kzC
xnYTXLhoE/FEvSpiMj8GwKgc02Kl81313JjPCFmAIqe6dtOEHkL84g8CF4dCIOqY
OIsGrxU1Z+eInU+YqCRmOTX5+Axt4zUSgY3XwunMyA6tj6jducZzRj4trmtFT3g2
QV53dZzq
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:03:15 2024 by rpki-client on console-ams.rpki-client.org