Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/37/d2974f-7efa-4611-8827-260c377a314a/1/Q6ZajQbrJdF8ZMwzjjNe6HzzbQQ.roa
File: Q6ZajQbrJdF8ZMwzjjNe6HzzbQQ.roa (raw, json)
Hash identifier: eYT73pu5ifCHLz9R3R0kD7N1ZVYF2AVT1Y5hiXLrZ3Y=
Subject key identifier: 43:A6:5A:8D:06:EB:25:D1:7C:64:CC:33:8E:33:5E:E8:7C:F3:6D:04
Certificate issuer: /CN=706b7fea8ad35111ca687a9cd00a49f9a4f0459b
Certificate serial: 01854E0535D6651F4FC7AF8723030982DABD
Authority key identifier: 70:6B:7F:EA:8A:D3:51:11:CA:68:7A:9C:D0:0A:49:F9:A4:F0:45:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cGt_6orTURHKaHqc0ApJ-aTwRZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/37/d2974f-7efa-4611-8827-260c377a314a/1/Q6ZajQbrJdF8ZMwzjjNe6HzzbQQ.roa
Signing time: Mon 26 Dec 2022 10:40:42 +0000
ROA not before: Mon 26 Dec 2022 10:40:42 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 43824
IP address blocks: 78.40.179.0/24 maxlen: 24
78.40.178.0/24 maxlen: 24
78.40.177.0/24 maxlen: 24
78.40.176.0/24 maxlen: 24
78.40.183.0/24 maxlen: 24
78.40.182.0/24 maxlen: 24
78.40.181.0/24 maxlen: 24
78.40.180.0/24 maxlen: 24
185.160.226.0/24 maxlen: 24
185.160.225.0/24 maxlen: 24
185.160.224.0/24 maxlen: 24
185.160.227.0/24 maxlen: 24
185.87.171.0/24 maxlen: 24
185.87.170.0/24 maxlen: 24
185.87.168.0/24 maxlen: 24
2a0b:8e80:1::/48 maxlen: 48
2a0b:8e80::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:4e:05:35:d6:65:1f:4f:c7:af:87:23:03:09:82:da:bd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=706b7fea8ad35111ca687a9cd00a49f9a4f0459b
Validity
Not Before: Dec 26 10:40:42 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=43a65a8d06eb25d17c64cc338e335ee87cf36d04
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:bb:78:d4:82:f7:fc:70:75:e9:27:d5:3e:43:
d4:4f:22:fd:49:f1:47:ab:7d:cf:22:1c:2b:a7:f2:
a7:20:27:bd:f2:67:72:63:41:e9:65:e5:42:ea:e4:
7e:bc:d2:8c:43:fc:b6:ba:f1:49:a1:fb:d7:a8:06:
62:36:59:0b:95:96:f8:74:15:18:11:47:a6:a5:30:
68:69:8d:48:2c:20:98:16:28:81:32:c0:91:56:d6:
28:a0:08:70:24:8c:92:b6:c3:0b:37:41:4d:05:83:
a7:a9:59:29:a0:75:3f:d8:86:c9:4c:22:0b:63:19:
2d:25:94:5e:b6:67:bf:16:b1:43:f2:96:b3:61:39:
1f:a7:a0:41:28:c5:79:65:1b:c7:e3:a0:36:ae:ed:
27:85:df:d3:90:b0:99:04:56:73:d3:72:5d:5b:65:
97:c1:ab:2d:47:25:39:f9:a1:31:b6:c6:37:7e:79:
24:8c:88:e8:8d:95:fe:10:a4:f0:2b:ed:a9:30:76:
7d:5d:9e:49:22:1e:45:28:9c:2f:4e:6c:e8:97:13:
32:21:60:d6:99:af:e2:33:1f:bf:e9:86:14:1b:7c:
89:f9:28:55:86:b3:ff:93:f3:42:41:ac:ae:f3:85:
17:5d:36:af:3c:7b:70:53:64:8a:71:3c:bd:e0:d5:
2a:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:A6:5A:8D:06:EB:25:D1:7C:64:CC:33:8E:33:5E:E8:7C:F3:6D:04
X509v3 Authority Key Identifier:
keyid:70:6B:7F:EA:8A:D3:51:11:CA:68:7A:9C:D0:0A:49:F9:A4:F0:45:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cGt_6orTURHKaHqc0ApJ-aTwRZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/37/d2974f-7efa-4611-8827-260c377a314a/1/Q6ZajQbrJdF8ZMwzjjNe6HzzbQQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/37/d2974f-7efa-4611-8827-260c377a314a/1/cGt_6orTURHKaHqc0ApJ-aTwRZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.40.176.0/21
185.87.168.0/24
185.87.170.0/23
185.160.224.0/22
IPv6:
2a0b:8e80::/47
Signature Algorithm: sha256WithRSAEncryption
58:34:33:f7:92:17:45:e8:70:b1:20:10:e8:52:a7:5e:24:0a:
d1:bb:34:e7:2b:73:7b:60:d1:be:c7:f9:64:27:78:f9:83:bd:
c0:4c:22:d8:41:66:e7:f8:ce:b3:ae:d2:e8:19:ec:71:6c:95:
2f:a1:27:00:b2:36:af:3b:73:78:ba:59:33:14:85:f6:22:6e:
0a:45:29:49:8e:3e:36:0d:2c:a1:8d:ce:90:9c:7b:c3:3d:9f:
61:29:f5:23:03:12:85:75:2f:9d:95:3b:31:a9:29:2e:75:59:
67:fa:cf:47:c9:3c:5e:7a:59:e0:9b:5d:3f:2a:9a:42:35:f1:
d3:e8:6c:2c:d7:73:2d:c9:76:e3:98:78:8e:71:32:2d:d4:1f:
ee:4c:15:90:ab:af:e1:6d:05:42:19:7f:af:7b:02:8b:55:e9:
d0:68:17:db:8a:a5:67:97:70:05:d6:ec:07:5f:1a:f4:79:c4:
97:8b:08:9e:4b:d3:a5:da:7f:0d:c5:96:e3:82:f5:97:b9:65:
24:6f:fc:4e:58:e0:c0:0e:0b:44:c9:c9:02:d1:c5:13:c5:bc:
6a:d5:a8:5e:81:ca:e8:b5:4d:1c:f9:2c:ca:de:06:61:53:40:
5f:72:31:08:a2:49:74:3f:48:96:33:2c:d6:f2:2c:6f:a5:00:
d8:8a:0a:85
-----BEGIN CERTIFICATE-----
MIIFIDCCBAigAwIBAgISAYVOBTXWZR9Px6+HIwMJgtq9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcwNmI3ZmVhOGFkMzUxMTFjYTY4N2E5Y2QwMGE0OWY5YTRm
MDQ1OWIwHhcNMjIxMjI2MTA0MDQyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0M2E2NWE4ZDA2ZWIyNWQxN2M2NGNjMzM4ZTMzNWVlODdjZjM2ZDA0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnLt41IL3/HB16SfVPkPUTyL9SfFH
q33PIhwrp/KnICe98mdyY0HpZeVC6uR+vNKMQ/y2uvFJofvXqAZiNlkLlZb4dBUY
EUempTBoaY1ILCCYFiiBMsCRVtYooAhwJIyStsMLN0FNBYOnqVkpoHU/2IbJTCIL
YxktJZRetme/FrFD8pazYTkfp6BBKMV5ZRvH46A2ru0nhd/TkLCZBFZz03JdW2WX
wastRyU5+aExtsY3fnkkjIjojZX+EKTwK+2pMHZ9XZ5JIh5FKJwvTmzolxMyIWDW
ma/iMx+/6YYUG3yJ+ShVhrP/k/NCQayu84UXXTavPHtwU2SKcTy94NUqKQIDAQAB
o4ICLDCCAigwHQYDVR0OBBYEFEOmWo0G6yXRfGTMM44zXuh8820EMB8GA1UdIwQY
MBaAFHBrf+qK01ERymh6nNAKSfmk8EWbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY0d0XzZvclRVUkhLYUhxYzBBcEotYVR3UlpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNy9kMjk3NGYtN2VmYS00NjExLTg4Mjct
MjYwYzM3N2EzMTRhLzEvUTZaYWpRYnJKZEY4Wk13empqTmU2SHp6YlFRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNy9kMjk3NGYtN2VmYS00NjExLTg4MjctMjYwYzM3N2EzMTRh
LzEvY0d0XzZvclRVUkhLYUhxYzBBcEotYVR3UlpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEIGCCsGAQUFBwEHAQH/BDMwMTAeBAIAATAYAwQDTiiwAwQA
uVeoAwQBuVeqAwQCuaDgMA8EAgACMAkDBwEqC46AAAAwDQYJKoZIhvcNAQELBQAD
ggEBAFg0M/eSF0XocLEgEOhSp14kCtG7NOcrc3tg0b7H+WQnePmDvcBMIthBZuf4
zrOu0ugZ7HFslS+hJwCyNq87c3i6WTMUhfYibgpFKUmOPjYNLKGNzpCce8M9n2Ep
9SMDEoV1L52VOzGpKS51WWf6z0fJPF56WeCbXT8qmkI18dPobCzXcy3JduOYeI5x
Mi3UH+5MFZCrr+FtBUIZf697AotV6dBoF9uKpWeXcAXW7AdfGvR5xJeLCJ5L06Xa
fw3FluOC9Ze5ZSRv/E5Y4MAOC0TJyQLRxRPFvGrVqF6Byui1TRz5LMreBmFTQF9y
MQiiSXQ/SJYzLNbyLG+lANiKCoU=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:50:23 2023 by rpki-client on console-ams.rpki-client.org