Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/57zZG9TWwk16AgJww7IOMnDKwPc.roa
File: 57zZG9TWwk16AgJww7IOMnDKwPc.roa (raw, json)
Hash identifier: zFqrGVER0zuXNJxGC7AnQkdO/iUpnLDziHFQ0KEDxJw=
Subject key identifier: E7:BC:D9:1B:D4:D6:C2:4D:7A:02:02:70:C3:B2:0E:32:70:CA:C0:F7
Certificate issuer: /CN=daaf17b0015dbb7cd992f26cdff01c4e2620b73e
Certificate serial: 098F7134
Authority key identifier: DA:AF:17:B0:01:5D:BB:7C:D9:92:F2:6C:DF:F0:1C:4E:26:20:B7:3E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2q8XsAFdu3zZkvJs3_AcTiYgtz4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/57zZG9TWwk16AgJww7IOMnDKwPc.roa
Signing time: Sat 01 Jan 2022 05:04:03 +0000
ROA not before: Sat 01 Jan 2022 05:04:03 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 48990
IP address blocks: 78.136.74.0/24 maxlen: 24
78.136.72.0/24 maxlen: 24
78.136.73.0/24 maxlen: 24
78.136.78.0/24 maxlen: 24
88.148.65.0/24 maxlen: 24
94.76.185.0/24 maxlen: 24
84.236.194.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 160395572 (0x98f7134)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=daaf17b0015dbb7cd992f26cdff01c4e2620b73e
Validity
Not Before: Jan 1 05:04:03 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=e7bcd91bd4d6c24d7a020270c3b20e3270cac0f7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:31:0b:63:fe:6d:3e:f8:04:70:72:b8:48:84:
41:8b:22:33:14:5c:60:af:63:20:19:23:fb:69:a4:
b2:3d:e4:86:c9:c0:f0:84:bb:79:c1:c2:10:77:2f:
00:22:3c:47:93:70:eb:e7:19:c9:0d:0e:bc:55:47:
7b:3d:47:a3:f9:48:57:d0:a0:24:9d:8a:de:54:7d:
56:1b:d0:8c:15:0b:b8:7f:ef:22:44:ed:84:53:43:
7e:5f:a8:1c:86:76:1a:11:01:91:51:8a:33:09:47:
f6:77:e2:3e:fa:13:ec:93:e4:9b:cf:88:84:9c:d7:
7c:a4:95:b6:8e:6f:00:63:ee:0c:f5:0c:38:db:64:
8f:57:06:97:ff:12:fe:a0:2f:40:76:db:44:eb:c1:
81:d9:19:29:c8:08:31:e6:8d:87:1b:06:fc:39:c9:
5e:6a:d5:70:d2:f0:c0:d2:af:5c:b3:80:ae:cd:9c:
31:ae:66:e7:ad:12:68:43:d0:fe:1a:e5:d1:0f:96:
fe:a0:9a:a2:de:c9:f3:27:3d:c7:de:a4:64:cb:a5:
a3:d0:3f:f6:2b:17:3d:26:10:de:7d:a5:66:50:0a:
e1:cd:46:67:8f:5d:ac:e8:7d:71:37:c7:b0:90:ca:
df:a5:0c:f2:76:c7:e6:cd:ec:be:d8:f9:a2:59:11:
60:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E7:BC:D9:1B:D4:D6:C2:4D:7A:02:02:70:C3:B2:0E:32:70:CA:C0:F7
X509v3 Authority Key Identifier:
keyid:DA:AF:17:B0:01:5D:BB:7C:D9:92:F2:6C:DF:F0:1C:4E:26:20:B7:3E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2q8XsAFdu3zZkvJs3_AcTiYgtz4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/57zZG9TWwk16AgJww7IOMnDKwPc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/2q8XsAFdu3zZkvJs3_AcTiYgtz4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.136.72.0-78.136.74.255
78.136.78.0/24
84.236.194.0/23
88.148.65.0/24
94.76.185.0/24
Signature Algorithm: sha256WithRSAEncryption
10:e0:89:b6:31:da:65:a7:8b:16:ff:e0:68:66:11:40:dc:0b:
07:3d:27:70:fe:4d:f1:e3:38:82:96:42:20:b5:d9:78:02:09:
b9:c1:ea:4d:c7:9d:e9:e0:e4:20:96:a7:bd:da:b6:ec:2c:75:
92:ce:ab:86:ba:2a:8a:4b:30:72:49:2b:e0:fb:cd:61:27:4a:
20:c4:71:3e:44:18:6f:9e:f1:c9:ab:0f:da:1a:b5:61:ec:b2:
eb:e6:85:bc:7c:87:30:72:04:78:0f:99:69:82:61:c1:90:47:
16:0b:63:83:b1:fe:1c:31:5c:8e:8d:56:8e:17:dd:aa:81:c5:
46:01:18:df:3a:2e:06:9a:42:14:68:ac:77:7e:e8:db:3c:33:
58:fd:cc:81:d4:99:ef:7f:9f:0b:6c:5d:c3:b6:7c:fe:38:54:
59:0f:dc:c8:a0:79:90:55:fa:a9:85:b5:43:41:41:0c:a1:b4:
11:6e:3d:d0:69:87:9c:de:96:07:0d:d2:30:97:9b:e0:02:63:
7b:6e:18:d3:18:6b:31:81:68:21:39:d5:9d:fc:a4:6f:7e:e2:
cc:fd:fa:f2:b9:5c:c9:e3:29:26:07:2e:03:9a:7b:7b:08:10:
e2:12:a9:03:46:41:ea:a2:e5:9a:8c:9b:41:9e:db:60:a7:e6:
cb:bb:de:56
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgIECY9xNDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
YWFmMTdiMDAxNWRiYjdjZDk5MmYyNmNkZmYwMWM0ZTI2MjBiNzNlMB4XDTIyMDEw
MTA1MDQwM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZTdiY2Q5MWJkNGQ2
YzI0ZDdhMDIwMjcwYzNiMjBlMzI3MGNhYzBmNzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAK8xC2P+bT74BHByuEiEQYsiMxRcYK9jIBkj+2mksj3khsnA
8IS7ecHCEHcvACI8R5Nw6+cZyQ0OvFVHez1Ho/lIV9CgJJ2K3lR9VhvQjBULuH/v
IkTthFNDfl+oHIZ2GhEBkVGKMwlH9nfiPvoT7JPkm8+IhJzXfKSVto5vAGPuDPUM
ONtkj1cGl/8S/qAvQHbbROvBgdkZKcgIMeaNhxsG/DnJXmrVcNLwwNKvXLOArs2c
Ma5m560SaEPQ/hrl0Q+W/qCaot7J8yc9x96kZMulo9A/9isXPSYQ3n2lZlAK4c1G
Z49drOh9cTfHsJDK36UM8nbH5s3svtj5olkRYHMCAwEAAaOCAikwggIlMB0GA1Ud
DgQWBBTnvNkb1NbCTXoCAnDDsg4ycMrA9zAfBgNVHSMEGDAWgBTarxewAV27fNmS
8mzf8BxOJiC3PjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzJxOFhzQUZkdTN6Wmt2SnMzX0FjVGlZZ3R6NC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNDUvYzg5NzNjLTNjZmEtNDYwNC04MTEwLWNmMDZkMTk4M2JhMS8x
LzU3elpHOVRXd2sxNkFnSnd3N0lPTW5ES3dQYy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNDUv
Yzg5NzNjLTNjZmEtNDYwNC04MTEwLWNmMDZkMTk4M2JhMS8xLzJxOFhzQUZkdTN6
Wmt2SnMzX0FjVGlZZ3R6NC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA/
BggrBgEFBQcBBwEB/wQwMC4wLAQCAAEwJjAMAwQDTohIAwQATohKAwQATohOAwQB
VOzCAwQAWJRBAwQAXky5MA0GCSqGSIb3DQEBCwUAA4IBAQAQ4Im2Mdplp4sW/+Bo
ZhFA3AsHPSdw/k3x4ziClkIgtdl4Agm5wepNx53p4OQglqe92rbsLHWSzquGuiqK
SzBySSvg+81hJ0ogxHE+RBhvnvHJqw/aGrVh7LLr5oW8fIcwcgR4D5lpgmHBkEcW
C2ODsf4cMVyOjVaOF92qgcVGARjfOi4GmkIUaKx3fujbPDNY/cyB1Jnvf58LbF3D
tnz+OFRZD9zIoHmQVfqphbVDQUEMobQRbj3QaYec3pYHDdIwl5vgAmN7bhjTGGsx
gWghOdWd/KRvfuLM/fryuVzJ4ykmBy4Dmnt7CBDiEqkDRkHqouWajJtBnttgp+bL
u95W
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:51:02 2023 by rpki-client on console-ams.rpki-client.org