Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4d/c8092e-9f8c-4718-b770-c29b44de53a8/1/CGsjyHubf1JwTeosxnrofW7UYew.roa
File: CGsjyHubf1JwTeosxnrofW7UYew.roa (raw, json)
Hash identifier: 66dwAPZFOcuYxeuWFHViPb5SP/wIH+zghQYVwxSDgwI=
Subject key identifier: 08:6B:23:C8:7B:9B:7F:52:70:4D:EA:2C:C6:7A:E8:7D:6E:D4:61:EC
Certificate issuer: /CN=5d39d15bd2fcc84771ba6aa29aa54428b21cef60
Certificate serial: 018389F354B5FEC01B52FBC492F545632449
Authority key identifier: 5D:39:D1:5B:D2:FC:C8:47:71:BA:6A:A2:9A:A5:44:28:B2:1C:EF:60
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XTnRW9L8yEdxumqimqVEKLIc72A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4d/c8092e-9f8c-4718-b770-c29b44de53a8/1/CGsjyHubf1JwTeosxnrofW7UYew.roa
Signing time: Thu 29 Sep 2022 15:52:48 +0000
ROA not before: Thu 29 Sep 2022 15:52:48 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 42908
IP address blocks: 80.78.136.0/22 maxlen: 22
188.119.96.0/22 maxlen: 22
80.79.0.0/22 maxlen: 22
94.241.64.0/18 maxlen: 18
78.136.128.0/18 maxlen: 18
2a07:cc80::/29 maxlen: 29
2a0c:8b40::/29 maxlen: 29
2a03:7a00::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:89:f3:54:b5:fe:c0:1b:52:fb:c4:92:f5:45:63:24:49
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5d39d15bd2fcc84771ba6aa29aa54428b21cef60
Validity
Not Before: Sep 29 15:52:48 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=086b23c87b9b7f52704dea2cc67ae87d6ed461ec
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:6d:bd:b5:35:89:48:3c:22:b0:b4:60:bb:a2:
9f:07:71:b9:a1:79:78:6c:c1:b3:5a:a1:c4:68:05:
f2:db:c6:b2:9e:26:20:e4:04:95:c8:b0:af:87:69:
5c:55:b6:b7:f4:bc:29:25:93:f7:28:19:0e:2f:54:
ca:bb:a2:d7:af:04:91:06:2d:d3:7a:9a:c2:d2:a6:
06:e8:76:4a:8b:d7:e6:6b:1e:6a:55:7d:66:1e:18:
ae:43:90:93:f0:44:d4:77:a2:19:7a:8a:9a:78:dc:
3e:88:40:ba:93:cf:65:8f:1e:40:94:00:7e:d2:10:
61:63:bc:e9:a9:c1:7c:36:d7:28:64:40:cd:41:ed:
80:3f:03:e7:45:85:59:7a:55:25:ad:dc:6b:2b:31:
11:cd:4f:39:f2:2c:ea:a7:66:af:cd:a7:aa:de:09:
78:32:85:10:03:f9:53:84:df:93:07:d6:6b:92:e7:
cb:dc:96:61:8a:f7:b0:be:51:87:ba:13:8a:ae:f7:
34:f7:ae:c4:76:ff:e0:57:69:c5:1c:13:e1:25:a1:
d8:df:56:da:87:11:d1:67:28:84:8e:43:26:1b:8f:
d5:ef:07:12:d3:d2:57:7e:ad:1e:bf:2d:79:6c:e7:
c8:09:c1:4f:49:bd:ec:c4:9c:19:64:74:6f:97:ac:
03:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:6B:23:C8:7B:9B:7F:52:70:4D:EA:2C:C6:7A:E8:7D:6E:D4:61:EC
X509v3 Authority Key Identifier:
keyid:5D:39:D1:5B:D2:FC:C8:47:71:BA:6A:A2:9A:A5:44:28:B2:1C:EF:60
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XTnRW9L8yEdxumqimqVEKLIc72A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/c8092e-9f8c-4718-b770-c29b44de53a8/1/CGsjyHubf1JwTeosxnrofW7UYew.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/c8092e-9f8c-4718-b770-c29b44de53a8/1/XTnRW9L8yEdxumqimqVEKLIc72A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.136.128.0/18
80.78.136.0/22
80.79.0.0/22
94.241.64.0/18
188.119.96.0/22
IPv6:
2a03:7a00::/32
2a07:cc80::/29
2a0c:8b40::/29
Signature Algorithm: sha256WithRSAEncryption
60:8e:88:93:7d:74:34:1e:f4:95:cc:94:2f:82:eb:bc:be:4d:
2a:41:6a:4e:2c:77:dc:82:25:99:4a:6d:40:e3:47:99:f3:46:
45:44:59:c8:b0:96:82:52:8f:f9:08:92:ea:d3:48:7f:b8:00:
b7:b1:fa:58:e7:b2:c2:8a:ee:06:e0:97:32:7f:86:5e:9a:f3:
47:1a:5b:25:16:ea:b5:c8:e4:a6:5d:7a:e6:38:a7:40:63:5e:
d4:68:4c:f2:c2:92:dd:ad:5a:35:90:d7:9b:6d:a3:bd:9e:fb:
3a:07:42:87:cb:27:4e:c0:16:4d:21:87:6d:f7:0e:6c:8b:c0:
47:19:ab:3e:c3:63:07:d3:8c:d0:d7:00:91:92:0c:59:25:13:
be:d1:50:87:5f:7c:89:83:79:f8:90:a3:72:af:0c:2b:c6:de:
b9:85:bd:15:bc:fc:46:d1:14:83:ad:e1:03:79:44:3c:fb:73:
ce:26:4f:ec:e9:bf:8c:bc:da:23:ce:72:58:28:8d:73:ad:6f:
54:dc:6e:9d:f4:fa:1e:8d:e3:3c:79:b1:64:7c:98:e9:8e:e9:
25:ce:d6:60:17:2e:5e:20:f6:2d:1b:b8:e6:ef:aa:39:5f:1d:
96:29:6b:af:8a:f8:c0:cd:2a:4c:74:df:d9:fe:a9:aa:03:6d:
8b:86:19:ad
-----BEGIN CERTIFICATE-----
MIIFMjCCBBqgAwIBAgISAYOJ81S1/sAbUvvEkvVFYyRJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkMzlkMTViZDJmY2M4NDc3MWJhNmFhMjlhYTU0NDI4YjIx
Y2VmNjAwHhcNMjIwOTI5MTU1MjQ4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwODZiMjNjODdiOWI3ZjUyNzA0ZGVhMmNjNjdhZTg3ZDZlZDQ2MWVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnW29tTWJSDwisLRgu6KfB3G5oXl4
bMGzWqHEaAXy28ayniYg5ASVyLCvh2lcVba39LwpJZP3KBkOL1TKu6LXrwSRBi3T
eprC0qYG6HZKi9fmax5qVX1mHhiuQ5CT8ETUd6IZeoqaeNw+iEC6k89ljx5AlAB+
0hBhY7zpqcF8NtcoZEDNQe2APwPnRYVZelUlrdxrKzERzU858izqp2avzaeq3gl4
MoUQA/lThN+TB9ZrkufL3JZhivewvlGHuhOKrvc0967Edv/gV2nFHBPhJaHY31ba
hxHRZyiEjkMmG4/V7wcS09JXfq0evy15bOfICcFPSb3sxJwZZHRvl6wDvwIDAQAB
o4ICPjCCAjowHQYDVR0OBBYEFAhrI8h7m39ScE3qLMZ66H1u1GHsMB8GA1UdIwQY
MBaAFF050VvS/MhHcbpqopqlRCiyHO9gMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWFRuUlc5TDh5RWR4dW1xaW1xVkVLTEljNzJBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZC9jODA5MmUtOWY4Yy00NzE4LWI3NzAt
YzI5YjQ0ZGU1M2E4LzEvQ0dzanlIdWJmMUp3VGVvc3hucm9mVzdVWWV3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZC9jODA5MmUtOWY4Yy00NzE4LWI3NzAtYzI5YjQ0ZGU1M2E4
LzEvWFRuUlc5TDh5RWR4dW1xaW1xVkVLTEljNzJBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFQGCCsGAQUFBwEHAQH/BEUwQzAkBAIAATAeAwQGToiAAwQC
UE6IAwQCUE8AAwQGXvFAAwQCvHdgMBsEAgACMBUDBQAqA3oAAwUDKgfMgAMFAyoM
i0AwDQYJKoZIhvcNAQELBQADggEBAGCOiJN9dDQe9JXMlC+C67y+TSpBak4sd9yC
JZlKbUDjR5nzRkVEWciwloJSj/kIkurTSH+4ALex+ljnssKK7gbglzJ/hl6a80ca
WyUW6rXI5KZdeuY4p0BjXtRoTPLCkt2tWjWQ15tto72e+zoHQofLJ07AFk0hh233
DmyLwEcZqz7DYwfTjNDXAJGSDFklE77RUIdffImDefiQo3KvDCvG3rmFvRW8/EbR
FIOt4QN5RDz7c84mT+zpv4y82iPOclgojXOtb1Tcbp30+h6N4zx5sWR8mOmO6SXO
1mAXLl4g9i0buObvqjlfHZYpa6+K+MDNKkx039n+qaoDbYuGGa0=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:28:48 2024 by rpki-client on console-fra.rpki-client.org