Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/6afd1e-cb7e-4e6e-a8a4-e18602739cd5/1/YUaYRZlEOYugx3_V0i5ZNTtAD8E.roa
File: YUaYRZlEOYugx3_V0i5ZNTtAD8E.roa (raw, json)
Hash identifier: cgZM/dI/pM/oWcyhzO6B4ahmPHyxhmTXLdfEDkrA8oE=
Subject key identifier: 61:46:98:45:99:44:39:8B:A0:C7:7F:D5:D2:2E:59:35:3B:40:0F:C1
Certificate issuer: /CN=5853e65a3087b4ca85c8802b60ff0f02b4106d97
Certificate serial: 1C6EE30D
Authority key identifier: 58:53:E6:5A:30:87:B4:CA:85:C8:80:2B:60:FF:0F:02:B4:10:6D:97
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WFPmWjCHtMqFyIArYP8PArQQbZc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/62/6afd1e-cb7e-4e6e-a8a4-e18602739cd5/1/YUaYRZlEOYugx3_V0i5ZNTtAD8E.roa
Signing time: Sat 01 Jan 2022 06:53:18 +0000
ROA not before: Sat 01 Jan 2022 06:53:18 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 31357
IP address blocks: 78.140.0.0/18 maxlen: 18
78.140.0.0/19 maxlen: 19
78.140.4.0/24 maxlen: 24
46.166.253.0/24 maxlen: 24
46.166.254.0/24 maxlen: 24
95.170.96.0/20 maxlen: 20
95.170.96.0/19 maxlen: 19
95.170.104.0/21 maxlen: 21
95.170.120.0/22 maxlen: 22
95.170.120.0/21 maxlen: 21
95.170.124.0/22 maxlen: 22
78.140.48.0/20 maxlen: 20
78.140.58.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 477029133 (0x1c6ee30d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5853e65a3087b4ca85c8802b60ff0f02b4106d97
Validity
Not Before: Jan 1 06:53:18 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=614698459944398ba0c77fd5d22e59353b400fc1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:ad:6a:37:73:b4:13:68:1e:82:a4:87:0e:d8:
b2:f1:1b:14:f9:93:87:33:bf:87:d8:31:a2:1b:69:
22:47:67:50:f9:6d:0c:9b:a2:53:a5:e9:8b:03:43:
cf:1e:cd:0c:ed:19:9b:3e:ee:66:7f:37:7f:8e:8c:
16:4f:18:f7:77:8d:71:41:6e:bf:6f:62:b7:e7:c3:
6a:65:4a:7f:ef:7a:53:68:9f:0b:ad:51:dd:57:38:
df:88:45:3f:0e:9a:82:9c:23:6e:74:62:2e:fb:83:
5f:9c:00:25:80:4f:20:35:9e:7f:b2:bf:11:95:d1:
7e:42:5a:3e:38:86:46:3e:24:48:97:8f:59:6a:07:
32:db:b5:c8:66:63:12:6e:20:a6:af:da:f9:24:0f:
32:39:6b:f5:45:3c:b0:f7:63:ba:1a:04:4a:45:e2:
b4:26:fe:65:3d:9d:39:f9:9a:d1:bf:d9:9b:2c:b6:
ce:7d:fd:5c:39:ab:fd:e3:8f:0f:89:f1:7b:4c:f0:
e0:e6:81:66:10:91:35:ad:a3:25:20:b4:27:4e:75:
6f:f9:d5:1f:68:e6:5b:97:97:69:f9:2a:df:1c:a2:
bf:78:04:a9:ba:6c:45:3a:96:ec:f9:ef:9d:cb:95:
83:00:a4:2b:89:78:e7:78:b9:b2:22:b6:01:bf:ce:
cc:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:46:98:45:99:44:39:8B:A0:C7:7F:D5:D2:2E:59:35:3B:40:0F:C1
X509v3 Authority Key Identifier:
keyid:58:53:E6:5A:30:87:B4:CA:85:C8:80:2B:60:FF:0F:02:B4:10:6D:97
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WFPmWjCHtMqFyIArYP8PArQQbZc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/6afd1e-cb7e-4e6e-a8a4-e18602739cd5/1/YUaYRZlEOYugx3_V0i5ZNTtAD8E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/62/6afd1e-cb7e-4e6e-a8a4-e18602739cd5/1/WFPmWjCHtMqFyIArYP8PArQQbZc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.166.253.0-46.166.254.255
78.140.0.0/18
95.170.96.0/19
Signature Algorithm: sha256WithRSAEncryption
99:1d:8b:23:61:d1:84:d9:70:38:d9:30:ac:99:6e:ba:ec:3c:
ff:68:5b:7e:b7:5e:9a:f4:f3:d1:61:ad:76:32:82:8e:fc:92:
23:f7:48:a4:a4:ee:6a:3c:40:b9:aa:f7:67:01:3c:6a:c4:34:
4f:79:a5:d9:cd:36:0d:f5:ed:21:73:9a:e0:1d:f7:81:e1:3e:
4a:fe:74:e6:e6:d4:a7:9c:62:6e:79:bb:7c:25:21:75:72:62:
68:9b:0e:68:8e:fd:85:95:6f:02:00:77:46:68:a9:1f:f9:80:
e4:eb:16:94:13:f1:d8:51:a5:ae:3d:e9:ce:f6:91:6c:99:84:
44:e4:e9:ba:82:54:41:5d:ae:6d:c4:a3:7c:4c:17:32:78:bf:
ab:77:01:27:ff:8b:50:a5:64:f5:34:49:61:30:35:d0:90:fa:
57:23:60:05:0d:62:5b:95:60:97:1b:0a:00:ce:fa:1e:72:bc:
85:a7:2a:24:51:12:90:4c:cf:8e:c6:d8:b5:20:92:47:4f:4e:
59:f7:1c:3f:3b:40:3e:8a:ad:0a:8a:c2:34:e8:92:ac:76:f0:
a4:c8:35:0e:b3:05:65:56:83:83:f5:5e:c3:7e:34:29:30:40:
e2:ab:8d:2a:3c:10:83:51:f4:ad:6f:08:d1:e0:4e:e5:96:ab:
31:ba:0e:78
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgIEHG7jDTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg1
ODUzZTY1YTMwODdiNGNhODVjODgwMmI2MGZmMGYwMmI0MTA2ZDk3MB4XDTIyMDEw
MTA2NTMxOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNjE0Njk4NDU5OTQ0
Mzk4YmEwYzc3ZmQ1ZDIyZTU5MzUzYjQwMGZjMTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAK+tajdztBNoHoKkhw7YsvEbFPmThzO/h9gxohtpIkdnUPlt
DJuiU6XpiwNDzx7NDO0Zmz7uZn83f46MFk8Y93eNcUFuv29it+fDamVKf+96U2if
C61R3Vc434hFPw6agpwjbnRiLvuDX5wAJYBPIDWef7K/EZXRfkJaPjiGRj4kSJeP
WWoHMtu1yGZjEm4gpq/a+SQPMjlr9UU8sPdjuhoESkXitCb+ZT2dOfma0b/Zmyy2
zn39XDmr/eOPD4nxe0zw4OaBZhCRNa2jJSC0J051b/nVH2jmW5eXafkq3xyiv3gE
qbpsRTqW7PnvncuVgwCkK4l453i5siK2Ab/OzCMCAwEAAaOCAh0wggIZMB0GA1Ud
DgQWBBRhRphFmUQ5i6DHf9XSLlk1O0APwTAfBgNVHSMEGDAWgBRYU+ZaMIe0yoXI
gCtg/w8CtBBtlzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1dGUG1XakNIdE1xRnlJQXJZUDhQQXJRUWJaYy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNjIvNmFmZDFlLWNiN2UtNGU2ZS1hOGE0LWUxODYwMjczOWNkNS8x
L1lVYVlSWmxFT1l1Z3gzX1YwaTVaTlR0QUQ4RS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNjIv
NmFmZDFlLWNiN2UtNGU2ZS1hOGE0LWUxODYwMjczOWNkNS8xL1dGUG1XakNIdE1x
RnlJQXJZUDhQQXJRUWJaYy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAz
BggrBgEFBQcBBwEB/wQkMCIwIAQCAAEwGjAMAwQALqb9AwQALqb+AwQGTowAAwQF
X6pgMA0GCSqGSIb3DQEBCwUAA4IBAQCZHYsjYdGE2XA42TCsmW667Dz/aFt+t16a
9PPRYa12MoKO/JIj90ikpO5qPEC5qvdnATxqxDRPeaXZzTYN9e0hc5rgHfeB4T5K
/nTm5tSnnGJuebt8JSF1cmJomw5ojv2FlW8CAHdGaKkf+YDk6xaUE/HYUaWuPenO
9pFsmYRE5Om6glRBXa5txKN8TBcyeL+rdwEn/4tQpWT1NElhMDXQkPpXI2AFDWJb
lWCXGwoAzvoecryFpyokURKQTM+Oxti1IJJHT05Z9xw/O0A+iq0KisI06JKsdvCk
yDUOswVlVoOD9V7DfjQpMEDiq40qPBCDUfStbwjR4E7llqsxug54
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:00:43 2023 by rpki-client on console-ams.rpki-client.org