Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/c16f55-b44d-40c3-9dac-cc2fafe3a8b4/1/e_urBygPxpqQdMJkJb3WT0Cg-78.roa
File: e_urBygPxpqQdMJkJb3WT0Cg-78.roa (raw, json)
Hash identifier: EKBRwj3yzXRUJeDxArPx55TpcDlfoQEQp5RpZiiCKec=
Subject key identifier: 7B:FB:AB:07:28:0F:C6:9A:90:74:C2:64:25:BD:D6:4F:40:A0:FB:BF
Certificate issuer: /CN=5b698c4b612afee2cbb1cdd509e4f0246fbb80e1
Certificate serial: 1120322E
Authority key identifier: 5B:69:8C:4B:61:2A:FE:E2:CB:B1:CD:D5:09:E4:F0:24:6F:BB:80:E1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/W2mMS2Eq_uLLsc3VCeTwJG-7gOE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/c16f55-b44d-40c3-9dac-cc2fafe3a8b4/1/e_urBygPxpqQdMJkJb3WT0Cg-78.roa
Signing time: Sat 01 Jan 2022 14:04:47 +0000
ROA not before: Sat 01 Jan 2022 14:04:47 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 204650
IP address blocks: 78.158.166.0/24 maxlen: 24
78.158.178.0/24 maxlen: 24
78.158.177.0/24 maxlen: 24
78.158.173.0/24 maxlen: 24
78.158.184.0/24 maxlen: 24
78.158.182.0/24 maxlen: 24
78.158.183.0/24 maxlen: 24
78.158.190.0/24 maxlen: 24
78.158.189.0/24 maxlen: 24
78.158.187.0/24 maxlen: 24
185.190.20.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 287322670 (0x1120322e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5b698c4b612afee2cbb1cdd509e4f0246fbb80e1
Validity
Not Before: Jan 1 14:04:47 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=7bfbab07280fc69a9074c26425bdd64f40a0fbbf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:06:b2:3e:c2:5d:7a:03:fb:e1:35:2d:50:2f:
c2:94:f2:89:90:2a:56:f8:e8:01:0d:8c:3d:9e:af:
18:53:29:b4:3f:69:1c:99:79:5a:a9:db:1d:f4:74:
8a:25:30:42:bf:61:d3:55:04:ab:3d:9e:c1:5b:ec:
b5:6c:54:06:a5:c5:75:df:5b:0f:77:d7:94:e6:9e:
4d:70:dd:e7:a4:63:72:f3:4d:77:7b:81:e8:63:75:
c4:c1:bf:c2:e0:ed:ba:01:41:79:4c:d2:c8:ab:1b:
68:41:13:35:28:bc:5d:a5:c5:69:02:be:31:8e:0c:
bc:ba:1c:3b:5e:ec:13:87:10:cb:dc:ac:01:da:e6:
bc:27:c0:52:ad:03:74:c4:f3:f7:e2:2a:46:dd:c1:
dc:45:3a:3a:b8:b0:a8:c2:c5:41:b1:7b:bc:00:b9:
55:89:04:48:38:c1:4c:18:f7:b0:1d:fa:dc:bb:d7:
01:80:1b:ef:dc:8f:31:68:47:1c:10:6b:34:66:50:
c1:2c:63:8e:ca:9e:8f:9a:b1:79:04:e2:7d:a3:1d:
37:0e:47:c0:cd:81:54:c6:52:b0:11:fc:0e:f2:2f:
9c:7e:7b:2e:d5:3a:8b:72:f3:49:bf:8c:47:71:92:
05:42:fa:d4:6c:89:ac:d1:90:04:df:87:35:2d:c8:
06:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7B:FB:AB:07:28:0F:C6:9A:90:74:C2:64:25:BD:D6:4F:40:A0:FB:BF
X509v3 Authority Key Identifier:
keyid:5B:69:8C:4B:61:2A:FE:E2:CB:B1:CD:D5:09:E4:F0:24:6F:BB:80:E1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/W2mMS2Eq_uLLsc3VCeTwJG-7gOE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/c16f55-b44d-40c3-9dac-cc2fafe3a8b4/1/e_urBygPxpqQdMJkJb3WT0Cg-78.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/c16f55-b44d-40c3-9dac-cc2fafe3a8b4/1/W2mMS2Eq_uLLsc3VCeTwJG-7gOE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.158.166.0/24
78.158.173.0/24
78.158.177.0-78.158.178.255
78.158.182.0-78.158.184.255
78.158.187.0/24
78.158.189.0-78.158.190.255
185.190.20.0/22
Signature Algorithm: sha256WithRSAEncryption
1c:a1:ad:ef:d6:90:58:5d:30:a6:db:df:7e:cb:b8:a0:61:a7:
cb:76:3c:ea:98:c4:b2:39:e3:6d:fa:c0:a7:65:b4:8f:a5:5b:
80:2d:ff:34:75:0a:d3:08:38:0e:de:1d:ee:9d:ea:ce:b1:93:
3f:bc:cc:ef:f3:75:04:2b:4d:0e:4b:9f:e0:d7:8f:1a:66:ef:
7c:9c:3a:cd:85:e0:14:84:ac:94:3a:f6:71:d2:c5:4c:dd:5c:
87:56:9d:d0:40:8f:67:3d:bb:5f:d8:72:22:12:30:d2:b2:1c:
40:83:50:b9:20:4e:25:86:b4:42:b3:4f:6e:6f:75:0c:a0:eb:
91:d6:c2:47:21:0f:7d:ab:c0:88:c2:12:df:1c:8a:9d:0c:06:
6e:53:cd:04:7b:cf:38:37:ef:97:05:91:b0:b4:20:64:33:27:
df:fb:66:d0:0d:f1:bb:99:7e:1a:24:61:e5:d3:d8:eb:2c:3d:
71:ef:99:42:c2:ef:ff:3a:3c:26:32:2f:63:be:9e:ba:9e:6a:
e7:9d:8d:54:14:52:17:f2:3c:28:85:6d:cb:f0:0e:7f:8a:18:
0e:d8:21:8d:7c:b4:54:85:f4:29:59:06:58:43:b2:db:54:93:
0a:bd:96:08:97:6e:18:5a:90:0c:7a:69:43:e4:8f:9a:c4:35:
2a:bc:45:15
-----BEGIN CERTIFICATE-----
MIIFKzCCBBOgAwIBAgIEESAyLjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg1
YjY5OGM0YjYxMmFmZWUyY2JiMWNkZDUwOWU0ZjAyNDZmYmI4MGUxMB4XDTIyMDEw
MTE0MDQ0N1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoN2JmYmFiMDcyODBm
YzY5YTkwNzRjMjY0MjViZGQ2NGY0MGEwZmJiZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAK8Gsj7CXXoD++E1LVAvwpTyiZAqVvjoAQ2MPZ6vGFMptD9p
HJl5WqnbHfR0iiUwQr9h01UEqz2ewVvstWxUBqXFdd9bD3fXlOaeTXDd56RjcvNN
d3uB6GN1xMG/wuDtugFBeUzSyKsbaEETNSi8XaXFaQK+MY4MvLocO17sE4cQy9ys
AdrmvCfAUq0DdMTz9+IqRt3B3EU6OriwqMLFQbF7vAC5VYkESDjBTBj3sB363LvX
AYAb79yPMWhHHBBrNGZQwSxjjsqej5qxeQTifaMdNw5HwM2BVMZSsBH8DvIvnH57
LtU6i3LzSb+MR3GSBUL61GyJrNGQBN+HNS3IBucCAwEAAaOCAkUwggJBMB0GA1Ud
DgQWBBR7+6sHKA/GmpB0wmQlvdZPQKD7vzAfBgNVHSMEGDAWgBRbaYxLYSr+4sux
zdUJ5PAkb7uA4TAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1cybU1TMkVxX3VMTHNjM1ZDZVR3SkctN2dPRS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNjUvYzE2ZjU1LWI0NGQtNDBjMy05ZGFjLWNjMmZhZmUzYThiNC8x
L2VfdXJCeWdQeHBxUWRNSmtKYjNXVDBDZy03OC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNjUv
YzE2ZjU1LWI0NGQtNDBjMy05ZGFjLWNjMmZhZmUzYThiNC8xL1cybU1TMkVxX3VM
THNjM1ZDZVR3SkctN2dPRS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBb
BggrBgEFBQcBBwEB/wRMMEowSAQCAAEwQgMEAE6epgMEAE6erTAMAwQATp6xAwQA
Tp6yMAwDBAFOnrYDBABOnrgDBABOnrswDAMEAE6evQMEAE6evgMEArm+FDANBgkq
hkiG9w0BAQsFAAOCAQEAHKGt79aQWF0wptvffsu4oGGny3Y86pjEsjnjbfrAp2W0
j6VbgC3/NHUK0wg4Dt4d7p3qzrGTP7zM7/N1BCtNDkuf4NePGmbvfJw6zYXgFISs
lDr2cdLFTN1ch1ad0ECPZz27X9hyIhIw0rIcQINQuSBOJYa0QrNPbm91DKDrkdbC
RyEPfavAiMIS3xyKnQwGblPNBHvPODfvlwWRsLQgZDMn3/tm0A3xu5l+GiRh5dPY
6yw9ce+ZQsLv/zo8JjIvY76eup5q552NVBRSF/I8KIVty/AOf4oYDtghjXy0VIX0
KVkGWEOy21STCr2WCJduGFqQDHppQ+SPmsQ1KrxFFQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:33:02 2024 by rpki-client on console-fra.rpki-client.org