Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/c16f55-b44d-40c3-9dac-cc2fafe3a8b4/1/n0jH0YUPT9PbMbAgJFuUDUDO1Hk.roa
File: n0jH0YUPT9PbMbAgJFuUDUDO1Hk.roa (raw, json)
Hash identifier: u7FlhuEvH/yVBWKVuy9W+kmRxSOqeT/qHkSiru2o6Iw=
Subject key identifier: 9F:48:C7:D1:85:0F:4F:D3:DB:31:B0:20:24:5B:94:0D:40:CE:D4:79
Certificate issuer: /CN=5b698c4b612afee2cbb1cdd509e4f0246fbb80e1
Certificate serial: 01848507FD1D65B58C77E30A76A5915ACEFF
Authority key identifier: 5B:69:8C:4B:61:2A:FE:E2:CB:B1:CD:D5:09:E4:F0:24:6F:BB:80:E1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/W2mMS2Eq_uLLsc3VCeTwJG-7gOE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/c16f55-b44d-40c3-9dac-cc2fafe3a8b4/1/n0jH0YUPT9PbMbAgJFuUDUDO1Hk.roa
Signing time: Thu 17 Nov 2022 10:00:04 +0000
ROA not before: Thu 17 Nov 2022 10:00:04 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 43343
IP address blocks: 78.158.169.0/24 maxlen: 24
78.158.179.0/24 maxlen: 24
213.195.16.0/22 maxlen: 24
213.195.20.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:85:07:fd:1d:65:b5:8c:77:e3:0a:76:a5:91:5a:ce:ff
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5b698c4b612afee2cbb1cdd509e4f0246fbb80e1
Validity
Not Before: Nov 17 10:00:04 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=9f48c7d1850f4fd3db31b020245b940d40ced479
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:a7:53:5c:1c:38:8f:48:74:58:20:19:ff:88:
23:96:12:a9:86:e3:93:5a:7c:10:cf:e0:91:04:a8:
bc:01:40:6e:a8:13:a9:1a:35:be:06:a7:1f:d8:60:
63:f6:7a:40:91:ab:9d:8e:cb:50:92:24:b8:5a:29:
09:5d:60:b0:05:09:d0:70:1a:42:83:d6:07:b1:ee:
0c:c4:0a:0b:e2:dd:b0:8a:8d:a3:97:13:04:fc:b4:
a0:3e:d5:76:26:3f:1f:54:de:41:d0:19:69:67:89:
fd:ee:38:1b:d1:8e:fb:93:3b:56:11:55:fb:54:01:
64:bf:b9:7c:f8:b2:e9:54:e6:c9:a1:ad:f0:27:08:
21:a8:0f:a9:b5:57:10:c5:cb:c5:05:4a:3f:1d:bc:
85:0e:d7:63:3d:45:a5:9b:b7:25:dc:e5:52:58:d7:
48:f7:b3:38:0c:9f:26:27:fe:fc:93:6e:65:2b:8d:
a3:53:9c:8d:31:38:cd:5e:f4:0a:94:a2:19:a5:c8:
f5:1e:d3:fd:4d:22:0a:b3:d1:38:90:64:bf:83:f7:
2e:1a:33:84:92:c9:15:6d:85:58:65:eb:44:c9:14:
63:bc:8d:bb:c2:2c:a8:05:05:13:ac:66:56:1a:e1:
19:eb:48:1c:36:eb:64:a3:e5:26:e5:49:10:b7:28:
54:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:48:C7:D1:85:0F:4F:D3:DB:31:B0:20:24:5B:94:0D:40:CE:D4:79
X509v3 Authority Key Identifier:
keyid:5B:69:8C:4B:61:2A:FE:E2:CB:B1:CD:D5:09:E4:F0:24:6F:BB:80:E1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/W2mMS2Eq_uLLsc3VCeTwJG-7gOE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/c16f55-b44d-40c3-9dac-cc2fafe3a8b4/1/n0jH0YUPT9PbMbAgJFuUDUDO1Hk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/c16f55-b44d-40c3-9dac-cc2fafe3a8b4/1/W2mMS2Eq_uLLsc3VCeTwJG-7gOE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.158.169.0/24
78.158.179.0/24
213.195.16.0-213.195.20.255
Signature Algorithm: sha256WithRSAEncryption
20:b8:5e:e8:22:c4:79:96:28:01:8b:ca:e9:b0:78:9b:e2:a5:
17:fc:e4:0f:f4:dc:53:b6:26:cb:a1:1a:47:dc:bf:6b:9e:a0:
2c:be:f2:6e:48:fe:91:87:be:9d:67:aa:30:6b:b8:6e:48:2e:
05:5b:32:00:bd:44:8a:88:40:af:78:ac:93:07:bc:c9:70:4c:
09:a2:1e:e3:ed:6d:aa:95:c2:68:33:05:4d:37:43:5d:5c:4f:
18:6e:f1:dc:c7:d4:57:27:67:dc:61:97:03:3e:d1:b8:8e:21:
4a:ec:5e:a0:09:b0:7f:d9:2a:72:33:51:c5:83:f0:53:3b:be:
ea:28:6e:47:d8:a1:31:5f:91:f2:07:cb:1b:45:9a:dc:7c:a7:
8b:19:7e:29:7c:7d:a8:f3:5d:03:25:e1:7a:fe:77:ff:c8:a2:
39:5f:26:3d:7f:83:e7:d2:72:be:0d:14:b9:ac:c1:a4:95:f1:
eb:4f:3e:3e:c5:ff:69:14:92:95:22:b1:d4:d3:e8:cd:ea:bf:
c4:7e:64:07:dd:e6:75:c9:34:47:70:12:4a:26:0f:45:3a:7f:
c1:9c:7b:95:e0:31:6c:12:cd:84:d8:6f:bb:14:98:42:ad:cd:
80:a7:9f:f2:f2:5f:ce:b4:7f:b9:b1:9d:8a:e1:cf:d7:49:a1:
ca:42:8e:cb
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYSFB/0dZbWMd+MKdqWRWs7/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDViNjk4YzRiNjEyYWZlZTJjYmIxY2RkNTA5ZTRmMDI0NmZi
YjgwZTEwHhcNMjIxMTE3MTAwMDA0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZjQ4YzdkMTg1MGY0ZmQzZGIzMWIwMjAyNDViOTQwZDQwY2VkNDc5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiKdTXBw4j0h0WCAZ/4gjlhKphuOT
WnwQz+CRBKi8AUBuqBOpGjW+Bqcf2GBj9npAkaudjstQkiS4WikJXWCwBQnQcBpC
g9YHse4MxAoL4t2wio2jlxME/LSgPtV2Jj8fVN5B0BlpZ4n97jgb0Y77kztWEVX7
VAFkv7l8+LLpVObJoa3wJwghqA+ptVcQxcvFBUo/HbyFDtdjPUWlm7cl3OVSWNdI
97M4DJ8mJ/78k25lK42jU5yNMTjNXvQKlKIZpcj1HtP9TSIKs9E4kGS/g/cuGjOE
kskVbYVYZetEyRRjvI27wiyoBQUTrGZWGuEZ60gcNutko+Um5UkQtyhUtwIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFJ9Ix9GFD0/T2zGwICRblA1AztR5MB8GA1UdIwQY
MBaAFFtpjEthKv7iy7HN1Qnk8CRvu4DhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVzJtTVMyRXFfdUxMc2MzVkNlVHdKRy03Z09FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS9jMTZmNTUtYjQ0ZC00MGMzLTlkYWMt
Y2MyZmFmZTNhOGI0LzEvbjBqSDBZVVBUOVBiTWJBZ0pGdVVEVURPMUhrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS9jMTZmNTUtYjQ0ZC00MGMzLTlkYWMtY2MyZmFmZTNhOGI0
LzEvVzJtTVMyRXFfdUxMc2MzVkNlVHdKRy03Z09FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQATp6pAwQA
Tp6zMAwDBATVwxADBADVwxQwDQYJKoZIhvcNAQELBQADggEBACC4XugixHmWKAGL
yumweJvipRf85A/03FO2JsuhGkfcv2ueoCy+8m5I/pGHvp1nqjBruG5ILgVbMgC9
RIqIQK94rJMHvMlwTAmiHuPtbaqVwmgzBU03Q11cTxhu8dzH1FcnZ9xhlwM+0biO
IUrsXqAJsH/ZKnIzUcWD8FM7vuoobkfYoTFfkfIHyxtFmtx8p4sZfil8fajzXQMl
4Xr+d//IojlfJj1/g+fScr4NFLmswaSV8etPPj7F/2kUkpUisdTT6M3qv8R+ZAfd
5nXJNEdwEkomD0U6f8Gce5XgMWwSzYTYb7sUmEKtzYCnn/LyX860f7mxnYrhz9dJ
ocpCjss=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:15:06 2024 by rpki-client on console-ams.rpki-client.org