Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/2da1ec-aa4b-4d94-98cb-a776e4a63e6f/1/z78-igkE2rwSyx_knT69tbl_ME8.roa
File: z78-igkE2rwSyx_knT69tbl_ME8.roa (raw, json)
Hash identifier: CtwV/aSzVR7EUJapJcU/yQM5d6TltP1MKAoSaVwEbos=
Subject key identifier: CF:BF:3E:8A:09:04:DA:BC:12:CB:1F:E4:9D:3E:BD:B5:B9:7F:30:4F
Certificate issuer: /CN=afa51165aa5036acda11fee0020e34fcc439ede6
Certificate serial: 0183A3159BC20773CA33236F2837B9487933
Authority key identifier: AF:A5:11:65:AA:50:36:AC:DA:11:FE:E0:02:0E:34:FC:C4:39:ED:E6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/r6URZapQNqzaEf7gAg40_MQ57eY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/2da1ec-aa4b-4d94-98cb-a776e4a63e6f/1/z78-igkE2rwSyx_knT69tbl_ME8.roa
Signing time: Tue 04 Oct 2022 13:00:45 +0000
ROA not before: Tue 04 Oct 2022 13:00:45 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 25504
IP address blocks: 185.90.232.0/22 maxlen: 24
151.252.48.0/20 maxlen: 24
158.58.144.0/21 maxlen: 24
94.102.208.0/20 maxlen: 24
2a00:19e0::/29 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:a3:15:9b:c2:07:73:ca:33:23:6f:28:37:b9:48:79:33
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=afa51165aa5036acda11fee0020e34fcc439ede6
Validity
Not Before: Oct 4 13:00:45 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=cfbf3e8a0904dabc12cb1fe49d3ebdb5b97f304f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:de:84:99:39:93:ca:5c:86:85:a8:2a:bd:f6:
39:2a:44:39:5e:5c:2d:b0:e5:5f:28:67:ea:a8:84:
19:56:9a:2b:f2:bf:14:ff:86:f4:eb:9b:9d:e9:24:
25:17:91:26:d5:4a:52:45:78:ec:c8:ed:49:a2:5b:
49:c3:c7:86:75:9e:90:40:77:63:1c:8a:02:25:35:
1b:53:38:33:fd:db:e9:e0:61:c8:fa:ba:48:d9:26:
d6:ac:f6:dc:dd:0c:be:d0:58:ea:88:83:46:26:e8:
4d:e1:5f:59:f6:01:f0:aa:43:94:ca:88:ea:ad:2e:
7c:94:d6:ca:f9:f3:d2:81:bf:c5:5f:6b:15:86:22:
98:0e:aa:cc:bd:a3:0b:1f:e1:de:5d:0a:f0:dd:dd:
a9:1f:5d:40:9b:e8:69:4a:2d:43:7d:c5:e8:a2:87:
79:0f:8f:ad:2a:d8:1c:37:de:71:a8:40:5b:0b:62:
0a:85:91:db:93:1e:c5:8d:8d:6d:46:01:0f:33:5c:
12:16:58:f8:44:f1:4a:fe:b8:23:60:05:b1:20:fa:
b9:10:a3:dc:a0:0a:e6:86:e0:e1:c9:6e:94:55:ef:
c2:3e:1b:e0:5d:f7:57:4a:83:04:d9:fb:06:c4:af:
d8:80:55:45:49:08:09:36:de:a4:af:ee:cc:d6:80:
0c:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:BF:3E:8A:09:04:DA:BC:12:CB:1F:E4:9D:3E:BD:B5:B9:7F:30:4F
X509v3 Authority Key Identifier:
keyid:AF:A5:11:65:AA:50:36:AC:DA:11:FE:E0:02:0E:34:FC:C4:39:ED:E6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/r6URZapQNqzaEf7gAg40_MQ57eY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/2da1ec-aa4b-4d94-98cb-a776e4a63e6f/1/z78-igkE2rwSyx_knT69tbl_ME8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/2da1ec-aa4b-4d94-98cb-a776e4a63e6f/1/r6URZapQNqzaEf7gAg40_MQ57eY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.102.208.0/20
151.252.48.0/20
158.58.144.0/21
185.90.232.0/22
IPv6:
2a00:19e0::/29
Signature Algorithm: sha256WithRSAEncryption
9f:5f:c2:c4:bc:8d:a7:d8:9c:e2:95:20:4b:60:f4:b3:61:32:
2e:35:3b:97:04:8d:8a:87:69:c1:95:12:5f:4a:f0:d1:21:48:
3f:5c:d0:53:45:42:28:f5:42:d1:2a:52:c9:20:c4:c4:86:89:
79:de:df:b0:c2:a3:b0:60:df:3c:d1:e4:99:0b:2f:bc:25:0b:
b9:63:73:ef:c6:f5:8d:36:d5:57:79:e1:d2:9d:07:12:3b:e9:
63:3d:3f:32:fd:80:ee:cf:d6:d2:d2:fd:a6:e9:35:08:73:b2:
aa:49:11:85:69:06:1e:b1:05:b9:be:ee:37:f6:fe:be:07:cf:
4a:d0:c1:81:b5:13:b5:11:ca:70:74:c1:5a:1f:08:2e:e1:ed:
0a:f0:46:8a:ef:bc:99:46:95:ce:15:8f:56:1f:99:60:35:25:
7d:fb:fc:01:8e:f2:c8:a6:06:1e:52:dd:49:13:a9:a9:79:bb:
35:d2:ba:df:d0:c6:4f:44:04:f2:ac:f4:22:f4:7c:7c:b7:04:
84:bd:e0:69:b3:61:57:cb:71:0e:ea:67:e0:33:53:96:e8:de:
59:71:2e:8e:af:19:25:04:55:0b:81:19:f1:0b:fb:db:8d:19:
1d:c4:4d:38:95:7b:9f:98:f4:00:87:90:50:82:1c:a9:1c:e1:
01:13:ef:67
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYOjFZvCB3PKMyNvKDe5SHkzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFmYTUxMTY1YWE1MDM2YWNkYTExZmVlMDAyMGUzNGZjYzQz
OWVkZTYwHhcNMjIxMDA0MTMwMDQ1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZmJmM2U4YTA5MDRkYWJjMTJjYjFmZTQ5ZDNlYmRiNWI5N2YzMDRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5t6EmTmTylyGhagqvfY5KkQ5Xlwt
sOVfKGfqqIQZVpor8r8U/4b065ud6SQlF5Em1UpSRXjsyO1JoltJw8eGdZ6QQHdj
HIoCJTUbUzgz/dvp4GHI+rpI2SbWrPbc3Qy+0FjqiINGJuhN4V9Z9gHwqkOUyojq
rS58lNbK+fPSgb/FX2sVhiKYDqrMvaMLH+HeXQrw3d2pH11Am+hpSi1DfcXoood5
D4+tKtgcN95xqEBbC2IKhZHbkx7FjY1tRgEPM1wSFlj4RPFK/rgjYAWxIPq5EKPc
oArmhuDhyW6UVe/CPhvgXfdXSoME2fsGxK/YgFVFSQgJNt6kr+7M1oAM6QIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFM+/PooJBNq8Essf5J0+vbW5fzBPMB8GA1UdIwQY
MBaAFK+lEWWqUDas2hH+4AIONPzEOe3mMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcjZVUlphcFFOcXphRWY3Z0FnNDBfTVE1N2VZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC8yZGExZWMtYWE0Yi00ZDk0LTk4Y2It
YTc3NmU0YTYzZTZmLzEvejc4LWlna0UycndTeXhfa25UNjl0YmxfTUU4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC8yZGExZWMtYWE0Yi00ZDk0LTk4Y2ItYTc3NmU0YTYzZTZm
LzEvcjZVUlphcFFOcXphRWY3Z0FnNDBfTVE1N2VZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQEXmbQAwQE
l/wwAwQDnjqQAwQCuVroMA0EAgACMAcDBQMqABngMA0GCSqGSIb3DQEBCwUAA4IB
AQCfX8LEvI2n2JzilSBLYPSzYTIuNTuXBI2Kh2nBlRJfSvDRIUg/XNBTRUIo9ULR
KlLJIMTEhol53t+wwqOwYN880eSZCy+8JQu5Y3PvxvWNNtVXeeHSnQcSO+ljPT8y
/YDuz9bS0v2m6TUIc7KqSRGFaQYesQW5vu439v6+B89K0MGBtRO1EcpwdMFaHwgu
4e0K8EaK77yZRpXOFY9WH5lgNSV9+/wBjvLIpgYeUt1JE6mpebs10rrf0MZPRATy
rPQi9Hx8twSEveBps2FXy3EO6mfgM1OW6N5ZcS6OrxklBFULgRnxC/vbjRkdxE04
lXufmPQAh5BQghypHOEBE+9n
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:35:34 2024 by rpki-client on console-fra.rpki-client.org