Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/79/bbcd53-c4f8-4245-bb90-00a154b8ecb1/1/EP9lMnCSCuMDcj6jEWBSTpdSRYc.roa
File: EP9lMnCSCuMDcj6jEWBSTpdSRYc.roa (raw, json)
Hash identifier: qW4xDb/PVadbcM2JjyOtDyjWgB5P6SgVr7Ubv+EgR7Y=
Subject key identifier: 10:FF:65:32:70:92:0A:E3:03:72:3E:A3:11:60:52:4E:97:52:45:87
Certificate issuer: /CN=73e157b2918cadca8a5a9fbc66e977608a6df5e1
Certificate serial: 0185075DE8D9EBBB829F302FF2E31A1748B5
Authority key identifier: 73:E1:57:B2:91:8C:AD:CA:8A:5A:9F:BC:66:E9:77:60:8A:6D:F5:E1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/c-FXspGMrcqKWp-8Zul3YIpt9eE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/79/bbcd53-c4f8-4245-bb90-00a154b8ecb1/1/EP9lMnCSCuMDcj6jEWBSTpdSRYc.roa
Signing time: Mon 12 Dec 2022 17:24:32 +0000
ROA not before: Mon 12 Dec 2022 17:24:32 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 14618
IP address blocks: 178.21.144.0/24 maxlen: 24
178.21.145.0/24 maxlen: 24
178.21.147.0/24 maxlen: 24
178.21.146.0/24 maxlen: 24
2a02:2c0::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:07:5d:e8:d9:eb:bb:82:9f:30:2f:f2:e3:1a:17:48:b5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=73e157b2918cadca8a5a9fbc66e977608a6df5e1
Validity
Not Before: Dec 12 17:24:32 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=10ff653270920ae303723ea31160524e97524587
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:bd:df:d1:17:e2:90:0d:0a:27:99:c7:8f:b0:
59:9f:9c:2a:f5:bb:5b:6d:81:57:ce:2d:f2:47:be:
ca:c4:b5:71:13:93:0c:94:3f:48:72:3b:a1:d1:21:
96:b5:f9:9e:1a:2c:d0:93:54:8c:c5:b4:d8:47:d4:
b6:5b:34:65:27:e5:7a:f5:23:8c:0a:3a:dc:ef:5c:
82:3a:bc:1d:97:04:db:58:23:ce:c8:90:55:f4:bd:
07:4e:aa:23:ff:7d:84:e1:c3:67:63:81:73:0f:f5:
61:f7:9e:27:b3:28:b8:0a:dc:9a:71:6e:29:8e:ed:
eb:9b:25:05:c5:f6:68:37:c1:00:e4:49:d5:04:1b:
9a:1e:27:bd:2b:9f:8a:2c:ec:3c:37:1e:9c:fc:df:
f1:9d:7b:1b:27:aa:93:bf:26:98:e5:6a:81:81:91:
71:65:62:6d:78:25:37:b7:88:55:33:b5:90:a1:9e:
f8:9b:f3:ed:c7:a0:66:ee:2a:dc:ac:45:c9:8f:60:
4c:ae:ef:09:a6:3a:a9:5b:76:f3:b0:67:77:24:01:
8c:52:47:00:b9:42:a5:90:83:de:53:4d:4c:ab:85:
12:84:8b:31:28:05:d6:cb:0e:e1:95:76:49:3c:df:
da:a8:08:c9:45:43:e6:55:05:26:45:96:cf:df:c1:
94:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
10:FF:65:32:70:92:0A:E3:03:72:3E:A3:11:60:52:4E:97:52:45:87
X509v3 Authority Key Identifier:
keyid:73:E1:57:B2:91:8C:AD:CA:8A:5A:9F:BC:66:E9:77:60:8A:6D:F5:E1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/c-FXspGMrcqKWp-8Zul3YIpt9eE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/79/bbcd53-c4f8-4245-bb90-00a154b8ecb1/1/EP9lMnCSCuMDcj6jEWBSTpdSRYc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/79/bbcd53-c4f8-4245-bb90-00a154b8ecb1/1/c-FXspGMrcqKWp-8Zul3YIpt9eE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.21.144.0/22
IPv6:
2a02:2c0::/48
Signature Algorithm: sha256WithRSAEncryption
7c:47:6b:ec:e2:3c:91:6a:f0:94:bf:c3:9e:c6:55:30:22:28:
13:61:16:bb:63:7d:b3:ce:5e:13:af:3d:9d:d1:1c:31:88:31:
8f:d0:4c:7c:4f:64:ab:2a:87:2a:7e:0a:6c:44:1b:67:7e:90:
46:4e:b9:9a:42:40:d6:b3:d6:84:1a:7b:c0:49:54:18:c6:e2:
eb:59:8a:db:2a:e9:87:1f:ba:ee:39:58:46:37:e4:c3:8c:d7:
8b:a6:0c:ed:d2:3d:83:99:3a:c9:8d:60:e1:88:e4:7a:92:46:
da:14:bf:66:fc:25:6e:ff:14:39:60:19:c1:cd:18:42:65:53:
6f:06:b7:76:a7:8d:c8:e7:63:15:de:93:06:a6:e9:16:c4:32:
35:a5:10:24:b0:48:1b:6a:af:d4:f4:5e:71:9b:38:8c:ef:f5:
fd:1c:88:43:41:a6:7a:c2:3a:f9:b1:5d:82:7a:ff:1b:08:a3:
6c:9e:80:ba:48:84:0e:26:30:63:78:5e:31:22:d9:fb:e0:66:
22:35:92:e1:b3:82:d3:a5:5c:7c:4e:f2:d0:d7:af:e7:f3:7e:
05:39:d5:d6:74:2a:31:af:74:ca:08:79:78:35:aa:03:59:f8:
cd:29:c8:02:21:57:57:93:af:96:3e:6b:64:d9:8c:cf:14:5d:
16:e2:02:89
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYUHXejZ67uCnzAv8uMaF0i1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDczZTE1N2IyOTE4Y2FkY2E4YTVhOWZiYzY2ZTk3NzYwOGE2
ZGY1ZTEwHhcNMjIxMjEyMTcyNDMyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMGZmNjUzMjcwOTIwYWUzMDM3MjNlYTMxMTYwNTI0ZTk3NTI0NTg3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0L3f0RfikA0KJ5nHj7BZn5wq9btb
bYFXzi3yR77KxLVxE5MMlD9Icjuh0SGWtfmeGizQk1SMxbTYR9S2WzRlJ+V69SOM
Cjrc71yCOrwdlwTbWCPOyJBV9L0HTqoj/32E4cNnY4FzD/Vh954nsyi4CtyacW4p
ju3rmyUFxfZoN8EA5EnVBBuaHie9K5+KLOw8Nx6c/N/xnXsbJ6qTvyaY5WqBgZFx
ZWJteCU3t4hVM7WQoZ74m/Ptx6Bm7ircrEXJj2BMru8JpjqpW3bzsGd3JAGMUkcA
uUKlkIPeU01Mq4UShIsxKAXWyw7hlXZJPN/aqAjJRUPmVQUmRZbP38GUjwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFBD/ZTJwkgrjA3I+oxFgUk6XUkWHMB8GA1UdIwQY
MBaAFHPhV7KRjK3KilqfvGbpd2CKbfXhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYy1GWHNwR01yY3FLV3AtOFp1bDNZSXB0OWVFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OS9iYmNkNTMtYzRmOC00MjQ1LWJiOTAt
MDBhMTU0YjhlY2IxLzEvRVA5bE1uQ1NDdU1EY2o2akVXQlNUcGRTUlljLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OS9iYmNkNTMtYzRmOC00MjQ1LWJiOTAtMDBhMTU0YjhlY2Ix
LzEvYy1GWHNwR01yY3FLV3AtOFp1bDNZSXB0OWVFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQCshWQMA8E
AgACMAkDBwAqAgLAAAAwDQYJKoZIhvcNAQELBQADggEBAHxHa+ziPJFq8JS/w57G
VTAiKBNhFrtjfbPOXhOvPZ3RHDGIMY/QTHxPZKsqhyp+CmxEG2d+kEZOuZpCQNaz
1oQae8BJVBjG4utZitsq6Ycfuu45WEY35MOM14umDO3SPYOZOsmNYOGI5HqSRtoU
v2b8JW7/FDlgGcHNGEJlU28Gt3anjcjnYxXekwam6RbEMjWlECSwSBtqr9T0XnGb
OIzv9f0ciENBpnrCOvmxXYJ6/xsIo2yegLpIhA4mMGN4XjEi2fvgZiI1kuGzgtOl
XHxO8tDXr+fzfgU51dZ0KjGvdMoIeXg1qgNZ+M0pyAIhV1eTr5Y+a2TZjM8UXRbi
Aok=
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:01:51 2023 by rpki-client on console-ams.rpki-client.org