Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/6d9359-afef-4535-9c93-f33d3bb36484/1/1-bkejI8i76SuieIMaVvNsHeEF1Y.roa
File: 1-bkejI8i76SuieIMaVvNsHeEF1Y.roa (raw, json)
Hash identifier: WAqTRZFKsWluS/biwcZZnE3FnTt3g8koaCD4PI+TQKA=
Subject key identifier: F9:B9:1E:8C:8F:22:EF:A4:AE:89:E2:0C:69:5B:CD:B0:77:84:17:56
Certificate issuer: /CN=529c273098b52768ca0e44a3a2c16efed4a65ca0
Certificate serial: 35CBE128
Authority key identifier: 52:9C:27:30:98:B5:27:68:CA:0E:44:A3:A2:C1:6E:FE:D4:A6:5C:A0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UpwnMJi1J2jKDkSjosFu_tSmXKA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/6d9359-afef-4535-9c93-f33d3bb36484/1/1-bkejI8i76SuieIMaVvNsHeEF1Y.roa
Signing time: Tue 05 Jul 2022 08:40:25 +0000
ROA not before: Tue 05 Jul 2022 08:40:25 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 1239
IP address blocks: 78.136.204.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 902553896 (0x35cbe128)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=529c273098b52768ca0e44a3a2c16efed4a65ca0
Validity
Not Before: Jul 5 08:40:25 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=f9b91e8c8f22efa4ae89e20c695bcdb077841756
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:7a:49:92:be:e1:d2:e0:de:ac:c1:d5:a1:1a:
6c:b9:b6:9a:2b:4e:cb:2e:5a:e4:db:1e:f4:46:db:
20:0b:40:af:43:92:ec:5f:40:f6:26:4d:77:a5:31:
fd:2f:89:eb:6f:2d:9b:cf:ab:2a:1e:7e:8b:a3:bd:
f0:f7:b5:91:ae:d1:24:40:22:ad:fb:d6:af:39:2b:
42:6e:85:6f:dd:92:09:f0:bc:8a:51:a8:76:db:1a:
fe:2c:0c:68:43:61:d0:a7:49:ba:11:2b:ae:ca:cd:
b2:35:76:f1:59:6c:79:13:a9:02:8c:76:1c:02:06:
81:e5:2f:55:63:77:29:e6:ac:1e:f0:92:01:3e:e1:
81:28:9f:42:ba:84:79:fb:39:50:ef:0b:92:b4:18:
f7:2c:2b:d6:b0:9d:af:b9:f4:9f:7f:5c:de:d3:24:
6c:4f:80:4b:68:ab:45:13:c7:2a:5c:1f:8d:47:24:
21:0a:c9:00:4b:fb:17:1f:84:c9:06:4c:3f:07:52:
1f:79:7e:bf:39:a8:05:7e:4e:75:28:d4:12:8e:39:
b8:ce:bf:df:8b:c7:35:6d:24:c0:bc:c0:2e:c4:71:
43:15:b4:dc:d2:e3:ab:db:89:c1:c4:23:ea:8c:d0:
a0:61:d0:d0:9e:1b:cd:01:05:65:5e:3c:b4:8e:bd:
74:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:B9:1E:8C:8F:22:EF:A4:AE:89:E2:0C:69:5B:CD:B0:77:84:17:56
X509v3 Authority Key Identifier:
keyid:52:9C:27:30:98:B5:27:68:CA:0E:44:A3:A2:C1:6E:FE:D4:A6:5C:A0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UpwnMJi1J2jKDkSjosFu_tSmXKA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/6d9359-afef-4535-9c93-f33d3bb36484/1/1-bkejI8i76SuieIMaVvNsHeEF1Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/6d9359-afef-4535-9c93-f33d3bb36484/1/UpwnMJi1J2jKDkSjosFu_tSmXKA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.136.204.0/22
Signature Algorithm: sha256WithRSAEncryption
11:91:c1:ea:28:00:ce:f5:61:f3:da:fc:e7:00:9d:69:0f:73:
2f:6b:bd:27:2e:1c:a1:7a:9e:79:f6:12:c8:47:c1:a6:5e:52:
33:fe:47:a7:41:7c:0e:f6:37:08:b4:c2:02:59:55:09:36:20:
66:9c:40:34:b8:87:9c:11:7c:c0:87:71:d4:fa:a1:95:33:5a:
60:32:a1:05:1f:88:9c:eb:2e:d8:38:c6:a1:1d:b4:76:8c:9a:
52:de:b7:fd:ce:d7:c8:7e:c1:61:b2:ed:ed:cd:a2:41:f0:be:
72:06:f3:db:f5:a8:37:85:3c:0e:de:39:b1:f5:f7:6f:3d:12:
00:a6:9a:10:da:9c:37:31:bd:53:fe:2c:93:cb:0b:06:65:27:
2b:28:1e:ca:02:6a:a1:46:a3:6f:3a:2f:03:8b:0e:34:6d:ee:
60:65:8f:87:c2:e3:b7:2a:de:f6:de:b9:d0:6e:35:00:92:85:
97:97:01:ae:6a:e7:ce:bb:43:cb:e8:4c:34:1b:7c:23:9b:01:
a2:74:ec:8a:2e:26:0a:bb:76:9c:8d:4b:4f:ee:4e:13:da:4d:
6b:1a:97:c3:50:8d:7e:37:89:81:71:69:08:e8:11:f8:5f:74:
02:03:7c:3c:08:44:a7:e8:84:ca:d9:38:2a:e5:4e:e2:16:44:
42:a6:72:aa
-----BEGIN CERTIFICATE-----
MIIE8DCCA9igAwIBAgIENcvhKDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg1
MjljMjczMDk4YjUyNzY4Y2EwZTQ0YTNhMmMxNmVmZWQ0YTY1Y2EwMB4XDTIyMDcw
NTA4NDAyNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZjliOTFlOGM4ZjIy
ZWZhNGFlODllMjBjNjk1YmNkYjA3Nzg0MTc1NjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAL56SZK+4dLg3qzB1aEabLm2mitOyy5a5Nse9EbbIAtAr0OS
7F9A9iZNd6Ux/S+J628tm8+rKh5+i6O98Pe1ka7RJEAirfvWrzkrQm6Fb92SCfC8
ilGodtsa/iwMaENh0KdJuhErrsrNsjV28VlseROpAox2HAIGgeUvVWN3KeasHvCS
AT7hgSifQrqEefs5UO8LkrQY9ywr1rCdr7n0n39c3tMkbE+AS2irRRPHKlwfjUck
IQrJAEv7Fx+EyQZMPwdSH3l+vzmoBX5OdSjUEo45uM6/34vHNW0kwLzALsRxQxW0
3NLjq9uJwcQj6ozQoGHQ0J4bzQEFZV48tI69dKsCAwEAAaOCAgowggIGMB0GA1Ud
DgQWBBT5uR6MjyLvpK6J4gxpW82wd4QXVjAfBgNVHSMEGDAWgBRSnCcwmLUnaMoO
RKOiwW7+1KZcoDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1Vwd25NSmkxSjJqS0RrU2pvc0Z1X3RTbVhLQS5jZXIwgY4GCCsGAQUFBwELBIGB
MH8wfQYIKwYBBQUHMAuGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOGUvNmQ5MzU5LWFmZWYtNDUzNS05YzkzLWYzM2QzYmIzNjQ4NC8x
LzEtYmtlakk4aTc2U3VpZUlNYVZ2TnNIZUVGMVkucm9hMIGBBgNVHR8EejB4MHag
dKByhnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzhl
LzZkOTM1OS1hZmVmLTQ1MzUtOWM5My1mMzNkM2JiMzY0ODQvMS9VcHduTUppMUoy
aktEa1Nqb3NGdV90U21YS0EuY3JsMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIw
HwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAJOiMwwDQYJKoZIhvcNAQELBQAD
ggEBABGRweooAM71YfPa/OcAnWkPcy9rvScuHKF6nnn2EshHwaZeUjP+R6dBfA72
Nwi0wgJZVQk2IGacQDS4h5wRfMCHcdT6oZUzWmAyoQUfiJzrLtg4xqEdtHaMmlLe
t/3O18h+wWGy7e3NokHwvnIG89v1qDeFPA7eObH19289EgCmmhDanDcxvVP+LJPL
CwZlJysoHsoCaqFGo286LwOLDjRt7mBlj4fC47cq3vbeudBuNQCShZeXAa5q5867
Q8voTDQbfCObAaJ07IouJgq7dpyNS0/uThPaTWsal8NQjX43iYFxaQjoEfhfdAID
fDwIRKfohMrZOCrlTuIWREKmcqo=
-----END CERTIFICATE-----