Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/6d9359-afef-4535-9c93-f33d3bb36484/1/Kof03yxz71sJVoYoEUiue90k-bU.roa
File: Kof03yxz71sJVoYoEUiue90k-bU.roa (raw, json)
Hash identifier: aYK+ybU3oWVRS1ZAuH9yPzze1IpIZvUG4UvZ5wuQ2rs=
Subject key identifier: 2A:87:F4:DF:2C:73:EF:5B:09:56:86:28:11:48:AE:7B:DD:24:F9:B5
Certificate issuer: /CN=529c273098b52768ca0e44a3a2c16efed4a65ca0
Certificate serial: 0181D4024A172EA89022A930CE8CF3AFF6FC
Authority key identifier: 52:9C:27:30:98:B5:27:68:CA:0E:44:A3:A2:C1:6E:FE:D4:A6:5C:A0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UpwnMJi1J2jKDkSjosFu_tSmXKA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/6d9359-afef-4535-9c93-f33d3bb36484/1/Kof03yxz71sJVoYoEUiue90k-bU.roa
Signing time: Wed 06 Jul 2022 14:55:28 +0000
ROA not before: Wed 06 Jul 2022 14:55:28 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 209372
IP address blocks: 78.136.196.0/22 maxlen: 24
78.136.202.0/23 maxlen: 24
88.204.40.0/23 maxlen: 24
78.136.200.0/23 maxlen: 24
88.204.44.0/23 maxlen: 24
88.204.42.0/23 maxlen: 24
78.136.204.0/24 maxlen: 24
88.204.46.0/23 maxlen: 24
78.136.252.0/23 maxlen: 24
78.136.248.0/23 maxlen: 24
78.136.250.0/23 maxlen: 24
78.136.254.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:81:d4:02:4a:17:2e:a8:90:22:a9:30:ce:8c:f3:af:f6:fc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=529c273098b52768ca0e44a3a2c16efed4a65ca0
Validity
Not Before: Jul 6 14:55:28 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=2a87f4df2c73ef5b095686281148ae7bdd24f9b5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:7f:89:b9:0a:8f:e7:ac:d5:80:7f:45:00:8d:
2c:df:43:7d:27:6d:71:bc:a4:c5:8c:d1:f2:de:41:
6d:1e:96:46:26:a0:cb:71:68:55:45:84:dd:b3:12:
05:7b:3e:00:b7:73:b9:9a:ae:27:69:74:e4:5a:56:
24:6f:71:62:35:ad:59:95:2f:46:83:33:45:76:6e:
05:4a:66:7d:29:cd:22:39:40:6e:f9:15:ae:5a:13:
b0:a1:1d:5b:5f:2e:ef:c4:d2:c6:37:bf:2e:4e:34:
86:2c:a1:46:ff:b2:dd:8f:93:d5:fb:71:43:87:b9:
02:19:cd:dd:98:4a:1d:17:37:a6:3c:16:c2:c1:81:
34:46:9d:d0:27:e7:f8:d4:c9:8c:1a:d0:aa:88:fc:
6b:b4:4e:c4:ed:c7:f5:c3:1d:76:66:98:80:ab:0e:
05:40:d6:15:f2:c5:35:00:40:6b:50:23:55:a3:47:
2e:f9:a4:3b:89:ea:81:a6:cc:85:73:ae:ac:d6:d2:
b2:45:2a:1d:37:8c:f5:07:7a:b0:b1:cb:3c:98:da:
18:60:62:05:94:7a:01:2a:1b:d0:3d:a7:d8:9a:20:
36:9e:79:3d:d4:89:e7:a8:eb:ef:f6:d0:17:96:ce:
81:5a:cb:94:bd:86:8c:e4:be:d2:a4:51:7b:1b:0a:
5f:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:87:F4:DF:2C:73:EF:5B:09:56:86:28:11:48:AE:7B:DD:24:F9:B5
X509v3 Authority Key Identifier:
keyid:52:9C:27:30:98:B5:27:68:CA:0E:44:A3:A2:C1:6E:FE:D4:A6:5C:A0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UpwnMJi1J2jKDkSjosFu_tSmXKA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/6d9359-afef-4535-9c93-f33d3bb36484/1/Kof03yxz71sJVoYoEUiue90k-bU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/6d9359-afef-4535-9c93-f33d3bb36484/1/UpwnMJi1J2jKDkSjosFu_tSmXKA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.136.196.0-78.136.204.255
78.136.248.0-78.136.254.255
88.204.40.0/21
Signature Algorithm: sha256WithRSAEncryption
41:c7:c8:d6:5d:1c:e9:3a:45:91:c4:c7:60:6d:b4:f1:b5:ba:
20:29:54:0b:d5:d0:9e:bf:2b:19:ac:85:0b:64:70:d8:d6:93:
ee:57:dc:64:a5:1c:b0:90:07:11:35:1a:ae:04:fe:c7:fa:8a:
57:bc:b8:6d:74:9b:2e:f2:92:15:3f:96:64:21:0c:78:8b:e1:
23:ad:4c:64:33:ba:1b:dc:30:9b:8b:43:f1:5f:df:ae:29:a7:
8c:05:91:c8:c6:ee:98:22:49:e2:65:1d:d2:cf:05:68:2e:e8:
74:66:27:6f:60:d8:6f:a2:da:ad:bb:b7:dc:c1:6a:a2:4b:12:
76:4a:b2:41:f9:79:63:72:0e:19:9f:f7:6b:f4:49:aa:dd:cb:
c5:9c:53:6a:f0:7e:dc:b8:43:86:99:63:59:6d:d7:7e:56:d1:
ab:81:4f:40:54:f4:72:d6:c2:c7:f3:7f:9a:96:a2:48:84:9e:
1d:0a:5e:46:e2:2d:06:db:38:17:e2:77:c5:09:02:87:fd:38:
1b:e0:19:a9:2b:a3:2c:6c:c3:af:44:c0:f2:f5:03:49:02:c7:
a5:08:e7:56:38:04:f3:47:4d:10:87:24:7a:4d:c7:0a:22:e6:
5d:92:94:43:cd:bf:c3:bd:df:61:fc:f4:7a:68:43:d9:c6:bb:
07:5f:5f:de
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAYHUAkoXLqiQIqkwzozzr/b8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyOWMyNzMwOThiNTI3NjhjYTBlNDRhM2EyYzE2ZWZlZDRh
NjVjYTAwHhcNMjIwNzA2MTQ1NTI4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYTg3ZjRkZjJjNzNlZjViMDk1Njg2MjgxMTQ4YWU3YmRkMjRmOWI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvH+JuQqP56zVgH9FAI0s30N9J21x
vKTFjNHy3kFtHpZGJqDLcWhVRYTdsxIFez4At3O5mq4naXTkWlYkb3FiNa1ZlS9G
gzNFdm4FSmZ9Kc0iOUBu+RWuWhOwoR1bXy7vxNLGN78uTjSGLKFG/7Ldj5PV+3FD
h7kCGc3dmEodFzemPBbCwYE0Rp3QJ+f41MmMGtCqiPxrtE7E7cf1wx12ZpiAqw4F
QNYV8sU1AEBrUCNVo0cu+aQ7ieqBpsyFc66s1tKyRSodN4z1B3qwscs8mNoYYGIF
lHoBKhvQPafYmiA2nnk91InnqOvv9tAXls6BWsuUvYaM5L7SpFF7GwpfhQIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFCqH9N8sc+9bCVaGKBFIrnvdJPm1MB8GA1UdIwQY
MBaAFFKcJzCYtSdoyg5Eo6LBbv7UplygMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVXB3bk1KaTFKMmpLRGtTam9zRnVfdFNtWEtBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS82ZDkzNTktYWZlZi00NTM1LTljOTMt
ZjMzZDNiYjM2NDg0LzEvS29mMDN5eHo3MXNKVm9Zb0VVaXVlOTBrLWJVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS82ZDkzNTktYWZlZi00NTM1LTljOTMtZjMzZDNiYjM2NDg0
LzEvVXB3bk1KaTFKMmpLRGtTam9zRnVfdFNtWEtBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjAoBAIAATAiMAwDBAJOiMQD
BABOiMwwDAMEA06I+AMEAE6I/gMEA1jMKDANBgkqhkiG9w0BAQsFAAOCAQEAQcfI
1l0c6TpFkcTHYG208bW6IClUC9XQnr8rGayFC2Rw2NaT7lfcZKUcsJAHETUargT+
x/qKV7y4bXSbLvKSFT+WZCEMeIvhI61MZDO6G9wwm4tD8V/frimnjAWRyMbumCJJ
4mUd0s8FaC7odGYnb2DYb6Larbu33MFqoksSdkqyQfl5Y3IOGZ/3a/RJqt3LxZxT
avB+3LhDhpljWW3XflbRq4FPQFT0ctbCx/N/mpaiSISeHQpeRuItBts4F+J3xQkC
h/04G+AZqSujLGzDr0TA8vUDSQLHpQjnVjgE80dNEIckek3HCiLmXZKUQ82/w73f
Yfz0emhD2ca7B19f3g==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:59:18 2023 by rpki-client on console-fra.rpki-client.org