Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/6d9359-afef-4535-9c93-f33d3bb36484/1/aEZbO2u8aTPX0aY3b3TnRI0fhYM.roa
File: aEZbO2u8aTPX0aY3b3TnRI0fhYM.roa (raw, json)
Hash identifier: KhMdaW7QGEo/Psq8F0MuBWUUU9mR+v40G8pQXg4fQ5k=
Subject key identifier: 68:46:5B:3B:6B:BC:69:33:D7:D1:A6:37:6F:74:E7:44:8D:1F:85:83
Certificate issuer: /CN=529c273098b52768ca0e44a3a2c16efed4a65ca0
Certificate serial: 34C1FC0C
Authority key identifier: 52:9C:27:30:98:B5:27:68:CA:0E:44:A3:A2:C1:6E:FE:D4:A6:5C:A0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UpwnMJi1J2jKDkSjosFu_tSmXKA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/6d9359-afef-4535-9c93-f33d3bb36484/1/aEZbO2u8aTPX0aY3b3TnRI0fhYM.roa
Signing time: Thu 10 Mar 2022 12:02:55 +0000
ROA not before: Thu 10 Mar 2022 12:02:55 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 207710
IP address blocks: 78.136.204.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 885128204 (0x34c1fc0c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=529c273098b52768ca0e44a3a2c16efed4a65ca0
Validity
Not Before: Mar 10 12:02:55 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=68465b3b6bbc6933d7d1a6376f74e7448d1f8583
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:da:a0:cb:0c:e9:c7:ed:f1:9d:b2:c1:4e:44:
7a:54:cf:2a:05:40:c4:d2:b9:f2:bd:d9:9b:15:9f:
73:10:a7:04:6f:7d:be:75:79:e3:f0:32:35:8f:03:
12:04:2f:05:62:81:4a:bc:53:ce:1c:2d:4b:a9:9f:
9a:93:c3:7a:fc:d1:99:f3:35:11:c2:52:4d:f3:f3:
a8:23:be:52:dc:b5:b2:d9:1e:13:37:0b:f7:6a:bc:
1a:e1:c1:96:ed:b9:65:dd:96:c2:57:0b:7f:c2:f2:
1c:79:45:1f:47:23:81:ac:79:f0:11:c3:7e:0b:31:
85:45:69:16:f4:12:79:fe:bd:1c:ce:25:ff:1e:00:
76:90:e1:65:32:0c:fc:cc:99:a6:0c:54:74:74:2e:
f8:29:3e:c0:20:3b:3a:ce:21:ba:15:ed:13:20:d7:
fc:5f:1a:40:3d:7a:12:1d:ea:be:bd:25:04:2b:e0:
db:8c:11:2d:19:59:53:d9:97:14:50:db:f5:1f:4c:
3d:d3:36:86:11:60:4a:49:2f:28:c4:3b:61:1b:0d:
81:50:f3:55:3a:96:3b:e2:84:04:d8:76:38:ac:2f:
a2:8c:a8:28:c5:06:49:f0:97:45:36:cc:0c:ee:a2:
c5:d6:54:07:0d:b9:9f:9f:70:2b:ff:07:b7:9c:de:
2b:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:46:5B:3B:6B:BC:69:33:D7:D1:A6:37:6F:74:E7:44:8D:1F:85:83
X509v3 Authority Key Identifier:
keyid:52:9C:27:30:98:B5:27:68:CA:0E:44:A3:A2:C1:6E:FE:D4:A6:5C:A0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UpwnMJi1J2jKDkSjosFu_tSmXKA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/6d9359-afef-4535-9c93-f33d3bb36484/1/aEZbO2u8aTPX0aY3b3TnRI0fhYM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/6d9359-afef-4535-9c93-f33d3bb36484/1/UpwnMJi1J2jKDkSjosFu_tSmXKA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.136.204.0/22
Signature Algorithm: sha256WithRSAEncryption
21:53:d3:8f:8f:2d:c7:73:86:64:34:7a:fd:cf:96:01:5f:82:
00:f2:41:ff:ae:4e:84:27:2b:ee:83:61:ac:a6:21:1c:85:da:
d9:d3:f6:a8:46:5c:ea:82:ff:51:25:64:c8:b8:df:10:59:1d:
a9:ad:56:69:3d:7e:1f:77:11:36:5d:b5:5b:23:87:0a:16:22:
d7:e5:43:1d:59:a7:c9:bb:52:59:ea:9f:94:7b:a5:cf:86:5e:
9c:c2:24:d2:a5:1c:bf:7d:c1:49:c2:5c:a0:6a:2b:bd:3d:db:
6d:3e:90:fa:ed:d6:2b:06:f6:26:a3:ba:c8:d9:42:d9:cc:6d:
96:fb:e3:3a:44:95:e2:ce:20:86:c2:af:16:11:c6:98:8e:61:
66:5e:a3:20:6f:aa:5c:73:7c:49:9b:d4:03:d0:b8:4e:d5:f7:
49:b3:5f:ed:42:01:96:39:0d:b9:ce:86:c0:18:c8:0b:63:da:
bd:5b:02:a1:bf:70:a1:75:b4:11:19:84:3f:bd:af:51:68:6e:
cd:f6:f7:40:80:ce:da:93:ba:72:77:4f:da:17:f8:b9:9c:79:
b9:87:b9:0e:f9:49:a0:93:dd:2b:52:7c:a1:ea:36:2b:57:a8:
a9:f7:f7:e7:d4:5f:36:ec:56:8d:59:af:3f:3f:31:70:b5:36:
c7:12:1f:38
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIENMH8DDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg1
MjljMjczMDk4YjUyNzY4Y2EwZTQ0YTNhMmMxNmVmZWQ0YTY1Y2EwMB4XDTIyMDMx
MDEyMDI1NVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNjg0NjViM2I2YmJj
NjkzM2Q3ZDFhNjM3NmY3NGU3NDQ4ZDFmODU4MzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKraoMsM6cft8Z2ywU5EelTPKgVAxNK58r3ZmxWfcxCnBG99
vnV54/AyNY8DEgQvBWKBSrxTzhwtS6mfmpPDevzRmfM1EcJSTfPzqCO+Uty1stke
EzcL92q8GuHBlu25Zd2WwlcLf8LyHHlFH0cjgax58BHDfgsxhUVpFvQSef69HM4l
/x4AdpDhZTIM/MyZpgxUdHQu+Ck+wCA7Os4huhXtEyDX/F8aQD16Eh3qvr0lBCvg
24wRLRlZU9mXFFDb9R9MPdM2hhFgSkkvKMQ7YRsNgVDzVTqWO+KEBNh2OKwvooyo
KMUGSfCXRTbMDO6ixdZUBw25n59wK/8Ht5zeK+sCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRoRls7a7xpM9fRpjdvdOdEjR+FgzAfBgNVHSMEGDAWgBRSnCcwmLUnaMoO
RKOiwW7+1KZcoDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1Vwd25NSmkxSjJqS0RrU2pvc0Z1X3RTbVhLQS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOGUvNmQ5MzU5LWFmZWYtNDUzNS05YzkzLWYzM2QzYmIzNjQ4NC8x
L2FFWmJPMnU4YVRQWDBhWTNiM1RuUkkwZmhZTS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOGUv
NmQ5MzU5LWFmZWYtNDUzNS05YzkzLWYzM2QzYmIzNjQ4NC8xL1Vwd25NSmkxSjJq
S0RrU2pvc0Z1X3RTbVhLQS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAk6IzDANBgkqhkiG9w0BAQsFAAOC
AQEAIVPTj48tx3OGZDR6/c+WAV+CAPJB/65OhCcr7oNhrKYhHIXa2dP2qEZc6oL/
USVkyLjfEFkdqa1WaT1+H3cRNl21WyOHChYi1+VDHVmnybtSWeqflHulz4ZenMIk
0qUcv33BScJcoGorvT3bbT6Q+u3WKwb2JqO6yNlC2cxtlvvjOkSV4s4ghsKvFhHG
mI5hZl6jIG+qXHN8SZvUA9C4TtX3SbNf7UIBljkNuc6GwBjIC2PavVsCob9woXW0
ERmEP72vUWhuzfb3QIDO2pO6cndP2hf4uZx5uYe5DvlJoJPdK1J8oeo2K1eoqff3
59RfNuxWjVmvPz8xcLU2xxIfOA==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:03:07 2023 by rpki-client on console-ams.rpki-client.org