Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/6d9359-afef-4535-9c93-f33d3bb36484/1/kfkPnhh7kDb7t5ZVRe1oSAyVEZM.roa
File: kfkPnhh7kDb7t5ZVRe1oSAyVEZM.roa (raw, json)
Hash identifier: pwa5WUBt77o74MEQW7pGQ/jWBRknn0Q+Fn5gZy0bwWc=
Subject key identifier: 91:F9:0F:9E:18:7B:90:36:FB:B7:96:55:45:ED:68:48:0C:95:11:93
Certificate issuer: /CN=529c273098b52768ca0e44a3a2c16efed4a65ca0
Certificate serial: 01837C6837E76F9C326A1FC6ED23255FEE2B
Authority key identifier: 52:9C:27:30:98:B5:27:68:CA:0E:44:A3:A2:C1:6E:FE:D4:A6:5C:A0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UpwnMJi1J2jKDkSjosFu_tSmXKA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/6d9359-afef-4535-9c93-f33d3bb36484/1/kfkPnhh7kDb7t5ZVRe1oSAyVEZM.roa
Signing time: Tue 27 Sep 2022 00:45:48 +0000
ROA not before: Tue 27 Sep 2022 00:45:48 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 62240
IP address blocks: 78.136.196.0/22 maxlen: 24
78.136.202.0/23 maxlen: 24
88.204.40.0/23 maxlen: 24
78.136.200.0/23 maxlen: 24
88.204.44.0/23 maxlen: 24
78.136.204.0/22 maxlen: 24
88.204.42.0/23 maxlen: 24
88.204.46.0/23 maxlen: 24
83.172.60.0/24 maxlen: 24
83.172.63.0/24 maxlen: 24
78.136.250.0/23 maxlen: 24
78.136.248.0/23 maxlen: 24
78.136.252.0/23 maxlen: 24
78.136.254.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:7c:68:37:e7:6f:9c:32:6a:1f:c6:ed:23:25:5f:ee:2b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=529c273098b52768ca0e44a3a2c16efed4a65ca0
Validity
Not Before: Sep 27 00:45:48 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=91f90f9e187b9036fbb7965545ed68480c951193
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:40:77:aa:83:7d:c2:3c:86:c1:0e:ef:77:79:
4f:8c:c1:4a:34:ac:62:20:de:0e:ba:c0:c2:21:50:
33:1a:df:ae:5f:40:1d:71:b9:9f:34:52:84:a6:da:
5b:c7:72:15:88:66:8e:6b:ae:71:4a:ed:4d:da:48:
39:94:c7:88:47:5d:66:03:4e:6f:40:b6:46:10:7b:
dc:1f:4d:eb:13:29:03:3b:63:c0:f7:12:9e:f0:71:
6b:ec:2e:df:4a:7a:1f:5a:d7:f6:95:ad:5e:2d:af:
97:29:10:48:bb:06:76:80:a3:18:1e:86:1d:c7:d9:
de:ee:f0:e6:b3:cb:b5:2c:58:15:df:8a:70:2c:31:
60:42:ec:02:43:e7:a8:b8:1a:9f:a9:32:b5:5c:2b:
eb:4f:cf:13:6f:8b:03:2f:74:cd:0e:27:2c:bf:99:
16:27:37:0d:d5:72:e9:88:5a:1d:14:73:c8:d3:c5:
60:7a:66:45:b6:54:35:03:7d:cc:09:d4:5e:28:40:
9a:e7:b4:6b:ac:b9:a4:67:dd:e2:e8:f4:8f:39:aa:
de:e2:69:81:c9:7c:8d:0f:51:3c:ff:87:26:bd:76:
2c:6e:39:e4:35:d5:7c:9d:ce:c0:86:d6:11:4f:cc:
0a:f8:07:c6:2f:4c:c2:db:eb:87:a9:3e:5c:dd:ba:
ce:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:F9:0F:9E:18:7B:90:36:FB:B7:96:55:45:ED:68:48:0C:95:11:93
X509v3 Authority Key Identifier:
keyid:52:9C:27:30:98:B5:27:68:CA:0E:44:A3:A2:C1:6E:FE:D4:A6:5C:A0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UpwnMJi1J2jKDkSjosFu_tSmXKA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/6d9359-afef-4535-9c93-f33d3bb36484/1/kfkPnhh7kDb7t5ZVRe1oSAyVEZM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/6d9359-afef-4535-9c93-f33d3bb36484/1/UpwnMJi1J2jKDkSjosFu_tSmXKA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.136.196.0-78.136.207.255
78.136.248.0-78.136.254.255
83.172.60.0/24
83.172.63.0/24
88.204.40.0/21
Signature Algorithm: sha256WithRSAEncryption
04:70:2a:3d:2d:bd:5c:e2:12:3e:e7:80:a4:1c:f8:ff:b3:c0:
ce:56:82:60:22:aa:18:95:80:20:30:25:5e:13:6e:b0:94:5c:
27:ed:82:3b:f9:d2:97:fa:43:a0:43:59:8f:e2:98:05:b5:ae:
5a:4f:96:90:68:bb:41:08:91:7e:cc:10:73:ff:25:22:fe:ad:
fa:ab:fd:77:d9:e5:ca:46:f4:eb:dc:4b:47:bd:a5:e7:79:61:
65:4e:df:a8:1f:cf:49:c4:ac:86:d7:ac:2e:e4:d1:42:72:e5:
a2:f4:7f:ab:1a:8f:ab:53:d3:8a:4c:ae:1a:c0:c0:bf:f6:18:
59:68:9b:1c:9e:b7:49:0a:b3:a8:e9:ef:3c:26:55:5e:cc:bf:
9d:95:5c:0b:5d:46:f8:df:18:09:c8:36:42:f0:b5:6d:5a:8b:
a6:09:92:04:3b:90:98:2c:f6:9d:0a:0b:c4:2e:18:12:d2:3d:
83:15:1d:0b:9e:f1:83:3d:d7:84:5e:ee:9b:cb:c6:ac:ed:6a:
dc:08:19:e3:3b:f1:e9:ae:46:34:3f:74:2d:aa:a3:19:f7:36:
cf:d3:75:1e:43:3f:da:3c:32:3a:c1:8c:da:0a:a1:2b:b3:15:
5b:7b:38:e0:b6:7d:78:1a:94:72:4e:17:18:48:88:48:9d:e5:
45:e5:78:a7
-----BEGIN CERTIFICATE-----
MIIFJTCCBA2gAwIBAgISAYN8aDfnb5wyah/G7SMlX+4rMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyOWMyNzMwOThiNTI3NjhjYTBlNDRhM2EyYzE2ZWZlZDRh
NjVjYTAwHhcNMjIwOTI3MDA0NTQ4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MWY5MGY5ZTE4N2I5MDM2ZmJiNzk2NTU0NWVkNjg0ODBjOTUxMTkzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv0B3qoN9wjyGwQ7vd3lPjMFKNKxi
IN4OusDCIVAzGt+uX0AdcbmfNFKEptpbx3IViGaOa65xSu1N2kg5lMeIR11mA05v
QLZGEHvcH03rEykDO2PA9xKe8HFr7C7fSnofWtf2la1eLa+XKRBIuwZ2gKMYHoYd
x9ne7vDms8u1LFgV34pwLDFgQuwCQ+eouBqfqTK1XCvrT88Tb4sDL3TNDicsv5kW
JzcN1XLpiFodFHPI08VgemZFtlQ1A33MCdReKECa57RrrLmkZ93i6PSPOare4mmB
yXyND1E8/4cmvXYsbjnkNdV8nc7AhtYRT8wK+AfGL0zC2+uHqT5c3brOOwIDAQAB
o4ICMTCCAi0wHQYDVR0OBBYEFJH5D54Ye5A2+7eWVUXtaEgMlRGTMB8GA1UdIwQY
MBaAFFKcJzCYtSdoyg5Eo6LBbv7UplygMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVXB3bk1KaTFKMmpLRGtTam9zRnVfdFNtWEtBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS82ZDkzNTktYWZlZi00NTM1LTljOTMt
ZjMzZDNiYjM2NDg0LzEva2ZrUG5oaDdrRGI3dDVaVlJlMW9TQXlWRVpNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS82ZDkzNTktYWZlZi00NTM1LTljOTMtZjMzZDNiYjM2NDg0
LzEvVXB3bk1KaTFKMmpLRGtTam9zRnVfdFNtWEtBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEcGCCsGAQUFBwEHAQH/BDgwNjA0BAIAATAuMAwDBAJOiMQD
BAROiMAwDAMEA06I+AMEAE6I/gMEAFOsPAMEAFOsPwMEA1jMKDANBgkqhkiG9w0B
AQsFAAOCAQEABHAqPS29XOISPueApBz4/7PAzlaCYCKqGJWAIDAlXhNusJRcJ+2C
O/nSl/pDoENZj+KYBbWuWk+WkGi7QQiRfswQc/8lIv6t+qv9d9nlykb069xLR72l
53lhZU7fqB/PScSshtesLuTRQnLlovR/qxqPq1PTikyuGsDAv/YYWWibHJ63SQqz
qOnvPCZVXsy/nZVcC11G+N8YCcg2QvC1bVqLpgmSBDuQmCz2nQoLxC4YEtI9gxUd
C57xgz3XhF7um8vGrO1q3AgZ4zvx6a5GND90LaqjGfc2z9N1HkM/2jwyOsGM2gqh
K7MVW3s44LZ9eBqUck4XGEiISJ3lReV4pw==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:03:07 2023 by rpki-client on console-ams.rpki-client.org