Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a2/481a35-2434-46e3-aee1-ae13053133cb/1/rMEwUMmYtbb0nEy6jSkDV2LVDRQ.roa
File: rMEwUMmYtbb0nEy6jSkDV2LVDRQ.roa (raw, json)
Hash identifier: aBaglcXTCDD3CYNzT01oKBzgps3J3OjIPXjQJiON09c=
Subject key identifier: AC:C1:30:50:C9:98:B5:B6:F4:9C:4C:BA:8D:29:03:57:62:D5:0D:14
Certificate issuer: /CN=3ff7789346a9f92915f1f75b10af94f97b6e24fa
Certificate serial: 059FB8E9
Authority key identifier: 3F:F7:78:93:46:A9:F9:29:15:F1:F7:5B:10:AF:94:F9:7B:6E:24:FA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P_d4k0ap-SkV8fdbEK-U-XtuJPo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a2/481a35-2434-46e3-aee1-ae13053133cb/1/rMEwUMmYtbb0nEy6jSkDV2LVDRQ.roa
Signing time: Sat 01 Jan 2022 05:54:36 +0000
ROA not before: Sat 01 Jan 2022 05:54:36 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 51664
IP address blocks: 78.40.90.0/24 maxlen: 24
78.40.89.0/24 maxlen: 24
78.40.88.0/24 maxlen: 24
78.40.91.0/24 maxlen: 24
78.40.93.0/24 maxlen: 24
78.40.92.0/24 maxlen: 24
78.40.95.0/24 maxlen: 24
78.40.94.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 94353641 (0x59fb8e9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3ff7789346a9f92915f1f75b10af94f97b6e24fa
Validity
Not Before: Jan 1 05:54:36 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=acc13050c998b5b6f49c4cba8d29035762d50d14
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:08:01:f5:3e:d1:86:fe:06:ba:a6:90:e2:3c:
8b:de:40:bb:91:75:89:3f:7a:45:c2:b6:eb:ff:1d:
10:c2:e5:fe:24:1c:cd:0a:34:05:79:d4:5e:93:df:
d2:f5:dd:a9:ed:a7:f0:c5:88:ff:70:4b:ef:6f:04:
9a:aa:d5:1e:0d:0a:ea:21:c5:22:e2:7a:56:80:85:
52:3b:b3:56:2e:e2:26:0e:e3:bf:a5:d2:15:d7:25:
a4:7a:4b:18:0b:e5:3b:69:71:c6:e7:bd:e1:22:e9:
78:e0:c1:4b:49:ea:6b:f8:9c:b5:c7:ff:ad:4d:39:
ff:2a:32:e4:11:19:85:e9:47:3e:03:44:25:bd:63:
b3:f0:84:e2:6c:20:fd:d1:fa:99:62:42:8e:6d:ad:
16:fc:36:6a:c0:79:81:4c:c2:58:b8:8e:83:38:58:
53:a4:7e:72:97:1e:b0:ae:54:9b:af:3a:7a:2d:b3:
33:90:7e:4e:33:62:7d:b4:25:9e:ca:c6:1d:f3:18:
e9:2b:ad:03:8f:c0:b4:da:79:6a:57:cd:85:a0:21:
e9:49:f2:ad:4b:e7:0f:44:1c:83:d9:e4:1e:a9:db:
1b:a7:9e:2a:98:2f:9a:4e:53:5e:92:5d:bb:a7:95:
1c:30:36:a7:d9:2d:be:74:58:0c:a4:89:e4:e1:5b:
85:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:C1:30:50:C9:98:B5:B6:F4:9C:4C:BA:8D:29:03:57:62:D5:0D:14
X509v3 Authority Key Identifier:
keyid:3F:F7:78:93:46:A9:F9:29:15:F1:F7:5B:10:AF:94:F9:7B:6E:24:FA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P_d4k0ap-SkV8fdbEK-U-XtuJPo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/481a35-2434-46e3-aee1-ae13053133cb/1/rMEwUMmYtbb0nEy6jSkDV2LVDRQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/481a35-2434-46e3-aee1-ae13053133cb/1/P_d4k0ap-SkV8fdbEK-U-XtuJPo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.40.88.0/21
Signature Algorithm: sha256WithRSAEncryption
6b:5a:24:b1:56:62:d0:0d:a9:6a:fe:2f:d0:c2:b3:82:81:b6:
33:0e:f7:04:62:1a:d6:86:a0:1a:bc:f0:42:9a:71:bb:6e:e6:
40:7a:15:98:31:18:ba:7f:5e:0d:c2:6f:49:59:9f:c2:8a:7f:
3d:5c:cb:d1:70:ef:48:53:b3:11:cc:13:27:3d:d7:73:9e:97:
f8:31:a0:21:e9:eb:28:a7:82:f1:62:28:3a:6d:13:c6:42:4a:
f9:09:3a:b7:71:43:05:a8:43:83:35:52:c2:17:6e:ab:bd:f9:
49:d4:e4:2a:65:c6:2e:d9:50:16:11:7a:4e:33:bf:57:47:d6:
ca:ca:30:18:d2:31:05:99:6f:c6:91:51:42:54:44:61:f4:ec:
c7:87:84:49:3a:df:71:40:4d:c4:1c:24:4a:81:6f:03:e2:40:
56:95:54:12:f3:91:a6:72:64:bc:6f:b6:7e:3f:21:a5:6b:69:
ba:db:1e:b1:b2:6b:3b:85:cf:c8:72:46:f0:d9:8f:83:91:8b:
0d:fb:12:0e:36:1a:2b:22:ba:9e:3c:9a:17:4f:52:77:16:40:
f4:63:2a:11:76:80:1c:fa:72:98:16:c9:49:20:39:3e:68:2b:
58:1e:c3:39:a2:aa:66:f9:25:a2:dd:8f:90:87:cd:85:d8:34:
26:a7:d0:19
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEBZ+46TANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
ZmY3Nzg5MzQ2YTlmOTI5MTVmMWY3NWIxMGFmOTRmOTdiNmUyNGZhMB4XDTIyMDEw
MTA1NTQzNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYWNjMTMwNTBjOTk4
YjViNmY0OWM0Y2JhOGQyOTAzNTc2MmQ1MGQxNDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAM8IAfU+0Yb+BrqmkOI8i95Au5F1iT96RcK26/8dEMLl/iQc
zQo0BXnUXpPf0vXdqe2n8MWI/3BL728EmqrVHg0K6iHFIuJ6VoCFUjuzVi7iJg7j
v6XSFdclpHpLGAvlO2lxxue94SLpeODBS0nqa/ictcf/rU05/yoy5BEZhelHPgNE
Jb1js/CE4mwg/dH6mWJCjm2tFvw2asB5gUzCWLiOgzhYU6R+cpcesK5Um686ei2z
M5B+TjNifbQlnsrGHfMY6SutA4/AtNp5alfNhaAh6UnyrUvnD0Qcg9nkHqnbG6ee
Kpgvmk5TXpJdu6eVHDA2p9ktvnRYDKSJ5OFbhcsCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSswTBQyZi1tvScTLqNKQNXYtUNFDAfBgNVHSMEGDAWgBQ/93iTRqn5KRXx
91sQr5T5e24k+jAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1BfZDRrMGFwLVNrVjhmZGJFSy1VLVh0dUpQby5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYTIvNDgxYTM1LTI0MzQtNDZlMy1hZWUxLWFlMTMwNTMxMzNjYi8x
L3JNRXdVTW1ZdGJiMG5FeTZqU2tEVjJMVkRSUS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYTIv
NDgxYTM1LTI0MzQtNDZlMy1hZWUxLWFlMTMwNTMxMzNjYi8xL1BfZDRrMGFwLVNr
VjhmZGJFSy1VLVh0dUpQby5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEA04oWDANBgkqhkiG9w0BAQsFAAOC
AQEAa1oksVZi0A2pav4v0MKzgoG2Mw73BGIa1oagGrzwQppxu27mQHoVmDEYun9e
DcJvSVmfwop/PVzL0XDvSFOzEcwTJz3Xc56X+DGgIenrKKeC8WIoOm0TxkJK+Qk6
t3FDBahDgzVSwhduq735SdTkKmXGLtlQFhF6TjO/V0fWysowGNIxBZlvxpFRQlRE
YfTsx4eESTrfcUBNxBwkSoFvA+JAVpVUEvORpnJkvG+2fj8hpWtputsesbJrO4XP
yHJG8NmPg5GLDfsSDjYaKyK6njyaF09SdxZA9GMqEXaAHPpymBbJSSA5PmgrWB7D
OaKqZvklot2PkIfNhdg0JqfQGQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:36:06 2024 by rpki-client on console-ams.rpki-client.org