Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/af/b95ca0-853f-48ab-9b41-e0aee1bbf9e3/1/oQPTuULagc2sx9NIw2J_tZV4evg.roa
File: oQPTuULagc2sx9NIw2J_tZV4evg.roa (raw, json)
Hash identifier: qLyWQSwLPGYP/gBhYOTn7Pt7oi1jel32Co/MvHNyexk=
Subject key identifier: A1:03:D3:B9:42:DA:81:CD:AC:C7:D3:48:C3:62:7F:B5:95:78:7A:F8
Certificate issuer: /CN=5aedcb334d39e797817e2eb47703c018b4dc49d5
Certificate serial: 0184F149E4C86B8CA4400602B9B274CE04F0
Authority key identifier: 5A:ED:CB:33:4D:39:E7:97:81:7E:2E:B4:77:03:C0:18:B4:DC:49:D5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Wu3LM00555eBfi60dwPAGLTcSdU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/af/b95ca0-853f-48ab-9b41-e0aee1bbf9e3/1/oQPTuULagc2sx9NIw2J_tZV4evg.roa
Signing time: Thu 08 Dec 2022 10:31:02 +0000
ROA not before: Thu 08 Dec 2022 10:31:02 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 39767
IP address blocks: 78.158.72.0/21 maxlen: 21
78.158.80.0/20 maxlen: 21
185.90.140.0/22 maxlen: 22
194.88.12.0/23 maxlen: 23
2a05:e200::/29 maxlen: 30
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:f1:49:e4:c8:6b:8c:a4:40:06:02:b9:b2:74:ce:04:f0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5aedcb334d39e797817e2eb47703c018b4dc49d5
Validity
Not Before: Dec 8 10:31:02 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a103d3b942da81cdacc7d348c3627fb595787af8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:c9:d7:73:19:2d:a1:5f:01:49:c7:bc:47:d3:
13:d5:b7:6f:ea:55:21:a4:f7:c6:6f:80:76:7a:f8:
39:fc:0c:86:7f:bd:31:57:be:9b:92:a7:c5:f9:2b:
c6:d9:a8:ff:2d:fc:dd:26:5a:04:5b:7c:f9:13:63:
80:a6:f3:1f:d3:ed:67:22:96:8e:f4:29:83:e2:bf:
05:d9:6d:02:52:df:58:e3:cc:d2:cc:0f:f2:61:95:
29:1c:cf:d4:57:d4:76:b4:68:9e:3f:9b:bd:f9:d4:
32:93:c9:34:69:b5:2d:a3:c6:24:a5:11:b8:f2:a4:
a4:25:33:ea:6f:13:52:8c:ca:ad:27:c4:b9:33:83:
58:77:5d:15:89:22:2a:78:db:51:75:fd:6c:31:20:
48:41:98:f0:31:e6:33:36:84:16:48:e4:1f:43:86:
d6:1b:2c:94:c8:5d:b9:7c:58:97:f9:17:4b:69:8b:
da:e0:db:c6:da:67:a7:65:e3:80:5c:56:eb:3f:99:
15:0c:30:ea:98:39:39:6f:19:74:94:1b:dd:ad:2e:
1c:d8:45:62:54:b7:f8:8c:18:f8:ec:04:b4:1c:1d:
76:83:12:34:9b:d7:b2:34:c0:67:aa:d1:87:07:00:
ce:da:4f:62:06:56:7a:96:5e:76:fb:f7:1e:82:e7:
5c:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:03:D3:B9:42:DA:81:CD:AC:C7:D3:48:C3:62:7F:B5:95:78:7A:F8
X509v3 Authority Key Identifier:
keyid:5A:ED:CB:33:4D:39:E7:97:81:7E:2E:B4:77:03:C0:18:B4:DC:49:D5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Wu3LM00555eBfi60dwPAGLTcSdU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/af/b95ca0-853f-48ab-9b41-e0aee1bbf9e3/1/oQPTuULagc2sx9NIw2J_tZV4evg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/af/b95ca0-853f-48ab-9b41-e0aee1bbf9e3/1/Wu3LM00555eBfi60dwPAGLTcSdU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.158.72.0-78.158.95.255
185.90.140.0/22
194.88.12.0/23
IPv6:
2a05:e200::/29
Signature Algorithm: sha256WithRSAEncryption
29:ad:bd:d9:27:42:20:cb:ed:3c:09:e5:5a:00:cb:19:20:f2:
0d:77:e1:d1:7f:85:03:c1:c6:9a:11:d9:47:50:40:9a:ac:6c:
5f:0d:13:a9:1b:40:40:80:05:1d:d1:93:89:bc:3b:3c:d8:b5:
0f:27:60:d6:83:84:b0:cf:e6:52:fc:81:b8:18:9a:e0:db:4b:
76:da:e8:ec:b2:b5:a6:1e:28:aa:e3:73:f5:39:3b:c0:28:74:
f8:da:29:3f:06:02:7b:4d:59:b9:58:25:65:90:d3:91:0e:91:
5b:28:95:e9:eb:6c:ed:ce:8c:c8:43:44:9c:1e:0f:6b:d8:00:
9b:82:9a:d4:17:d6:15:8f:0e:8d:8b:60:7f:2d:8b:0d:13:a8:
e1:50:fc:49:6a:cc:3a:21:83:7e:35:95:03:59:ce:11:54:c4:
3a:e2:73:6e:b1:cc:9d:8a:c0:2a:ae:ff:24:69:d7:21:77:c9:
09:46:b4:0b:5c:3f:90:73:c7:aa:5a:59:b3:26:9b:c0:db:5f:
6d:21:42:26:d5:a1:1c:cd:05:82:9e:90:a6:cc:9d:a0:69:7a:
61:09:0b:a7:69:dc:21:ee:76:5a:ee:e3:59:d0:07:e1:12:d5:
2e:df:48:4c:b0:a0:45:c2:69:e9:45:96:7d:75:f9:3f:68:89:
c9:96:51:ac
-----BEGIN CERTIFICATE-----
MIIFIDCCBAigAwIBAgISAYTxSeTIa4ykQAYCubJ0zgTwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVhZWRjYjMzNGQzOWU3OTc4MTdlMmViNDc3MDNjMDE4YjRk
YzQ5ZDUwHhcNMjIxMjA4MTAzMTAyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMTAzZDNiOTQyZGE4MWNkYWNjN2QzNDhjMzYyN2ZiNTk1Nzg3YWY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhMnXcxktoV8BSce8R9MT1bdv6lUh
pPfGb4B2evg5/AyGf70xV76bkqfF+SvG2aj/LfzdJloEW3z5E2OApvMf0+1nIpaO
9CmD4r8F2W0CUt9Y48zSzA/yYZUpHM/UV9R2tGieP5u9+dQyk8k0abUto8YkpRG4
8qSkJTPqbxNSjMqtJ8S5M4NYd10ViSIqeNtRdf1sMSBIQZjwMeYzNoQWSOQfQ4bW
GyyUyF25fFiX+RdLaYva4NvG2menZeOAXFbrP5kVDDDqmDk5bxl0lBvdrS4c2EVi
VLf4jBj47AS0HB12gxI0m9eyNMBnqtGHBwDO2k9iBlZ6ll52+/cegudc4wIDAQAB
o4ICLDCCAigwHQYDVR0OBBYEFKED07lC2oHNrMfTSMNif7WVeHr4MB8GA1UdIwQY
MBaAFFrtyzNNOeeXgX4utHcDwBi03EnVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV3UzTE0wMDU1NWVCZmk2MGR3UEFHTFRjU2RVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZi9iOTVjYTAtODUzZi00OGFiLTliNDEt
ZTBhZWUxYmJmOWUzLzEvb1FQVHVVTGFnYzJzeDlOSXcySl90WlY0ZXZnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZi9iOTVjYTAtODUzZi00OGFiLTliNDEtZTBhZWUxYmJmOWUz
LzEvV3UzTE0wMDU1NWVCZmk2MGR3UEFHTFRjU2RVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEIGCCsGAQUFBwEHAQH/BDMwMTAgBAIAATAaMAwDBANOnkgD
BAVOnkADBAK5WowDBAHCWAwwDQQCAAIwBwMFAyoF4gAwDQYJKoZIhvcNAQELBQAD
ggEBACmtvdknQiDL7TwJ5VoAyxkg8g134dF/hQPBxpoR2UdQQJqsbF8NE6kbQECA
BR3Rk4m8OzzYtQ8nYNaDhLDP5lL8gbgYmuDbS3ba6OyytaYeKKrjc/U5O8AodPja
KT8GAntNWblYJWWQ05EOkVsolenrbO3OjMhDRJweD2vYAJuCmtQX1hWPDo2LYH8t
iw0TqOFQ/ElqzDohg341lQNZzhFUxDric26xzJ2KwCqu/yRp1yF3yQlGtAtcP5Bz
x6paWbMmm8DbX20hQibVoRzNBYKekKbMnaBpemEJC6dp3CHudlru41nQB+ES1S7f
SEywoEXCaelFln11+T9oicmWUaw=
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:02:14 2023 by rpki-client on console-fra.rpki-client.org