Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/7a5b44-6b18-42d3-a8d5-dc6554fd1235/1/fLRqPeBqFygJYJsyf-O_o4tH-ys.roa
File: fLRqPeBqFygJYJsyf-O_o4tH-ys.roa (raw, json)
Hash identifier: mTTpCfm1qfiCwrqK859pED8rsnxrXTTeENISS1na8/A=
Subject key identifier: 7C:B4:6A:3D:E0:6A:17:28:09:60:9B:32:7F:E3:BF:A3:8B:47:FB:2B
Certificate issuer: /CN=5b52634a2eb03f8565b5e33dc2b9f49041f7cfb0
Certificate serial: 0189E829753172D13518455E670DA2B41E84
Authority key identifier: 5B:52:63:4A:2E:B0:3F:85:65:B5:E3:3D:C2:B9:F4:90:41:F7:CF:B0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/W1JjSi6wP4VlteM9wrn0kEH3z7A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/7a5b44-6b18-42d3-a8d5-dc6554fd1235/1/fLRqPeBqFygJYJsyf-O_o4tH-ys.roa
Signing time: Sat 12 Aug 2023 05:12:58 +0000
ROA not before: Sat 12 Aug 2023 05:12:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 60077
IP address blocks: 193.151.128.0/20 maxlen: 32
193.151.128.0/19 maxlen: 32
193.151.144.0/20 maxlen: 32
193.151.157.0/24 maxlen: 32
193.151.159.0/24 maxlen: 32
78.110.112.0/22 maxlen: 32
78.110.112.0/21 maxlen: 32
85.198.8.0/22 maxlen: 32
78.110.116.0/22 maxlen: 32
85.198.8.0/21 maxlen: 32
85.198.12.0/22 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:e8:29:75:31:72:d1:35:18:45:5e:67:0d:a2:b4:1e:84
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5b52634a2eb03f8565b5e33dc2b9f49041f7cfb0
Validity
Not Before: Aug 12 05:12:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7cb46a3de06a172809609b327fe3bfa38b47fb2b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:ae:7c:32:69:1a:a5:7c:1d:4b:b1:40:ed:62:
5c:12:a8:d6:f2:1e:33:55:91:53:0b:57:8c:6f:1b:
5f:f4:eb:ed:22:b8:3c:7f:cb:73:b5:dc:71:3a:fc:
40:fe:f2:13:ce:db:d8:f5:17:fc:f3:a8:0b:6e:8e:
c6:35:cc:54:ab:aa:dc:a3:50:2f:85:01:70:d8:fd:
64:c9:d7:b0:f7:1c:a3:f0:43:e0:78:2b:66:ba:87:
d5:e5:88:64:b2:c3:83:9f:25:57:26:97:e6:a2:4f:
ce:f3:db:01:b8:11:03:7d:82:28:24:34:b7:b5:c1:
63:0b:31:7e:92:b5:9f:cd:ed:23:0b:f9:9b:c6:50:
5c:7a:50:7f:e6:2e:8c:e0:61:5a:9f:91:b4:3e:02:
ea:d4:da:c7:ee:63:87:6c:d9:75:42:99:cf:a2:82:
e9:0c:99:ec:b5:82:40:23:a3:ee:30:6b:85:91:28:
fe:0e:62:f1:a8:6d:2f:70:a3:4b:15:90:c6:cb:5c:
89:bc:e6:9e:af:4f:fe:a1:39:ce:88:32:a8:28:49:
d4:bb:c6:b2:35:d2:42:66:0a:8b:7e:f5:da:9c:51:
bb:9d:ce:c8:91:1f:53:2b:89:85:91:c6:b6:55:4c:
24:9d:fe:42:20:f4:9e:79:f9:1f:c4:bb:e7:3b:aa:
42:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7C:B4:6A:3D:E0:6A:17:28:09:60:9B:32:7F:E3:BF:A3:8B:47:FB:2B
X509v3 Authority Key Identifier:
keyid:5B:52:63:4A:2E:B0:3F:85:65:B5:E3:3D:C2:B9:F4:90:41:F7:CF:B0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/W1JjSi6wP4VlteM9wrn0kEH3z7A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/7a5b44-6b18-42d3-a8d5-dc6554fd1235/1/fLRqPeBqFygJYJsyf-O_o4tH-ys.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/7a5b44-6b18-42d3-a8d5-dc6554fd1235/1/W1JjSi6wP4VlteM9wrn0kEH3z7A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.110.112.0/21
85.198.8.0/21
193.151.128.0/19
Signature Algorithm: sha256WithRSAEncryption
b0:d0:09:1e:25:df:3d:bd:1b:b7:60:0a:60:9b:48:02:54:7e:
80:9b:36:66:62:27:37:9e:d6:88:22:dd:06:e3:dd:35:2b:2f:
6d:ab:1f:b5:83:a1:d6:39:3a:74:ab:31:7d:2b:02:5f:e7:6b:
ce:18:ef:6d:7d:3a:ea:72:0e:48:3f:16:4a:26:e1:0c:5c:9a:
43:b3:03:99:37:21:98:49:05:21:fc:00:b6:2f:d0:97:f8:71:
af:b5:33:a6:92:74:79:af:61:cc:7d:c2:49:d7:fc:ba:ef:b8:
32:d2:4a:ce:3b:62:0b:2f:72:63:60:49:8f:9f:0e:e9:01:6c:
39:a9:f4:17:69:14:2e:c2:74:09:29:15:c4:27:60:29:2e:6c:
dd:33:ba:a3:8e:2e:f0:38:d7:c9:92:e4:be:2a:ec:00:bc:87:
3d:0c:60:f5:a7:40:50:81:eb:13:75:82:77:af:8f:20:0e:7a:
ae:37:9c:31:0d:36:8f:ce:4c:73:32:77:f8:43:3c:0f:c3:0f:
47:ae:e2:ab:46:b1:2e:77:62:8c:b6:13:4e:5c:cc:2c:3a:2f:
76:00:9d:b6:a5:c2:e6:7f:b6:52:48:db:5a:01:38:f2:59:c8:
d1:32:97:63:2e:1c:0a:48:de:a3:80:d0:66:37:d4:21:6c:fe:
21:73:53:14
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYnoKXUxctE1GEVeZw2itB6EMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDViNTI2MzRhMmViMDNmODU2NWI1ZTMzZGMyYjlmNDkwNDFm
N2NmYjAwHhcNMjMwODEyMDUxMjU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3Y2I0NmEzZGUwNmExNzI4MDk2MDliMzI3ZmUzYmZhMzhiNDdmYjJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkK58MmkapXwdS7FA7WJcEqjW8h4z
VZFTC1eMbxtf9OvtIrg8f8tztdxxOvxA/vITztvY9Rf886gLbo7GNcxUq6rco1Av
hQFw2P1kydew9xyj8EPgeCtmuofV5YhkssODnyVXJpfmok/O89sBuBEDfYIoJDS3
tcFjCzF+krWfze0jC/mbxlBcelB/5i6M4GFan5G0PgLq1NrH7mOHbNl1QpnPooLp
DJnstYJAI6PuMGuFkSj+DmLxqG0vcKNLFZDGy1yJvOaer0/+oTnOiDKoKEnUu8ay
NdJCZgqLfvXanFG7nc7IkR9TK4mFkca2VUwknf5CIPSeefkfxLvnO6pC4wIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFHy0aj3gahcoCWCbMn/jv6OLR/srMB8GA1UdIwQY
MBaAFFtSY0ousD+FZbXjPcK59JBB98+wMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVzFKalNpNndQNFZsdGVNOXdybjBrRUgzejdBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC83YTViNDQtNmIxOC00MmQzLWE4ZDUt
ZGM2NTU0ZmQxMjM1LzEvZkxScVBlQnFGeWdKWUpzeWYtT19vNHRILXlzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC83YTViNDQtNmIxOC00MmQzLWE4ZDUtZGM2NTU0ZmQxMjM1
LzEvVzFKalNpNndQNFZsdGVNOXdybjBrRUgzejdBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQDTm5wAwQD
VcYIAwQFwZeAMA0GCSqGSIb3DQEBCwUAA4IBAQCw0AkeJd89vRu3YApgm0gCVH6A
mzZmYic3ntaIIt0G4901Ky9tqx+1g6HWOTp0qzF9KwJf52vOGO9tfTrqcg5IPxZK
JuEMXJpDswOZNyGYSQUh/AC2L9CX+HGvtTOmknR5r2HMfcJJ1/y677gy0krOO2IL
L3JjYEmPnw7pAWw5qfQXaRQuwnQJKRXEJ2ApLmzdM7qjji7wONfJkuS+KuwAvIc9
DGD1p0BQgesTdYJ3r48gDnquN5wxDTaPzkxzMnf4QzwPww9HruKrRrEud2KMthNO
XMwsOi92AJ22pcLmf7ZSSNtaATjyWcjRMpdjLhwKSN6jgNBmN9QhbP4hc1MU
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:48:07 2025 by rpki-client