Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/78db29-e46d-41f4-87c7-95c42e4a84c0/1/bJ5FWVnY9k2f3T_FYkliexE7GUs.roa
File: bJ5FWVnY9k2f3T_FYkliexE7GUs.roa (raw, json)
Hash identifier: gOxsFazE+Jt1bIlc90FmgipMXrm2fSCl2wrHqqgLIIk=
Subject key identifier: 6C:9E:45:59:59:D8:F6:4D:9F:DD:3F:C5:62:49:62:7B:11:3B:19:4B
Certificate issuer: /CN=e94978779e930e01fbfe7e0c5fcb41611129d4e8
Certificate serial: 01856F8B6C2BB616088E9D9697FB9BD01DA4
Authority key identifier: E9:49:78:77:9E:93:0E:01:FB:FE:7E:0C:5F:CB:41:61:11:29:D4:E8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6Ul4d56TDgH7_n4MX8tBYREp1Og.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/78db29-e46d-41f4-87c7-95c42e4a84c0/1/bJ5FWVnY9k2f3T_FYkliexE7GUs.roa
Signing time: Sun 01 Jan 2023 22:54:46 +0000
ROA not before: Sun 01 Jan 2023 22:54:46 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49801
IP address blocks: 78.111.0.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:8b:6c:2b:b6:16:08:8e:9d:96:97:fb:9b:d0:1d:a4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e94978779e930e01fbfe7e0c5fcb41611129d4e8
Validity
Not Before: Jan 1 22:54:46 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6c9e455959d8f64d9fdd3fc56249627b113b194b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:22:ea:dc:45:74:f5:fa:b5:d4:cb:98:2b:2c:
76:83:63:21:78:d3:34:b7:d1:86:19:29:dc:1c:2d:
76:72:9a:9a:2c:b9:5c:d5:63:44:bc:6d:bf:ee:90:
57:40:e0:49:a6:a0:50:50:fb:b9:d4:a5:77:a9:3b:
0e:64:9e:74:4e:ed:2b:9d:15:14:21:c6:06:3a:e3:
00:47:81:be:0a:44:77:19:cb:3e:75:52:05:66:11:
55:cb:bc:3f:84:19:f5:eb:c5:14:cb:46:85:11:18:
12:e4:0c:47:cd:a2:8f:b3:79:41:7e:37:f8:4a:19:
30:b8:98:7f:0b:b4:56:28:23:09:d2:7b:32:84:3b:
11:c4:e3:17:e5:31:c5:7e:33:3b:89:ea:63:04:95:
2c:0d:b2:56:96:a5:fd:42:27:5e:50:79:58:96:52:
e8:99:3c:44:4a:9e:c3:14:55:2b:bb:8e:33:bf:a5:
b2:77:bf:b4:69:06:0a:d4:25:5a:1e:39:07:88:0b:
dd:e6:b9:03:3a:b2:bb:94:85:a2:ec:f2:ae:9b:d6:
b7:b3:a6:05:a6:de:b5:c5:5b:55:ed:35:ea:56:7f:
75:13:d1:ef:16:68:c0:d2:c9:1a:e7:4f:cb:ce:07:
9e:51:82:76:a8:41:77:b7:ff:95:10:eb:1f:f8:db:
cb:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:9E:45:59:59:D8:F6:4D:9F:DD:3F:C5:62:49:62:7B:11:3B:19:4B
X509v3 Authority Key Identifier:
keyid:E9:49:78:77:9E:93:0E:01:FB:FE:7E:0C:5F:CB:41:61:11:29:D4:E8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6Ul4d56TDgH7_n4MX8tBYREp1Og.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/78db29-e46d-41f4-87c7-95c42e4a84c0/1/bJ5FWVnY9k2f3T_FYkliexE7GUs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/78db29-e46d-41f4-87c7-95c42e4a84c0/1/6Ul4d56TDgH7_n4MX8tBYREp1Og.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.111.0.0/22
Signature Algorithm: sha256WithRSAEncryption
26:21:f8:45:46:29:c5:57:de:0a:19:32:f6:1c:b7:e1:93:67:
89:6b:3e:92:03:4c:d7:da:82:1c:a3:a7:05:da:23:d0:21:81:
60:b8:83:a1:9f:a3:bc:f7:fe:2f:cd:48:59:a5:7b:3d:0e:db:
3f:e7:a6:8f:e2:b0:4b:b4:8a:50:c8:f9:10:89:29:ae:87:49:
bf:1c:1c:ad:06:5d:9f:c6:1a:7f:12:e2:53:92:ed:54:ad:6c:
d5:35:9e:50:4a:7c:32:cb:ca:b4:37:c2:26:99:b2:c7:2e:c6:
c7:4b:a0:75:e3:43:37:28:d0:23:91:ca:20:76:ff:c4:11:6d:
a1:e3:d4:bd:76:e2:ea:1c:e8:c3:bf:0d:b2:0c:07:07:7b:91:
85:79:8e:53:c7:10:fa:a3:26:a3:e2:eb:d1:5d:d6:fe:fa:44:
15:f1:78:b1:26:6f:d0:f9:01:74:15:c7:ca:25:d3:63:21:20:
c5:6b:4a:84:7e:d5:b6:07:6d:8c:71:bf:c9:e8:27:9b:db:13:
45:96:2c:c7:dc:66:90:7a:8a:03:46:c2:14:5f:2a:54:0b:ab:
23:d7:16:d7:7a:07:1c:48:01:2a:53:b3:66:ec:37:6d:19:75:
4e:0e:53:56:2b:33:7a:57:66:b0:06:2d:54:c3:81:5d:7e:d2:
5f:d6:07:70
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvi2wrthYIjp2Wl/ub0B2kMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU5NDk3ODc3OWU5MzBlMDFmYmZlN2UwYzVmY2I0MTYxMTEy
OWQ0ZTgwHhcNMjMwMTAxMjI1NDQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YzllNDU1OTU5ZDhmNjRkOWZkZDNmYzU2MjQ5NjI3YjExM2IxOTRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1yLq3EV09fq11MuYKyx2g2MheNM0
t9GGGSncHC12cpqaLLlc1WNEvG2/7pBXQOBJpqBQUPu51KV3qTsOZJ50Tu0rnRUU
IcYGOuMAR4G+CkR3Gcs+dVIFZhFVy7w/hBn168UUy0aFERgS5AxHzaKPs3lBfjf4
ShkwuJh/C7RWKCMJ0nsyhDsRxOMX5THFfjM7iepjBJUsDbJWlqX9QideUHlYllLo
mTxESp7DFFUru44zv6Wyd7+0aQYK1CVaHjkHiAvd5rkDOrK7lIWi7PKum9a3s6YF
pt61xVtV7TXqVn91E9HvFmjA0ska50/LzgeeUYJ2qEF3t/+VEOsf+NvL+wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGyeRVlZ2PZNn90/xWJJYnsROxlLMB8GA1UdIwQY
MBaAFOlJeHeekw4B+/5+DF/LQWERKdToMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNlVsNGQ1NlREZ0g3X240TVg4dEJZUkVwMU9nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS83OGRiMjktZTQ2ZC00MWY0LTg3Yzct
OTVjNDJlNGE4NGMwLzEvYko1RldWblk5azJmM1RfRllrbGlleEU3R1VzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS83OGRiMjktZTQ2ZC00MWY0LTg3YzctOTVjNDJlNGE4NGMw
LzEvNlVsNGQ1NlREZ0g3X240TVg4dEJZUkVwMU9nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCTm8AMA0G
CSqGSIb3DQEBCwUAA4IBAQAmIfhFRinFV94KGTL2HLfhk2eJaz6SA0zX2oIco6cF
2iPQIYFguIOhn6O89/4vzUhZpXs9Dts/56aP4rBLtIpQyPkQiSmuh0m/HBytBl2f
xhp/EuJTku1UrWzVNZ5QSnwyy8q0N8ImmbLHLsbHS6B140M3KNAjkcogdv/EEW2h
49S9duLqHOjDvw2yDAcHe5GFeY5TxxD6oyaj4uvRXdb++kQV8XixJm/Q+QF0FcfK
JdNjISDFa0qEftW2B22Mcb/J6Ceb2xNFlizH3GaQeooDRsIUXypUC6sj1xbXegcc
SAEqU7Nm7DdtGXVODlNWKzN6V2awBi1Uw4FdftJf1gdw
-----END CERTIFICATE-----
Generated at Sun Apr 13 03:32:52 2025 by rpki-client