Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/650c97-4eb6-4c91-b5a3-dc1db67db3cb/1/73MYZz7hActP8OJ_eX4QEXnT_Q4.roa
File: 73MYZz7hActP8OJ_eX4QEXnT_Q4.roa (raw, json)
Hash identifier: 8ofm3c1TQG7eZ1YuJvZFg3D4lKF+nnNBMYx6oXTbvDw=
Subject key identifier: EF:73:18:67:3E:E1:01:CB:4F:F0:E2:7F:79:7E:10:11:79:D3:FD:0E
Certificate issuer: /CN=f19cf09771b8f184caa1a00421b9294491e97e6b
Certificate serial: 08E4F5CC
Authority key identifier: F1:9C:F0:97:71:B8:F1:84:CA:A1:A0:04:21:B9:29:44:91:E9:7E:6B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8Zzwl3G48YTKoaAEIbkpRJHpfms.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b2/650c97-4eb6-4c91-b5a3-dc1db67db3cb/1/73MYZz7hActP8OJ_eX4QEXnT_Q4.roa
Signing time: Sat 01 Jan 2022 15:55:01 +0000
ROA not before: Sat 01 Jan 2022 15:55:01 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 51695
IP address blocks: 217.78.98.0/24 maxlen: 24
217.78.97.0/24 maxlen: 24
217.78.101.0/24 maxlen: 24
217.78.100.0/24 maxlen: 24
217.78.99.0/24 maxlen: 24
217.78.105.0/24 maxlen: 24
217.78.104.0/24 maxlen: 24
217.78.103.0/24 maxlen: 24
217.78.102.0/24 maxlen: 24
217.78.108.0/24 maxlen: 24
217.78.107.0/24 maxlen: 24
217.78.106.0/24 maxlen: 24
217.78.111.0/24 maxlen: 24
217.78.110.0/24 maxlen: 24
217.78.109.0/24 maxlen: 24
2a02:6700::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 149222860 (0x8e4f5cc)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f19cf09771b8f184caa1a00421b9294491e97e6b
Validity
Not Before: Jan 1 15:55:01 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=ef7318673ee101cb4ff0e27f797e101179d3fd0e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:63:3a:a5:e3:57:2a:39:b7:d9:32:14:3f:2e:
37:e6:34:c6:8d:c7:82:7c:13:3a:35:b8:16:c4:c2:
89:50:6a:bc:d6:e2:39:06:2b:30:72:67:1c:48:44:
a0:4a:40:e3:49:1a:50:c0:f9:f4:da:0e:5a:a9:09:
d6:9e:2f:51:dc:e1:f0:59:74:5c:74:01:fa:d7:fd:
bb:14:a3:54:5d:3b:f7:87:07:ca:b3:17:f5:02:43:
fc:e9:99:45:5a:bb:c0:e6:94:b3:96:ac:7e:f6:cc:
b8:29:82:b7:a1:75:d2:98:77:6f:c6:e4:57:7a:62:
95:b6:bf:1a:63:51:e9:c7:7b:9f:0c:ae:6c:e6:2a:
05:eb:c3:90:c2:c0:fb:7e:43:c0:aa:91:be:be:95:
b6:18:73:44:03:cf:c7:39:b2:73:a2:97:b0:f3:5d:
2e:b3:7a:19:ea:46:44:ff:03:94:40:4d:4a:70:59:
c4:e3:de:9a:60:28:c1:a9:1c:ad:6a:d4:b5:26:87:
d4:0d:bb:89:fe:c9:9f:c5:b8:ff:1b:3f:15:65:60:
f0:e9:8d:ed:94:c1:7b:51:b4:04:b7:ad:66:26:2c:
89:72:46:57:c6:84:f0:fa:23:9f:fd:0f:fc:2b:8e:
14:d0:8a:95:65:e7:b4:d9:8d:d9:65:2a:f9:b2:e6:
88:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EF:73:18:67:3E:E1:01:CB:4F:F0:E2:7F:79:7E:10:11:79:D3:FD:0E
X509v3 Authority Key Identifier:
keyid:F1:9C:F0:97:71:B8:F1:84:CA:A1:A0:04:21:B9:29:44:91:E9:7E:6B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8Zzwl3G48YTKoaAEIbkpRJHpfms.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/650c97-4eb6-4c91-b5a3-dc1db67db3cb/1/73MYZz7hActP8OJ_eX4QEXnT_Q4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/650c97-4eb6-4c91-b5a3-dc1db67db3cb/1/8Zzwl3G48YTKoaAEIbkpRJHpfms.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.78.97.0-217.78.111.255
IPv6:
2a02:6700::/32
Signature Algorithm: sha256WithRSAEncryption
30:70:fe:cf:ca:48:55:c6:66:2a:17:36:d7:ce:46:26:c7:36:
d3:bb:e1:08:1b:4e:64:f8:b4:18:ec:8e:75:62:2f:aa:be:4a:
02:c1:40:01:e8:c6:7f:37:0c:32:37:5e:8a:11:7f:6c:c4:10:
81:54:dc:ca:3c:2b:67:71:32:b8:11:53:c0:cd:ec:00:a0:6c:
fb:5c:6e:74:fe:ef:f4:f9:fb:88:8c:64:d8:26:c0:c1:ec:74:
46:3e:45:6e:a7:64:2a:05:a0:39:f5:d0:15:86:06:74:ba:49:
41:4e:13:de:2b:17:48:11:fd:e3:15:d9:8d:de:82:1a:49:4c:
7b:58:07:42:8b:d8:88:a8:ab:99:d0:3d:37:bf:74:61:de:2b:
6e:d2:31:ab:30:ec:31:aa:25:af:30:51:52:24:d2:50:3c:b7:
e0:e4:00:28:1d:e1:4a:79:34:cf:fb:48:0d:af:af:91:57:9b:
c1:23:a7:8a:21:06:41:43:d5:1f:f9:b2:58:11:d5:96:54:73:
11:2e:a9:a2:cd:db:81:22:14:7b:c4:4f:45:b2:44:0c:1a:8f:
98:15:bf:cc:04:75:11:2c:13:ad:4a:28:76:40:bd:cb:46:dd:
a6:74:9c:ac:28:fd:5a:21:f4:cd:ce:ff:10:5c:0e:0a:4a:d4:
f8:2f:5d:1b
-----BEGIN CERTIFICATE-----
MIIFBjCCA+6gAwIBAgIECOT1zDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
MTljZjA5NzcxYjhmMTg0Y2FhMWEwMDQyMWI5Mjk0NDkxZTk3ZTZiMB4XDTIyMDEw
MTE1NTUwMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZWY3MzE4NjczZWUx
MDFjYjRmZjBlMjdmNzk3ZTEwMTE3OWQzZmQwZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAK1jOqXjVyo5t9kyFD8uN+Y0xo3HgnwTOjW4FsTCiVBqvNbi
OQYrMHJnHEhEoEpA40kaUMD59NoOWqkJ1p4vUdzh8Fl0XHQB+tf9uxSjVF0794cH
yrMX9QJD/OmZRVq7wOaUs5asfvbMuCmCt6F10ph3b8bkV3pilba/GmNR6cd7nwyu
bOYqBevDkMLA+35DwKqRvr6VthhzRAPPxzmyc6KXsPNdLrN6GepGRP8DlEBNSnBZ
xOPemmAowakcrWrUtSaH1A27if7Jn8W4/xs/FWVg8OmN7ZTBe1G0BLetZiYsiXJG
V8aE8Pojn/0P/CuOFNCKlWXntNmN2WUq+bLmiPkCAwEAAaOCAiAwggIcMB0GA1Ud
DgQWBBTvcxhnPuEBy0/w4n95fhARedP9DjAfBgNVHSMEGDAWgBTxnPCXcbjxhMqh
oAQhuSlEkel+azAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzhaendsM0c0OFlUS29hQUVJYmtwUkpIcGZtcy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYjIvNjUwYzk3LTRlYjYtNGM5MS1iNWEzLWRjMWRiNjdkYjNjYi8x
LzczTVlaejdoQWN0UDhPSl9lWDRRRVhuVF9RNC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjIv
NjUwYzk3LTRlYjYtNGM5MS1iNWEzLWRjMWRiNjdkYjNjYi8xLzhaendsM0c0OFlU
S29hQUVJYmtwUkpIcGZtcy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA2
BggrBgEFBQcBBwEB/wQnMCUwFAQCAAEwDjAMAwQA2U5hAwQE2U5gMA0EAgACMAcD
BQAqAmcAMA0GCSqGSIb3DQEBCwUAA4IBAQAwcP7PykhVxmYqFzbXzkYmxzbTu+EI
G05k+LQY7I51Yi+qvkoCwUAB6MZ/NwwyN16KEX9sxBCBVNzKPCtncTK4EVPAzewA
oGz7XG50/u/0+fuIjGTYJsDB7HRGPkVup2QqBaA59dAVhgZ0uklBThPeKxdIEf3j
FdmN3oIaSUx7WAdCi9iIqKuZ0D03v3Rh3itu0jGrMOwxqiWvMFFSJNJQPLfg5AAo
HeFKeTTP+0gNr6+RV5vBI6eKIQZBQ9Uf+bJYEdWWVHMRLqmizduBIhR7xE9FskQM
Go+YFb/MBHURLBOtSih2QL3LRt2mdJysKP1aIfTNzv8QXA4KStT4L10b
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:39:18 2024 by rpki-client on console-ams.rpki-client.org