Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b3/3b49d4-d92e-4fb6-ab7b-97dcda3a3ca5/1/g7lb4mWjpb_-OpSf_4yRvsgZe8c.roa
File: g7lb4mWjpb_-OpSf_4yRvsgZe8c.roa (raw, json)
Hash identifier: mma2TolaxWxzQ5HMQ4wVGKQxG/RI0b7yAI6ttKOURKs=
Subject key identifier: 83:B9:5B:E2:65:A3:A5:BF:FE:3A:94:9F:FF:8C:91:BE:C8:19:7B:C7
Certificate issuer: /CN=63b498b77ad99cd36e876f0e2fed6998192bc612
Certificate serial: 344A2FD6
Authority key identifier: 63:B4:98:B7:7A:D9:9C:D3:6E:87:6F:0E:2F:ED:69:98:19:2B:C6:12
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y7SYt3rZnNNuh28OL-1pmBkrxhI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b3/3b49d4-d92e-4fb6-ab7b-97dcda3a3ca5/1/g7lb4mWjpb_-OpSf_4yRvsgZe8c.roa
Signing time: Sat 01 Jan 2022 02:01:26 +0000
ROA not before: Sat 01 Jan 2022 02:01:26 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 43242
IP address blocks: 78.135.0.0/22 maxlen: 22
78.135.4.0/22 maxlen: 22
78.135.8.0/21 maxlen: 21
78.135.16.0/20 maxlen: 20
78.135.32.0/19 maxlen: 19
78.135.36.0/22 maxlen: 22
78.135.32.0/22 maxlen: 22
78.135.40.0/22 maxlen: 22
78.135.44.0/22 maxlen: 22
78.135.48.0/22 maxlen: 22
78.135.56.0/22 maxlen: 22
78.135.52.0/22 maxlen: 22
78.135.60.0/22 maxlen: 22
2a0a:1900::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 877277142 (0x344a2fd6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63b498b77ad99cd36e876f0e2fed6998192bc612
Validity
Not Before: Jan 1 02:01:26 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=83b95be265a3a5bffe3a949fff8c91bec8197bc7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:bc:c8:fd:8e:bb:aa:c8:5d:fc:44:82:78:10:
ca:0e:77:5a:d4:0d:3b:f3:d6:8e:71:01:82:e2:06:
b0:1b:ba:b4:35:69:59:d4:37:60:db:98:c2:61:f1:
cd:cf:1a:ee:62:a0:17:f5:95:35:f6:1d:13:72:38:
15:07:f9:ce:6c:31:7d:24:7c:49:9e:ed:a5:de:ba:
96:8e:36:30:14:ce:8c:25:12:56:a0:4b:84:34:93:
a0:71:bd:f1:ec:18:5b:e5:c0:2e:92:11:a8:7b:e9:
4b:4d:81:58:97:d5:e6:6f:d8:50:c3:f6:78:9f:48:
97:cb:d8:19:41:ea:ef:20:30:af:7e:5c:7d:06:bd:
0f:67:a0:c6:60:82:7a:15:50:92:92:c9:ce:fc:37:
e0:81:5c:9f:13:a6:ef:80:af:c1:ac:f3:9d:4e:37:
68:08:6a:45:9d:0c:1d:97:73:0b:f5:4b:09:93:5d:
66:4f:ac:2e:32:79:c5:02:7d:69:e0:75:b9:5a:ca:
54:c9:05:bf:68:d3:83:bb:b6:0e:81:94:e6:74:8f:
a3:43:f8:9e:b0:72:91:a2:40:ff:db:a6:0f:98:05:
cc:47:7c:29:4e:71:39:4e:c0:1e:94:64:57:ad:ed:
63:c8:b5:81:d1:86:20:aa:fd:4d:30:9c:9c:6c:71:
79:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
83:B9:5B:E2:65:A3:A5:BF:FE:3A:94:9F:FF:8C:91:BE:C8:19:7B:C7
X509v3 Authority Key Identifier:
keyid:63:B4:98:B7:7A:D9:9C:D3:6E:87:6F:0E:2F:ED:69:98:19:2B:C6:12
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y7SYt3rZnNNuh28OL-1pmBkrxhI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/3b49d4-d92e-4fb6-ab7b-97dcda3a3ca5/1/g7lb4mWjpb_-OpSf_4yRvsgZe8c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/3b49d4-d92e-4fb6-ab7b-97dcda3a3ca5/1/Y7SYt3rZnNNuh28OL-1pmBkrxhI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.135.0.0/18
IPv6:
2a0a:1900::/29
Signature Algorithm: sha256WithRSAEncryption
64:71:75:c2:e3:de:50:92:5d:d7:c5:75:c4:c3:7c:bc:54:70:
2a:fc:5c:aa:e3:6b:19:0e:a3:a5:4f:0b:2b:3b:02:03:36:6d:
eb:0f:e7:f9:82:91:b5:ac:1c:ad:b1:b0:50:5d:3d:50:e6:e8:
9a:88:80:f6:b8:c7:95:7f:74:06:55:bb:04:ae:ba:7c:43:9d:
4a:c6:f8:e5:96:87:56:49:17:bf:fd:4d:5e:b0:a2:f2:0a:08:
2b:1c:46:6e:32:ff:55:a7:00:33:ce:da:94:8e:d4:46:40:18:
60:e0:8a:31:91:a9:ed:0c:8f:82:36:18:03:22:b8:be:f2:0d:
a9:1c:17:c5:31:72:27:17:ed:e8:61:62:23:21:77:b3:fb:94:
83:ce:3e:5b:20:e6:fe:ef:e7:44:ab:30:35:1a:2b:5d:03:4a:
b1:7d:0f:a4:7e:d5:46:e6:fe:db:a5:53:5a:f5:e2:28:10:37:
f3:cb:eb:32:55:6d:98:39:e3:f1:47:3f:ba:52:32:06:bc:a7:
c4:2f:88:f8:5f:0e:2e:09:20:0e:79:6c:3c:0e:c9:4a:44:e5:
25:96:b3:4a:1e:c2:4f:57:89:97:59:58:b3:ab:11:75:9b:89:
5c:58:7a:b3:c0:ef:4a:93:0b:8a:fc:69:f9:e6:0d:5c:50:0a:
c0:cb:5e:5a
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIENEov1jANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
M2I0OThiNzdhZDk5Y2QzNmU4NzZmMGUyZmVkNjk5ODE5MmJjNjEyMB4XDTIyMDEw
MTAyMDEyNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoODNiOTViZTI2NWEz
YTViZmZlM2E5NDlmZmY4YzkxYmVjODE5N2JjNzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALi8yP2Ou6rIXfxEgngQyg53WtQNO/PWjnEBguIGsBu6tDVp
WdQ3YNuYwmHxzc8a7mKgF/WVNfYdE3I4FQf5zmwxfSR8SZ7tpd66lo42MBTOjCUS
VqBLhDSToHG98ewYW+XALpIRqHvpS02BWJfV5m/YUMP2eJ9Il8vYGUHq7yAwr35c
fQa9D2egxmCCehVQkpLJzvw34IFcnxOm74CvwazznU43aAhqRZ0MHZdzC/VLCZNd
Zk+sLjJ5xQJ9aeB1uVrKVMkFv2jTg7u2DoGU5nSPo0P4nrBykaJA/9umD5gFzEd8
KU5xOU7AHpRkV63tY8i1gdGGIKr9TTCcnGxxeYUCAwEAAaOCAhgwggIUMB0GA1Ud
DgQWBBSDuVviZaOlv/46lJ//jJG+yBl7xzAfBgNVHSMEGDAWgBRjtJi3etmc026H
bw4v7WmYGSvGEjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1k3U1l0M3Jabk5OdWgyOE9MLTFwbUJrcnhoSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYjMvM2I0OWQ0LWQ5MmUtNGZiNi1hYjdiLTk3ZGNkYTNhM2NhNS8x
L2c3bGI0bVdqcGJfLU9wU2ZfNHlSdnNnWmU4Yy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjMv
M2I0OWQ0LWQ5MmUtNGZiNi1hYjdiLTk3ZGNkYTNhM2NhNS8xL1k3U1l0M3Jabk5O
dWgyOE9MLTFwbUJrcnhoSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAu
BggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEBk6HADANBAIAAjAHAwUDKgoZADAN
BgkqhkiG9w0BAQsFAAOCAQEAZHF1wuPeUJJd18V1xMN8vFRwKvxcquNrGQ6jpU8L
KzsCAzZt6w/n+YKRtawcrbGwUF09UObomoiA9rjHlX90BlW7BK66fEOdSsb45ZaH
VkkXv/1NXrCi8goIKxxGbjL/VacAM87alI7URkAYYOCKMZGp7QyPgjYYAyK4vvIN
qRwXxTFyJxft6GFiIyF3s/uUg84+WyDm/u/nRKswNRorXQNKsX0PpH7VRub+26VT
WvXiKBA388vrMlVtmDnj8Uc/ulIyBrynxC+I+F8OLgkgDnlsPA7JSkTlJZazSh7C
T1eJl1lYs6sRdZuJXFh6s8DvSpMLivxp+eYNXFAKwMteWg==
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:55:58 2025 by rpki-client