Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b4/a5b2d1-cba0-4a54-b438-0d44c04a8448/1/xq3HEX9xnK1F9-mn6AVo_HbT5xs.roa
File: xq3HEX9xnK1F9-mn6AVo_HbT5xs.roa (raw, json)
Hash identifier: PFDE8niWjFvqBoFVt7j9IpwFdel4rGZcxBxh2wLSdUA=
Subject key identifier: C6:AD:C7:11:7F:71:9C:AD:45:F7:E9:A7:E8:05:68:FC:76:D3:E7:1B
Certificate issuer: /CN=a0d3216cccc863eca0c3dd189941b1b9ea37cacd
Certificate serial: 51296C
Authority key identifier: A0:D3:21:6C:CC:C8:63:EC:A0:C3:DD:18:99:41:B1:B9:EA:37:CA:CD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oNMhbMzIY-ygw90YmUGxueo3ys0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b4/a5b2d1-cba0-4a54-b438-0d44c04a8448/1/xq3HEX9xnK1F9-mn6AVo_HbT5xs.roa
Signing time: Tue 01 Feb 2022 13:35:30 +0000
ROA not before: Tue 01 Feb 2022 13:35:30 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 210403
IP address blocks: 78.138.45.0/24 maxlen: 24
78.138.58.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5319020 (0x51296c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a0d3216cccc863eca0c3dd189941b1b9ea37cacd
Validity
Not Before: Feb 1 13:35:30 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=c6adc7117f719cad45f7e9a7e80568fc76d3e71b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:12:fb:8e:8c:df:b6:48:1f:ff:64:9b:29:0f:
b7:f1:b7:2a:e9:8a:40:ef:22:b8:e4:66:d5:49:6e:
42:60:89:ed:80:74:45:dd:cf:5c:c1:51:35:4c:ea:
e5:4e:a4:cf:a3:2c:e2:97:0b:3c:6f:86:1d:58:04:
51:a9:7a:2c:f6:89:25:ec:71:0f:c4:1b:8b:bc:4b:
4a:02:b5:5c:da:6d:3d:d4:34:2b:af:b5:93:e0:ae:
1a:50:cd:9f:26:f8:a2:f1:d4:35:74:d5:f8:ed:2a:
c8:a2:e0:75:06:4c:54:65:ce:e2:bd:2c:7e:f4:23:
be:30:b5:03:9c:17:cb:d6:61:fb:aa:1a:1e:d9:82:
76:71:44:ef:7c:f1:d8:06:7d:a5:10:9a:89:97:86:
47:9b:ab:35:ef:84:72:8b:8b:46:bc:47:2c:62:f4:
bd:25:ce:e1:2b:85:51:5a:a2:60:22:8b:44:75:5b:
93:60:66:58:aa:dd:de:a0:63:25:6f:86:47:97:57:
2d:d3:59:75:28:40:5b:72:5c:69:8e:e5:5c:9c:b6:
10:2b:5f:d5:89:c8:37:74:ba:f0:30:eb:cc:81:1e:
03:29:b7:23:00:65:70:d0:b7:94:21:a1:18:c2:93:
82:07:25:37:75:85:7b:f1:fa:e1:3d:80:17:bf:4b:
a6:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:AD:C7:11:7F:71:9C:AD:45:F7:E9:A7:E8:05:68:FC:76:D3:E7:1B
X509v3 Authority Key Identifier:
keyid:A0:D3:21:6C:CC:C8:63:EC:A0:C3:DD:18:99:41:B1:B9:EA:37:CA:CD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oNMhbMzIY-ygw90YmUGxueo3ys0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/a5b2d1-cba0-4a54-b438-0d44c04a8448/1/xq3HEX9xnK1F9-mn6AVo_HbT5xs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/a5b2d1-cba0-4a54-b438-0d44c04a8448/1/oNMhbMzIY-ygw90YmUGxueo3ys0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.138.45.0/24
78.138.58.0/24
Signature Algorithm: sha256WithRSAEncryption
ae:1b:15:cc:7b:37:b1:69:e7:cb:6a:47:30:63:8c:cf:0b:cd:
73:d3:0e:31:50:cd:4b:fc:d7:a0:6e:f6:b9:cc:da:52:dc:30:
e2:5c:40:52:0a:86:3f:fd:d9:6b:8b:89:18:55:b5:bc:91:34:
ca:b2:a0:6d:62:8d:45:0c:da:aa:c4:c8:28:30:a9:0b:88:c2:
7a:26:54:e2:c0:7d:2c:24:19:b8:3f:24:06:f1:d7:5f:c4:ad:
ea:20:6a:76:bc:38:ff:71:a4:83:88:72:cc:98:59:1a:53:ee:
f5:88:a1:a4:7e:b2:30:2a:49:bb:47:a8:db:18:c3:f6:4e:4c:
4e:44:dc:f6:c6:ef:1f:6a:65:b6:ef:3a:75:5c:21:87:25:d7:
eb:de:a0:9b:f7:0c:28:29:aa:1b:0f:b3:51:8d:bc:60:11:0c:
9b:ee:d0:c4:41:26:11:43:a2:01:90:ab:bb:09:6f:3e:82:50:
a3:d4:d9:a3:bf:2c:53:55:1a:2f:b1:51:de:20:ce:9f:de:87:
22:c9:79:0e:3f:63:0b:63:67:c1:ed:c1:2d:33:67:4b:68:ee:
92:0a:3c:1e:83:57:66:94:b6:65:93:5c:b9:7a:c4:46:91:47:
dd:81:81:65:b3:b9:8e:ba:4a:3f:02:c8:48:2d:08:b2:de:8f:
26:ae:78:66
-----BEGIN CERTIFICATE-----
MIIE9DCCA9ygAwIBAgIDUSlsMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGEw
ZDMyMTZjY2NjODYzZWNhMGMzZGQxODk5NDFiMWI5ZWEzN2NhY2QwHhcNMjIwMjAx
MTMzNTMwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyhjNmFkYzcxMTdmNzE5
Y2FkNDVmN2U5YTdlODA1NjhmYzc2ZDNlNzFiMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEArxL7jozftkgf/2SbKQ+38bcq6YpA7yK45GbVSW5CYIntgHRF
3c9cwVE1TOrlTqTPoyzilws8b4YdWARRqXos9okl7HEPxBuLvEtKArVc2m091DQr
r7WT4K4aUM2fJvii8dQ1dNX47SrIouB1BkxUZc7ivSx+9CO+MLUDnBfL1mH7qhoe
2YJ2cUTvfPHYBn2lEJqJl4ZHm6s174Ryi4tGvEcsYvS9Jc7hK4VRWqJgIotEdVuT
YGZYqt3eoGMlb4ZHl1ct01l1KEBbclxpjuVcnLYQK1/Vicg3dLrwMOvMgR4DKbcj
AGVw0LeUIaEYwpOCByU3dYV78frhPYAXv0umBQIDAQABo4ICDzCCAgswHQYDVR0O
BBYEFMatxxF/cZytRffpp+gFaPx20+cbMB8GA1UdIwQYMBaAFKDTIWzMyGPsoMPd
GJlBsbnqN8rNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
b05NaGJNeklZLXlndzkwWW1VR3h1ZW8zeXMwLmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9iNC9hNWIyZDEtY2JhMC00YTU0LWI0MzgtMGQ0NGMwNGE4NDQ4LzEv
eHEzSEVYOXhuSzFGOS1tbjZBVm9fSGJUNXhzLnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNC9h
NWIyZDEtY2JhMC00YTU0LWI0MzgtMGQ0NGMwNGE4NDQ4LzEvb05NaGJNeklZLXln
dzkwWW1VR3h1ZW8zeXMwLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCUG
CCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQATootAwQAToo6MA0GCSqGSIb3DQEB
CwUAA4IBAQCuGxXMezexaefLakcwY4zPC81z0w4xUM1L/Negbva5zNpS3DDiXEBS
CoY//dlri4kYVbW8kTTKsqBtYo1FDNqqxMgoMKkLiMJ6JlTiwH0sJBm4PyQG8ddf
xK3qIGp2vDj/caSDiHLMmFkaU+71iKGkfrIwKkm7R6jbGMP2TkxORNz2xu8famW2
7zp1XCGHJdfr3qCb9wwoKaobD7NRjbxgEQyb7tDEQSYRQ6IBkKu7CW8+glCj1Nmj
vyxTVRovsVHeIM6f3ociyXkOP2MLY2fB7cEtM2dLaO6SCjweg1dmlLZlk1y5esRG
kUfdgYFls7mOuko/AshILQiy3o8mrnhm
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:39:42 2024 by rpki-client on console-ams.rpki-client.org