Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/1f6458-dc75-4add-ae72-91e3184bb0ab/1/FY0LznxV4r07NEtVKIftruS6vnY.roa
File: FY0LznxV4r07NEtVKIftruS6vnY.roa (raw, json)
Hash identifier: mprLnvAAK9Scqrv56OrTiYA4aGqthdFhBx/BJIpQcwU=
Subject key identifier: 15:8D:0B:CE:7C:55:E2:BD:3B:34:4B:55:28:87:ED:AE:E4:BA:BE:76
Certificate issuer: /CN=1aca63df248b7adf3ddd07e8c2d3eedd02cef933
Certificate serial: 3A0103EA
Authority key identifier: 1A:CA:63:DF:24:8B:7A:DF:3D:DD:07:E8:C2:D3:EE:DD:02:CE:F9:33
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Gspj3ySLet893QfowtPu3QLO-TM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/1f6458-dc75-4add-ae72-91e3184bb0ab/1/FY0LznxV4r07NEtVKIftruS6vnY.roa
Signing time: Sat 01 Jan 2022 14:00:37 +0000
ROA not before: Sat 01 Jan 2022 14:00:37 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 197848
IP address blocks: 78.133.240.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 973145066 (0x3a0103ea)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1aca63df248b7adf3ddd07e8c2d3eedd02cef933
Validity
Not Before: Jan 1 14:00:37 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=158d0bce7c55e2bd3b344b552887edaee4babe76
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:1d:45:ff:f1:78:74:be:ba:2b:45:8c:04:b8:
33:46:b1:02:9e:7b:26:e3:e2:8a:67:2e:bb:bb:fd:
72:81:bb:8d:54:e2:d8:2e:e0:cb:b4:8f:a7:32:94:
5b:89:61:d1:cd:f1:85:38:de:68:8b:4f:a5:9f:8a:
3a:dd:71:b6:d5:69:52:ec:7c:2b:f3:77:86:9e:0b:
2e:1e:04:b6:87:b5:bf:9b:0b:76:ef:d8:f0:bd:78:
ee:2a:2b:cf:7f:a6:f3:85:0c:a6:a8:76:db:a3:28:
ac:1b:ba:64:d8:17:21:57:30:d7:db:b8:ad:93:d8:
0e:f0:f0:26:bd:15:4f:06:18:89:3d:ef:f4:bf:cf:
8d:a9:23:1f:61:63:f9:01:94:67:17:61:c9:f8:73:
97:4d:a0:6b:0f:62:5c:0f:44:4e:4b:6c:67:5e:32:
20:c5:ef:9c:5f:a6:16:de:b7:97:8b:c6:65:4c:0f:
39:c2:73:ff:c9:d7:58:6b:ff:68:73:ac:4b:d6:0b:
14:0e:c1:4b:5b:47:ce:78:34:48:65:91:6e:a2:af:
02:06:ce:89:bb:c8:77:68:56:5d:95:f0:55:0d:ba:
30:9d:3a:e6:a7:8f:a1:1c:83:c2:b9:f4:45:79:bd:
2a:9c:b5:02:ed:64:4d:01:e7:90:35:9d:2e:ff:30:
de:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
15:8D:0B:CE:7C:55:E2:BD:3B:34:4B:55:28:87:ED:AE:E4:BA:BE:76
X509v3 Authority Key Identifier:
keyid:1A:CA:63:DF:24:8B:7A:DF:3D:DD:07:E8:C2:D3:EE:DD:02:CE:F9:33
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Gspj3ySLet893QfowtPu3QLO-TM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/1f6458-dc75-4add-ae72-91e3184bb0ab/1/FY0LznxV4r07NEtVKIftruS6vnY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/be/1f6458-dc75-4add-ae72-91e3184bb0ab/1/Gspj3ySLet893QfowtPu3QLO-TM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.133.240.0/22
Signature Algorithm: sha256WithRSAEncryption
03:18:92:f8:4c:ac:25:ff:fb:57:1a:9e:6a:e1:39:4f:50:b6:
09:71:1a:18:6d:5f:26:b0:79:c4:3c:79:f1:8c:df:5e:5d:1d:
4c:7e:00:1b:0b:e8:c9:7d:0d:98:1d:ad:76:d5:65:16:07:9d:
4b:df:2f:53:2e:c6:37:78:b8:f1:83:ca:15:11:29:4f:3e:c8:
14:8c:7f:77:c3:9c:7f:69:2f:20:6f:85:4e:4a:a4:1b:51:92:
44:1c:9a:06:89:d6:ec:aa:b8:a9:eb:e1:de:61:31:86:07:53:
5e:5a:ba:64:90:91:e7:dd:9f:73:4e:66:74:1d:16:e0:19:e0:
18:21:38:3f:04:3a:b5:5e:89:26:b7:07:05:2e:0a:09:c0:1f:
d2:16:db:07:69:21:5f:5e:9a:ca:06:2a:d8:47:51:f9:fe:91:
19:5c:b7:a8:01:d4:7e:68:b3:ad:c5:5b:af:84:35:c2:e2:75:
80:6c:ee:4d:ff:f4:ae:5c:79:f9:6b:af:e3:dd:2f:fc:ae:8c:
25:ca:de:37:95:c1:2b:5d:76:6d:10:49:16:9a:46:4d:0c:fd:
43:0f:b9:3f:4e:27:34:a6:bc:66:c2:81:a2:d6:69:02:2c:23:
3a:6c:8a:c7:41:a5:97:12:e8:38:35:7a:5f:61:f3:dd:98:cc:
5d:e7:60:c6
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEOgED6jANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
YWNhNjNkZjI0OGI3YWRmM2RkZDA3ZThjMmQzZWVkZDAyY2VmOTMzMB4XDTIyMDEw
MTE0MDAzN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMTU4ZDBiY2U3YzU1
ZTJiZDNiMzQ0YjU1Mjg4N2VkYWVlNGJhYmU3NjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKodRf/xeHS+uitFjAS4M0axAp57JuPiimcuu7v9coG7jVTi
2C7gy7SPpzKUW4lh0c3xhTjeaItPpZ+KOt1xttVpUux8K/N3hp4LLh4Etoe1v5sL
du/Y8L147iorz3+m84UMpqh226MorBu6ZNgXIVcw19u4rZPYDvDwJr0VTwYYiT3v
9L/PjakjH2Fj+QGUZxdhyfhzl02gaw9iXA9ETktsZ14yIMXvnF+mFt63l4vGZUwP
OcJz/8nXWGv/aHOsS9YLFA7BS1tHzng0SGWRbqKvAgbOibvId2hWXZXwVQ26MJ06
5qePoRyDwrn0RXm9Kpy1Au1kTQHnkDWdLv8w3oMCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQVjQvOfFXivTs0S1Uoh+2u5Lq+djAfBgNVHSMEGDAWgBQaymPfJIt63z3d
B+jC0+7dAs75MzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0dzcGozeVNMZXQ4OTNRZm93dFB1M1FMTy1UTS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYmUvMWY2NDU4LWRjNzUtNGFkZC1hZTcyLTkxZTMxODRiYjBhYi8x
L0ZZMEx6bnhWNHIwN05FdFZLSWZ0cnVTNnZuWS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYmUv
MWY2NDU4LWRjNzUtNGFkZC1hZTcyLTkxZTMxODRiYjBhYi8xL0dzcGozeVNMZXQ4
OTNRZm93dFB1M1FMTy1UTS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAk6F8DANBgkqhkiG9w0BAQsFAAOC
AQEAAxiS+EysJf/7VxqeauE5T1C2CXEaGG1fJrB5xDx58YzfXl0dTH4AGwvoyX0N
mB2tdtVlFgedS98vUy7GN3i48YPKFREpTz7IFIx/d8Ocf2kvIG+FTkqkG1GSRBya
BonW7Kq4qevh3mExhgdTXlq6ZJCR592fc05mdB0W4BngGCE4PwQ6tV6JJrcHBS4K
CcAf0hbbB2khX16aygYq2EdR+f6RGVy3qAHUfmizrcVbr4Q1wuJ1gGzuTf/0rlx5
+Wuv490v/K6MJcreN5XBK112bRBJFppGTQz9Qw+5P04nNKa8ZsKBotZpAiwjOmyK
x0GllxLoODV6X2Hz3ZjMXedgxg==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:07:02 2023 by rpki-client on console-ams.rpki-client.org