Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/7Rbce96es0zyz8yl5ZNOxpg30QE.roa
File: 7Rbce96es0zyz8yl5ZNOxpg30QE.roa (raw, json)
Hash identifier: W6VGZVifK2KT8DI1n+TyMy+/9kbcjjYY89yjDtPrpiA=
Subject key identifier: ED:16:DC:7B:DE:9E:B3:4C:F2:CF:CC:A5:E5:93:4E:C6:98:37:D1:01
Certificate issuer: /CN=7d06a42bb2446e51f192ea375bdf7eec5a51c77f
Certificate serial: 0185076BA582D51B5105FF32942B3C3A4EED
Authority key identifier: 7D:06:A4:2B:B2:44:6E:51:F1:92:EA:37:5B:DF:7E:EC:5A:51:C7:7F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fQakK7JEblHxkuo3W99-7FpRx38.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/7Rbce96es0zyz8yl5ZNOxpg30QE.roa
Signing time: Mon 12 Dec 2022 17:39:33 +0000
ROA not before: Mon 12 Dec 2022 17:39:33 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 400377
IP address blocks: 85.158.151.0/24 maxlen: 24
5.178.0.0/24 maxlen: 24
5.178.1.0/24 maxlen: 24
5.178.4.0/24 maxlen: 24
5.178.6.0/24 maxlen: 24
5.178.7.0/24 maxlen: 24
5.178.5.0/24 maxlen: 24
37.128.202.0/24 maxlen: 24
37.128.200.0/24 maxlen: 24
37.128.201.0/24 maxlen: 24
37.128.203.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:07:6b:a5:82:d5:1b:51:05:ff:32:94:2b:3c:3a:4e:ed
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d06a42bb2446e51f192ea375bdf7eec5a51c77f
Validity
Not Before: Dec 12 17:39:33 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=ed16dc7bde9eb34cf2cfcca5e5934ec69837d101
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:ed:3c:18:98:b1:26:8e:9e:94:41:06:06:64:
07:30:ae:ac:d6:e9:8d:b1:6e:fd:6a:e8:41:08:75:
2a:7c:fa:65:69:68:87:23:12:e9:d7:f3:c8:fb:73:
53:5d:3f:fc:da:40:fa:5a:21:a7:e2:12:4b:58:cc:
0f:21:11:4e:68:00:42:fa:f9:a1:36:2f:e1:04:05:
c4:c2:f5:ef:39:64:00:ea:9d:93:21:38:3e:fc:ca:
a0:e8:54:23:8e:ab:c3:65:03:14:a6:72:c4:0d:2e:
24:e9:ec:b1:b0:c2:21:c5:ff:0a:30:31:84:4a:a7:
28:3b:1a:69:a2:6a:2a:63:f7:96:ba:ca:8b:79:50:
34:59:28:4e:41:e5:aa:63:44:ca:2d:94:2a:af:71:
81:f5:f3:38:19:99:07:d9:ec:d7:48:76:bf:6f:38:
53:d9:42:f8:2c:8a:7e:a9:d5:c0:00:b3:5b:22:87:
e6:21:98:71:43:6b:c4:5d:15:57:d9:96:a2:3c:d6:
4a:cd:9a:38:3a:b6:b8:8a:95:01:ca:66:c6:2d:9f:
a3:37:66:0f:99:4d:9c:dd:d9:0f:12:7c:12:03:cc:
d1:8d:d4:3a:a4:6b:10:90:36:83:aa:5e:f8:65:79:
71:46:1a:1a:75:6f:86:57:6f:db:dc:58:f2:b7:ef:
16:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
ED:16:DC:7B:DE:9E:B3:4C:F2:CF:CC:A5:E5:93:4E:C6:98:37:D1:01
X509v3 Authority Key Identifier:
keyid:7D:06:A4:2B:B2:44:6E:51:F1:92:EA:37:5B:DF:7E:EC:5A:51:C7:7F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fQakK7JEblHxkuo3W99-7FpRx38.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/7Rbce96es0zyz8yl5ZNOxpg30QE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/fQakK7JEblHxkuo3W99-7FpRx38.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.178.0.0/23
5.178.4.0/22
37.128.200.0/22
85.158.151.0/24
Signature Algorithm: sha256WithRSAEncryption
03:bc:a8:bf:d5:0e:9d:7a:6c:83:43:35:00:11:45:22:f1:d0:
66:2c:63:65:b4:54:76:43:90:94:81:ca:ac:0f:e0:9a:1c:dd:
09:7d:bd:fc:0f:42:56:ad:33:4c:6b:4e:6c:0d:11:0d:4f:10:
40:a5:6c:cd:96:4a:54:0b:6c:3e:5a:d3:02:9a:d3:d6:4e:78:
7a:d7:ee:c7:cf:b2:60:5e:0b:b0:14:04:f5:67:13:24:e8:3e:
57:d2:f6:05:da:1c:e5:f9:1e:48:0e:74:7c:3d:91:dd:9d:28:
36:43:90:3a:83:d7:cc:8b:67:17:c8:bb:f6:ab:92:79:27:6c:
36:52:8d:ac:5d:65:9b:cf:68:d6:2f:bb:30:2b:85:b6:cf:3f:
53:ff:22:a2:88:d3:47:8e:eb:bb:51:6d:4c:7d:14:1a:66:fa:
72:b9:ae:dc:23:7a:97:23:27:64:dc:6b:49:54:74:a8:25:e8:
01:29:de:1c:10:e3:74:4b:4a:2a:e2:f6:e7:d4:12:57:ad:61:
93:d3:31:8d:da:b2:23:bd:17:46:b5:69:44:b6:bc:ac:da:ca:
3b:97:1b:8f:cc:7e:90:6f:23:84:33:4f:5b:1d:bd:27:b9:8a:
43:53:a9:47:86:4a:3f:21:9f:a9:bf:45:14:77:2e:6b:50:e3:
c3:cd:0c:10
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYUHa6WC1RtRBf8ylCs8Ok7tMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkMDZhNDJiYjI0NDZlNTFmMTkyZWEzNzViZGY3ZWVjNWE1
MWM3N2YwHhcNMjIxMjEyMTczOTMzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZDE2ZGM3YmRlOWViMzRjZjJjZmNjYTVlNTkzNGVjNjk4MzdkMTAxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm+08GJixJo6elEEGBmQHMK6s1umN
sW79auhBCHUqfPplaWiHIxLp1/PI+3NTXT/82kD6WiGn4hJLWMwPIRFOaABC+vmh
Ni/hBAXEwvXvOWQA6p2TITg+/Mqg6FQjjqvDZQMUpnLEDS4k6eyxsMIhxf8KMDGE
SqcoOxppomoqY/eWusqLeVA0WShOQeWqY0TKLZQqr3GB9fM4GZkH2ezXSHa/bzhT
2UL4LIp+qdXAALNbIofmIZhxQ2vEXRVX2ZaiPNZKzZo4Ora4ipUBymbGLZ+jN2YP
mU2c3dkPEnwSA8zRjdQ6pGsQkDaDql74ZXlxRhoadW+GV2/b3Fjyt+8W3wIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFO0W3HvenrNM8s/MpeWTTsaYN9EBMB8GA1UdIwQY
MBaAFH0GpCuyRG5R8ZLqN1vffuxaUcd/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlFha0s3SkVibEh4a3VvM1c5OS03RnBSeDM4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYy83ODAwMmEtNGZjMC00ZGJmLTg1ODUt
MmNmODA2YjJkMGYyLzEvN1JiY2U5NmVzMHp5ejh5bDVaTk94cGczMFFFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYy83ODAwMmEtNGZjMC00ZGJmLTg1ODUtMmNmODA2YjJkMGYy
LzEvZlFha0s3SkVibEh4a3VvM1c5OS03RnBSeDM4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQBBbIAAwQC
BbIEAwQCJYDIAwQAVZ6XMA0GCSqGSIb3DQEBCwUAA4IBAQADvKi/1Q6demyDQzUA
EUUi8dBmLGNltFR2Q5CUgcqsD+CaHN0Jfb38D0JWrTNMa05sDRENTxBApWzNlkpU
C2w+WtMCmtPWTnh61+7Hz7JgXguwFAT1ZxMk6D5X0vYF2hzl+R5IDnR8PZHdnSg2
Q5A6g9fMi2cXyLv2q5J5J2w2Uo2sXWWbz2jWL7swK4W2zz9T/yKiiNNHjuu7UW1M
fRQaZvpyua7cI3qXIydk3GtJVHSoJegBKd4cEON0S0oq4vbn1BJXrWGT0zGN2rIj
vRdGtWlEtrys2so7lxuPzH6QbyOEM09bHb0nuYpDU6lHhko/IZ+pv0UUdy5rUOPD
zQwQ
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:06:00 2023 by rpki-client on console-fra.rpki-client.org