Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/_cO5DXXX8BY7ZF-JeL6D_RtCU1U.roa
File: _cO5DXXX8BY7ZF-JeL6D_RtCU1U.roa (raw, json)
Hash identifier: UE/M2edDDFQeA+wweW3oXysmxb//I+0/ZyPhH5bh+VE=
Subject key identifier: FD:C3:B9:0D:75:D7:F0:16:3B:64:5F:89:78:BE:83:FD:1B:42:53:55
Certificate issuer: /CN=7d06a42bb2446e51f192ea375bdf7eec5a51c77f
Certificate serial: 018507933A56EEE7091BDFFD872ED557F5C5
Authority key identifier: 7D:06:A4:2B:B2:44:6E:51:F1:92:EA:37:5B:DF:7E:EC:5A:51:C7:7F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fQakK7JEblHxkuo3W99-7FpRx38.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/_cO5DXXX8BY7ZF-JeL6D_RtCU1U.roa
Signing time: Mon 12 Dec 2022 18:22:47 +0000
ROA not before: Mon 12 Dec 2022 18:22:47 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 400377
IP address blocks: 85.158.150.0/24 maxlen: 24
5.178.0.0/24 maxlen: 24
5.178.1.0/24 maxlen: 24
5.178.4.0/24 maxlen: 24
5.178.6.0/24 maxlen: 24
5.178.7.0/24 maxlen: 24
5.178.5.0/24 maxlen: 24
37.128.202.0/24 maxlen: 24
37.128.200.0/24 maxlen: 24
37.128.201.0/24 maxlen: 24
37.128.203.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:07:93:3a:56:ee:e7:09:1b:df:fd:87:2e:d5:57:f5:c5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d06a42bb2446e51f192ea375bdf7eec5a51c77f
Validity
Not Before: Dec 12 18:22:47 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=fdc3b90d75d7f0163b645f8978be83fd1b425355
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:7e:7d:37:2c:e8:8c:87:84:76:06:4c:28:65:
ff:5b:7c:e4:97:a2:01:fc:0d:92:0e:6d:13:d5:25:
ff:37:2e:67:d9:01:6f:f3:07:b9:52:40:ad:87:91:
c6:04:a5:0f:ef:a1:02:18:3e:16:ee:65:71:23:22:
02:8e:81:c3:88:98:ad:a9:69:38:e0:16:e2:5e:c8:
b5:7d:8f:87:4f:25:14:98:83:9e:56:90:ce:fd:0d:
9a:7d:10:9e:19:b6:c0:cc:89:6b:4d:81:01:b5:76:
61:2f:b9:68:a0:5d:09:3a:65:79:f7:a1:87:0b:7c:
e5:f4:8d:bd:52:1d:3b:d5:db:01:47:55:a4:b2:e7:
83:6c:5d:ec:f2:66:d9:b2:ab:f3:b4:34:59:be:55:
bb:fc:fd:e1:77:87:8c:b4:64:ed:f6:2c:7f:f6:73:
0f:8c:72:e1:1c:95:d9:ef:f4:24:04:fe:76:2f:a3:
dc:fd:62:0c:3e:e5:79:59:d6:51:10:89:59:87:52:
5f:0a:57:ff:19:2a:66:07:70:2c:24:b0:f5:5d:e1:
3b:14:22:ce:ed:ec:df:34:01:86:f3:ff:6c:06:f8:
7f:61:fd:42:a0:82:46:be:4e:46:03:f3:d5:fd:f2:
ff:2c:27:1d:f7:57:f5:77:e3:46:a0:8e:13:bc:14:
3a:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FD:C3:B9:0D:75:D7:F0:16:3B:64:5F:89:78:BE:83:FD:1B:42:53:55
X509v3 Authority Key Identifier:
keyid:7D:06:A4:2B:B2:44:6E:51:F1:92:EA:37:5B:DF:7E:EC:5A:51:C7:7F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fQakK7JEblHxkuo3W99-7FpRx38.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/_cO5DXXX8BY7ZF-JeL6D_RtCU1U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/fQakK7JEblHxkuo3W99-7FpRx38.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.178.0.0/23
5.178.4.0/22
37.128.200.0/22
85.158.150.0/24
Signature Algorithm: sha256WithRSAEncryption
80:03:de:17:32:d5:b1:cb:8a:16:12:c6:73:3e:9e:57:1e:3c:
5c:85:48:7e:0b:c1:8d:e0:3d:1f:d1:97:09:e7:21:9a:65:5c:
51:84:77:29:8a:36:7c:5b:54:1e:1e:ef:32:95:f3:f9:e1:55:
bb:64:bb:44:e7:b4:6e:7c:06:b0:ea:d3:30:21:05:ca:5f:a0:
db:08:bd:7a:31:66:67:aa:db:87:09:4e:66:52:e2:f4:56:cb:
97:c2:74:d8:9d:3a:64:67:5f:83:d6:23:23:b8:fb:0c:0e:36:
88:4f:4c:c2:0e:bd:64:ef:7c:c9:c5:1d:ff:e1:b5:b7:19:96:
29:1e:59:86:02:7a:51:3e:0c:7d:ff:d9:69:82:87:31:f6:16:
98:b0:36:e3:3b:f8:97:ed:16:ed:35:bf:8d:60:d5:b4:9f:03:
87:8f:f4:c6:e5:82:51:a4:13:1a:07:89:67:34:2c:6a:f3:f7:
39:68:68:e7:18:74:33:12:1d:d2:ec:6c:3b:ea:de:9f:9d:02:
0b:3b:5f:cf:bd:14:7d:7f:38:8c:f4:57:67:d3:a1:08:7b:33:
41:f8:bd:ad:fd:d1:36:f2:7f:8d:01:70:e9:d2:f7:73:ec:24:
e9:9e:9e:41:b0:93:e5:b4:d1:ae:a1:1a:96:d9:8d:40:3b:ae:
4b:da:0b:86
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYUHkzpW7ucJG9/9hy7VV/XFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkMDZhNDJiYjI0NDZlNTFmMTkyZWEzNzViZGY3ZWVjNWE1
MWM3N2YwHhcNMjIxMjEyMTgyMjQ3WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZGMzYjkwZDc1ZDdmMDE2M2I2NDVmODk3OGJlODNmZDFiNDI1MzU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp359NyzojIeEdgZMKGX/W3zkl6IB
/A2SDm0T1SX/Ny5n2QFv8we5UkCth5HGBKUP76ECGD4W7mVxIyICjoHDiJitqWk4
4BbiXsi1fY+HTyUUmIOeVpDO/Q2afRCeGbbAzIlrTYEBtXZhL7looF0JOmV596GH
C3zl9I29Uh071dsBR1WksueDbF3s8mbZsqvztDRZvlW7/P3hd4eMtGTt9ix/9nMP
jHLhHJXZ7/QkBP52L6Pc/WIMPuV5WdZREIlZh1JfClf/GSpmB3AsJLD1XeE7FCLO
7ezfNAGG8/9sBvh/Yf1CoIJGvk5GA/PV/fL/LCcd91f1d+NGoI4TvBQ6YwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFP3DuQ111/AWO2RfiXi+g/0bQlNVMB8GA1UdIwQY
MBaAFH0GpCuyRG5R8ZLqN1vffuxaUcd/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlFha0s3SkVibEh4a3VvM1c5OS03RnBSeDM4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYy83ODAwMmEtNGZjMC00ZGJmLTg1ODUt
MmNmODA2YjJkMGYyLzEvX2NPNURYWFg4Qlk3WkYtSmVMNkRfUnRDVTFVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYy83ODAwMmEtNGZjMC00ZGJmLTg1ODUtMmNmODA2YjJkMGYy
LzEvZlFha0s3SkVibEh4a3VvM1c5OS03RnBSeDM4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQBBbIAAwQC
BbIEAwQCJYDIAwQAVZ6WMA0GCSqGSIb3DQEBCwUAA4IBAQCAA94XMtWxy4oWEsZz
Pp5XHjxchUh+C8GN4D0f0ZcJ5yGaZVxRhHcpijZ8W1QeHu8ylfP54VW7ZLtE57Ru
fAaw6tMwIQXKX6DbCL16MWZnqtuHCU5mUuL0VsuXwnTYnTpkZ1+D1iMjuPsMDjaI
T0zCDr1k73zJxR3/4bW3GZYpHlmGAnpRPgx9/9lpgocx9haYsDbjO/iX7RbtNb+N
YNW0nwOHj/TG5YJRpBMaB4lnNCxq8/c5aGjnGHQzEh3S7Gw76t6fnQILO1/PvRR9
fziM9Fdn06EIezNB+L2t/dE28n+NAXDp0vdz7CTpnp5BsJPltNGuoRqW2Y1AO65L
2guG
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:09:50 2023 by rpki-client on console-ams.rpki-client.org