Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/c_b8OKbZOd-1TPCDXXE0kCHdgoY.roa
File: c_b8OKbZOd-1TPCDXXE0kCHdgoY.roa (raw, json)
Hash identifier: lgJqDeJjAZKLW47CIM4nL9IUFkA47oJTi4/RVW28sP8=
Subject key identifier: 73:F6:FC:38:A6:D9:39:DF:B5:4C:F0:83:5D:71:34:90:21:DD:82:86
Certificate issuer: /CN=7d06a42bb2446e51f192ea375bdf7eec5a51c77f
Certificate serial: 03F3078B
Authority key identifier: 7D:06:A4:2B:B2:44:6E:51:F1:92:EA:37:5B:DF:7E:EC:5A:51:C7:7F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fQakK7JEblHxkuo3W99-7FpRx38.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/c_b8OKbZOd-1TPCDXXE0kCHdgoY.roa
Signing time: Wed 15 Jun 2022 11:39:44 +0000
ROA not before: Wed 15 Jun 2022 11:39:44 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 400377
IP address blocks: 85.158.145.0/24 maxlen: 24
5.178.4.0/24 maxlen: 24
109.205.211.0/24 maxlen: 24
5.178.6.0/24 maxlen: 24
5.178.7.0/24 maxlen: 24
5.178.5.0/24 maxlen: 24
5.10.243.0/24 maxlen: 24
5.10.246.0/24 maxlen: 24
5.10.249.0/24 maxlen: 24
5.10.252.0/24 maxlen: 24
5.10.255.0/24 maxlen: 24
88.151.199.0/24 maxlen: 24
164.215.96.0/24 maxlen: 24
164.215.97.0/24 maxlen: 24
164.215.98.0/24 maxlen: 24
164.215.99.0/24 maxlen: 24
5.10.240.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 66258827 (0x3f3078b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d06a42bb2446e51f192ea375bdf7eec5a51c77f
Validity
Not Before: Jun 15 11:39:44 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=73f6fc38a6d939dfb54cf0835d71349021dd8286
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e9:31:6e:b6:68:8a:62:f4:05:78:a6:aa:eb:5d:
33:1e:6b:a7:90:a0:bc:b4:bb:e2:86:d4:33:3f:35:
f1:d7:b3:62:c2:c8:11:82:f5:51:5a:58:25:fc:7c:
87:9f:46:bf:0f:e2:fc:c6:cc:8e:3e:71:cd:9e:0c:
4d:d2:3f:49:ef:25:98:d7:90:a1:9e:a3:f7:70:34:
db:8d:68:71:11:a3:54:e0:b3:85:5a:05:e7:c8:76:
ea:a8:96:ca:fc:bd:eb:39:88:cc:6a:d9:b9:5b:00:
28:08:70:13:92:3a:4c:5a:99:af:94:5f:de:8e:91:
96:46:62:6b:e4:fd:8b:08:27:3a:c1:79:0b:47:b5:
07:c3:26:d3:f9:a6:fe:2c:6e:76:80:21:6c:0c:a3:
f1:f4:78:60:05:16:d4:9a:dc:aa:3e:9c:a9:a5:5d:
bf:24:ae:c7:6a:2f:34:3a:53:38:6c:85:e2:c8:09:
e3:fa:c9:7b:59:4a:29:76:36:13:1d:30:b1:a4:e8:
dd:23:34:f2:cf:63:1b:0f:fb:6f:c9:d8:23:ef:7f:
a0:13:7a:ea:97:3d:9c:22:11:0d:6a:f6:fd:28:86:
fd:55:af:d4:c9:9f:c9:65:cc:bb:9a:f6:e9:12:1b:
e4:79:b7:19:d8:65:cc:bb:86:0e:e2:8e:3c:82:69:
8d:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
73:F6:FC:38:A6:D9:39:DF:B5:4C:F0:83:5D:71:34:90:21:DD:82:86
X509v3 Authority Key Identifier:
keyid:7D:06:A4:2B:B2:44:6E:51:F1:92:EA:37:5B:DF:7E:EC:5A:51:C7:7F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fQakK7JEblHxkuo3W99-7FpRx38.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/c_b8OKbZOd-1TPCDXXE0kCHdgoY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/fQakK7JEblHxkuo3W99-7FpRx38.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.10.240.0/24
5.10.243.0/24
5.10.246.0/24
5.10.249.0/24
5.10.252.0/24
5.10.255.0/24
5.178.4.0/22
85.158.145.0/24
88.151.199.0/24
109.205.211.0/24
164.215.96.0/22
Signature Algorithm: sha256WithRSAEncryption
c9:46:fa:40:35:80:9c:54:14:30:62:ff:90:5d:3e:cd:30:00:
62:7d:ab:62:db:91:be:32:83:89:a5:4e:78:1a:96:98:75:f9:
72:01:5f:73:e2:84:03:1f:bf:97:46:9a:7e:08:cf:f7:1f:8c:
e5:67:39:11:43:42:dd:cd:96:b1:0f:98:32:8b:42:1a:26:a9:
2b:90:bf:35:09:bb:7c:d3:c7:1e:dd:6b:f8:88:91:cd:a3:de:
64:9c:33:b8:d4:fd:69:06:63:03:fd:83:83:af:6b:49:a1:fa:
6a:e4:00:f4:09:2b:e6:98:8a:a7:fd:0a:a4:d1:af:05:82:bb:
0e:8b:23:17:6e:75:37:01:b4:93:d7:d1:ca:d5:bc:e2:07:fb:
72:2a:a1:97:06:18:27:c4:72:4c:36:11:0f:97:cb:37:3e:46:
d3:bc:e5:4a:3c:f2:b5:18:e0:99:ac:d8:cb:de:5a:a1:7a:4f:
1a:af:37:78:48:f7:e2:36:92:e2:9c:a4:2e:5d:95:a6:87:2c:
69:14:9b:f6:61:32:29:e9:a5:00:c0:71:f6:bb:4a:40:e4:a8:
a3:7c:71:fd:f5:2d:07:54:f2:1e:20:b6:5a:29:51:55:25:9e:
8c:08:54:ce:14:40:83:5f:33:4d:1b:b2:01:94:24:31:1d:c9:
b3:1f:2b:e9
-----BEGIN CERTIFICATE-----
MIIFKzCCBBOgAwIBAgIEA/MHizANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
ZDA2YTQyYmIyNDQ2ZTUxZjE5MmVhMzc1YmRmN2VlYzVhNTFjNzdmMB4XDTIyMDYx
NTExMzk0NFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNzNmNmZjMzhhNmQ5
MzlkZmI1NGNmMDgzNWQ3MTM0OTAyMWRkODI4NjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOkxbrZoimL0BXimqutdMx5rp5CgvLS74obUMz818dezYsLI
EYL1UVpYJfx8h59Gvw/i/MbMjj5xzZ4MTdI/Se8lmNeQoZ6j93A0241ocRGjVOCz
hVoF58h26qiWyvy96zmIzGrZuVsAKAhwE5I6TFqZr5Rf3o6RlkZia+T9iwgnOsF5
C0e1B8Mm0/mm/ixudoAhbAyj8fR4YAUW1Jrcqj6cqaVdvySux2ovNDpTOGyF4sgJ
4/rJe1lKKXY2Ex0wsaTo3SM08s9jGw/7b8nYI+9/oBN66pc9nCIRDWr2/SiG/VWv
1MmfyWXMu5r26RIb5Hm3GdhlzLuGDuKOPIJpjXcCAwEAAaOCAkUwggJBMB0GA1Ud
DgQWBBRz9vw4ptk537VM8INdcTSQId2ChjAfBgNVHSMEGDAWgBR9BqQrskRuUfGS
6jdb337sWlHHfzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2ZRYWtLN0pFYmxIeGt1bzNXOTktN0ZwUngzOC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZWMvNzgwMDJhLTRmYzAtNGRiZi04NTg1LTJjZjgwNmIyZDBmMi8x
L2NfYjhPS2JaT2QtMVRQQ0RYWEUwa0NIZGdvWS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZWMv
NzgwMDJhLTRmYzAtNGRiZi04NTg1LTJjZjgwNmIyZDBmMi8xL2ZRYWtLN0pFYmxI
eGt1bzNXOTktN0ZwUngzOC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBb
BggrBgEFBQcBBwEB/wRMMEowSAQCAAEwQgMEAAUK8AMEAAUK8wMEAAUK9gMEAAUK
+QMEAAUK/AMEAAUK/wMEAgWyBAMEAFWekQMEAFiXxwMEAG3N0wMEAqTXYDANBgkq
hkiG9w0BAQsFAAOCAQEAyUb6QDWAnFQUMGL/kF0+zTAAYn2rYtuRvjKDiaVOeBqW
mHX5cgFfc+KEAx+/l0aafgjP9x+M5Wc5EUNC3c2WsQ+YMotCGiapK5C/NQm7fNPH
Ht1r+IiRzaPeZJwzuNT9aQZjA/2Dg69rSaH6auQA9Akr5piKp/0KpNGvBYK7Dosj
F251NwG0k9fRytW84gf7ciqhlwYYJ8RyTDYRD5fLNz5G07zlSjzytRjgmazYy95a
oXpPGq83eEj34jaS4pykLl2VpocsaRSb9mEyKemlAMBx9rtKQOSoo3xx/fUtB1Ty
HiC2WilRVSWejAhUzhRAg18zTRuyAZQkMR3Jsx8r6Q==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:06:01 2023 by rpki-client on console-fra.rpki-client.org