Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/eO2-Yj6kpeAyP5di14UALNO-IFs.roa
File: eO2-Yj6kpeAyP5di14UALNO-IFs.roa (raw, json)
Hash identifier: 6CFbVVQgcSeYQiJFVX19GOWlBsowZBFnHvuSE8XrW2k=
Subject key identifier: 78:ED:BE:62:3E:A4:A5:E0:32:3F:97:62:D7:85:00:2C:D3:BE:20:5B
Certificate issuer: /CN=7d06a42bb2446e51f192ea375bdf7eec5a51c77f
Certificate serial: 0182C51FDE178E340D400A05D8681A25C8ED
Authority key identifier: 7D:06:A4:2B:B2:44:6E:51:F1:92:EA:37:5B:DF:7E:EC:5A:51:C7:7F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fQakK7JEblHxkuo3W99-7FpRx38.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/eO2-Yj6kpeAyP5di14UALNO-IFs.roa
Signing time: Mon 22 Aug 2022 10:36:16 +0000
ROA not before: Mon 22 Aug 2022 10:36:16 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 210654
IP address blocks: 164.215.101.0/24 maxlen: 24
46.23.105.0/24 maxlen: 24
46.23.104.0/24 maxlen: 24
46.23.107.0/24 maxlen: 24
46.23.106.0/24 maxlen: 24
37.128.205.0/24 maxlen: 24
37.128.204.0/24 maxlen: 24
37.128.206.0/24 maxlen: 24
37.128.207.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:c5:1f:de:17:8e:34:0d:40:0a:05:d8:68:1a:25:c8:ed
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d06a42bb2446e51f192ea375bdf7eec5a51c77f
Validity
Not Before: Aug 22 10:36:16 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=78edbe623ea4a5e0323f9762d785002cd3be205b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:45:0d:72:3e:96:43:54:8d:bb:68:2d:34:3c:
fa:84:f5:6c:db:ce:a8:91:f4:b0:d9:18:33:a7:f5:
ad:16:51:1e:c6:11:df:40:47:92:cd:0e:f9:de:d0:
0c:e8:a2:b5:8c:b6:42:6b:ad:43:13:6a:31:22:a1:
bd:b1:16:6d:cf:d1:d5:59:84:1c:5f:68:0a:88:72:
b3:6f:24:b6:db:94:b2:3d:ca:a3:55:c6:f7:91:1c:
06:b1:1c:49:c1:5e:48:dd:18:97:39:b0:84:0f:d9:
c9:5b:00:72:6c:d5:77:c7:57:04:db:21:e4:8d:39:
77:a2:99:99:8a:6b:c5:2d:15:52:36:82:e6:84:24:
2b:ec:56:1c:ca:ff:e1:ff:95:26:eb:c2:49:b0:ab:
d3:c5:59:f9:09:e0:a4:b9:03:a3:19:68:53:1f:7a:
35:60:71:dd:6a:cb:97:ec:ee:c6:7b:bf:fc:5c:a2:
c0:bd:f7:f2:e6:51:3a:1b:a5:1f:4b:20:6b:a5:09:
25:6c:86:d8:f3:c4:a6:96:76:80:63:53:61:67:b8:
d9:ab:6d:4d:f1:60:16:b4:c7:19:e0:6d:a8:b7:cf:
2b:15:6a:83:3b:b6:bf:95:e5:ca:eb:3d:5d:32:b9:
8c:63:bf:fa:37:9e:b0:92:a7:a0:c8:7f:54:9c:9a:
8e:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
78:ED:BE:62:3E:A4:A5:E0:32:3F:97:62:D7:85:00:2C:D3:BE:20:5B
X509v3 Authority Key Identifier:
keyid:7D:06:A4:2B:B2:44:6E:51:F1:92:EA:37:5B:DF:7E:EC:5A:51:C7:7F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fQakK7JEblHxkuo3W99-7FpRx38.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/eO2-Yj6kpeAyP5di14UALNO-IFs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/fQakK7JEblHxkuo3W99-7FpRx38.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.128.204.0/22
46.23.104.0/22
164.215.101.0/24
Signature Algorithm: sha256WithRSAEncryption
b3:f5:8d:a3:ef:8b:9d:f6:4e:21:9a:29:fb:fa:79:eb:ad:f5:
23:c5:87:55:e1:91:7e:1f:3f:07:f0:dc:dd:89:6f:ba:df:11:
49:e2:3f:ef:02:87:cd:4c:d9:78:63:c0:1a:9d:03:09:93:57:
b4:b5:33:b9:91:9f:49:3c:2e:e7:51:6d:b9:3b:8f:2e:00:57:
e2:44:41:87:3a:5c:b8:59:e1:4e:e9:cb:a0:94:90:81:e6:0a:
f6:31:f7:e9:b3:12:a6:75:1e:ad:6a:21:3d:0c:b3:19:5d:d3:
cc:ea:ea:c0:78:d1:e5:27:7c:17:3f:0d:b0:3e:6e:6a:a9:e3:
07:45:53:f5:e5:0e:d7:84:80:d5:5d:c0:bc:0e:a6:4b:0c:26:
8a:3f:7b:4b:90:d5:e7:dd:e5:da:69:59:47:8b:be:ff:21:6d:
6f:68:2b:07:72:7c:b6:4f:c9:57:36:0d:0c:95:97:3d:2d:c4:
c3:22:20:c6:ff:4e:23:04:fa:0b:da:7a:f4:d2:c9:c6:fd:ac:
3c:94:37:d0:51:b2:5b:84:ba:88:83:38:21:36:7f:e3:bb:50:
22:62:1a:76:91:cb:db:93:f7:39:f4:e8:f8:37:5c:27:36:4c:
4f:62:46:5e:b7:9c:e1:97:4e:3f:6a:95:77:0f:ec:4d:50:4f:
b0:30:bf:0a
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYLFH94XjjQNQAoF2GgaJcjtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkMDZhNDJiYjI0NDZlNTFmMTkyZWEzNzViZGY3ZWVjNWE1
MWM3N2YwHhcNMjIwODIyMTAzNjE2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3OGVkYmU2MjNlYTRhNWUwMzIzZjk3NjJkNzg1MDAyY2QzYmUyMDViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo0UNcj6WQ1SNu2gtNDz6hPVs286o
kfSw2Rgzp/WtFlEexhHfQEeSzQ753tAM6KK1jLZCa61DE2oxIqG9sRZtz9HVWYQc
X2gKiHKzbyS225SyPcqjVcb3kRwGsRxJwV5I3RiXObCED9nJWwBybNV3x1cE2yHk
jTl3opmZimvFLRVSNoLmhCQr7FYcyv/h/5Um68JJsKvTxVn5CeCkuQOjGWhTH3o1
YHHdasuX7O7Ge7/8XKLAvffy5lE6G6UfSyBrpQklbIbY88SmlnaAY1NhZ7jZq21N
8WAWtMcZ4G2ot88rFWqDO7a/leXK6z1dMrmMY7/6N56wkqegyH9UnJqOvQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFHjtvmI+pKXgMj+XYteFACzTviBbMB8GA1UdIwQY
MBaAFH0GpCuyRG5R8ZLqN1vffuxaUcd/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlFha0s3SkVibEh4a3VvM1c5OS03RnBSeDM4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYy83ODAwMmEtNGZjMC00ZGJmLTg1ODUt
MmNmODA2YjJkMGYyLzEvZU8yLVlqNmtwZUF5UDVkaTE0VUFMTk8tSUZzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYy83ODAwMmEtNGZjMC00ZGJmLTg1ODUtMmNmODA2YjJkMGYy
LzEvZlFha0s3SkVibEh4a3VvM1c5OS03RnBSeDM4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCJYDMAwQC
LhdoAwQApNdlMA0GCSqGSIb3DQEBCwUAA4IBAQCz9Y2j74ud9k4hmin7+nnrrfUj
xYdV4ZF+Hz8H8NzdiW+63xFJ4j/vAofNTNl4Y8AanQMJk1e0tTO5kZ9JPC7nUW25
O48uAFfiREGHOly4WeFO6cuglJCB5gr2MffpsxKmdR6taiE9DLMZXdPM6urAeNHl
J3wXPw2wPm5qqeMHRVP15Q7XhIDVXcC8DqZLDCaKP3tLkNXn3eXaaVlHi77/IW1v
aCsHcny2T8lXNg0MlZc9LcTDIiDG/04jBPoL2nr00snG/aw8lDfQUbJbhLqIgzgh
Nn/ju1AiYhp2kcvbk/c59Oj4N1wnNkxPYkZet5zhl04/apV3D+xNUE+wML8K
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:09:51 2023 by rpki-client on console-ams.rpki-client.org