Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/kYHZT-zUt7NczkN--32UppzurDI.roa
File: kYHZT-zUt7NczkN--32UppzurDI.roa (raw, json)
Hash identifier: dkaJgiKh2hUTqnO5qG5+b+xeSqjbhEbyo+0HVHogEZ0=
Subject key identifier: 91:81:D9:4F:EC:D4:B7:B3:5C:CE:43:7E:FB:7D:94:A6:9C:EE:AC:32
Certificate issuer: /CN=7d06a42bb2446e51f192ea375bdf7eec5a51c77f
Certificate serial: 01821213E5EC1BC1EDD52F7FEA0B3D46426E
Authority key identifier: 7D:06:A4:2B:B2:44:6E:51:F1:92:EA:37:5B:DF:7E:EC:5A:51:C7:7F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fQakK7JEblHxkuo3W99-7FpRx38.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/kYHZT-zUt7NczkN--32UppzurDI.roa
Signing time: Mon 18 Jul 2022 16:11:10 +0000
ROA not before: Mon 18 Jul 2022 16:11:10 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 400377
IP address blocks: 5.178.4.0/24 maxlen: 24
5.178.6.0/24 maxlen: 24
5.178.7.0/24 maxlen: 24
5.178.5.0/24 maxlen: 24
88.151.199.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:12:13:e5:ec:1b:c1:ed:d5:2f:7f:ea:0b:3d:46:42:6e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d06a42bb2446e51f192ea375bdf7eec5a51c77f
Validity
Not Before: Jul 18 16:11:10 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=9181d94fecd4b7b35cce437efb7d94a69ceeac32
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:59:27:b7:1a:2d:d7:0a:be:bd:69:6d:ac:e4:
03:9c:a2:c8:58:c8:91:88:b4:8b:6f:5e:2c:4b:d5:
4c:9a:b9:8b:c6:86:c0:d0:78:1e:7b:f6:dc:52:7a:
15:28:52:4d:67:50:67:36:dc:c5:04:89:34:6b:dd:
d7:58:ea:b3:42:8b:e1:c9:55:52:58:af:c9:a2:74:
18:77:e8:da:cc:53:bb:ee:f8:8a:06:3c:36:fa:ed:
1e:53:9d:d5:7d:03:fa:4b:1e:9e:6a:8f:b4:a4:b3:
e3:d7:54:97:59:ce:84:c3:6d:cc:5a:a8:b8:6b:a1:
49:b9:79:4c:aa:49:87:9d:bc:41:3a:99:4a:ef:15:
e0:b8:ef:f0:3a:c1:e4:6f:c6:cd:3a:fa:41:4a:6b:
69:78:e7:14:ab:8d:1b:f8:2c:07:6c:1a:10:0a:b6:
e8:2d:5f:48:55:e0:2b:bf:83:0c:41:95:07:97:5a:
15:e2:4e:4b:5c:8f:56:9d:d2:0f:15:51:08:5f:ac:
78:19:22:4c:d3:61:5d:95:ae:b7:25:51:d7:bc:12:
e0:53:9c:c8:f2:5f:91:9e:98:df:86:42:4f:dd:01:
16:53:6f:ec:83:7c:5a:ed:71:4b:e1:06:1e:f8:68:
a3:8e:dc:2a:57:ef:e3:5a:9c:d4:f9:af:4f:e9:1c:
03:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:81:D9:4F:EC:D4:B7:B3:5C:CE:43:7E:FB:7D:94:A6:9C:EE:AC:32
X509v3 Authority Key Identifier:
keyid:7D:06:A4:2B:B2:44:6E:51:F1:92:EA:37:5B:DF:7E:EC:5A:51:C7:7F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fQakK7JEblHxkuo3W99-7FpRx38.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/kYHZT-zUt7NczkN--32UppzurDI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/fQakK7JEblHxkuo3W99-7FpRx38.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.178.4.0/22
88.151.199.0/24
Signature Algorithm: sha256WithRSAEncryption
bb:dd:66:ef:f4:17:6d:86:18:9b:d4:60:2a:00:7a:45:01:4d:
f9:06:75:c5:ad:82:c4:e2:02:f3:a8:00:65:33:01:99:b5:80:
f7:ac:e2:d9:87:1a:c9:b5:5f:14:28:fa:97:e7:4c:ad:e5:59:
ff:da:33:38:52:63:98:f8:f7:93:be:d5:de:a2:9b:c5:0b:9b:
9c:f0:2a:42:80:31:1b:28:93:f3:df:93:4f:82:1a:ea:92:38:
2c:60:7b:6a:5d:ad:a5:d5:58:05:87:d3:d5:5e:0a:ad:6f:08:
18:be:96:55:d1:21:d2:0b:72:ea:c5:2d:b8:b6:74:fb:7e:a8:
a7:36:99:3f:81:32:c1:a0:84:10:bc:01:ac:f1:b1:f4:06:56:
54:bc:e2:a1:b7:70:c8:6b:76:21:48:c8:4b:cc:79:31:9c:18:
31:33:76:c0:2d:fa:99:7b:b8:31:76:3c:8d:57:06:72:5e:1f:
bc:53:33:19:ae:d4:36:5d:df:06:1e:4b:a2:4a:c2:10:7b:92:
b0:64:3b:c5:61:b1:05:b5:97:53:83:1a:b9:0c:f2:fd:f0:48:
c5:f1:d6:47:c4:49:06:e3:d2:71:21:f0:10:7f:d5:a0:eb:36:
03:94:fe:4a:16:db:ac:82:25:bd:2b:89:8b:ed:fd:df:7e:ac:
2a:a6:50:1a
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYISE+XsG8Ht1S9/6gs9RkJuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkMDZhNDJiYjI0NDZlNTFmMTkyZWEzNzViZGY3ZWVjNWE1
MWM3N2YwHhcNMjIwNzE4MTYxMTEwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MTgxZDk0ZmVjZDRiN2IzNWNjZTQzN2VmYjdkOTRhNjljZWVhYzMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj1kntxot1wq+vWltrOQDnKLIWMiR
iLSLb14sS9VMmrmLxobA0Hgee/bcUnoVKFJNZ1BnNtzFBIk0a93XWOqzQovhyVVS
WK/JonQYd+jazFO77viKBjw2+u0eU53VfQP6Sx6eao+0pLPj11SXWc6Ew23MWqi4
a6FJuXlMqkmHnbxBOplK7xXguO/wOsHkb8bNOvpBSmtpeOcUq40b+CwHbBoQCrbo
LV9IVeArv4MMQZUHl1oV4k5LXI9WndIPFVEIX6x4GSJM02Fdla63JVHXvBLgU5zI
8l+RnpjfhkJP3QEWU2/sg3xa7XFL4QYe+GijjtwqV+/jWpzU+a9P6RwDvQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFJGB2U/s1LezXM5Dfvt9lKac7qwyMB8GA1UdIwQY
MBaAFH0GpCuyRG5R8ZLqN1vffuxaUcd/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlFha0s3SkVibEh4a3VvM1c5OS03RnBSeDM4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYy83ODAwMmEtNGZjMC00ZGJmLTg1ODUt
MmNmODA2YjJkMGYyLzEva1lIWlQtelV0N05jemtOLS0zMlVwcHp1ckRJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYy83ODAwMmEtNGZjMC00ZGJmLTg1ODUtMmNmODA2YjJkMGYy
LzEvZlFha0s3SkVibEh4a3VvM1c5OS03RnBSeDM4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCBbIEAwQA
WJfHMA0GCSqGSIb3DQEBCwUAA4IBAQC73Wbv9Bdthhib1GAqAHpFAU35BnXFrYLE
4gLzqABlMwGZtYD3rOLZhxrJtV8UKPqX50yt5Vn/2jM4UmOY+PeTvtXeopvFC5uc
8CpCgDEbKJPz35NPghrqkjgsYHtqXa2l1VgFh9PVXgqtbwgYvpZV0SHSC3LqxS24
tnT7fqinNpk/gTLBoIQQvAGs8bH0BlZUvOKht3DIa3YhSMhLzHkxnBgxM3bALfqZ
e7gxdjyNVwZyXh+8UzMZrtQ2Xd8GHkuiSsIQe5KwZDvFYbEFtZdTgxq5DPL98EjF
8dZHxEkG49JxIfAQf9Wg6zYDlP5KFtusgiW9K4mL7f3ffqwqplAa
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:06:01 2023 by rpki-client on console-fra.rpki-client.org