Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/p411_PDMX2s7JM8eQB6IT5OfrEY.roa
File: p411_PDMX2s7JM8eQB6IT5OfrEY.roa (raw, json)
Hash identifier: 0nf8MxAJR3Vp9LYYTj80RbdTUCbseliGfFbEpWS/DYs=
Subject key identifier: A7:8D:75:FC:F0:CC:5F:6B:3B:24:CF:1E:40:1E:88:4F:93:9F:AC:46
Certificate issuer: /CN=7d06a42bb2446e51f192ea375bdf7eec5a51c77f
Certificate serial: 0185079339821532FC24B7A0B7D969B7F690
Authority key identifier: 7D:06:A4:2B:B2:44:6E:51:F1:92:EA:37:5B:DF:7E:EC:5A:51:C7:7F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fQakK7JEblHxkuo3W99-7FpRx38.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/p411_PDMX2s7JM8eQB6IT5OfrEY.roa
Signing time: Mon 12 Dec 2022 18:22:47 +0000
ROA not before: Mon 12 Dec 2022 18:22:47 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 138687
IP address blocks: 85.158.148.0/24 maxlen: 24
85.158.151.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:07:93:39:82:15:32:fc:24:b7:a0:b7:d9:69:b7:f6:90
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d06a42bb2446e51f192ea375bdf7eec5a51c77f
Validity
Not Before: Dec 12 18:22:47 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a78d75fcf0cc5f6b3b24cf1e401e884f939fac46
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:7f:31:f2:4c:62:a9:2f:41:ce:db:60:90:b1:
27:81:7e:90:8b:46:7a:f0:4f:d5:79:3b:e3:64:85:
e5:c5:63:d7:ca:3a:bd:ad:ce:40:b4:86:e3:af:cd:
71:7b:fa:f0:ef:b7:0f:da:1d:b7:b7:ed:95:85:b7:
70:d3:71:6f:35:2d:ac:af:0a:81:fd:97:53:c0:25:
b3:f0:32:d4:69:d6:1c:65:d0:49:eb:66:d1:b3:2f:
5d:97:73:6f:39:53:da:45:64:aa:70:10:69:9e:2d:
92:ca:4c:b7:43:2d:40:b8:6a:39:dd:e1:a8:89:9a:
da:15:dd:a5:ce:19:d0:f3:d3:69:a3:a9:be:71:01:
db:f0:75:93:7c:0b:fe:19:51:3b:77:69:6d:5d:eb:
bb:61:cf:1a:84:e9:ad:19:0d:09:9d:f4:b3:65:54:
78:5d:82:dc:90:b1:b3:5d:a2:d7:05:1d:16:ec:22:
bb:5f:03:85:c7:68:1e:2b:bc:45:aa:92:0c:84:a8:
dd:a9:dc:73:b5:d8:6f:04:81:60:c9:ca:29:e0:e1:
86:3e:09:c1:52:d7:c7:5e:fc:b8:a4:7e:1e:9c:fd:
16:99:94:aa:f7:fa:d2:a1:f2:6e:3c:68:23:4e:eb:
06:c4:88:73:12:b9:36:57:fe:ad:67:54:eb:1a:03:
3a:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A7:8D:75:FC:F0:CC:5F:6B:3B:24:CF:1E:40:1E:88:4F:93:9F:AC:46
X509v3 Authority Key Identifier:
keyid:7D:06:A4:2B:B2:44:6E:51:F1:92:EA:37:5B:DF:7E:EC:5A:51:C7:7F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fQakK7JEblHxkuo3W99-7FpRx38.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/p411_PDMX2s7JM8eQB6IT5OfrEY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/fQakK7JEblHxkuo3W99-7FpRx38.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.158.148.0/24
85.158.151.0/24
Signature Algorithm: sha256WithRSAEncryption
62:38:8d:74:3e:e3:02:9d:fb:93:a0:b7:d0:82:3d:e4:b8:44:
00:d5:fe:f8:a8:fb:89:e2:f3:0e:5d:98:5b:e5:a2:b5:de:24:
20:ea:e6:cc:d9:14:82:e2:3c:26:b7:08:53:68:4e:e2:5c:cc:
33:e6:4f:4c:71:b8:c4:05:2b:93:70:27:33:6a:56:2d:bb:03:
61:ca:38:87:bb:da:25:14:53:12:56:13:cc:8c:13:e0:a0:db:
13:1b:73:f6:aa:d8:e8:05:73:14:23:3c:69:db:b3:cf:22:63:
df:db:cb:51:87:53:39:82:b8:05:94:03:7a:f1:ff:f6:da:f0:
e2:9c:f4:c1:f5:bc:69:1f:9f:01:ff:6f:45:d9:85:5c:e2:29:
58:18:93:c9:09:67:74:f5:41:51:39:ce:a3:5b:a9:a2:f0:1b:
68:8b:77:1f:c8:c8:6b:0c:c8:60:d0:50:c4:ec:76:7b:d4:9a:
65:af:d9:8d:a4:33:5d:5e:8c:1f:6f:df:88:b7:9d:51:4a:75:
90:e6:7e:99:03:6e:96:f4:a5:a5:7b:6c:74:18:af:81:fb:a1:
3c:79:00:7a:62:d7:9a:c6:b2:f2:8c:8e:6a:3f:72:41:12:9e:
49:1e:f5:13:50:87:21:01:6e:74:a1:8d:fe:9a:19:17:13:49:
ed:77:ba:9c
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYUHkzmCFTL8JLegt9lpt/aQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkMDZhNDJiYjI0NDZlNTFmMTkyZWEzNzViZGY3ZWVjNWE1
MWM3N2YwHhcNMjIxMjEyMTgyMjQ3WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNzhkNzVmY2YwY2M1ZjZiM2IyNGNmMWU0MDFlODg0ZjkzOWZhYzQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx38x8kxiqS9BzttgkLEngX6Qi0Z6
8E/VeTvjZIXlxWPXyjq9rc5AtIbjr81xe/rw77cP2h23t+2Vhbdw03FvNS2srwqB
/ZdTwCWz8DLUadYcZdBJ62bRsy9dl3NvOVPaRWSqcBBpni2Syky3Qy1AuGo53eGo
iZraFd2lzhnQ89Npo6m+cQHb8HWTfAv+GVE7d2ltXeu7Yc8ahOmtGQ0JnfSzZVR4
XYLckLGzXaLXBR0W7CK7XwOFx2geK7xFqpIMhKjdqdxztdhvBIFgycop4OGGPgnB
UtfHXvy4pH4enP0WmZSq9/rSofJuPGgjTusGxIhzErk2V/6tZ1TrGgM6ewIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFKeNdfzwzF9rOyTPHkAeiE+Tn6xGMB8GA1UdIwQY
MBaAFH0GpCuyRG5R8ZLqN1vffuxaUcd/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlFha0s3SkVibEh4a3VvM1c5OS03RnBSeDM4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYy83ODAwMmEtNGZjMC00ZGJmLTg1ODUt
MmNmODA2YjJkMGYyLzEvcDQxMV9QRE1YMnM3Sk04ZVFCNklUNU9mckVZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYy83ODAwMmEtNGZjMC00ZGJmLTg1ODUtMmNmODA2YjJkMGYy
LzEvZlFha0s3SkVibEh4a3VvM1c5OS03RnBSeDM4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAVZ6UAwQA
VZ6XMA0GCSqGSIb3DQEBCwUAA4IBAQBiOI10PuMCnfuToLfQgj3kuEQA1f74qPuJ
4vMOXZhb5aK13iQg6ubM2RSC4jwmtwhTaE7iXMwz5k9McbjEBSuTcCczalYtuwNh
yjiHu9olFFMSVhPMjBPgoNsTG3P2qtjoBXMUIzxp27PPImPf28tRh1M5grgFlAN6
8f/22vDinPTB9bxpH58B/29F2YVc4ilYGJPJCWd09UFROc6jW6mi8Btoi3cfyMhr
DMhg0FDE7HZ71Jplr9mNpDNdXowfb9+It51RSnWQ5n6ZA26W9KWle2x0GK+B+6E8
eQB6YteaxrLyjI5qP3JBEp5JHvUTUIchAW50oY3+mhkXE0ntd7qc
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:09:51 2023 by rpki-client on console-ams.rpki-client.org