Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f3/a3294b-d478-4dbd-aae5-fd167ad92a9d/1/A8oEMDKgRgj-UPqTNyi32XMqFq8.roa
File: A8oEMDKgRgj-UPqTNyi32XMqFq8.roa (raw, json)
Hash identifier: eZjj0aCAJSgiIS1e1jIRmL/tnuSLOIHS2rp4J/0bbzw=
Subject key identifier: 03:CA:04:30:32:A0:46:08:FE:50:FA:93:37:28:B7:D9:73:2A:16:AF
Certificate issuer: /CN=fb061a39f0a037923113d6b8bb9b5bdab5b2f466
Certificate serial: 01856F796BD6805F7B3947603BFB699E074C
Authority key identifier: FB:06:1A:39:F0:A0:37:92:31:13:D6:B8:BB:9B:5B:DA:B5:B2:F4:66
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-wYaOfCgN5IxE9a4u5tb2rWy9GY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f3/a3294b-d478-4dbd-aae5-fd167ad92a9d/1/A8oEMDKgRgj-UPqTNyi32XMqFq8.roa
Signing time: Sun 01 Jan 2023 22:35:06 +0000
ROA not before: Sun 01 Jan 2023 22:35:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 198169
IP address blocks: 78.109.224.0/24 maxlen: 24
78.109.233.0/24 maxlen: 24
78.109.234.0/24 maxlen: 24
78.109.238.0/24 maxlen: 24
78.109.235.0/24 maxlen: 24
185.52.102.0/24 maxlen: 24
185.52.101.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:79:6b:d6:80:5f:7b:39:47:60:3b:fb:69:9e:07:4c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fb061a39f0a037923113d6b8bb9b5bdab5b2f466
Validity
Not Before: Jan 1 22:35:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=03ca043032a04608fe50fa933728b7d9732a16af
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:e4:4e:b6:c8:b8:c0:74:f6:23:66:ad:12:a2:
88:6c:fb:12:ca:ea:61:54:f2:4d:fe:2c:3c:d4:32:
88:50:29:9d:d8:e0:0b:fa:09:17:61:2f:b6:f9:9f:
c1:c8:09:48:a5:89:95:5d:a6:a7:7e:27:df:14:c0:
de:02:ef:b4:fe:16:5d:1f:e4:01:35:35:10:01:f5:
c1:4c:31:86:7f:a8:54:d2:04:b4:d1:43:c7:65:18:
80:99:4d:48:8a:ac:01:70:4b:44:67:12:ce:8d:d5:
68:3a:26:5a:63:b7:1c:b9:45:7a:44:4f:b3:7f:cd:
46:ad:9f:7e:d3:8a:c5:37:ea:c9:52:8e:aa:84:19:
aa:2b:16:7a:dd:01:5b:16:bc:db:2e:7e:4e:db:31:
f9:f3:61:dc:58:31:02:b8:42:92:df:f7:38:36:60:
4d:6b:0f:6a:d6:6b:1b:18:6a:60:c0:5e:8c:f8:ba:
27:df:3b:52:ad:28:55:b1:ec:b8:7e:8b:19:48:6c:
0c:9b:79:29:98:e2:70:36:16:10:ae:78:6c:0c:7d:
06:f9:27:3d:b4:41:cb:e9:22:7c:2c:06:74:50:37:
d9:2e:74:04:56:eb:45:44:05:a4:dd:c4:3f:0d:a9:
2f:7b:f0:ff:2c:2c:01:37:f9:68:7f:16:80:07:1f:
4c:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:CA:04:30:32:A0:46:08:FE:50:FA:93:37:28:B7:D9:73:2A:16:AF
X509v3 Authority Key Identifier:
keyid:FB:06:1A:39:F0:A0:37:92:31:13:D6:B8:BB:9B:5B:DA:B5:B2:F4:66
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-wYaOfCgN5IxE9a4u5tb2rWy9GY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/a3294b-d478-4dbd-aae5-fd167ad92a9d/1/A8oEMDKgRgj-UPqTNyi32XMqFq8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/a3294b-d478-4dbd-aae5-fd167ad92a9d/1/1-wYaOfCgN5IxE9a4u5tb2rWy9GY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.109.224.0/24
78.109.233.0-78.109.235.255
78.109.238.0/24
185.52.101.0-185.52.102.255
Signature Algorithm: sha256WithRSAEncryption
60:fc:e6:ba:e7:d3:b2:3e:20:73:19:b9:fe:75:d3:ba:11:69:
67:12:27:8b:0b:b3:86:7e:0e:66:08:47:52:06:2e:fb:57:5e:
26:df:ac:7a:e9:4a:c2:07:08:72:a3:1b:21:2e:29:71:95:56:
1d:6c:74:dd:fa:c2:35:0c:8c:4f:fe:7f:a9:ef:3b:48:e9:57:
54:85:3f:f3:c4:6a:d8:47:76:0e:21:33:e7:eb:40:58:b8:4d:
fe:e5:06:8e:2e:95:65:c2:d5:c6:47:34:d3:dc:71:bf:bd:50:
5c:2e:27:7d:b4:cd:6f:0e:65:f8:a4:63:8e:63:b5:9b:35:c6:
f9:b6:7b:47:28:05:cb:82:5e:6a:52:ae:e4:47:b5:38:ba:a4:
a6:95:8d:fc:dc:2c:36:a2:c2:f7:f3:ac:29:92:bd:c6:7b:f2:
06:4c:c3:d4:b7:1d:51:f0:6c:90:19:55:ae:6a:a9:52:6a:b4:
4c:27:c7:11:f0:6e:0b:61:c8:36:95:11:84:51:c9:1f:8f:33:
80:8b:b4:f6:39:45:16:68:27:fa:81:34:47:3d:35:92:77:64:
98:b5:70:28:05:11:2b:6d:ba:8d:a7:ee:a6:ee:e6:ea:bc:b5:
90:99:72:9e:e8:8d:49:d3:70:ad:b9:e9:39:d7:10:a1:34:4a:
78:11:f6:23
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAYVveWvWgF97OUdgO/tpngdMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZiMDYxYTM5ZjBhMDM3OTIzMTEzZDZiOGJiOWI1YmRhYjVi
MmY0NjYwHhcNMjMwMTAxMjIzNTA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwM2NhMDQzMDMyYTA0NjA4ZmU1MGZhOTMzNzI4YjdkOTczMmExNmFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsOROtsi4wHT2I2atEqKIbPsSyuph
VPJN/iw81DKIUCmd2OAL+gkXYS+2+Z/ByAlIpYmVXaanfiffFMDeAu+0/hZdH+QB
NTUQAfXBTDGGf6hU0gS00UPHZRiAmU1IiqwBcEtEZxLOjdVoOiZaY7ccuUV6RE+z
f81GrZ9+04rFN+rJUo6qhBmqKxZ63QFbFrzbLn5O2zH582HcWDECuEKS3/c4NmBN
aw9q1msbGGpgwF6M+Lon3ztSrShVsey4fosZSGwMm3kpmOJwNhYQrnhsDH0G+Sc9
tEHL6SJ8LAZ0UDfZLnQEVutFRAWk3cQ/Dakve/D/LCwBN/lofxaABx9MlQIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFAPKBDAyoEYI/lD6kzcot9lzKhavMB8GA1UdIwQY
MBaAFPsGGjnwoDeSMRPWuLubW9q1svRmMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS13WWFPZkNnTjVJeEU5YTR1NXRiMnJXeTlHWS5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZjMvYTMyOTRiLWQ0NzgtNGRiZC1hYWU1
LWZkMTY3YWQ5MmE5ZC8xL0E4b0VNREtnUmdqLVVQcVROeWkzMlhNcUZxOC5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvZjMvYTMyOTRiLWQ0NzgtNGRiZC1hYWU1LWZkMTY3YWQ5MmE5
ZC8xLzEtd1lhT2ZDZ041SXhFOWE0dTV0YjJyV3k5R1kuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwQQYIKwYBBQUHAQcBAf8EMjAwMC4EAgABMCgDBABObeAw
DAMEAE5t6QMEAk5t6AMEAE5t7jAMAwQAuTRlAwQAuTRmMA0GCSqGSIb3DQEBCwUA
A4IBAQBg/Oa659OyPiBzGbn+ddO6EWlnEieLC7OGfg5mCEdSBi77V14m36x66UrC
BwhyoxshLilxlVYdbHTd+sI1DIxP/n+p7ztI6VdUhT/zxGrYR3YOITPn60BYuE3+
5QaOLpVlwtXGRzTT3HG/vVBcLid9tM1vDmX4pGOOY7WbNcb5tntHKAXLgl5qUq7k
R7U4uqSmlY383Cw2osL386wpkr3Ge/IGTMPUtx1R8GyQGVWuaqlSarRMJ8cR8G4L
Ycg2lRGEUckfjzOAi7T2OUUWaCf6gTRHPTWSd2SYtXAoBRErbbqNp+6m7ubqvLWQ
mXKe6I1J03Ctuek51xChNEp4EfYj
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:19:42 2025 by rpki-client