Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f3/a3294b-d478-4dbd-aae5-fd167ad92a9d/1/mP9H181XlmUdvwsgty5FVdlzQvM.roa
File: mP9H181XlmUdvwsgty5FVdlzQvM.roa (raw, json)
Hash identifier: 1Bdt+ZX00I2ltU+kVpVs/9j2ytOQB16ilIk0NcUteiM=
Subject key identifier: 98:FF:47:D7:CD:57:96:65:1D:BF:0B:20:B7:2E:45:55:D9:73:42:F3
Certificate issuer: /CN=fb061a39f0a037923113d6b8bb9b5bdab5b2f466
Certificate serial: 0183177A20F5C03F6E3F9F3702F4FB978333
Authority key identifier: FB:06:1A:39:F0:A0:37:92:31:13:D6:B8:BB:9B:5B:DA:B5:B2:F4:66
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-wYaOfCgN5IxE9a4u5tb2rWy9GY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f3/a3294b-d478-4dbd-aae5-fd167ad92a9d/1/mP9H181XlmUdvwsgty5FVdlzQvM.roa
Signing time: Wed 07 Sep 2022 10:23:43 +0000
ROA not before: Wed 07 Sep 2022 10:23:43 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 205906
IP address blocks: 78.109.224.0/24 maxlen: 24
78.109.233.0/24 maxlen: 24
78.109.235.0/24 maxlen: 24
78.109.238.0/24 maxlen: 24
78.109.234.0/24 maxlen: 24
185.52.101.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:17:7a:20:f5:c0:3f:6e:3f:9f:37:02:f4:fb:97:83:33
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fb061a39f0a037923113d6b8bb9b5bdab5b2f466
Validity
Not Before: Sep 7 10:23:43 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=98ff47d7cd5796651dbf0b20b72e4555d97342f3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:e4:c6:be:56:a1:c3:f6:de:74:a2:a8:4d:db:
cd:33:f1:20:5a:17:2f:48:69:30:a2:13:b0:3c:6a:
43:0d:61:64:be:07:59:e2:65:51:59:5c:9b:78:c0:
25:c4:89:5b:d2:6b:65:d7:b7:a4:03:3e:7c:f3:0f:
39:1f:72:08:3a:7e:ff:fc:d9:f6:e1:12:0f:67:f0:
93:22:60:a2:76:af:2c:9b:1b:38:cf:0e:51:ae:a1:
ff:42:04:5c:aa:7c:1b:d6:28:ea:e8:2f:52:78:77:
b6:79:60:52:b4:a2:57:0a:4d:0b:f0:5e:59:b7:42:
07:f7:a9:5c:cb:11:2d:2b:b7:b0:d0:82:a5:3d:6a:
c6:89:3d:40:d5:7f:6b:10:d2:60:79:ad:d6:fe:c8:
4b:f8:1c:15:96:23:e5:cd:d3:7c:b3:6e:3a:d9:bd:
c3:c8:b3:10:08:34:15:9c:7b:64:17:09:dc:47:0a:
76:fe:c0:d8:14:64:f9:39:c6:e5:57:fb:2a:af:fd:
65:7f:83:56:a2:42:27:a6:aa:79:30:e1:69:a4:29:
8e:e2:a4:0f:54:3e:11:85:c4:10:1c:28:2e:8f:5a:
49:ca:94:11:d1:b8:67:8a:65:e6:92:f7:d3:22:a2:
a9:42:d2:55:78:b9:88:a1:bb:2a:b6:12:9e:21:a2:
ea:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:FF:47:D7:CD:57:96:65:1D:BF:0B:20:B7:2E:45:55:D9:73:42:F3
X509v3 Authority Key Identifier:
keyid:FB:06:1A:39:F0:A0:37:92:31:13:D6:B8:BB:9B:5B:DA:B5:B2:F4:66
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-wYaOfCgN5IxE9a4u5tb2rWy9GY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/a3294b-d478-4dbd-aae5-fd167ad92a9d/1/mP9H181XlmUdvwsgty5FVdlzQvM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/a3294b-d478-4dbd-aae5-fd167ad92a9d/1/1-wYaOfCgN5IxE9a4u5tb2rWy9GY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.109.224.0/24
78.109.233.0-78.109.235.255
78.109.238.0/24
185.52.101.0/24
Signature Algorithm: sha256WithRSAEncryption
3a:8f:e6:3e:9d:a3:8a:48:93:cc:ee:ce:45:c4:84:ef:ae:1b:
31:a9:d2:cf:fa:20:95:19:de:56:34:7e:54:b9:86:fb:df:ef:
5d:4d:d4:be:ff:e8:4f:c3:72:62:dc:35:d0:25:17:99:98:4f:
23:d6:5a:4f:73:1d:b0:ee:5c:17:f8:69:99:d0:dc:cb:97:0c:
98:8a:a5:fd:50:4b:85:60:36:79:2e:e5:70:ba:63:f3:57:96:
0d:96:85:27:60:57:03:eb:e4:02:1e:00:cf:16:2c:59:e0:b2:
99:84:f7:84:94:84:ad:36:55:e4:9f:5f:3e:2d:c3:ba:4d:8c:
2d:d9:53:9d:61:8a:cd:32:55:35:22:26:32:ef:41:8d:94:ad:
00:4c:8c:86:71:06:48:91:00:9e:e4:29:fb:35:21:2f:c4:68:
34:31:ec:43:ba:f2:b0:81:ad:4d:4a:eb:1d:b6:8b:73:b9:9e:
8c:40:e4:b7:5a:8e:5b:ef:95:46:77:40:f0:fd:09:e7:67:fc:
90:50:34:3c:ba:75:b4:54:46:14:18:18:57:7b:0e:03:ac:9f:
20:e9:11:07:a3:be:6e:9f:73:e4:dd:b1:7e:3a:8d:ec:6a:c2:
ca:57:eb:6e:be:2b:b8:2b:dc:42:1c:8c:82:29:04:1a:da:5f:
83:82:b6:da
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAYMXeiD1wD9uP583AvT7l4MzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZiMDYxYTM5ZjBhMDM3OTIzMTEzZDZiOGJiOWI1YmRhYjVi
MmY0NjYwHhcNMjIwOTA3MTAyMzQzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OGZmNDdkN2NkNTc5NjY1MWRiZjBiMjBiNzJlNDU1NWQ5NzM0MmYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnuTGvlahw/bedKKoTdvNM/EgWhcv
SGkwohOwPGpDDWFkvgdZ4mVRWVybeMAlxIlb0mtl17ekAz588w85H3IIOn7//Nn2
4RIPZ/CTImCidq8smxs4zw5RrqH/QgRcqnwb1ijq6C9SeHe2eWBStKJXCk0L8F5Z
t0IH96lcyxEtK7ew0IKlPWrGiT1A1X9rENJgea3W/shL+BwVliPlzdN8s2462b3D
yLMQCDQVnHtkFwncRwp2/sDYFGT5OcblV/sqr/1lf4NWokInpqp5MOFppCmO4qQP
VD4RhcQQHCguj1pJypQR0bhnimXmkvfTIqKpQtJVeLmIobsqthKeIaLqhQIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFJj/R9fNV5ZlHb8LILcuRVXZc0LzMB8GA1UdIwQY
MBaAFPsGGjnwoDeSMRPWuLubW9q1svRmMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS13WWFPZkNnTjVJeEU5YTR1NXRiMnJXeTlHWS5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZjMvYTMyOTRiLWQ0NzgtNGRiZC1hYWU1
LWZkMTY3YWQ5MmE5ZC8xL21QOUgxODFYbG1VZHZ3c2d0eTVGVmRselF2TS5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvZjMvYTMyOTRiLWQ0NzgtNGRiZC1hYWU1LWZkMTY3YWQ5MmE5
ZC8xLzEtd1lhT2ZDZ041SXhFOWE0dTV0YjJyV3k5R1kuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwOQYIKwYBBQUHAQcBAf8EKjAoMCYEAgABMCADBABObeAw
DAMEAE5t6QMEAk5t6AMEAE5t7gMEALk0ZTANBgkqhkiG9w0BAQsFAAOCAQEAOo/m
Pp2jikiTzO7ORcSE764bManSz/oglRneVjR+VLmG+9/vXU3Uvv/oT8NyYtw10CUX
mZhPI9ZaT3MdsO5cF/hpmdDcy5cMmIql/VBLhWA2eS7lcLpj81eWDZaFJ2BXA+vk
Ah4AzxYsWeCymYT3hJSErTZV5J9fPi3Duk2MLdlTnWGKzTJVNSImMu9BjZStAEyM
hnEGSJEAnuQp+zUhL8RoNDHsQ7rysIGtTUrrHbaLc7mejEDkt1qOW++VRndA8P0J
52f8kFA0PLp1tFRGFBgYV3sOA6yfIOkRB6O+bp9z5N2xfjqN7GrCylfrbr4ruCvc
QhyMgikEGtpfg4K22g==
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:15:59 2025 by rpki-client