Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/32/153788-14b7-4551-9ade-6aea9057c800/1/4FXyZ2I3BD7kCWvxGZrIfeK6HNY.roa
File: 4FXyZ2I3BD7kCWvxGZrIfeK6HNY.roa (raw, json)
Hash identifier: 82ImjPwgfyk7IvBdsOJKOXY0jtKVKZzfFNStbXL8ooE=
Subject key identifier: E0:55:F2:67:62:37:04:3E:E4:09:6B:F1:19:9A:C8:7D:E2:BA:1C:D6
Certificate issuer: /CN=aeb66ec5e8f2405f6f8d486e73fb82b8de0dee0f
Certificate serial: 32C6E100
Authority key identifier: AE:B6:6E:C5:E8:F2:40:5F:6F:8D:48:6E:73:FB:82:B8:DE:0D:EE:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rrZuxejyQF9vjUhuc_uCuN4N7g8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/32/153788-14b7-4551-9ade-6aea9057c800/1/4FXyZ2I3BD7kCWvxGZrIfeK6HNY.roa
Signing time: Tue 04 Jan 2022 16:22:28 +0000
ROA not before: Tue 04 Jan 2022 16:22:28 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 399578
IP address blocks: 78.143.242.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 851894528 (0x32c6e100)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aeb66ec5e8f2405f6f8d486e73fb82b8de0dee0f
Validity
Not Before: Jan 4 16:22:28 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=e055f2676237043ee4096bf1199ac87de2ba1cd6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:46:f1:df:6d:bf:6a:77:f7:84:b4:64:fb:35:
a3:b7:06:50:93:10:95:b4:6f:67:06:bf:98:a7:fd:
1b:15:0c:5c:cb:12:a7:3d:e6:a7:e6:b4:da:ca:73:
f2:4a:5e:3c:d3:57:53:b0:76:6f:e2:45:f5:95:14:
34:15:f2:37:6e:28:d4:34:2c:48:a2:51:fa:5a:b4:
9b:e1:ea:27:cd:d9:7f:00:7b:d0:c3:18:56:79:4c:
62:d9:67:49:f6:25:8d:51:38:42:ae:19:f3:61:76:
14:0f:66:7a:c3:05:85:ad:53:1a:90:98:8e:11:a8:
59:ba:32:07:b6:94:3e:39:f3:6f:26:a3:39:5a:4b:
95:36:59:73:9a:42:9f:84:e2:d3:84:4b:d4:46:e4:
4a:6d:ff:fb:60:76:ea:e8:c6:29:98:6a:88:1c:76:
e1:3c:94:88:81:f7:1e:30:29:de:73:c4:ac:2a:2e:
4a:4b:bc:b4:8a:d5:0f:64:55:79:1c:6c:20:6c:fe:
3f:82:6d:1b:04:dd:a4:53:90:95:84:af:60:b2:c3:
2d:98:ea:93:cf:05:95:1c:92:7c:e3:40:0e:b2:51:
0c:08:82:89:a1:e8:a7:5c:fd:77:4b:8c:22:f8:a1:
70:71:73:df:8f:3e:1c:3b:3c:73:0a:e0:a5:cc:e0:
8c:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:55:F2:67:62:37:04:3E:E4:09:6B:F1:19:9A:C8:7D:E2:BA:1C:D6
X509v3 Authority Key Identifier:
keyid:AE:B6:6E:C5:E8:F2:40:5F:6F:8D:48:6E:73:FB:82:B8:DE:0D:EE:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rrZuxejyQF9vjUhuc_uCuN4N7g8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/32/153788-14b7-4551-9ade-6aea9057c800/1/4FXyZ2I3BD7kCWvxGZrIfeK6HNY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/32/153788-14b7-4551-9ade-6aea9057c800/1/rrZuxejyQF9vjUhuc_uCuN4N7g8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.143.242.0/24
Signature Algorithm: sha256WithRSAEncryption
83:46:24:58:74:08:e1:97:95:71:f5:fe:47:63:8f:50:ae:ff:
30:2b:6a:59:8a:20:98:5f:95:8f:43:0c:e2:31:bb:24:bd:74:
3c:22:02:ca:3d:0c:73:bf:15:f0:9f:f9:43:05:78:00:2a:29:
77:1a:80:87:3a:7f:7e:10:25:a9:28:5b:9e:73:02:e4:56:60:
a3:e8:9b:03:76:f0:25:54:39:50:0b:43:e8:e5:f3:75:f5:6f:
bb:a7:07:8f:c0:b8:a1:f6:ea:2d:ef:34:b0:88:fe:0b:ab:34:
7a:bd:46:49:bb:74:d1:55:89:ad:91:ed:0c:65:d1:fa:e9:78:
50:30:48:19:26:73:cc:17:c8:92:6c:fd:2a:7e:e4:a6:2b:1e:
8f:a3:f9:22:20:e5:12:b8:b2:e6:69:4b:9e:20:d2:f9:64:5d:
30:75:ac:86:4a:73:e5:42:c8:97:9c:5c:f8:5b:07:6a:99:ef:
e9:22:b2:ae:f2:8d:d1:3b:85:02:b8:38:ed:6b:bd:84:d0:62:
e8:2b:85:d0:d2:23:58:a2:59:b8:95:00:5b:d0:d1:7a:20:96:
40:37:b0:70:1a:bc:60:fc:cd:12:4d:6f:0d:2b:78:96:48:f2:
82:8d:03:11:89:08:0a:c5:8e:28:33:56:51:59:89:2a:cc:f8:
a5:ec:5f:40
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEMsbhADANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
ZWI2NmVjNWU4ZjI0MDVmNmY4ZDQ4NmU3M2ZiODJiOGRlMGRlZTBmMB4XDTIyMDEw
NDE2MjIyOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZTA1NWYyNjc2MjM3
MDQzZWU0MDk2YmYxMTk5YWM4N2RlMmJhMWNkNjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAK5G8d9tv2p394S0ZPs1o7cGUJMQlbRvZwa/mKf9GxUMXMsS
pz3mp+a02spz8kpePNNXU7B2b+JF9ZUUNBXyN24o1DQsSKJR+lq0m+HqJ83ZfwB7
0MMYVnlMYtlnSfYljVE4Qq4Z82F2FA9mesMFha1TGpCYjhGoWboyB7aUPjnzbyaj
OVpLlTZZc5pCn4Ti04RL1EbkSm3/+2B26ujGKZhqiBx24TyUiIH3HjAp3nPErCou
Sku8tIrVD2RVeRxsIGz+P4JtGwTdpFOQlYSvYLLDLZjqk88FlRySfONADrJRDAiC
iaHop1z9d0uMIvihcHFz348+HDs8cwrgpczgjNMCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBTgVfJnYjcEPuQJa/EZmsh94roc1jAfBgNVHSMEGDAWgBSutm7F6PJAX2+N
SG5z+4K43g3uDzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3JyWnV4ZWp5UUY5dmpVaHVjX3VDdU40TjdnOC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzIvMTUzNzg4LTE0YjctNDU1MS05YWRlLTZhZWE5MDU3YzgwMC8x
LzRGWHlaMkkzQkQ3a0NXdnhHWnJJZmVLNkhOWS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzIv
MTUzNzg4LTE0YjctNDU1MS05YWRlLTZhZWE5MDU3YzgwMC8xL3JyWnV4ZWp5UUY5
dmpVaHVjX3VDdU40TjdnOC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAE6P8jANBgkqhkiG9w0BAQsFAAOC
AQEAg0YkWHQI4ZeVcfX+R2OPUK7/MCtqWYogmF+Vj0MM4jG7JL10PCICyj0Mc78V
8J/5QwV4ACopdxqAhzp/fhAlqShbnnMC5FZgo+ibA3bwJVQ5UAtD6OXzdfVvu6cH
j8C4ofbqLe80sIj+C6s0er1GSbt00VWJrZHtDGXR+ul4UDBIGSZzzBfIkmz9Kn7k
pisej6P5IiDlEriy5mlLniDS+WRdMHWshkpz5ULIl5xc+FsHapnv6SKyrvKN0TuF
Arg47Wu9hNBi6CuF0NIjWKJZuJUAW9DReiCWQDewcBq8YPzNEk1vDSt4lkjygo0D
EYkICsWOKDNWUVmJKsz4pexfQA==
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:12:26 2025 by rpki-client