Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/32/153788-14b7-4551-9ade-6aea9057c800/1/4S8MV-3nCg0jTnzzw0wIyii-gsY.roa
File: 4S8MV-3nCg0jTnzzw0wIyii-gsY.roa (raw, json)
Hash identifier: h4k3VILGJrq97+5cnsYE1IVPyRaisquwNQoPCu0zZt4=
Subject key identifier: E1:2F:0C:57:ED:E7:0A:0D:23:4E:7C:F3:C3:4C:08:CA:28:BE:82:C6
Certificate issuer: /CN=aeb66ec5e8f2405f6f8d486e73fb82b8de0dee0f
Certificate serial: 32C6DEB5
Authority key identifier: AE:B6:6E:C5:E8:F2:40:5F:6F:8D:48:6E:73:FB:82:B8:DE:0D:EE:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rrZuxejyQF9vjUhuc_uCuN4N7g8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/32/153788-14b7-4551-9ade-6aea9057c800/1/4S8MV-3nCg0jTnzzw0wIyii-gsY.roa
Signing time: Tue 04 Jan 2022 16:22:27 +0000
ROA not before: Tue 04 Jan 2022 16:22:27 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 397065
IP address blocks: 78.143.240.0/24 maxlen: 24
78.143.243.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 851893941 (0x32c6deb5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aeb66ec5e8f2405f6f8d486e73fb82b8de0dee0f
Validity
Not Before: Jan 4 16:22:27 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=e12f0c57ede70a0d234e7cf3c34c08ca28be82c6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:3e:47:8d:3c:30:e2:d3:ad:15:54:05:c6:99:
f8:b8:35:c5:28:eb:bc:02:08:73:03:2a:d3:b5:f8:
ba:e5:ca:c7:b9:76:90:b7:4a:1f:c9:f3:da:70:e8:
8b:a9:56:12:b3:70:80:1d:8a:e3:d0:9a:3a:16:7c:
ef:cb:fc:1e:db:6c:a2:af:5e:6a:9c:72:15:da:e6:
53:99:db:14:ff:1f:b7:2a:f3:1f:0c:d0:d7:4a:79:
2a:9b:82:7b:b5:7d:d8:71:3e:b7:fc:71:ae:3a:5d:
0d:28:78:5a:88:81:b4:66:f9:18:40:e7:bd:28:89:
d2:c6:3d:4a:4a:48:8b:1e:c0:5f:87:24:7b:29:22:
83:d6:1c:d4:ee:10:71:ed:b5:e6:2e:cd:eb:a9:28:
66:b6:f3:bc:7b:4c:0c:c7:58:37:ae:79:05:55:84:
a3:45:08:ff:6a:fc:d6:9d:30:70:77:37:38:2a:a2:
f9:98:f5:60:3c:c8:87:9e:fb:df:74:be:2d:07:56:
14:c7:ee:d6:85:32:46:3b:a2:51:7c:de:49:50:86:
1a:19:39:c9:85:3f:a4:87:21:1b:11:9a:9d:52:23:
a4:f3:d1:0f:e0:2b:44:8c:3f:0e:57:fd:45:9b:a7:
63:a8:48:54:50:37:24:1d:b0:1f:51:9d:8f:78:be:
6e:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:2F:0C:57:ED:E7:0A:0D:23:4E:7C:F3:C3:4C:08:CA:28:BE:82:C6
X509v3 Authority Key Identifier:
keyid:AE:B6:6E:C5:E8:F2:40:5F:6F:8D:48:6E:73:FB:82:B8:DE:0D:EE:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rrZuxejyQF9vjUhuc_uCuN4N7g8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/32/153788-14b7-4551-9ade-6aea9057c800/1/4S8MV-3nCg0jTnzzw0wIyii-gsY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/32/153788-14b7-4551-9ade-6aea9057c800/1/rrZuxejyQF9vjUhuc_uCuN4N7g8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.143.240.0/24
78.143.243.0/24
Signature Algorithm: sha256WithRSAEncryption
5d:a7:32:0b:45:8d:42:1c:fc:26:de:0e:09:ab:60:2f:6e:d1:
d8:2c:3e:67:a3:96:fc:bb:b0:00:9b:ab:fe:8d:eb:bb:06:e5:
ed:85:ab:d1:73:21:e6:b5:85:36:1f:f2:47:ea:3e:6c:fa:61:
0c:71:1b:c9:49:26:a9:a9:19:04:aa:ce:bf:45:4f:49:3a:36:
9c:87:96:65:7f:a1:eb:d2:c4:f2:06:07:90:c8:b2:ad:47:9c:
6d:86:10:6a:00:cd:1e:6a:08:7e:c2:92:53:12:99:f7:f8:34:
f2:49:f8:ca:2f:9a:a0:38:b4:45:45:04:ee:28:2e:7c:d0:b9:
92:3e:14:cb:87:7d:63:48:28:6a:16:e3:09:41:5e:9c:6d:1b:
a9:8e:46:19:6f:9c:16:db:d9:54:4a:f2:b7:c5:6e:c8:47:95:
82:f2:d3:82:6a:48:a7:ee:9f:76:73:ab:a6:39:1c:88:7c:77:
4c:a2:14:e3:55:30:fa:2a:f7:99:91:db:2b:2e:a8:6f:4e:5c:
95:4d:27:c5:ed:20:2e:54:1f:ec:ec:cc:1a:7a:5c:c8:f1:2b:
ac:69:18:95:f1:68:71:26:7d:9a:af:64:1c:be:33:d3:2e:6c:
d5:79:06:cd:3b:22:11:1e:00:8c:80:2c:f3:eb:37:52:96:63:
f3:70:e9:1f
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIEMsbetTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
ZWI2NmVjNWU4ZjI0MDVmNmY4ZDQ4NmU3M2ZiODJiOGRlMGRlZTBmMB4XDTIyMDEw
NDE2MjIyN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZTEyZjBjNTdlZGU3
MGEwZDIzNGU3Y2YzYzM0YzA4Y2EyOGJlODJjNjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALE+R408MOLTrRVUBcaZ+Lg1xSjrvAIIcwMq07X4uuXKx7l2
kLdKH8nz2nDoi6lWErNwgB2K49CaOhZ878v8Httsoq9eapxyFdrmU5nbFP8ftyrz
HwzQ10p5KpuCe7V92HE+t/xxrjpdDSh4WoiBtGb5GEDnvSiJ0sY9SkpIix7AX4ck
eykig9Yc1O4Qce215i7N66koZrbzvHtMDMdYN655BVWEo0UI/2r81p0wcHc3OCqi
+Zj1YDzIh57733S+LQdWFMfu1oUyRjuiUXzeSVCGGhk5yYU/pIchGxGanVIjpPPR
D+ArRIw/Dlf9RZunY6hIVFA3JB2wH1Gdj3i+bgkCAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBThLwxX7ecKDSNOfPPDTAjKKL6CxjAfBgNVHSMEGDAWgBSutm7F6PJAX2+N
SG5z+4K43g3uDzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3JyWnV4ZWp5UUY5dmpVaHVjX3VDdU40TjdnOC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzIvMTUzNzg4LTE0YjctNDU1MS05YWRlLTZhZWE5MDU3YzgwMC8x
LzRTOE1WLTNuQ2cwalRuenp3MHdJeWlpLWdzWS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzIv
MTUzNzg4LTE0YjctNDU1MS05YWRlLTZhZWE5MDU3YzgwMC8xL3JyWnV4ZWp5UUY5
dmpVaHVjX3VDdU40TjdnOC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEAE6P8AMEAE6P8zANBgkqhkiG9w0B
AQsFAAOCAQEAXacyC0WNQhz8Jt4OCatgL27R2Cw+Z6OW/LuwAJur/o3ruwbl7YWr
0XMh5rWFNh/yR+o+bPphDHEbyUkmqakZBKrOv0VPSTo2nIeWZX+h69LE8gYHkMiy
rUecbYYQagDNHmoIfsKSUxKZ9/g08kn4yi+aoDi0RUUE7igufNC5kj4Uy4d9Y0go
ahbjCUFenG0bqY5GGW+cFtvZVEryt8VuyEeVgvLTgmpIp+6fdnOrpjkciHx3TKIU
41Uw+ir3mZHbKy6ob05clU0nxe0gLlQf7OzMGnpcyPErrGkYlfFocSZ9mq9kHL4z
0y5s1XkGzTsiER4AjIAs8+s3UpZj83DpHw==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:49:58 2023 by rpki-client on console-ams.rpki-client.org