Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/32/153788-14b7-4551-9ade-6aea9057c800/1/cI41HsCLCjBbR6xm9WRd03d33TM.roa
File: cI41HsCLCjBbR6xm9WRd03d33TM.roa (raw, json)
Hash identifier: QRPZr83KTEIBXmB/u48gj3Zivw2D2jwv+Nnh67oafx8=
Subject key identifier: 70:8E:35:1E:C0:8B:0A:30:5B:47:AC:66:F5:64:5D:D3:77:77:DD:33
Certificate issuer: /CN=aeb66ec5e8f2405f6f8d486e73fb82b8de0dee0f
Certificate serial: 32C17B80
Authority key identifier: AE:B6:6E:C5:E8:F2:40:5F:6F:8D:48:6E:73:FB:82:B8:DE:0D:EE:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rrZuxejyQF9vjUhuc_uCuN4N7g8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/32/153788-14b7-4551-9ade-6aea9057c800/1/cI41HsCLCjBbR6xm9WRd03d33TM.roa
Signing time: Sat 01 Jan 2022 16:07:33 +0000
ROA not before: Sat 01 Jan 2022 16:07:33 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 397192
IP address blocks: 78.143.245.0/24 maxlen: 24
78.143.247.0/24 maxlen: 24
5.226.176.0/21 maxlen: 24
2a03:a860:a00::/40 maxlen: 48
2a03:a860:51::/48 maxlen: 48
2a03:a860:61::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 851540864 (0x32c17b80)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aeb66ec5e8f2405f6f8d486e73fb82b8de0dee0f
Validity
Not Before: Jan 1 16:07:33 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=708e351ec08b0a305b47ac66f5645dd37777dd33
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:07:f5:2c:a0:ff:6b:89:78:a7:0f:10:fc:d9:
56:e2:92:07:dc:2f:62:66:26:11:d8:b6:fd:21:df:
9d:60:9c:23:54:45:80:b1:a6:47:d6:b8:4b:a9:23:
e5:3b:8f:46:b6:08:35:93:68:d1:91:15:cc:68:a0:
f1:82:57:6d:fd:d0:f6:79:8a:1f:eb:e4:32:57:37:
88:a5:c7:68:5f:c7:c9:8e:3c:a3:d1:c5:37:11:09:
8c:c4:72:22:67:51:46:fc:86:66:b2:9e:42:64:c8:
49:11:b9:6d:c6:77:fe:50:a0:b8:5b:ac:d7:f1:24:
8c:a6:00:5e:41:67:0b:51:79:7a:98:37:66:df:e9:
b8:57:66:0e:39:dd:91:ac:eb:2d:da:12:14:cb:a0:
f5:35:68:fd:8b:01:5c:51:38:12:fa:66:45:96:d4:
2d:21:fc:bf:58:b8:aa:60:aa:0a:1c:bd:fe:12:68:
89:d4:57:47:ed:16:e3:09:20:9f:4e:e4:ca:5c:4f:
21:f7:26:02:e9:9b:85:8a:e4:0f:02:44:23:30:50:
3b:ce:45:1c:ed:cd:96:ba:86:03:3f:65:ef:cc:48:
d8:a3:cd:00:fa:50:5f:e3:94:a2:62:46:ec:a8:12:
7a:35:9f:bc:5c:f0:93:4b:66:82:78:95:63:7e:3d:
f1:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:8E:35:1E:C0:8B:0A:30:5B:47:AC:66:F5:64:5D:D3:77:77:DD:33
X509v3 Authority Key Identifier:
keyid:AE:B6:6E:C5:E8:F2:40:5F:6F:8D:48:6E:73:FB:82:B8:DE:0D:EE:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rrZuxejyQF9vjUhuc_uCuN4N7g8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/32/153788-14b7-4551-9ade-6aea9057c800/1/cI41HsCLCjBbR6xm9WRd03d33TM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/32/153788-14b7-4551-9ade-6aea9057c800/1/rrZuxejyQF9vjUhuc_uCuN4N7g8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.226.176.0/21
78.143.245.0/24
78.143.247.0/24
IPv6:
2a03:a860:51::/48
2a03:a860:61::/48
2a03:a860:a00::/40
Signature Algorithm: sha256WithRSAEncryption
30:fe:6b:f5:7b:06:cf:4f:69:4f:c5:bf:14:0d:1e:4b:de:9c:
ae:50:8b:87:76:44:fc:22:99:dc:52:8e:b1:2c:2c:43:43:51:
ad:2f:9c:70:79:70:7b:8f:e5:60:6c:14:9e:7e:2f:3e:18:43:
87:a1:2c:12:8c:85:db:75:1d:24:4e:88:31:5f:f3:6a:ad:c0:
2b:76:83:26:38:bb:a7:8b:75:72:cd:ce:de:0d:b8:70:f2:96:
eb:7b:0b:8d:7a:c7:30:38:8c:78:2c:4f:e4:ab:b7:0a:e2:c8:
67:b8:be:f7:82:52:48:bf:0a:d5:af:58:5c:45:7e:02:b0:95:
f0:f3:9f:72:0e:75:56:7b:2b:50:cd:51:41:62:57:70:1e:81:
43:81:44:86:9c:57:42:ae:c3:77:63:3a:8f:12:49:80:b7:db:
cc:de:45:f8:af:18:dc:a9:ec:79:6c:93:20:cc:96:6d:c8:36:
dd:e7:6e:90:39:d6:82:fe:66:33:dd:0f:13:d9:48:5d:d3:f2:
6c:fd:9b:c5:f2:a1:47:40:6a:86:bf:c9:aa:c6:cc:04:34:00:
a0:b1:52:1f:aa:a3:84:c6:29:40:d2:92:f6:89:68:6a:1b:e6:
9e:99:e7:ea:46:dc:95:2c:34:e1:06:e4:22:48:0b:2a:5d:86:
85:dd:3f:5b
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgIEMsF7gDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
ZWI2NmVjNWU4ZjI0MDVmNmY4ZDQ4NmU3M2ZiODJiOGRlMGRlZTBmMB4XDTIyMDEw
MTE2MDczM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNzA4ZTM1MWVjMDhi
MGEzMDViNDdhYzY2ZjU2NDVkZDM3Nzc3ZGQzMzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALwH9Syg/2uJeKcPEPzZVuKSB9wvYmYmEdi2/SHfnWCcI1RF
gLGmR9a4S6kj5TuPRrYINZNo0ZEVzGig8YJXbf3Q9nmKH+vkMlc3iKXHaF/HyY48
o9HFNxEJjMRyImdRRvyGZrKeQmTISRG5bcZ3/lCguFus1/EkjKYAXkFnC1F5epg3
Zt/puFdmDjndkazrLdoSFMug9TVo/YsBXFE4EvpmRZbULSH8v1i4qmCqChy9/hJo
idRXR+0W4wkgn07kylxPIfcmAumbhYrkDwJEIzBQO85FHO3NlrqGAz9l78xI2KPN
APpQX+OUomJG7KgSejWfvFzwk0tmgniVY3498XECAwEAAaOCAjcwggIzMB0GA1Ud
DgQWBBRwjjUewIsKMFtHrGb1ZF3Td3fdMzAfBgNVHSMEGDAWgBSutm7F6PJAX2+N
SG5z+4K43g3uDzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3JyWnV4ZWp5UUY5dmpVaHVjX3VDdU40TjdnOC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzIvMTUzNzg4LTE0YjctNDU1MS05YWRlLTZhZWE5MDU3YzgwMC8x
L2NJNDFIc0NMQ2pCYlI2eG05V1JkMDNkMzNUTS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzIv
MTUzNzg4LTE0YjctNDU1MS05YWRlLTZhZWE5MDU3YzgwMC8xL3JyWnV4ZWp5UUY5
dmpVaHVjX3VDdU40TjdnOC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBN
BggrBgEFBQcBBwEB/wQ+MDwwGAQCAAEwEgMEAwXisAMEAE6P9QMEAE6P9zAgBAIA
AjAaAwcAKgOoYABRAwcAKgOoYABhAwYAKgOoYAowDQYJKoZIhvcNAQELBQADggEB
ADD+a/V7Bs9PaU/FvxQNHkvenK5Qi4d2RPwimdxSjrEsLENDUa0vnHB5cHuP5WBs
FJ5+Lz4YQ4ehLBKMhdt1HSROiDFf82qtwCt2gyY4u6eLdXLNzt4NuHDylut7C416
xzA4jHgsT+SrtwriyGe4vveCUki/CtWvWFxFfgKwlfDzn3IOdVZ7K1DNUUFiV3Ae
gUOBRIacV0Kuw3djOo8SSYC328zeRfivGNyp7HlskyDMlm3INt3nbpA51oL+ZjPd
DxPZSF3T8mz9m8XyoUdAaoa/yarGzAQ0AKCxUh+qo4TGKUDSkvaJaGob5p6Z5+pG
3JUsNOEG5CJICypdhoXdP1s=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:01:53 2024 by rpki-client on console-ams.rpki-client.org