Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/7e500d-5552-4b82-a3bd-aa0071b7bf84/1/4y31DmKwVuqCmI18JHaoCxmwlS8.roa
File: 4y31DmKwVuqCmI18JHaoCxmwlS8.roa (raw, json)
Hash identifier: ZPFnVMBfqwqDKHwzlEY5+tRZ/NAOMSzkecmGxdSRit4=
Subject key identifier: E3:2D:F5:0E:62:B0:56:EA:82:98:8D:7C:24:76:A8:0B:19:B0:95:2F
Certificate issuer: /CN=339cbb1e439a3a71eb8796692f622bf838f8488c
Certificate serial: 37844A54
Authority key identifier: 33:9C:BB:1E:43:9A:3A:71:EB:87:96:69:2F:62:2B:F8:38:F8:48:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/M5y7HkOaOnHrh5ZpL2Ir-Dj4SIw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/7e500d-5552-4b82-a3bd-aa0071b7bf84/1/4y31DmKwVuqCmI18JHaoCxmwlS8.roa
Signing time: Sat 01 Jan 2022 02:55:48 +0000
ROA not before: Sat 01 Jan 2022 02:55:48 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 34409
IP address blocks: 78.24.161.0/24 maxlen: 24
78.24.160.0/21 maxlen: 21
78.24.162.0/24 maxlen: 24
78.24.166.0/24 maxlen: 24
78.24.160.0/24 maxlen: 24
78.24.165.0/24 maxlen: 24
78.24.163.0/24 maxlen: 24
78.24.164.0/24 maxlen: 24
78.24.167.0/24 maxlen: 24
193.151.36.0/24 maxlen: 24
193.151.38.0/24 maxlen: 24
193.151.37.0/24 maxlen: 24
195.8.99.0/24 maxlen: 24
2a02:1320::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 931416660 (0x37844a54)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=339cbb1e439a3a71eb8796692f622bf838f8488c
Validity
Not Before: Jan 1 02:55:48 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=e32df50e62b056ea82988d7c2476a80b19b0952f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:d0:ed:b1:8f:34:d0:15:05:a4:ed:a0:9c:c5:
f1:ed:2a:f0:df:aa:37:5d:24:d4:0d:a1:1e:f9:f3:
16:cb:0a:7e:e6:a9:2a:ee:88:e8:d6:d5:ab:f9:fc:
a0:eb:03:f8:c0:a1:7d:1a:7e:08:09:51:e7:e5:b6:
50:f9:a7:c7:65:db:26:ea:4c:65:79:33:8e:f2:f8:
1d:6a:66:20:dc:8f:e0:d4:cf:4f:1a:92:2c:b9:bf:
7f:38:65:62:db:66:b1:5d:e5:8e:38:45:c6:8d:48:
ef:bc:c4:7e:03:4d:67:b0:d2:fd:7a:d1:5f:4e:93:
e0:d4:c5:0f:ed:ca:da:15:17:36:29:68:31:76:68:
1d:7d:6c:f8:99:aa:68:02:c0:33:75:6f:17:6f:4e:
e0:58:1e:18:a6:11:f9:0d:8a:44:ea:a9:a7:bf:f1:
dd:25:1a:a7:6f:4a:0a:f2:9c:6e:5b:01:f4:5e:1b:
b2:49:30:fa:a7:5c:16:3c:60:cd:b1:ec:78:54:1c:
f0:de:74:6a:4f:cc:3a:1c:2d:d7:a2:0d:64:66:60:
26:e9:37:05:04:61:a4:76:e0:b4:cb:39:74:8a:28:
e0:9a:4d:a6:33:46:a1:3b:87:9d:88:59:8a:5b:d6:
a6:fb:f2:f2:de:30:7a:ff:49:04:cb:68:bc:78:27:
49:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:2D:F5:0E:62:B0:56:EA:82:98:8D:7C:24:76:A8:0B:19:B0:95:2F
X509v3 Authority Key Identifier:
keyid:33:9C:BB:1E:43:9A:3A:71:EB:87:96:69:2F:62:2B:F8:38:F8:48:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/M5y7HkOaOnHrh5ZpL2Ir-Dj4SIw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/7e500d-5552-4b82-a3bd-aa0071b7bf84/1/4y31DmKwVuqCmI18JHaoCxmwlS8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/7e500d-5552-4b82-a3bd-aa0071b7bf84/1/M5y7HkOaOnHrh5ZpL2Ir-Dj4SIw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.24.160.0/21
193.151.36.0-193.151.38.255
195.8.99.0/24
IPv6:
2a02:1320::/32
Signature Algorithm: sha256WithRSAEncryption
05:3c:cb:48:53:af:aa:5e:6b:c5:40:ed:d9:8b:a9:d8:b5:ae:
37:56:73:06:49:9c:ba:3c:7d:13:53:02:7c:12:1d:5c:e5:11:
7f:6e:0b:0a:44:3e:03:5c:68:8e:d6:35:ad:7a:59:8c:76:4c:
b6:26:61:33:f2:95:d2:e6:33:c0:0b:fe:f6:52:f5:df:5d:e1:
ea:a6:13:c1:69:b8:ec:1a:e8:65:dd:eb:a3:d3:da:37:54:d8:
7e:fb:c9:d2:f3:9c:6a:71:d4:b1:b3:b8:ec:8a:81:51:eb:f7:
10:99:9d:44:f1:d4:25:25:d5:8a:6a:25:4f:25:16:67:9f:73:
60:88:b7:69:63:6c:43:71:c7:de:e3:3b:23:05:73:4a:80:2a:
44:dd:2e:2f:c0:79:ca:1b:da:f0:3d:be:2c:e1:08:96:17:df:
af:61:3b:90:0b:7b:9e:70:e0:8f:80:0f:7a:9c:07:4d:01:7d:
6f:fe:b3:5c:f8:72:20:79:09:e9:28:39:85:09:c2:56:c9:25:
d2:2d:5b:43:b1:78:76:12:a6:16:a3:83:89:59:77:cb:b9:25:
19:e6:c8:c6:59:57:06:8a:f4:f3:68:78:ad:ab:36:76:db:68:
85:7a:b3:21:1e:a1:de:c4:0c:be:be:06:d4:c9:03:d4:d2:b8:
3d:68:79:60
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgIEN4RKVDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
MzljYmIxZTQzOWEzYTcxZWI4Nzk2NjkyZjYyMmJmODM4Zjg0ODhjMB4XDTIyMDEw
MTAyNTU0OFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZTMyZGY1MGU2MmIw
NTZlYTgyOTg4ZDdjMjQ3NmE4MGIxOWIwOTUyZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAK7Q7bGPNNAVBaTtoJzF8e0q8N+qN10k1A2hHvnzFssKfuap
Ku6I6NbVq/n8oOsD+MChfRp+CAlR5+W2UPmnx2XbJupMZXkzjvL4HWpmINyP4NTP
TxqSLLm/fzhlYttmsV3ljjhFxo1I77zEfgNNZ7DS/XrRX06T4NTFD+3K2hUXNilo
MXZoHX1s+JmqaALAM3VvF29O4FgeGKYR+Q2KROqpp7/x3SUap29KCvKcblsB9F4b
skkw+qdcFjxgzbHseFQc8N50ak/MOhwt16INZGZgJuk3BQRhpHbgtMs5dIoo4JpN
pjNGoTuHnYhZilvWpvvy8t4wev9JBMtovHgnSfcCAwEAAaOCAiwwggIoMB0GA1Ud
DgQWBBTjLfUOYrBW6oKYjXwkdqgLGbCVLzAfBgNVHSMEGDAWgBQznLseQ5o6ceuH
lmkvYiv4OPhIjDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L001eTdIa09hT25Icmg1WnBMMklyLURqNFNJdy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNjUvN2U1MDBkLTU1NTItNGI4Mi1hM2JkLWFhMDA3MWI3YmY4NC8x
LzR5MzFEbUt3VnVxQ21JMThKSGFvQ3htd2xTOC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNjUv
N2U1MDBkLTU1NTItNGI4Mi1hM2JkLWFhMDA3MWI3YmY4NC8xL001eTdIa09hT25I
cmg1WnBMMklyLURqNFNJdy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBC
BggrBgEFBQcBBwEB/wQzMDEwIAQCAAEwGgMEA04YoDAMAwQCwZckAwQAwZcmAwQA
wwhjMA0EAgACMAcDBQAqAhMgMA0GCSqGSIb3DQEBCwUAA4IBAQAFPMtIU6+qXmvF
QO3Zi6nYta43VnMGSZy6PH0TUwJ8Eh1c5RF/bgsKRD4DXGiO1jWtelmMdky2JmEz
8pXS5jPAC/72UvXfXeHqphPBabjsGuhl3euj09o3VNh++8nS85xqcdSxs7jsioFR
6/cQmZ1E8dQlJdWKaiVPJRZnn3NgiLdpY2xDccfe4zsjBXNKgCpE3S4vwHnKG9rw
Pb4s4QiWF9+vYTuQC3uecOCPgA96nAdNAX1v/rNc+HIgeQnpKDmFCcJWySXSLVtD
sXh2EqYWo4OJWXfLuSUZ5sjGWVcGivTzaHitqzZ222iFerMhHqHexAy+vgbUyQPU
0rg9aHlg
-----END CERTIFICATE-----
Generated at Sun Apr 13 07:00:31 2025 by rpki-client