Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/79/bbcd53-c4f8-4245-bb90-00a154b8ecb1/1/IB1iM_ZM3wy-2QkdQ5Y3g0UdqbM.roa
File: IB1iM_ZM3wy-2QkdQ5Y3g0UdqbM.roa (raw, json)
Hash identifier: qlVCiP7BpTGgxCtxMmrcVUKxWD/JDeA6yFK/KCWwFng=
Subject key identifier: 20:1D:62:33:F6:4C:DF:0C:BE:D9:09:1D:43:96:37:83:45:1D:A9:B3
Certificate issuer: /CN=73e157b2918cadca8a5a9fbc66e977608a6df5e1
Certificate serial: 018524C20632E80DCFBD619F624EB7E79787
Authority key identifier: 73:E1:57:B2:91:8C:AD:CA:8A:5A:9F:BC:66:E9:77:60:8A:6D:F5:E1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/c-FXspGMrcqKWp-8Zul3YIpt9eE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/79/bbcd53-c4f8-4245-bb90-00a154b8ecb1/1/IB1iM_ZM3wy-2QkdQ5Y3g0UdqbM.roa
Signing time: Sun 18 Dec 2022 10:22:53 +0000
ROA not before: Sun 18 Dec 2022 10:22:53 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 16509
IP address blocks: 178.21.145.0/24 maxlen: 24
178.21.144.0/24 maxlen: 24
178.21.146.0/24 maxlen: 24
178.21.147.0/24 maxlen: 24
2a02:2c0:1::/48 maxlen: 48
2a02:2c0::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:24:c2:06:32:e8:0d:cf:bd:61:9f:62:4e:b7:e7:97:87
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=73e157b2918cadca8a5a9fbc66e977608a6df5e1
Validity
Not Before: Dec 18 10:22:53 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=201d6233f64cdf0cbed9091d43963783451da9b3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:c1:c5:13:d8:45:0d:26:6e:66:a4:08:93:59:
53:62:e9:27:66:fe:60:ea:71:5f:02:82:56:6c:17:
ce:6a:7e:17:dd:dc:f8:94:a9:71:8a:cb:60:97:0d:
45:e5:83:ac:86:8c:7d:43:e7:87:39:33:48:14:01:
99:f5:06:61:e1:55:7e:ae:88:28:fa:03:35:f2:f8:
75:db:d4:35:f7:9e:9f:d1:8c:55:a9:53:cb:ba:3c:
82:0a:b7:27:c8:1e:82:59:d7:72:b9:fa:cf:ba:07:
f4:82:56:09:f4:88:27:88:fd:91:90:70:85:34:56:
c8:f8:4d:bb:70:e7:9d:13:f1:69:80:61:44:bf:fe:
36:95:95:56:87:4e:fc:a6:f0:82:35:98:31:6d:e2:
54:93:d8:e4:76:23:a5:9e:74:7b:2d:42:ad:8e:5e:
cd:f2:1f:f6:87:74:4c:97:cc:32:46:7e:6f:9b:f0:
0c:57:96:42:4e:51:5e:ba:61:d9:8f:61:db:c6:e3:
0f:69:c7:26:9d:ef:1e:9a:8b:71:64:01:92:e1:0e:
3d:97:37:0d:df:34:95:e7:64:62:9b:cf:d8:5e:e4:
08:c2:fb:c4:8f:80:fb:a0:69:31:f7:0c:28:78:5f:
eb:aa:50:f2:e8:6f:d8:d2:f3:c1:6f:26:2b:69:c1:
c6:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:1D:62:33:F6:4C:DF:0C:BE:D9:09:1D:43:96:37:83:45:1D:A9:B3
X509v3 Authority Key Identifier:
keyid:73:E1:57:B2:91:8C:AD:CA:8A:5A:9F:BC:66:E9:77:60:8A:6D:F5:E1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/c-FXspGMrcqKWp-8Zul3YIpt9eE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/79/bbcd53-c4f8-4245-bb90-00a154b8ecb1/1/IB1iM_ZM3wy-2QkdQ5Y3g0UdqbM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/79/bbcd53-c4f8-4245-bb90-00a154b8ecb1/1/c-FXspGMrcqKWp-8Zul3YIpt9eE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.21.144.0/22
IPv6:
2a02:2c0::/47
Signature Algorithm: sha256WithRSAEncryption
57:a1:71:3b:ae:60:f3:05:f1:9b:62:32:cc:f3:88:c1:be:5d:
c3:cb:19:90:47:f8:68:e4:b9:9d:0f:a8:2c:75:b6:52:4a:f8:
03:7c:f6:de:f2:c2:29:c1:f4:b4:3d:b0:7d:20:ac:8f:08:20:
a1:cd:cc:15:41:df:5d:55:ba:27:a3:af:da:17:cc:03:d5:4d:
4e:82:44:d2:38:c8:94:97:b9:57:8a:22:9a:c8:e1:7e:5c:9c:
e5:42:55:09:af:2a:4e:0e:84:0f:df:e1:06:68:08:d4:f8:f5:
a2:b9:b0:0b:08:3d:20:74:5b:6b:73:34:7d:2f:8e:19:ee:58:
3d:c1:2e:e5:b5:e6:27:45:b2:27:ee:f9:a8:c2:cc:95:c5:84:
4c:79:07:80:f9:57:c9:d7:08:eb:2d:a5:01:a7:df:1a:50:a9:
aa:bd:1f:ca:fa:fe:95:d8:3e:39:40:29:43:04:5d:05:c7:bc:
41:d3:64:6b:a3:2d:8c:14:3f:9b:5b:0e:9d:96:e2:27:f8:90:
85:4d:aa:c5:c3:18:47:56:0a:3a:89:5c:ba:ce:58:a4:b2:c5:
6c:c5:5a:71:d4:6a:39:2a:34:10:af:16:7f:de:88:43:1e:f7:
cf:0c:53:9b:cd:03:ed:25:91:d1:bb:32:a7:55:f4:51:d9:31:
8b:7f:fd:f0
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYUkwgYy6A3PvWGfYk6355eHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDczZTE1N2IyOTE4Y2FkY2E4YTVhOWZiYzY2ZTk3NzYwOGE2
ZGY1ZTEwHhcNMjIxMjE4MTAyMjUzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMDFkNjIzM2Y2NGNkZjBjYmVkOTA5MWQ0Mzk2Mzc4MzQ1MWRhOWIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApsHFE9hFDSZuZqQIk1lTYuknZv5g
6nFfAoJWbBfOan4X3dz4lKlxistglw1F5YOshox9Q+eHOTNIFAGZ9QZh4VV+rogo
+gM18vh129Q1956f0YxVqVPLujyCCrcnyB6CWddyufrPugf0glYJ9IgniP2RkHCF
NFbI+E27cOedE/FpgGFEv/42lZVWh078pvCCNZgxbeJUk9jkdiOlnnR7LUKtjl7N
8h/2h3RMl8wyRn5vm/AMV5ZCTlFeumHZj2HbxuMPaccmne8emotxZAGS4Q49lzcN
3zSV52Rim8/YXuQIwvvEj4D7oGkx9wwoeF/rqlDy6G/Y0vPBbyYracHGRQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFCAdYjP2TN8MvtkJHUOWN4NFHamzMB8GA1UdIwQY
MBaAFHPhV7KRjK3KilqfvGbpd2CKbfXhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYy1GWHNwR01yY3FLV3AtOFp1bDNZSXB0OWVFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OS9iYmNkNTMtYzRmOC00MjQ1LWJiOTAt
MDBhMTU0YjhlY2IxLzEvSUIxaU1fWk0zd3ktMlFrZFE1WTNnMFVkcWJNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OS9iYmNkNTMtYzRmOC00MjQ1LWJiOTAtMDBhMTU0YjhlY2Ix
LzEvYy1GWHNwR01yY3FLV3AtOFp1bDNZSXB0OWVFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQCshWQMA8E
AgACMAkDBwEqAgLAAAAwDQYJKoZIhvcNAQELBQADggEBAFehcTuuYPMF8ZtiMszz
iMG+XcPLGZBH+GjkuZ0PqCx1tlJK+AN89t7ywinB9LQ9sH0grI8IIKHNzBVB311V
uiejr9oXzAPVTU6CRNI4yJSXuVeKIprI4X5cnOVCVQmvKk4OhA/f4QZoCNT49aK5
sAsIPSB0W2tzNH0vjhnuWD3BLuW15idFsifu+ajCzJXFhEx5B4D5V8nXCOstpQGn
3xpQqaq9H8r6/pXYPjlAKUMEXQXHvEHTZGujLYwUP5tbDp2W4if4kIVNqsXDGEdW
CjqJXLrOWKSyxWzFWnHUajkqNBCvFn/eiEMe988MU5vNA+0lkdG7MqdV9FHZMYt/
/fA=
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:34:42 2025 by rpki-client