Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a8/a7068a-92ba-42ea-9966-2054d4e903bc/1/1-F3CM2nqPsbvQ00peSknPhtFPA4.roa
File: 1-F3CM2nqPsbvQ00peSknPhtFPA4.roa (raw, json)
Hash identifier: nakQdHFXHT/TaaMa9kzqJEbSitoZjnr4WWVVS04OqTg=
Subject key identifier: F8:5D:C2:33:69:EA:3E:C6:EF:43:4D:29:79:29:27:3E:1B:45:3C:0E
Certificate issuer: /CN=b2e448b4a08f0e4c58a283d80735a8a803e10d4e
Certificate serial: 355926FE
Authority key identifier: B2:E4:48:B4:A0:8F:0E:4C:58:A2:83:D8:07:35:A8:A8:03:E1:0D:4E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/suRItKCPDkxYooPYBzWoqAPhDU4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a8/a7068a-92ba-42ea-9966-2054d4e903bc/1/1-F3CM2nqPsbvQ00peSknPhtFPA4.roa
Signing time: Sat 01 Jan 2022 16:10:37 +0000
ROA not before: Sat 01 Jan 2022 16:10:37 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 43586
IP address blocks: 78.24.75.0/24 maxlen: 24
78.24.76.0/24 maxlen: 24
78.24.77.0/24 maxlen: 24
78.24.72.0/24 maxlen: 24
78.24.78.0/24 maxlen: 24
78.24.79.0/24 maxlen: 24
2a00:1908:e47::/48 maxlen: 48
2a00:1908:6000::/35 maxlen: 35
2a00:1908:8000::/35 maxlen: 35
2a00:1908::/35 maxlen: 35
2a00:1908:2000::/35 maxlen: 35
2a00:1908:4000::/35 maxlen: 35
2a00:1908:c000::/35 maxlen: 35
2a00:1908:a000::/35 maxlen: 35
2a00:1908:d000::/36 maxlen: 36
2a00:1908:c000::/36 maxlen: 36
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 895035134 (0x355926fe)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b2e448b4a08f0e4c58a283d80735a8a803e10d4e
Validity
Not Before: Jan 1 16:10:37 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=f85dc23369ea3ec6ef434d297929273e1b453c0e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:00:52:a9:aa:e8:d4:b2:b2:b5:63:2d:40:35:
05:7c:94:59:1f:2a:fa:3d:9a:4d:c2:49:32:f1:39:
6c:c5:90:15:bf:0e:84:6f:ab:9e:fe:04:cc:08:d5:
a8:d3:e0:31:87:6e:45:18:29:f6:33:4f:01:cb:a0:
69:2d:b9:8f:71:5b:7a:81:b1:93:f1:24:6f:bd:45:
48:92:3e:b6:dd:62:e7:9e:6f:56:d8:f8:e7:24:4c:
37:78:94:47:a7:bd:b9:c8:79:be:b3:a0:9a:6c:dc:
ca:f5:85:81:7d:34:4a:df:6c:2e:71:79:26:0b:1f:
ad:63:ea:bf:22:01:7f:9c:93:22:c7:2d:69:6d:3e:
7f:c1:7c:f6:d2:ce:b5:a9:57:43:c1:a4:ca:4b:37:
79:79:c7:97:e7:72:68:a0:3b:93:48:d5:f7:71:83:
6b:2c:89:ab:46:ed:47:91:c3:8d:03:a4:88:c9:cb:
70:59:14:f2:2a:37:0c:22:81:1b:a9:43:6c:02:2a:
22:57:1a:ce:82:d9:db:0c:84:bf:1c:94:7f:08:5a:
1a:c2:ec:c8:44:91:94:dc:7f:b7:ff:e1:4a:64:3d:
83:7d:5b:06:d1:20:20:ad:38:e5:74:0c:a5:1f:bb:
14:c9:48:6c:aa:84:11:3f:87:25:e9:78:33:52:4a:
a1:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F8:5D:C2:33:69:EA:3E:C6:EF:43:4D:29:79:29:27:3E:1B:45:3C:0E
X509v3 Authority Key Identifier:
keyid:B2:E4:48:B4:A0:8F:0E:4C:58:A2:83:D8:07:35:A8:A8:03:E1:0D:4E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/suRItKCPDkxYooPYBzWoqAPhDU4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/a7068a-92ba-42ea-9966-2054d4e903bc/1/1-F3CM2nqPsbvQ00peSknPhtFPA4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/a7068a-92ba-42ea-9966-2054d4e903bc/1/suRItKCPDkxYooPYBzWoqAPhDU4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.24.72.0/24
78.24.75.0-78.24.79.255
IPv6:
2a00:1908::-2a00:1908:dfff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
61:23:32:7d:62:f7:97:bc:d4:8a:49:10:63:36:9a:bd:45:4e:
84:88:8e:c6:27:06:1d:34:af:cb:f6:11:65:f1:39:80:3b:88:
65:36:61:14:a8:d6:49:c4:85:86:56:26:0f:d1:e8:d7:3a:64:
24:68:94:cf:c1:b0:b9:93:e9:e1:7e:32:be:49:61:7f:8a:2f:
49:7b:4c:31:8c:05:34:68:8c:f6:0d:16:5b:75:d6:0c:32:4f:
86:84:a2:97:3f:4f:98:d2:54:d5:2c:29:c3:83:79:e2:ed:98:
96:8a:99:43:0f:71:d2:ca:c0:54:de:a7:28:a1:84:0c:9c:fb:
5e:e4:a6:a6:01:3a:b2:0a:db:e5:e6:6e:8d:c7:80:e0:15:3a:
83:3e:8e:29:80:ad:36:aa:41:56:3c:90:07:f0:5e:8b:84:39:
e3:af:05:e8:45:49:67:ee:74:3c:a2:6c:eb:1b:52:db:10:f9:
16:ed:a5:f3:2d:ae:b4:56:4a:14:5f:5a:f4:6f:2a:c8:5f:96:
06:c7:b8:37:b7:f9:60:94:0d:5e:3d:9a:2f:37:5e:f0:ff:8f:
e0:fc:09:57:13:cb:97:c4:b2:e9:9d:5b:bb:47:57:bb:8b:db:
a2:e3:1e:82:f4:69:9a:c4:31:b2:61:99:f4:e8:0b:df:05:0c:
61:82:d1:67
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgIENVkm/jANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
MmU0NDhiNGEwOGYwZTRjNThhMjgzZDgwNzM1YThhODAzZTEwZDRlMB4XDTIyMDEw
MTE2MTAzN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZjg1ZGMyMzM2OWVh
M2VjNmVmNDM0ZDI5NzkyOTI3M2UxYjQ1M2MwZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAIwAUqmq6NSysrVjLUA1BXyUWR8q+j2aTcJJMvE5bMWQFb8O
hG+rnv4EzAjVqNPgMYduRRgp9jNPAcugaS25j3FbeoGxk/Ekb71FSJI+tt1i555v
Vtj45yRMN3iUR6e9uch5vrOgmmzcyvWFgX00St9sLnF5JgsfrWPqvyIBf5yTIsct
aW0+f8F89tLOtalXQ8Gkyks3eXnHl+dyaKA7k0jV93GDayyJq0btR5HDjQOkiMnL
cFkU8io3DCKBG6lDbAIqIlcazoLZ2wyEvxyUfwhaGsLsyESRlNx/t//hSmQ9g31b
BtEgIK045XQMpR+7FMlIbKqEET+HJel4M1JKoT0CAwEAAaOCAjEwggItMB0GA1Ud
DgQWBBT4XcIzaeo+xu9DTSl5KSc+G0U8DjAfBgNVHSMEGDAWgBSy5Ei0oI8OTFii
g9gHNaioA+ENTjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3N1Ukl0S0NQRGt4WW9vUFlCeldvcUFQaERVNC5jZXIwgY4GCCsGAQUFBwELBIGB
MH8wfQYIKwYBBQUHMAuGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYTgvYTcwNjhhLTkyYmEtNDJlYS05OTY2LTIwNTRkNGU5MDNiYy8x
LzEtRjNDTTJucVBzYnZRMDBwZVNrblBodEZQQTQucm9hMIGBBgNVHR8EejB4MHag
dKByhnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2E4
L2E3MDY4YS05MmJhLTQyZWEtOTk2Ni0yMDU0ZDRlOTAzYmMvMS9zdVJJdEtDUERr
eFlvb1BZQnpXb3FBUGhEVTQuY3JsMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIw
RgYIKwYBBQUHAQcBAf8ENzA1MBoEAgABMBQDBABOGEgwDAMEAE4YSwMEBE4YQDAX
BAIAAjARMA8DBQMqABkIAwYFKgAZCMAwDQYJKoZIhvcNAQELBQADggEBAGEjMn1i
95e81IpJEGM2mr1FToSIjsYnBh00r8v2EWXxOYA7iGU2YRSo1knEhYZWJg/R6Nc6
ZCRolM/BsLmT6eF+Mr5JYX+KL0l7TDGMBTRojPYNFlt11gwyT4aEopc/T5jSVNUs
KcODeeLtmJaKmUMPcdLKwFTepyihhAyc+17kpqYBOrIK2+Xmbo3HgOAVOoM+jimA
rTaqQVY8kAfwXouEOeOvBehFSWfudDyibOsbUtsQ+RbtpfMtrrRWShRfWvRvKshf
lgbHuDe3+WCUDV49mi83XvD/j+D8CVcTy5fEsumdW7tHV7uL26LjHoL0aZrEMbJh
mfToC98FDGGC0Wc=
-----END CERTIFICATE-----
Generated at Thu Apr 17 23:44:31 2025 by rpki-client