Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/1f6458-dc75-4add-ae72-91e3184bb0ab/1/4cv2QlvScMPkTbWzJR6GG1y_fSc.roa
File: 4cv2QlvScMPkTbWzJR6GG1y_fSc.roa (raw, json)
Hash identifier: u+DoupWLmcqoGsHmxenp5crdcX3qYAd/PSA/dczwUWo=
Subject key identifier: E1:CB:F6:42:5B:D2:70:C3:E4:4D:B5:B3:25:1E:86:1B:5C:BF:7D:27
Certificate issuer: /CN=1aca63df248b7adf3ddd07e8c2d3eedd02cef933
Certificate serial: 39F88E7C
Authority key identifier: 1A:CA:63:DF:24:8B:7A:DF:3D:DD:07:E8:C2:D3:EE:DD:02:CE:F9:33
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Gspj3ySLet893QfowtPu3QLO-TM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/1f6458-dc75-4add-ae72-91e3184bb0ab/1/4cv2QlvScMPkTbWzJR6GG1y_fSc.roa
Signing time: Sat 01 Jan 2022 14:00:33 +0000
ROA not before: Sat 01 Jan 2022 14:00:33 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 51277
IP address blocks: 94.42.132.0/24 maxlen: 24
78.133.153.0/24 maxlen: 24
78.133.170.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 972590716 (0x39f88e7c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1aca63df248b7adf3ddd07e8c2d3eedd02cef933
Validity
Not Before: Jan 1 14:00:33 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=e1cbf6425bd270c3e44db5b3251e861b5cbf7d27
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:db:8d:e9:44:91:a7:8e:8d:83:49:8f:38:6b:
19:bb:e3:84:a7:ab:2e:29:1e:d1:41:3f:05:e3:6d:
ae:a4:03:09:ec:f4:62:a8:f3:8f:74:a9:50:a3:5e:
f6:57:13:a7:59:89:54:34:50:ce:90:f7:6c:a3:90:
e5:8c:93:f0:e1:64:c5:e7:c0:6f:76:22:e8:95:ec:
cc:a0:c7:cd:40:dd:ec:5b:4a:f6:31:01:29:74:97:
ca:86:cf:ff:d6:f0:f0:58:fa:32:0d:05:be:b1:fc:
8b:7f:85:0e:cb:c9:40:71:53:90:bd:ed:70:44:ef:
ff:3c:af:a5:40:42:de:38:28:da:c0:6b:d4:38:1f:
d1:87:ea:06:da:69:3a:c9:9a:81:3c:b2:b3:ec:b9:
1c:63:8b:70:09:c9:f5:f4:c7:5e:49:fa:7a:63:25:
7c:54:85:d5:35:95:f9:ea:40:dd:c4:a5:71:d3:53:
c3:40:6e:4c:1c:6f:5f:2c:21:54:c3:24:72:e6:3b:
72:40:79:78:9a:3a:4d:c7:4e:a7:e1:65:89:16:1f:
e3:ad:fb:69:21:79:dc:af:5a:08:8b:2f:92:8d:7f:
bf:8d:b2:7b:a1:e9:b3:e6:ad:26:fb:45:01:46:28:
78:d7:6a:89:b9:bb:48:60:89:89:b8:db:5b:be:96:
c9:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:CB:F6:42:5B:D2:70:C3:E4:4D:B5:B3:25:1E:86:1B:5C:BF:7D:27
X509v3 Authority Key Identifier:
keyid:1A:CA:63:DF:24:8B:7A:DF:3D:DD:07:E8:C2:D3:EE:DD:02:CE:F9:33
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Gspj3ySLet893QfowtPu3QLO-TM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/1f6458-dc75-4add-ae72-91e3184bb0ab/1/4cv2QlvScMPkTbWzJR6GG1y_fSc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/be/1f6458-dc75-4add-ae72-91e3184bb0ab/1/Gspj3ySLet893QfowtPu3QLO-TM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.133.153.0/24
78.133.170.0/23
94.42.132.0/24
Signature Algorithm: sha256WithRSAEncryption
42:70:ec:9f:8b:eb:cb:f2:66:72:7e:2d:30:3e:89:8a:fa:5a:
4d:a7:7e:f0:07:e9:f7:5a:fe:1f:64:25:75:5e:7e:2a:8b:5e:
2f:94:e5:70:81:36:50:10:de:f5:c3:b1:86:15:f1:cb:49:3f:
1f:5a:30:6f:92:67:24:fd:c5:7c:b2:03:57:a2:5d:19:09:e1:
63:b1:f4:77:c1:42:fc:c3:26:5b:be:03:16:b9:6f:bd:e5:11:
ba:57:90:de:6d:60:26:29:4e:f1:ee:b1:0e:64:22:b8:04:00:
85:88:89:fd:d1:dc:6d:60:5a:94:95:04:48:c8:1f:f2:de:fa:
0a:db:17:cf:e9:c7:ba:b2:bd:a0:19:37:8d:a2:bb:40:28:c1:
54:05:87:1d:51:61:e9:db:1e:60:8e:e8:98:33:e1:3a:bd:8b:
b9:f8:68:f7:3e:64:db:84:9a:ad:b9:38:45:51:f2:78:37:8d:
ea:d0:3c:ce:7f:5e:39:af:b7:c8:9e:8e:dd:64:7f:8b:62:35:
70:de:18:53:11:45:69:fb:60:5b:43:fa:f6:f6:6e:f9:57:a2:
78:03:c6:67:0f:3b:2e:07:8e:3c:91:6f:67:25:fd:39:27:3a:
a0:d5:b0:32:9c:3f:75:5f:da:a8:68:bf:37:a5:c9:2c:34:be:
51:6c:dc:b5
-----BEGIN CERTIFICATE-----
MIIE+zCCA+OgAwIBAgIEOfiOfDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
YWNhNjNkZjI0OGI3YWRmM2RkZDA3ZThjMmQzZWVkZDAyY2VmOTMzMB4XDTIyMDEw
MTE0MDAzM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZTFjYmY2NDI1YmQy
NzBjM2U0NGRiNWIzMjUxZTg2MWI1Y2JmN2QyNzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMfbjelEkaeOjYNJjzhrGbvjhKerLike0UE/BeNtrqQDCez0
Yqjzj3SpUKNe9lcTp1mJVDRQzpD3bKOQ5YyT8OFkxefAb3Yi6JXszKDHzUDd7FtK
9jEBKXSXyobP/9bw8Fj6Mg0FvrH8i3+FDsvJQHFTkL3tcETv/zyvpUBC3jgo2sBr
1Dgf0YfqBtppOsmagTyys+y5HGOLcAnJ9fTHXkn6emMlfFSF1TWV+epA3cSlcdNT
w0BuTBxvXywhVMMkcuY7ckB5eJo6TcdOp+FliRYf4637aSF53K9aCIsvko1/v42y
e6Hps+atJvtFAUYoeNdqibm7SGCJibjbW76WySUCAwEAAaOCAhUwggIRMB0GA1Ud
DgQWBBThy/ZCW9Jww+RNtbMlHoYbXL99JzAfBgNVHSMEGDAWgBQaymPfJIt63z3d
B+jC0+7dAs75MzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0dzcGozeVNMZXQ4OTNRZm93dFB1M1FMTy1UTS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYmUvMWY2NDU4LWRjNzUtNGFkZC1hZTcyLTkxZTMxODRiYjBhYi8x
LzRjdjJRbHZTY01Qa1RiV3pKUjZHRzF5X2ZTYy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYmUv
MWY2NDU4LWRjNzUtNGFkZC1hZTcyLTkxZTMxODRiYjBhYi8xL0dzcGozeVNMZXQ4
OTNRZm93dFB1M1FMTy1UTS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAr
BggrBgEFBQcBBwEB/wQcMBowGAQCAAEwEgMEAE6FmQMEAU6FqgMEAF4qhDANBgkq
hkiG9w0BAQsFAAOCAQEAQnDsn4vry/Jmcn4tMD6JivpaTad+8Afp91r+H2QldV5+
KoteL5TlcIE2UBDe9cOxhhXxy0k/H1owb5JnJP3FfLIDV6JdGQnhY7H0d8FC/MMm
W74DFrlvveURuleQ3m1gJilO8e6xDmQiuAQAhYiJ/dHcbWBalJUESMgf8t76CtsX
z+nHurK9oBk3jaK7QCjBVAWHHVFh6dseYI7omDPhOr2Lufho9z5k24Sarbk4RVHy
eDeN6tA8zn9eOa+3yJ6O3WR/i2I1cN4YUxFFaftgW0P69vZu+VeieAPGZw87LgeO
PJFvZyX9OSc6oNWwMpw/dV/aqGi/N6XJLDS+UWzctQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:52:01 2024 by rpki-client on console-fra.rpki-client.org