Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dc/381ecc-9d75-41ba-85f6-17693e7ea67a/1/3xEPPX_q8pfE6HZs0sRlnUNXiZo.roa
File: 3xEPPX_q8pfE6HZs0sRlnUNXiZo.roa (raw, json)
Hash identifier: BQTqGV7YdwHQ6ssufMvc2hHKis1FRJ5QUVUpB5lWCmE=
Subject key identifier: DF:11:0F:3D:7F:EA:F2:97:C4:E8:76:6C:D2:C4:65:9D:43:57:89:9A
Certificate issuer: /CN=2c3963ba2aae5abd38a6eed09da985611f1b5021
Certificate serial: 01856EA6BE4D2ADE246994E4F4BA8E2FDC3A
Authority key identifier: 2C:39:63:BA:2A:AE:5A:BD:38:A6:EE:D0:9D:A9:85:61:1F:1B:50:21
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LDljuiquWr04pu7QnamFYR8bUCE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dc/381ecc-9d75-41ba-85f6-17693e7ea67a/1/3xEPPX_q8pfE6HZs0sRlnUNXiZo.roa
Signing time: Sun 01 Jan 2023 18:44:59 +0000
ROA not before: Sun 01 Jan 2023 18:44:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 203828
IP address blocks: 78.159.91.0/24 maxlen: 24
78.159.89.0/24 maxlen: 24
78.159.90.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:a6:be:4d:2a:de:24:69:94:e4:f4:ba:8e:2f:dc:3a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2c3963ba2aae5abd38a6eed09da985611f1b5021
Validity
Not Before: Jan 1 18:44:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=df110f3d7feaf297c4e8766cd2c4659d4357899a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:3b:1f:76:9a:e9:e9:ef:a7:a9:a3:e8:44:33:
8b:e3:ec:3c:1c:64:88:31:2d:c5:93:7a:49:73:3c:
13:d7:25:b5:9b:90:48:28:50:e9:bc:3b:de:a0:3d:
20:55:1c:06:a6:89:26:e3:f5:0c:bd:1d:10:78:e4:
26:2d:99:09:8d:f9:fb:0c:55:2e:f7:55:1b:a5:48:
c9:ab:7c:a6:c0:24:da:e1:51:70:36:b4:16:45:08:
56:20:b2:f8:8c:85:6e:a9:c6:af:40:30:81:6f:a0:
12:02:d8:36:26:a1:3d:5c:37:15:75:57:c2:38:07:
ad:a0:3b:94:84:6e:d0:a3:2a:a9:c6:7e:a8:e6:7c:
21:24:6e:ca:d8:ea:e7:0b:78:7d:fa:12:ca:b7:5f:
13:3b:07:d9:dc:fc:fe:0e:b1:ed:05:b5:74:3b:0d:
6a:f1:b0:53:9a:39:39:e4:c0:2f:25:d0:5b:a2:1c:
0d:56:b6:e0:39:00:8e:7b:d4:f0:2d:08:8c:e1:14:
7d:e8:75:ce:60:5c:5c:3c:0d:7d:95:59:ee:9e:6e:
86:e4:c6:79:45:79:ff:0c:63:dc:bf:e0:41:8d:68:
fb:7a:cc:b7:c3:ab:7b:7e:37:87:8d:b1:56:ee:a7:
74:21:ee:f8:e4:cf:fb:7b:44:2c:30:d8:45:2e:68:
11:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:11:0F:3D:7F:EA:F2:97:C4:E8:76:6C:D2:C4:65:9D:43:57:89:9A
X509v3 Authority Key Identifier:
keyid:2C:39:63:BA:2A:AE:5A:BD:38:A6:EE:D0:9D:A9:85:61:1F:1B:50:21
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LDljuiquWr04pu7QnamFYR8bUCE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/381ecc-9d75-41ba-85f6-17693e7ea67a/1/3xEPPX_q8pfE6HZs0sRlnUNXiZo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/381ecc-9d75-41ba-85f6-17693e7ea67a/1/LDljuiquWr04pu7QnamFYR8bUCE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.159.89.0-78.159.91.255
Signature Algorithm: sha256WithRSAEncryption
71:11:3c:a2:56:d0:f2:21:f6:d7:3d:08:5b:8e:a2:5d:18:41:
0d:07:93:61:07:da:7b:2c:9e:85:73:13:2b:ed:44:57:03:f4:
47:39:44:8c:d5:e2:74:db:1f:51:50:30:87:64:11:73:9e:c5:
68:f6:7f:83:c5:95:ef:45:fe:a2:6e:4f:87:41:17:ef:61:20:
a0:1b:63:b0:eb:58:4d:0f:9e:4d:cf:5d:29:fb:50:47:ce:cd:
ad:40:16:e4:70:5b:29:22:d6:ac:50:b8:11:e1:62:ec:ba:73:
a8:54:a0:84:10:f6:aa:03:97:4f:b2:2a:a1:aa:ee:ae:31:ea:
4d:41:90:23:6f:f6:fd:bc:fc:ac:76:b1:fd:8b:1a:9d:ac:36:
7d:d7:11:e3:dc:fc:4e:21:40:cb:f2:36:f6:38:c8:91:ce:11:
bb:c8:1c:89:3f:cc:cf:7c:01:e6:db:33:c9:ce:a3:16:fd:1f:
75:e4:ce:71:88:4c:c9:af:3a:19:4e:85:7c:cd:b1:35:32:c6:
aa:95:de:7f:c3:dc:44:25:a2:11:c5:8e:19:a0:1f:1e:d4:ae:
8c:f1:a5:d4:7d:15:b3:3c:ec:6e:38:0e:79:0d:44:8e:38:c6:
05:39:7f:c1:6d:ad:d6:a6:de:c8:9a:02:69:e9:ec:46:11:29:
1e:e6:13:84
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYVupr5NKt4kaZTk9LqOL9w6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJjMzk2M2JhMmFhZTVhYmQzOGE2ZWVkMDlkYTk4NTYxMWYx
YjUwMjEwHhcNMjMwMTAxMTg0NDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZjExMGYzZDdmZWFmMjk3YzRlODc2NmNkMmM0NjU5ZDQzNTc4OTlhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAizsfdprp6e+nqaPoRDOL4+w8HGSI
MS3Fk3pJczwT1yW1m5BIKFDpvDveoD0gVRwGpokm4/UMvR0QeOQmLZkJjfn7DFUu
91UbpUjJq3ymwCTa4VFwNrQWRQhWILL4jIVuqcavQDCBb6ASAtg2JqE9XDcVdVfC
OAetoDuUhG7Qoyqpxn6o5nwhJG7K2OrnC3h9+hLKt18TOwfZ3Pz+DrHtBbV0Ow1q
8bBTmjk55MAvJdBbohwNVrbgOQCOe9TwLQiM4RR96HXOYFxcPA19lVnunm6G5MZ5
RXn/DGPcv+BBjWj7esy3w6t7fjeHjbFW7qd0Ie745M/7e0QsMNhFLmgRaQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFN8RDz1/6vKXxOh2bNLEZZ1DV4maMB8GA1UdIwQY
MBaAFCw5Y7oqrlq9OKbu0J2phWEfG1AhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTERsanVpcXVXcjA0cHU3UW5hbUZZUjhiVUNFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYy8zODFlY2MtOWQ3NS00MWJhLTg1ZjYt
MTc2OTNlN2VhNjdhLzEvM3hFUFBYX3E4cGZFNkhaczBzUmxuVU5YaVpvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYy8zODFlY2MtOWQ3NS00MWJhLTg1ZjYtMTc2OTNlN2VhNjdh
LzEvTERsanVpcXVXcjA0cHU3UW5hbUZZUjhiVUNFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBABOn1kD
BAJOn1gwDQYJKoZIhvcNAQELBQADggEBAHERPKJW0PIh9tc9CFuOol0YQQ0Hk2EH
2nssnoVzEyvtRFcD9Ec5RIzV4nTbH1FQMIdkEXOexWj2f4PFle9F/qJuT4dBF+9h
IKAbY7DrWE0Pnk3PXSn7UEfOza1AFuRwWyki1qxQuBHhYuy6c6hUoIQQ9qoDl0+y
KqGq7q4x6k1BkCNv9v28/Kx2sf2LGp2sNn3XEePc/E4hQMvyNvY4yJHOEbvIHIk/
zM98AebbM8nOoxb9H3XkznGITMmvOhlOhXzNsTUyxqqV3n/D3EQlohHFjhmgHx7U
rozxpdR9FbM87G44DnkNRI44xgU5f8Ftrdam3siaAmnp7EYRKR7mE4Q=
-----END CERTIFICATE-----
Generated at Wed Apr 23 12:36:34 2025 by rpki-client