Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dc/381ecc-9d75-41ba-85f6-17693e7ea67a/1/IX1LgetLatR7gQ8um_w--YuPB9E.roa
File: IX1LgetLatR7gQ8um_w--YuPB9E.roa (raw, json)
Hash identifier: GrCxpCrKAc/ddZDNijAeVWVOoYIm0UQrH9VR0EJcBI4=
Subject key identifier: 21:7D:4B:81:EB:4B:6A:D4:7B:81:0F:2E:9B:FC:3E:F9:8B:8F:07:D1
Certificate issuer: /CN=2c3963ba2aae5abd38a6eed09da985611f1b5021
Certificate serial: 01849F7C5696BF557CBCB31E5370812D53D6
Authority key identifier: 2C:39:63:BA:2A:AE:5A:BD:38:A6:EE:D0:9D:A9:85:61:1F:1B:50:21
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LDljuiquWr04pu7QnamFYR8bUCE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dc/381ecc-9d75-41ba-85f6-17693e7ea67a/1/IX1LgetLatR7gQ8um_w--YuPB9E.roa
Signing time: Tue 22 Nov 2022 13:17:16 +0000
ROA not before: Tue 22 Nov 2022 13:17:16 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 43093
IP address blocks: 78.159.81.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:9f:7c:56:96:bf:55:7c:bc:b3:1e:53:70:81:2d:53:d6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2c3963ba2aae5abd38a6eed09da985611f1b5021
Validity
Not Before: Nov 22 13:17:16 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=217d4b81eb4b6ad47b810f2e9bfc3ef98b8f07d1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:c0:24:3c:58:e5:9f:37:a8:b1:24:6f:0c:76:
ea:01:2d:b6:a7:33:5f:58:00:9e:73:66:47:49:0d:
f1:9b:19:64:5d:89:6f:6e:bc:42:a4:73:c8:5e:21:
6d:e7:f5:51:4e:13:6b:56:dd:e8:35:3d:25:de:cf:
21:2a:b9:f9:89:c8:11:04:79:06:46:1b:8d:69:49:
11:1a:7a:b6:f5:d0:af:43:cc:ca:f3:4a:7b:42:d3:
ff:49:eb:c6:a6:ba:3a:c8:4b:cb:2d:dd:3b:35:d7:
0e:f1:86:0a:6a:43:ea:ed:80:a5:34:4b:93:ac:39:
ac:d8:b0:8c:cd:9f:b4:0e:9f:de:24:35:46:1a:68:
55:5f:3a:0c:19:8c:03:59:70:b3:b4:89:53:5a:0e:
d3:98:ce:e3:34:a6:15:6d:97:98:aa:00:14:3a:05:
29:15:0b:30:dc:95:ab:2a:c3:5f:3f:40:7f:18:89:
ee:42:9c:35:30:64:78:f4:07:9a:c3:c0:db:72:40:
24:7c:09:33:6b:e6:ee:57:47:1d:be:11:dd:77:4e:
34:3d:b9:bf:4b:f3:07:ef:67:35:f2:bd:06:90:2a:
33:cb:97:e8:98:04:bd:7b:b4:2c:0f:7e:f2:97:51:
3c:27:7c:df:f3:57:c6:f9:85:ff:6d:30:95:eb:92:
1d:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:7D:4B:81:EB:4B:6A:D4:7B:81:0F:2E:9B:FC:3E:F9:8B:8F:07:D1
X509v3 Authority Key Identifier:
keyid:2C:39:63:BA:2A:AE:5A:BD:38:A6:EE:D0:9D:A9:85:61:1F:1B:50:21
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LDljuiquWr04pu7QnamFYR8bUCE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/381ecc-9d75-41ba-85f6-17693e7ea67a/1/IX1LgetLatR7gQ8um_w--YuPB9E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/381ecc-9d75-41ba-85f6-17693e7ea67a/1/LDljuiquWr04pu7QnamFYR8bUCE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.159.81.0/24
Signature Algorithm: sha256WithRSAEncryption
40:63:74:19:f5:e9:5c:a7:a2:9a:e4:f9:a3:b6:4e:87:5b:c8:
27:c6:0e:64:ec:2d:09:04:73:be:72:af:a3:60:a7:80:49:f6:
c3:0f:6c:e2:b1:9e:93:14:00:d6:95:65:1f:fb:e4:80:f4:57:
84:47:65:f3:25:54:dc:53:8f:b5:71:d6:03:bb:f1:4b:f2:c4:
ae:db:1d:2e:8c:31:fe:86:8e:81:1f:15:ed:51:9f:37:c1:e9:
fd:10:fc:59:76:ef:05:6a:cf:ef:79:0c:6d:cf:0e:79:17:a4:
60:0a:31:c0:1d:7c:01:9f:05:6b:b6:b5:0e:09:3e:4c:d3:5c:
0b:04:0d:15:fd:83:c2:18:5a:5d:fd:97:71:cf:7e:49:43:1e:
b6:4a:a2:92:d2:2c:5f:60:0e:4b:82:f7:ed:72:e5:69:24:ed:
f5:ad:3d:a8:27:98:c3:9f:57:e6:f8:de:05:cc:00:27:a8:59:
df:17:c4:0e:c6:f3:28:26:cc:31:65:b2:cd:38:7d:f2:89:eb:
5b:46:05:97:c3:58:b7:d1:80:dc:5f:27:33:7a:ef:b9:9b:d5:
2c:fb:d5:15:a5:fc:b4:9a:e7:80:73:c6:a5:d9:ca:a4:35:f6:
18:8a:44:4d:3c:dd:1c:2b:d5:d9:cf:d6:7a:cf:d2:17:65:3b:
a9:ad:5e:16
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYSffFaWv1V8vLMeU3CBLVPWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJjMzk2M2JhMmFhZTVhYmQzOGE2ZWVkMDlkYTk4NTYxMWYx
YjUwMjEwHhcNMjIxMTIyMTMxNzE2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMTdkNGI4MWViNGI2YWQ0N2I4MTBmMmU5YmZjM2VmOThiOGYwN2QxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAscAkPFjlnzeosSRvDHbqAS22pzNf
WACec2ZHSQ3xmxlkXYlvbrxCpHPIXiFt5/VRThNrVt3oNT0l3s8hKrn5icgRBHkG
RhuNaUkRGnq29dCvQ8zK80p7QtP/SevGpro6yEvLLd07NdcO8YYKakPq7YClNEuT
rDms2LCMzZ+0Dp/eJDVGGmhVXzoMGYwDWXCztIlTWg7TmM7jNKYVbZeYqgAUOgUp
FQsw3JWrKsNfP0B/GInuQpw1MGR49Aeaw8DbckAkfAkza+buV0cdvhHdd040Pbm/
S/MH72c18r0GkCozy5fomAS9e7QsD37yl1E8J3zf81fG+YX/bTCV65IddwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCF9S4HrS2rUe4EPLpv8PvmLjwfRMB8GA1UdIwQY
MBaAFCw5Y7oqrlq9OKbu0J2phWEfG1AhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTERsanVpcXVXcjA0cHU3UW5hbUZZUjhiVUNFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYy8zODFlY2MtOWQ3NS00MWJhLTg1ZjYt
MTc2OTNlN2VhNjdhLzEvSVgxTGdldExhdFI3Z1E4dW1fdy0tWXVQQjlFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYy8zODFlY2MtOWQ3NS00MWJhLTg1ZjYtMTc2OTNlN2VhNjdh
LzEvTERsanVpcXVXcjA0cHU3UW5hbUZZUjhiVUNFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQATp9RMA0G
CSqGSIb3DQEBCwUAA4IBAQBAY3QZ9elcp6Ka5Pmjtk6HW8gnxg5k7C0JBHO+cq+j
YKeASfbDD2zisZ6TFADWlWUf++SA9FeER2XzJVTcU4+1cdYDu/FL8sSu2x0ujDH+
ho6BHxXtUZ83wen9EPxZdu8Fas/veQxtzw55F6RgCjHAHXwBnwVrtrUOCT5M01wL
BA0V/YPCGFpd/Zdxz35JQx62SqKS0ixfYA5LgvftcuVpJO31rT2oJ5jDn1fm+N4F
zAAnqFnfF8QOxvMoJswxZbLNOH3yietbRgWXw1i30YDcXyczeu+5m9Us+9UVpfy0
mueAc8al2cqkNfYYikRNPN0cK9XZz9Z6z9IXZTuprV4W
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:40:11 2025 by rpki-client