Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dc/381ecc-9d75-41ba-85f6-17693e7ea67a/1/S5MKke9dMD54vhT7s9FWcJQ5MDU.roa
File: S5MKke9dMD54vhT7s9FWcJQ5MDU.roa (raw, json)
Hash identifier: vHubUu208LiRRi/9rYKRpuO8wV9H+Hsif6btdFCS7co=
Subject key identifier: 4B:93:0A:91:EF:5D:30:3E:78:BE:14:FB:B3:D1:56:70:94:39:30:35
Certificate issuer: /CN=2c3963ba2aae5abd38a6eed09da985611f1b5021
Certificate serial: 01849F7C5B74D5BC31F801669D5C1EBA27FD
Authority key identifier: 2C:39:63:BA:2A:AE:5A:BD:38:A6:EE:D0:9D:A9:85:61:1F:1B:50:21
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LDljuiquWr04pu7QnamFYR8bUCE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dc/381ecc-9d75-41ba-85f6-17693e7ea67a/1/S5MKke9dMD54vhT7s9FWcJQ5MDU.roa
Signing time: Tue 22 Nov 2022 13:17:17 +0000
ROA not before: Tue 22 Nov 2022 13:17:17 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 211254
IP address blocks: 78.159.80.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:9f:7c:5b:74:d5:bc:31:f8:01:66:9d:5c:1e:ba:27:fd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2c3963ba2aae5abd38a6eed09da985611f1b5021
Validity
Not Before: Nov 22 13:17:17 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=4b930a91ef5d303e78be14fbb3d1567094393035
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:30:7a:6e:36:df:06:90:80:a2:86:f9:71:65:
73:c9:d8:52:af:de:d6:35:12:45:0f:f9:f1:d9:bc:
c1:30:e8:50:46:22:40:a1:98:b1:62:03:2f:0f:9b:
53:0f:a4:00:63:48:52:a2:ec:02:99:ee:f2:ab:a0:
46:ff:85:a5:64:80:0f:15:f1:b3:31:6a:63:cd:0b:
6b:71:0f:21:f2:69:cf:29:0b:b2:c9:c7:88:ae:e3:
aa:0d:4e:34:da:e5:6c:64:25:f4:ae:80:5b:33:fd:
3e:e6:23:a5:25:75:af:79:96:cb:1e:b5:32:20:6d:
3c:71:2d:f2:6f:64:30:47:27:cd:4f:be:b2:b1:2a:
7a:0f:aa:3e:5e:06:2f:20:6d:8b:17:47:a1:ca:aa:
40:f7:6f:b0:87:7a:6f:d7:50:19:d2:c6:04:80:03:
be:83:b1:45:94:b6:1e:b9:09:2b:4f:08:b7:a7:7d:
30:c8:cd:e4:3d:68:08:31:f4:02:fe:96:9c:95:7a:
75:86:0c:9a:56:d6:30:57:b7:27:dd:fa:98:38:7a:
40:77:d6:8c:65:84:6c:9c:49:2d:b8:1d:c6:59:d4:
46:2b:ae:a9:ab:28:81:97:44:f2:ed:93:d0:eb:df:
6d:fd:df:bb:49:35:2e:07:b7:cf:f9:69:a7:1f:44:
42:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:93:0A:91:EF:5D:30:3E:78:BE:14:FB:B3:D1:56:70:94:39:30:35
X509v3 Authority Key Identifier:
keyid:2C:39:63:BA:2A:AE:5A:BD:38:A6:EE:D0:9D:A9:85:61:1F:1B:50:21
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LDljuiquWr04pu7QnamFYR8bUCE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/381ecc-9d75-41ba-85f6-17693e7ea67a/1/S5MKke9dMD54vhT7s9FWcJQ5MDU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/381ecc-9d75-41ba-85f6-17693e7ea67a/1/LDljuiquWr04pu7QnamFYR8bUCE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.159.80.0/24
Signature Algorithm: sha256WithRSAEncryption
bb:84:f9:45:da:77:0e:04:34:ea:31:4c:b4:aa:d2:c0:f2:e0:
a9:19:d0:6b:42:c0:4c:76:04:a9:36:07:f4:cc:eb:c6:c1:45:
f3:92:71:b8:59:50:16:86:33:b8:5f:59:c6:97:4f:de:55:d1:
fe:e9:42:42:e0:2e:5d:21:19:95:85:39:d9:14:ed:88:b6:2d:
0b:10:6a:30:8c:16:3e:69:ec:65:94:27:28:8a:ca:29:61:13:
e8:9f:7f:a2:da:75:25:2a:89:0a:8f:f6:29:12:05:a9:0e:8f:
96:b9:76:00:5a:a2:dd:8e:66:ad:df:90:24:e6:6b:33:ba:38:
c0:c0:ba:e9:6a:15:50:4b:b2:b4:2a:cf:f5:c8:9c:71:53:88:
b5:d2:9d:38:ed:1c:68:af:5b:8c:2d:c2:4a:34:db:8d:ee:ed:
07:e1:93:42:dc:e9:c4:22:04:7a:cb:86:41:e4:64:b6:72:8b:
40:90:ed:6e:3c:6d:42:4a:d8:63:93:32:e0:56:6c:d2:01:28:
46:51:42:60:7e:16:47:a1:ba:9e:d4:c4:f9:33:57:95:ca:45:
61:07:36:b8:7a:dd:b2:22:14:2d:0a:d7:40:fb:97:34:62:2b:
72:33:25:1e:05:05:44:b1:da:2b:f8:d6:a0:e9:8d:68:c2:3a:
61:72:fb:9d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYSffFt01bwx+AFmnVweuif9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJjMzk2M2JhMmFhZTVhYmQzOGE2ZWVkMDlkYTk4NTYxMWYx
YjUwMjEwHhcNMjIxMTIyMTMxNzE3WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YjkzMGE5MWVmNWQzMDNlNzhiZTE0ZmJiM2QxNTY3MDk0MzkzMDM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmzB6bjbfBpCAoob5cWVzydhSr97W
NRJFD/nx2bzBMOhQRiJAoZixYgMvD5tTD6QAY0hSouwCme7yq6BG/4WlZIAPFfGz
MWpjzQtrcQ8h8mnPKQuyyceIruOqDU402uVsZCX0roBbM/0+5iOlJXWveZbLHrUy
IG08cS3yb2QwRyfNT76ysSp6D6o+XgYvIG2LF0ehyqpA92+wh3pv11AZ0sYEgAO+
g7FFlLYeuQkrTwi3p30wyM3kPWgIMfQC/paclXp1hgyaVtYwV7cn3fqYOHpAd9aM
ZYRsnEktuB3GWdRGK66pqyiBl0Ty7ZPQ699t/d+7STUuB7fP+WmnH0RCWwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEuTCpHvXTA+eL4U+7PRVnCUOTA1MB8GA1UdIwQY
MBaAFCw5Y7oqrlq9OKbu0J2phWEfG1AhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTERsanVpcXVXcjA0cHU3UW5hbUZZUjhiVUNFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYy8zODFlY2MtOWQ3NS00MWJhLTg1ZjYt
MTc2OTNlN2VhNjdhLzEvUzVNS2tlOWRNRDU0dmhUN3M5RldjSlE1TURVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYy8zODFlY2MtOWQ3NS00MWJhLTg1ZjYtMTc2OTNlN2VhNjdh
LzEvTERsanVpcXVXcjA0cHU3UW5hbUZZUjhiVUNFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQATp9QMA0G
CSqGSIb3DQEBCwUAA4IBAQC7hPlF2ncOBDTqMUy0qtLA8uCpGdBrQsBMdgSpNgf0
zOvGwUXzknG4WVAWhjO4X1nGl0/eVdH+6UJC4C5dIRmVhTnZFO2Iti0LEGowjBY+
aexllCcoisopYRPon3+i2nUlKokKj/YpEgWpDo+WuXYAWqLdjmat35Ak5mszujjA
wLrpahVQS7K0Ks/1yJxxU4i10p047Rxor1uMLcJKNNuN7u0H4ZNC3OnEIgR6y4ZB
5GS2cotAkO1uPG1CSthjkzLgVmzSAShGUUJgfhZHobqe1MT5M1eVykVhBza4et2y
IhQtCtdA+5c0YityMyUeBQVEsdor+Nag6Y1owjphcvud
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:18:57 2025 by rpki-client