Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dc/381ecc-9d75-41ba-85f6-17693e7ea67a/1/dRbnIbEqbjML1wjiLJ00bPzQpVc.roa
File: dRbnIbEqbjML1wjiLJ00bPzQpVc.roa (raw, json)
Hash identifier: DkJYrq9I4Q7K4MfD8kuzKa/FFwFO/SmT/Y6WTmMt9Bo=
Subject key identifier: 75:16:E7:21:B1:2A:6E:33:0B:D7:08:E2:2C:9D:34:6C:FC:D0:A5:57
Certificate issuer: /CN=2c3963ba2aae5abd38a6eed09da985611f1b5021
Certificate serial: 01856EA6C170CADD4C7302FC806B9A49666C
Authority key identifier: 2C:39:63:BA:2A:AE:5A:BD:38:A6:EE:D0:9D:A9:85:61:1F:1B:50:21
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LDljuiquWr04pu7QnamFYR8bUCE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dc/381ecc-9d75-41ba-85f6-17693e7ea67a/1/dRbnIbEqbjML1wjiLJ00bPzQpVc.roa
Signing time: Sun 01 Jan 2023 18:45:00 +0000
ROA not before: Sun 01 Jan 2023 18:45:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212908
IP address blocks: 78.159.64.0/21 maxlen: 21
78.159.86.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:a6:c1:70:ca:dd:4c:73:02:fc:80:6b:9a:49:66:6c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2c3963ba2aae5abd38a6eed09da985611f1b5021
Validity
Not Before: Jan 1 18:45:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7516e721b12a6e330bd708e22c9d346cfcd0a557
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:4e:5d:38:8a:bb:aa:1c:22:9a:e0:4a:af:ae:
a3:1a:fd:85:2c:51:4f:59:9b:f7:03:17:b9:97:7b:
68:7e:7d:08:cb:dd:cb:4f:36:9a:8d:35:0e:e0:1c:
13:09:09:a0:fc:61:0d:aa:eb:52:40:a6:5e:10:72:
88:cd:bd:9c:84:1e:75:b2:40:d7:f7:09:44:72:ab:
ca:7f:e4:ff:ce:a9:82:c5:a9:8f:c3:90:8a:d0:51:
b3:08:4e:ba:05:91:73:4d:f0:3c:fe:0c:82:c0:12:
9f:72:a8:80:07:57:b3:5d:a7:9a:e4:b7:e8:e8:a1:
a7:f2:9e:87:5f:de:a6:7c:cf:43:53:1c:fa:51:76:
3d:b0:50:41:bd:54:0b:ed:77:50:e3:fa:64:1f:13:
86:f4:86:13:e2:8a:5a:d5:23:f4:b1:70:92:f6:b8:
63:4a:d5:f5:a9:6d:1f:a3:14:76:b8:be:f6:5f:31:
97:56:7c:76:a8:62:43:33:9b:27:89:b8:f7:13:5b:
80:aa:00:81:38:6f:b1:4f:7e:da:5f:b9:25:5d:d8:
93:95:67:d4:08:d3:8c:b1:2e:51:f3:77:1d:a0:43:
5b:dd:18:a9:ab:b3:7b:c7:ca:46:82:aa:4f:ef:4b:
64:5d:72:0b:8a:39:2a:0e:66:0e:e2:3e:0e:66:3b:
cb:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:16:E7:21:B1:2A:6E:33:0B:D7:08:E2:2C:9D:34:6C:FC:D0:A5:57
X509v3 Authority Key Identifier:
keyid:2C:39:63:BA:2A:AE:5A:BD:38:A6:EE:D0:9D:A9:85:61:1F:1B:50:21
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LDljuiquWr04pu7QnamFYR8bUCE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/381ecc-9d75-41ba-85f6-17693e7ea67a/1/dRbnIbEqbjML1wjiLJ00bPzQpVc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/381ecc-9d75-41ba-85f6-17693e7ea67a/1/LDljuiquWr04pu7QnamFYR8bUCE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.159.64.0/21
78.159.86.0/24
Signature Algorithm: sha256WithRSAEncryption
52:f8:8b:19:89:66:08:c8:48:9f:60:57:74:0d:21:08:41:4b:
c3:ac:b8:27:8b:15:74:ba:97:16:5d:65:c8:a4:7b:c9:cf:cb:
ce:9d:a5:c9:4c:fa:81:6c:f2:eb:48:a2:c6:9b:25:25:da:62:
91:52:72:ff:b3:ec:e2:de:9a:e7:76:c9:c0:c5:91:38:59:03:
97:80:3c:4f:3e:62:63:12:ae:64:37:7d:10:00:61:e5:fd:4d:
67:33:23:5d:16:2a:97:6b:99:04:f9:77:3b:c0:d9:f0:fd:a0:
ce:92:4c:f7:91:ef:c6:59:1e:61:fb:29:93:8f:56:b9:af:5a:
85:fd:a1:ce:01:de:55:f5:5c:b9:f0:4f:23:0c:fa:36:2a:e9:
c6:72:e6:5f:1c:d5:c4:d4:af:97:9a:d0:92:cd:7c:43:7c:40:
7a:78:b4:3e:91:6d:75:b7:16:5a:84:52:10:3e:5f:1a:7f:7e:
95:ba:3e:9e:b9:7e:ac:7a:97:f9:f4:15:0e:b3:7f:c7:86:f1:
d0:2b:51:5f:de:db:68:3b:3d:05:4b:8b:00:22:74:2f:8c:73:
7b:8a:87:cc:35:b6:69:fc:75:01:fc:ee:5d:fa:b5:06:9d:5e:
31:eb:78:50:5c:f8:86:67:e9:7e:8a:33:3b:a0:1f:2e:9a:05:
b3:f4:98:d3
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVupsFwyt1McwL8gGuaSWZsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJjMzk2M2JhMmFhZTVhYmQzOGE2ZWVkMDlkYTk4NTYxMWYx
YjUwMjEwHhcNMjMwMTAxMTg0NTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NTE2ZTcyMWIxMmE2ZTMzMGJkNzA4ZTIyYzlkMzQ2Y2ZjZDBhNTU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjk5dOIq7qhwimuBKr66jGv2FLFFP
WZv3Axe5l3tofn0Iy93LTzaajTUO4BwTCQmg/GENqutSQKZeEHKIzb2chB51skDX
9wlEcqvKf+T/zqmCxamPw5CK0FGzCE66BZFzTfA8/gyCwBKfcqiAB1ezXaea5Lfo
6KGn8p6HX96mfM9DUxz6UXY9sFBBvVQL7XdQ4/pkHxOG9IYT4opa1SP0sXCS9rhj
StX1qW0foxR2uL72XzGXVnx2qGJDM5snibj3E1uAqgCBOG+xT37aX7klXdiTlWfU
CNOMsS5R83cdoENb3Ripq7N7x8pGgqpP70tkXXILijkqDmYO4j4OZjvLjQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFHUW5yGxKm4zC9cI4iydNGz80KVXMB8GA1UdIwQY
MBaAFCw5Y7oqrlq9OKbu0J2phWEfG1AhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTERsanVpcXVXcjA0cHU3UW5hbUZZUjhiVUNFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYy8zODFlY2MtOWQ3NS00MWJhLTg1ZjYt
MTc2OTNlN2VhNjdhLzEvZFJibkliRXFiak1MMXdqaUxKMDBiUHpRcFZjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYy8zODFlY2MtOWQ3NS00MWJhLTg1ZjYtMTc2OTNlN2VhNjdh
LzEvTERsanVpcXVXcjA0cHU3UW5hbUZZUjhiVUNFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQDTp9AAwQA
Tp9WMA0GCSqGSIb3DQEBCwUAA4IBAQBS+IsZiWYIyEifYFd0DSEIQUvDrLgnixV0
upcWXWXIpHvJz8vOnaXJTPqBbPLrSKLGmyUl2mKRUnL/s+zi3prndsnAxZE4WQOX
gDxPPmJjEq5kN30QAGHl/U1nMyNdFiqXa5kE+Xc7wNnw/aDOkkz3ke/GWR5h+ymT
j1a5r1qF/aHOAd5V9Vy58E8jDPo2KunGcuZfHNXE1K+XmtCSzXxDfEB6eLQ+kW11
txZahFIQPl8af36Vuj6euX6sepf59BUOs3/HhvHQK1Ff3ttoOz0FS4sAInQvjHN7
iofMNbZp/HUB/O5d+rUGnV4x63hQXPiGZ+l+ijM7oB8umgWz9JjT
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:18:57 2025 by rpki-client