Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dc/381ecc-9d75-41ba-85f6-17693e7ea67a/1/tePdPA03cP_eFa-P-oGJXOftloI.roa
File: tePdPA03cP_eFa-P-oGJXOftloI.roa (raw, json)
Hash identifier: TYPYLQv3vAtY57kuNp6HsOBdqBdmXauEIcybRvt0YEI=
Subject key identifier: B5:E3:DD:3C:0D:37:70:FF:DE:15:AF:8F:FA:81:89:5C:E7:ED:96:82
Certificate issuer: /CN=2c3963ba2aae5abd38a6eed09da985611f1b5021
Certificate serial: 01849F7C5853CCE9C845DF35718B3687F7AE
Authority key identifier: 2C:39:63:BA:2A:AE:5A:BD:38:A6:EE:D0:9D:A9:85:61:1F:1B:50:21
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LDljuiquWr04pu7QnamFYR8bUCE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dc/381ecc-9d75-41ba-85f6-17693e7ea67a/1/tePdPA03cP_eFa-P-oGJXOftloI.roa
Signing time: Tue 22 Nov 2022 13:17:17 +0000
ROA not before: Tue 22 Nov 2022 13:17:17 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 203287
IP address blocks: 78.159.85.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:9f:7c:58:53:cc:e9:c8:45:df:35:71:8b:36:87:f7:ae
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2c3963ba2aae5abd38a6eed09da985611f1b5021
Validity
Not Before: Nov 22 13:17:17 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=b5e3dd3c0d3770ffde15af8ffa81895ce7ed9682
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:10:86:9b:d7:5c:47:97:16:6e:09:f2:d8:63:
6f:78:65:d7:77:66:71:67:90:f6:9e:c8:7a:f9:6f:
d3:e6:5d:bc:05:5a:6a:8f:19:3d:b3:51:a7:03:55:
dc:d7:b0:a8:0c:c7:8c:73:c4:7a:78:dc:b3:bd:7b:
43:1f:02:9f:29:58:c0:ef:3e:13:08:3b:f2:43:e2:
11:a3:ae:7c:41:c0:a1:8a:89:12:eb:c0:bf:37:f8:
c9:cd:61:d4:fd:1b:db:46:af:4b:ea:30:89:73:20:
4d:a0:0a:b3:c1:06:a1:09:72:22:7d:0d:52:e8:9f:
36:a0:dc:f3:34:dd:04:0d:13:31:05:29:4a:85:9c:
2d:7c:b7:38:4e:ad:7b:75:11:de:18:f9:b2:87:ea:
6d:a6:68:18:45:1f:7b:6a:f1:a2:a7:26:c6:e3:72:
ef:ed:73:92:4c:c6:63:a0:76:b7:9e:94:e0:25:13:
ac:8a:c0:a5:d0:aa:0c:70:5f:65:44:f4:ce:a5:1b:
15:e1:23:8b:6f:84:1a:e3:4d:67:cb:f8:4f:3d:96:
9d:1d:3c:f7:6e:48:45:ad:fd:f0:5e:c6:c6:8a:de:
51:0f:6c:4a:bf:dc:7a:96:cd:64:d9:b8:15:21:c3:
74:9f:a1:db:72:63:c8:64:58:f9:88:1f:41:4c:06:
a8:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:E3:DD:3C:0D:37:70:FF:DE:15:AF:8F:FA:81:89:5C:E7:ED:96:82
X509v3 Authority Key Identifier:
keyid:2C:39:63:BA:2A:AE:5A:BD:38:A6:EE:D0:9D:A9:85:61:1F:1B:50:21
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LDljuiquWr04pu7QnamFYR8bUCE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/381ecc-9d75-41ba-85f6-17693e7ea67a/1/tePdPA03cP_eFa-P-oGJXOftloI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/381ecc-9d75-41ba-85f6-17693e7ea67a/1/LDljuiquWr04pu7QnamFYR8bUCE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.159.85.0/24
Signature Algorithm: sha256WithRSAEncryption
4b:cf:89:2d:8d:51:29:88:bb:ce:d3:7a:29:4f:73:0b:0b:71:
ab:60:01:50:a6:cc:c2:f2:df:3b:fb:40:0b:96:dd:48:86:82:
ec:c5:45:95:d2:3d:20:17:ce:a0:09:01:e4:1f:c3:49:18:57:
29:74:90:3b:f8:7c:5c:a6:28:59:93:05:b5:6f:a7:51:81:86:
81:94:55:f2:58:68:d6:26:8e:2e:c9:fe:70:72:02:f4:06:b4:
75:f1:15:12:c8:92:b1:41:2d:16:47:39:9f:75:87:0f:7f:fe:
cb:3f:1c:b6:d6:e0:c8:4f:e5:cb:13:d5:88:0f:ff:bf:41:67:
85:d7:cb:22:96:2f:39:bb:04:f9:4d:af:f9:db:95:74:4c:44:
6e:7d:e5:1d:79:8d:78:39:9a:37:28:e4:9b:1c:0b:03:96:9a:
60:25:d2:90:1b:7e:f2:81:47:3c:50:fb:11:72:29:b0:ef:a7:
48:1d:1b:19:e8:cd:9e:da:42:4c:11:3c:00:13:90:41:38:38:
df:2a:1c:61:eb:94:39:fb:c3:19:0c:e3:6b:4f:ff:91:97:0c:
62:58:60:5d:6f:ac:de:04:33:96:1f:6f:a2:47:6a:bd:2f:42:
77:1f:7d:a1:46:31:4d:b2:b8:96:2f:4a:61:cf:0c:10:f9:66:
49:d3:04:c2
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYSffFhTzOnIRd81cYs2h/euMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJjMzk2M2JhMmFhZTVhYmQzOGE2ZWVkMDlkYTk4NTYxMWYx
YjUwMjEwHhcNMjIxMTIyMTMxNzE3WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNWUzZGQzYzBkMzc3MGZmZGUxNWFmOGZmYTgxODk1Y2U3ZWQ5NjgyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuBCGm9dcR5cWbgny2GNveGXXd2Zx
Z5D2nsh6+W/T5l28BVpqjxk9s1GnA1Xc17CoDMeMc8R6eNyzvXtDHwKfKVjA7z4T
CDvyQ+IRo658QcChiokS68C/N/jJzWHU/RvbRq9L6jCJcyBNoAqzwQahCXIifQ1S
6J82oNzzNN0EDRMxBSlKhZwtfLc4Tq17dRHeGPmyh+ptpmgYRR97avGipybG43Lv
7XOSTMZjoHa3npTgJROsisCl0KoMcF9lRPTOpRsV4SOLb4Qa401ny/hPPZadHTz3
bkhFrf3wXsbGit5RD2xKv9x6ls1k2bgVIcN0n6HbcmPIZFj5iB9BTAao8QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLXj3TwNN3D/3hWvj/qBiVzn7ZaCMB8GA1UdIwQY
MBaAFCw5Y7oqrlq9OKbu0J2phWEfG1AhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTERsanVpcXVXcjA0cHU3UW5hbUZZUjhiVUNFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYy8zODFlY2MtOWQ3NS00MWJhLTg1ZjYt
MTc2OTNlN2VhNjdhLzEvdGVQZFBBMDNjUF9lRmEtUC1vR0pYT2Z0bG9JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYy8zODFlY2MtOWQ3NS00MWJhLTg1ZjYtMTc2OTNlN2VhNjdh
LzEvTERsanVpcXVXcjA0cHU3UW5hbUZZUjhiVUNFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQATp9VMA0G
CSqGSIb3DQEBCwUAA4IBAQBLz4ktjVEpiLvO03opT3MLC3GrYAFQpszC8t87+0AL
lt1IhoLsxUWV0j0gF86gCQHkH8NJGFcpdJA7+HxcpihZkwW1b6dRgYaBlFXyWGjW
Jo4uyf5wcgL0BrR18RUSyJKxQS0WRzmfdYcPf/7LPxy21uDIT+XLE9WID/+/QWeF
18sili85uwT5Ta/525V0TERufeUdeY14OZo3KOSbHAsDlppgJdKQG37ygUc8UPsR
cimw76dIHRsZ6M2e2kJMETwAE5BBODjfKhxh65Q5+8MZDONrT/+RlwxiWGBdb6ze
BDOWH2+iR2q9L0J3H32hRjFNsriWL0phzwwQ+WZJ0wTC
-----END CERTIFICATE-----
Generated at Wed Apr 23 12:36:33 2025 by rpki-client