Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/M53UP8PnN7vr559AKWSyzcRWj0g.roa
File: M53UP8PnN7vr559AKWSyzcRWj0g.roa (raw, json)
Hash identifier: 8H5yvNJkiGyWfYY1qRAaWIeBXMSIfzM9Dyh6Ajg2v2Q=
Subject key identifier: 33:9D:D4:3F:C3:E7:37:BB:EB:E7:9F:40:29:64:B2:CD:C4:56:8F:48
Certificate issuer: /CN=2d1caa69358f8c98f7a719f2597d5daddbd0018c
Certificate serial: 018572DF206A15C41A0DEC816C22CBC2C7A9
Authority key identifier: 2D:1C:AA:69:35:8F:8C:98:F7:A7:19:F2:59:7D:5D:AD:DB:D0:01:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LRyqaTWPjJj3pxnyWX1drdvQAYw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/M53UP8PnN7vr559AKWSyzcRWj0g.roa
Signing time: Mon 02 Jan 2023 14:25:03 +0000
ROA not before: Mon 02 Jan 2023 14:25:03 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207249
IP address blocks: 78.159.130.0/24 maxlen: 24
93.152.233.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:df:20:6a:15:c4:1a:0d:ec:81:6c:22:cb:c2:c7:a9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2d1caa69358f8c98f7a719f2597d5daddbd0018c
Validity
Not Before: Jan 2 14:25:03 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=339dd43fc3e737bbebe79f402964b2cdc4568f48
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:e7:1d:8c:ec:f9:76:76:9f:ce:9e:ee:03:8e:
23:af:2d:8c:79:ef:7c:c8:fa:e0:60:b9:68:64:24:
43:82:0f:ff:fa:48:eb:26:2a:a7:ba:55:f7:8d:ff:
19:73:e7:62:90:14:f4:50:11:23:04:cf:68:b7:a1:
4f:e0:e3:e6:dc:5d:46:b9:0a:33:0b:4c:b1:33:b6:
9c:79:c9:bc:a0:e1:fb:4d:41:02:26:9a:c1:6b:d5:
74:bb:ee:4e:94:88:e8:11:04:25:8e:aa:f7:16:f3:
59:4d:7d:2f:d8:c3:74:7f:0a:54:97:9a:da:92:09:
29:22:8e:c7:ab:72:5b:1d:3f:26:a6:71:8a:5e:a6:
ee:a1:0e:48:f5:b5:9e:40:8e:73:6b:f3:97:f8:66:
5c:ac:10:71:4a:e2:cc:98:65:40:e3:c9:0c:66:26:
8f:e0:42:ee:f5:9b:c4:a2:c8:9c:a6:f3:da:dc:ee:
7c:fe:3a:cc:7c:0c:b2:ec:81:e4:86:d2:56:7a:bf:
63:98:59:d9:af:86:8e:1d:11:48:a3:ae:dd:d4:fd:
de:28:7e:4b:14:9a:f8:37:1d:d2:b0:f5:35:7a:ad:
3a:59:73:f9:10:98:49:31:ef:ca:96:53:6d:52:e6:
22:56:ba:a1:be:e4:1b:aa:73:b3:9d:16:e9:67:ff:
54:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:9D:D4:3F:C3:E7:37:BB:EB:E7:9F:40:29:64:B2:CD:C4:56:8F:48
X509v3 Authority Key Identifier:
keyid:2D:1C:AA:69:35:8F:8C:98:F7:A7:19:F2:59:7D:5D:AD:DB:D0:01:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LRyqaTWPjJj3pxnyWX1drdvQAYw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/M53UP8PnN7vr559AKWSyzcRWj0g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/LRyqaTWPjJj3pxnyWX1drdvQAYw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.159.130.0/24
93.152.233.0/24
Signature Algorithm: sha256WithRSAEncryption
15:9c:f3:b3:fa:cb:4a:24:82:e3:c2:4c:5d:0b:8d:43:fd:60:
20:b1:12:87:c0:22:a3:59:66:ee:51:65:89:47:0a:b1:f0:43:
4a:90:31:0f:ee:0b:10:ba:ae:fc:43:e1:4e:6f:99:63:29:38:
65:95:6e:b0:26:6a:da:92:03:84:9d:c5:c8:68:cd:58:fb:e9:
ad:17:67:61:6a:ed:9a:33:2b:12:7d:fb:b2:05:04:6a:3b:3f:
24:b7:84:76:3a:da:b9:bb:45:b4:57:0d:ff:0f:b2:61:e5:97:
c0:6f:a4:d5:00:63:47:b3:05:af:31:37:d0:19:0a:9a:f0:db:
4d:9f:08:d4:15:7b:2b:87:f9:a7:27:09:e0:48:11:fb:80:cc:
87:47:ec:7e:07:ab:41:db:20:e1:9e:d5:88:4a:2d:c2:5b:b5:
d9:68:25:5f:04:df:84:15:30:33:5f:15:8d:dd:74:9d:4d:25:
c3:73:52:70:38:14:ba:96:9d:ed:9c:f7:6d:8d:8e:a9:e5:27:
28:fa:46:e6:bb:e5:16:9e:3b:fd:fc:66:47:75:4a:d6:22:cf:
f1:f0:d8:75:3f:14:83:2c:9c:b8:63:79:2c:43:5c:ea:60:8d:
a4:cf:5d:7d:12:56:0b:ef:c6:53:3a:ad:c4:d3:39:5f:4f:67:
5c:07:da:ac
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVy3yBqFcQaDeyBbCLLwsepMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJkMWNhYTY5MzU4ZjhjOThmN2E3MTlmMjU5N2Q1ZGFkZGJk
MDAxOGMwHhcNMjMwMTAyMTQyNTAzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMzlkZDQzZmMzZTczN2JiZWJlNzlmNDAyOTY0YjJjZGM0NTY4ZjQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2+cdjOz5dnafzp7uA44jry2Mee98
yPrgYLloZCRDgg//+kjrJiqnulX3jf8Zc+dikBT0UBEjBM9ot6FP4OPm3F1GuQoz
C0yxM7acecm8oOH7TUECJprBa9V0u+5OlIjoEQQljqr3FvNZTX0v2MN0fwpUl5ra
kgkpIo7Hq3JbHT8mpnGKXqbuoQ5I9bWeQI5za/OX+GZcrBBxSuLMmGVA48kMZiaP
4ELu9ZvEosicpvPa3O58/jrMfAyy7IHkhtJWer9jmFnZr4aOHRFIo67d1P3eKH5L
FJr4Nx3SsPU1eq06WXP5EJhJMe/KllNtUuYiVrqhvuQbqnOznRbpZ/9UwwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFDOd1D/D5ze76+efQClkss3EVo9IMB8GA1UdIwQY
MBaAFC0cqmk1j4yY96cZ8ll9Xa3b0AGMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTFJ5cWFUV1BqSmozcHhueVdYMWRyZHZRQVl3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi9hOTM2OTktMTg4Yi00NzBhLTk2Yjct
MjliMDg1ZGQyM2FkLzEvTTUzVVA4UG5ON3ZyNTU5QUtXU3l6Y1JXajBnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZi9hOTM2OTktMTg4Yi00NzBhLTk2YjctMjliMDg1ZGQyM2Fk
LzEvTFJ5cWFUV1BqSmozcHhueVdYMWRyZHZRQVl3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQATp+CAwQA
XZjpMA0GCSqGSIb3DQEBCwUAA4IBAQAVnPOz+stKJILjwkxdC41D/WAgsRKHwCKj
WWbuUWWJRwqx8ENKkDEP7gsQuq78Q+FOb5ljKThllW6wJmrakgOEncXIaM1Y++mt
F2dhau2aMysSffuyBQRqOz8kt4R2Otq5u0W0Vw3/D7Jh5ZfAb6TVAGNHswWvMTfQ
GQqa8NtNnwjUFXsrh/mnJwngSBH7gMyHR+x+B6tB2yDhntWISi3CW7XZaCVfBN+E
FTAzXxWN3XSdTSXDc1JwOBS6lp3tnPdtjY6p5Sco+kbmu+UWnjv9/GZHdUrWIs/x
8Nh1PxSDLJy4Y3ksQ1zqYI2kz119ElYL78ZTOq3E0zlfT2dcB9qs
-----END CERTIFICATE-----
Generated at Sun Feb 16 22:04:48 2025 by rpki-client