Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/b41ab6-b9f3-4b4a-9b7b-1ed10954bd96/1/4ZZnhC5mlPQNLs_RqJRxkiAVO_w.roa
File: 4ZZnhC5mlPQNLs_RqJRxkiAVO_w.roa (raw, json)
Hash identifier: z+YkkEQL+eteFlYLxCWvDGojp0LvBgNuK5JTVRDNqYg=
Subject key identifier: E1:96:67:84:2E:66:94:F4:0D:2E:CF:D1:A8:94:71:92:20:15:3B:FC
Certificate issuer: /CN=5753c06290a371994d7577318685f5bc4a538d47
Certificate serial: 02CE1C35
Authority key identifier: 57:53:C0:62:90:A3:71:99:4D:75:77:31:86:85:F5:BC:4A:53:8D:47
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/V1PAYpCjcZlNdXcxhoX1vEpTjUc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e7/b41ab6-b9f3-4b4a-9b7b-1ed10954bd96/1/4ZZnhC5mlPQNLs_RqJRxkiAVO_w.roa
Signing time: Sat 01 Jan 2022 13:02:34 +0000
ROA not before: Sat 01 Jan 2022 13:02:34 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 200845
IP address blocks: 158.172.131.0/24 maxlen: 24
158.172.130.0/24 maxlen: 24
158.172.128.0/22 maxlen: 22
158.172.129.0/24 maxlen: 24
158.172.128.0/24 maxlen: 24
158.172.132.0/24 maxlen: 24
158.172.132.0/22 maxlen: 22
158.172.136.0/22 maxlen: 22
158.172.135.0/24 maxlen: 24
158.172.134.0/24 maxlen: 24
158.172.133.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 47062069 (0x2ce1c35)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5753c06290a371994d7577318685f5bc4a538d47
Validity
Not Before: Jan 1 13:02:34 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=e19667842e6694f40d2ecfd1a894719220153bfc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:cd:ed:99:60:08:cd:5c:2a:db:bf:d2:f5:d8:
3a:4b:5e:53:c3:fb:af:19:f6:b6:32:20:05:ed:4b:
1f:84:3a:6a:c8:96:68:b0:8c:03:e0:2b:82:9e:c7:
2b:6b:47:0b:a7:76:ee:ea:ef:bc:1e:44:b7:83:df:
a4:94:c5:c1:eb:bd:43:af:71:3c:a9:aa:92:e0:af:
9c:4f:03:98:22:fd:c1:df:b2:db:9a:07:be:dc:0b:
c1:82:43:5b:19:fb:fd:17:68:db:7d:a9:da:31:f7:
c4:f4:e7:26:96:a3:0e:f3:cb:d0:40:7a:4f:62:65:
8b:6e:12:75:d2:32:ee:ec:e8:db:08:4c:20:f0:0b:
40:ec:e7:e7:48:6c:bf:7c:c4:1f:62:64:53:66:30:
cf:ba:53:67:bf:0a:90:fb:d3:18:7d:c0:9d:30:ec:
e1:b7:4a:1c:05:4e:73:63:1c:6d:69:82:54:18:2d:
72:80:50:68:e5:27:e2:32:8c:6d:d2:8e:2e:ef:1b:
1b:a6:f3:02:f2:b5:3d:9f:7b:f1:4f:7b:44:b6:d7:
09:96:04:b5:7d:df:2b:a9:8b:a0:56:32:25:0d:14:
53:3a:99:80:93:69:a0:d7:fb:f2:18:8b:b5:dc:00:
23:0f:b2:b8:01:dd:fb:73:5a:0d:ab:ab:05:da:3d:
44:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:96:67:84:2E:66:94:F4:0D:2E:CF:D1:A8:94:71:92:20:15:3B:FC
X509v3 Authority Key Identifier:
keyid:57:53:C0:62:90:A3:71:99:4D:75:77:31:86:85:F5:BC:4A:53:8D:47
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/V1PAYpCjcZlNdXcxhoX1vEpTjUc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/b41ab6-b9f3-4b4a-9b7b-1ed10954bd96/1/4ZZnhC5mlPQNLs_RqJRxkiAVO_w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/b41ab6-b9f3-4b4a-9b7b-1ed10954bd96/1/V1PAYpCjcZlNdXcxhoX1vEpTjUc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
158.172.128.0-158.172.139.255
Signature Algorithm: sha256WithRSAEncryption
84:c9:9b:bf:1a:1d:3a:8e:1d:4f:86:5f:d4:33:8f:fb:c7:52:
39:e0:50:e7:c4:96:80:ac:86:34:b3:7e:4b:38:0a:ad:79:d2:
98:4d:47:f7:ad:5b:98:ee:92:f1:6e:7b:af:f6:23:64:ac:49:
54:06:ae:2b:8e:60:5a:2b:04:be:11:75:ab:0a:e3:26:7a:0f:
30:7d:d0:5b:e8:56:90:ee:e3:bd:17:13:5a:5a:3d:ba:db:b2:
ee:01:51:54:76:a0:0f:75:71:c2:91:bb:bd:96:6b:52:34:ad:
b2:e6:11:e7:cc:0e:39:2b:bc:ac:4c:26:19:f6:9b:2f:43:79:
75:43:66:16:4b:50:9b:15:d4:d3:b4:6b:6c:93:86:e6:cd:67:
8f:9d:11:61:d9:33:40:1d:9f:d5:f1:02:03:14:50:f0:28:74:
24:c6:49:0f:b9:12:1d:bf:c8:a1:0f:9b:4e:19:4e:28:4c:07:
be:29:b0:85:58:41:33:4d:58:1a:19:3d:c6:24:b9:a5:64:e0:
00:00:44:ca:d7:5e:44:b8:a6:b7:c0:23:d6:79:68:21:5b:26:
9c:1b:4d:a8:45:b2:ff:e6:11:54:5f:fb:0b:d7:27:fb:25:c3:
81:a0:df:fc:0c:35:8c:4e:cd:9a:91:56:17:1f:2e:9d:09:9b:
02:d3:f9:8e
-----BEGIN CERTIFICATE-----
MIIE9zCCA9+gAwIBAgIEAs4cNTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg1
NzUzYzA2MjkwYTM3MTk5NGQ3NTc3MzE4Njg1ZjViYzRhNTM4ZDQ3MB4XDTIyMDEw
MTEzMDIzNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZTE5NjY3ODQyZTY2
OTRmNDBkMmVjZmQxYTg5NDcxOTIyMDE1M2JmYzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALvN7ZlgCM1cKtu/0vXYOkteU8P7rxn2tjIgBe1LH4Q6asiW
aLCMA+Argp7HK2tHC6d27urvvB5Et4PfpJTFweu9Q69xPKmqkuCvnE8DmCL9wd+y
25oHvtwLwYJDWxn7/Rdo232p2jH3xPTnJpajDvPL0EB6T2Jli24SddIy7uzo2whM
IPALQOzn50hsv3zEH2JkU2Ywz7pTZ78KkPvTGH3AnTDs4bdKHAVOc2McbWmCVBgt
coBQaOUn4jKMbdKOLu8bG6bzAvK1PZ978U97RLbXCZYEtX3fK6mLoFYyJQ0UUzqZ
gJNpoNf78hiLtdwAIw+yuAHd+3NaDaurBdo9RJMCAwEAAaOCAhEwggINMB0GA1Ud
DgQWBBThlmeELmaU9A0uz9GolHGSIBU7/DAfBgNVHSMEGDAWgBRXU8BikKNxmU11
dzGGhfW8SlONRzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1YxUEFZcENqY1psTmRYY3hob1gxdkVwVGpVYy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZTcvYjQxYWI2LWI5ZjMtNGI0YS05YjdiLTFlZDEwOTU0YmQ5Ni8x
LzRaWm5oQzVtbFBRTkxzX1JxSlJ4a2lBVk9fdy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZTcv
YjQxYWI2LWI5ZjMtNGI0YS05YjdiLTFlZDEwOTU0YmQ5Ni8xL1YxUEFZcENqY1ps
TmRYY3hob1gxdkVwVGpVYy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAn
BggrBgEFBQcBBwEB/wQYMBYwFAQCAAEwDjAMAwQHnqyAAwQCnqyIMA0GCSqGSIb3
DQEBCwUAA4IBAQCEyZu/Gh06jh1Phl/UM4/7x1I54FDnxJaArIY0s35LOAqtedKY
TUf3rVuY7pLxbnuv9iNkrElUBq4rjmBaKwS+EXWrCuMmeg8wfdBb6FaQ7uO9FxNa
Wj2627LuAVFUdqAPdXHCkbu9lmtSNK2y5hHnzA45K7ysTCYZ9psvQ3l1Q2YWS1Cb
FdTTtGtsk4bmzWePnRFh2TNAHZ/V8QIDFFDwKHQkxkkPuRIdv8ihD5tOGU4oTAe+
KbCFWEEzTVgaGT3GJLmlZOAAAETK115EuKa3wCPWeWghWyacG02oRbL/5hFUX/sL
1yf7JcOBoN/8DDWMTs2akVYXHy6dCZsC0/mO
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:07:18 2025 by rpki-client