Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/b41ab6-b9f3-4b4a-9b7b-1ed10954bd96/1/Fo16ZreLHwJXDXXq4GeiicVv-ac.roa
File: Fo16ZreLHwJXDXXq4GeiicVv-ac.roa (raw, json)
Hash identifier: wssUu25qwt5nbTurLO4yvzBSQkML3Wdv2F0Ujlve5tw=
Subject key identifier: 16:8D:7A:66:B7:8B:1F:02:57:0D:75:EA:E0:67:A2:89:C5:6F:F9:A7
Certificate issuer: /CN=5753c06290a371994d7577318685f5bc4a538d47
Certificate serial: 02D05DDD
Authority key identifier: 57:53:C0:62:90:A3:71:99:4D:75:77:31:86:85:F5:BC:4A:53:8D:47
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/V1PAYpCjcZlNdXcxhoX1vEpTjUc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e7/b41ab6-b9f3-4b4a-9b7b-1ed10954bd96/1/Fo16ZreLHwJXDXXq4GeiicVv-ac.roa
Signing time: Sat 01 Jan 2022 13:02:35 +0000
ROA not before: Sat 01 Jan 2022 13:02:35 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 209835
IP address blocks: 158.172.143.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 47209949 (0x2d05ddd)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5753c06290a371994d7577318685f5bc4a538d47
Validity
Not Before: Jan 1 13:02:35 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=168d7a66b78b1f02570d75eae067a289c56ff9a7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:7e:d8:19:61:9b:c4:1b:9d:98:77:03:e0:57:
66:f2:73:dd:f2:03:dc:20:95:49:5d:73:d5:9b:45:
4d:5d:2d:af:bd:08:9a:28:4f:04:82:5d:c2:c0:d0:
93:46:93:61:d1:f7:7c:56:8c:9c:30:d4:db:8b:bf:
f0:5e:c5:27:8f:86:a3:ba:dc:fa:d4:24:b8:59:be:
08:28:93:6d:26:5c:1a:a5:8f:11:5d:06:c4:75:4b:
62:90:ae:88:73:31:26:ac:11:73:67:c3:31:44:1e:
48:c2:44:9e:ac:9d:1c:3d:a9:12:09:6d:2f:70:bc:
9c:e7:78:86:d2:a6:9f:93:5f:2d:ab:38:de:f7:62:
05:7f:c1:ea:eb:d5:06:5c:33:96:fc:06:07:61:14:
14:9e:86:e5:8d:bc:ca:23:c0:ed:6b:09:3a:ab:2b:
be:36:5d:dd:bf:fc:b2:14:f6:8a:1e:55:7f:3c:a5:
b3:60:01:5d:5d:87:8b:c8:01:92:27:51:7f:11:26:
ea:8e:f8:d3:7a:0c:30:e5:2e:61:4d:d6:be:73:58:
e5:e2:81:b1:55:fa:02:38:3a:9d:1b:a7:2f:14:ef:
16:dc:98:3d:fb:40:7c:39:ea:c5:9f:c1:21:d0:38:
7d:33:50:b8:b6:e7:15:49:9f:ba:4b:92:23:e4:63:
08:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
16:8D:7A:66:B7:8B:1F:02:57:0D:75:EA:E0:67:A2:89:C5:6F:F9:A7
X509v3 Authority Key Identifier:
keyid:57:53:C0:62:90:A3:71:99:4D:75:77:31:86:85:F5:BC:4A:53:8D:47
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/V1PAYpCjcZlNdXcxhoX1vEpTjUc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/b41ab6-b9f3-4b4a-9b7b-1ed10954bd96/1/Fo16ZreLHwJXDXXq4GeiicVv-ac.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/b41ab6-b9f3-4b4a-9b7b-1ed10954bd96/1/V1PAYpCjcZlNdXcxhoX1vEpTjUc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
158.172.143.0/24
Signature Algorithm: sha256WithRSAEncryption
75:5f:5f:aa:ed:9e:5c:8d:e4:c7:98:47:9f:86:bb:b0:cb:e3:
21:e6:04:c5:87:0e:e3:38:3c:97:2b:47:e1:88:2b:c5:e5:72:
bd:f6:3a:3b:b7:9c:fc:6c:79:90:8c:35:66:bc:97:cd:64:45:
45:1b:96:5a:12:7f:5e:5f:ef:5a:ae:60:b8:6e:7b:d9:5e:0e:
27:49:9b:40:9c:99:cd:79:e8:c9:7e:80:09:68:d7:3e:55:ba:
4d:da:9b:d6:66:51:db:1f:90:fe:bb:52:19:e6:e0:32:3a:2f:
92:e4:ef:40:88:ac:7e:fa:44:c5:f6:1e:b1:c5:db:d9:a5:ba:
9b:29:0c:27:58:02:fc:7e:86:e6:1b:e4:b0:92:49:c6:8b:0a:
53:58:d0:b9:4d:46:5f:84:05:e1:68:f5:11:7d:ef:31:92:91:
a9:86:20:4b:c2:36:8b:8e:2a:11:85:61:a5:c5:36:32:24:cc:
a2:88:82:57:4e:49:e4:3a:40:ee:5d:bc:64:75:bf:f7:db:a9:
15:b7:91:33:d6:a1:0a:a5:bf:05:e7:a7:cb:fa:0b:e7:dd:38:
29:1f:ba:20:4f:f6:28:42:47:ef:b7:7d:d7:ff:13:d4:d5:50:
f5:40:d7:e2:38:61:a6:af:2a:80:30:7b:e8:51:5d:dc:76:20:
a1:9b:4b:dc
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAtBd3TANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg1
NzUzYzA2MjkwYTM3MTk5NGQ3NTc3MzE4Njg1ZjViYzRhNTM4ZDQ3MB4XDTIyMDEw
MTEzMDIzNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMTY4ZDdhNjZiNzhi
MWYwMjU3MGQ3NWVhZTA2N2EyODljNTZmZjlhNzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALd+2Blhm8QbnZh3A+BXZvJz3fID3CCVSV1z1ZtFTV0tr70I
mihPBIJdwsDQk0aTYdH3fFaMnDDU24u/8F7FJ4+Go7rc+tQkuFm+CCiTbSZcGqWP
EV0GxHVLYpCuiHMxJqwRc2fDMUQeSMJEnqydHD2pEgltL3C8nOd4htKmn5NfLas4
3vdiBX/B6uvVBlwzlvwGB2EUFJ6G5Y28yiPA7WsJOqsrvjZd3b/8shT2ih5Vfzyl
s2ABXV2Hi8gBkidRfxEm6o7403oMMOUuYU3WvnNY5eKBsVX6Ajg6nRunLxTvFtyY
PftAfDnqxZ/BIdA4fTNQuLbnFUmfukuSI+RjCFkCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQWjXpmt4sfAlcNdergZ6KJxW/5pzAfBgNVHSMEGDAWgBRXU8BikKNxmU11
dzGGhfW8SlONRzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1YxUEFZcENqY1psTmRYY3hob1gxdkVwVGpVYy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZTcvYjQxYWI2LWI5ZjMtNGI0YS05YjdiLTFlZDEwOTU0YmQ5Ni8x
L0ZvMTZacmVMSHdKWERYWHE0R2VpaWNWdi1hYy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZTcv
YjQxYWI2LWI5ZjMtNGI0YS05YjdiLTFlZDEwOTU0YmQ5Ni8xL1YxUEFZcENqY1ps
TmRYY3hob1gxdkVwVGpVYy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAJ6sjzANBgkqhkiG9w0BAQsFAAOC
AQEAdV9fqu2eXI3kx5hHn4a7sMvjIeYExYcO4zg8lytH4YgrxeVyvfY6O7ec/Gx5
kIw1ZryXzWRFRRuWWhJ/Xl/vWq5guG572V4OJ0mbQJyZzXnoyX6ACWjXPlW6Tdqb
1mZR2x+Q/rtSGebgMjovkuTvQIisfvpExfYescXb2aW6mykMJ1gC/H6G5hvksJJJ
xosKU1jQuU1GX4QF4Wj1EX3vMZKRqYYgS8I2i44qEYVhpcU2MiTMooiCV05J5DpA
7l28ZHW/99upFbeRM9ahCqW/Beeny/oL5904KR+6IE/2KEJH77d91/8T1NVQ9UDX
4jhhpq8qgDB76FFd3HYgoZtL3A==
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:11:13 2025 by rpki-client