Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/b41ab6-b9f3-4b4a-9b7b-1ed10954bd96/1/J4dkbJCre-H1gtpj2ZTqJZR9zzo.roa
File: J4dkbJCre-H1gtpj2ZTqJZR9zzo.roa (raw, json)
Hash identifier: E/s/qHHyLK8buEIyVN2E4QKs55czBpWIU8CBLpz9lNM=
Subject key identifier: 27:87:64:6C:90:AB:7B:E1:F5:82:DA:63:D9:94:EA:25:94:7D:CF:3A
Certificate issuer: /CN=5753c06290a371994d7577318685f5bc4a538d47
Certificate serial: 018A80D365C8A1B89AA31CA12EBC8ACCC6A4
Authority key identifier: 57:53:C0:62:90:A3:71:99:4D:75:77:31:86:85:F5:BC:4A:53:8D:47
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/V1PAYpCjcZlNdXcxhoX1vEpTjUc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e7/b41ab6-b9f3-4b4a-9b7b-1ed10954bd96/1/J4dkbJCre-H1gtpj2ZTqJZR9zzo.roa
Signing time: Sun 10 Sep 2023 20:40:52 +0000
ROA not before: Sun 10 Sep 2023 20:40:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 27882
IP address blocks: 158.172.224.0/21 maxlen: 21
158.172.224.0/20 maxlen: 20
158.172.224.0/19 maxlen: 19
158.172.226.0/23 maxlen: 23
158.172.224.0/22 maxlen: 22
158.172.226.0/24 maxlen: 24
158.172.224.0/24 maxlen: 24
158.172.224.0/23 maxlen: 23
158.172.225.0/24 maxlen: 24
158.172.232.0/21 maxlen: 21
158.172.232.0/23 maxlen: 23
158.172.233.0/24 maxlen: 24
158.172.227.0/24 maxlen: 24
158.172.228.0/23 maxlen: 23
158.172.231.0/24 maxlen: 24
158.172.232.0/24 maxlen: 24
158.172.232.0/22 maxlen: 22
158.172.228.0/22 maxlen: 22
158.172.229.0/24 maxlen: 24
158.172.228.0/24 maxlen: 24
158.172.230.0/24 maxlen: 24
158.172.230.0/23 maxlen: 23
158.172.240.0/23 maxlen: 23
158.172.239.0/24 maxlen: 24
158.172.240.0/24 maxlen: 24
158.172.240.0/22 maxlen: 22
158.172.238.0/24 maxlen: 24
158.172.238.0/23 maxlen: 23
158.172.236.0/23 maxlen: 23
158.172.234.0/24 maxlen: 24
158.172.235.0/24 maxlen: 24
158.172.234.0/23 maxlen: 23
158.172.236.0/24 maxlen: 24
158.172.236.0/22 maxlen: 22
158.172.237.0/24 maxlen: 24
158.172.246.0/24 maxlen: 24
158.172.246.0/23 maxlen: 23
158.172.240.0/21 maxlen: 21
158.172.240.0/20 maxlen: 20
158.172.245.0/24 maxlen: 24
158.172.243.0/24 maxlen: 24
158.172.244.0/24 maxlen: 24
158.172.244.0/23 maxlen: 23
158.172.244.0/22 maxlen: 22
158.172.241.0/24 maxlen: 24
158.172.242.0/23 maxlen: 23
158.172.242.0/24 maxlen: 24
158.172.253.0/24 maxlen: 24
158.172.252.0/22 maxlen: 22
158.172.252.0/23 maxlen: 23
158.172.252.0/24 maxlen: 24
158.172.250.0/23 maxlen: 23
158.172.250.0/24 maxlen: 24
158.172.248.0/21 maxlen: 21
158.172.249.0/24 maxlen: 24
158.172.248.0/22 maxlen: 22
158.172.251.0/24 maxlen: 24
158.172.248.0/24 maxlen: 24
158.172.248.0/23 maxlen: 23
158.172.247.0/24 maxlen: 24
158.172.255.0/24 maxlen: 24
158.172.254.0/24 maxlen: 24
158.172.254.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:80:d3:65:c8:a1:b8:9a:a3:1c:a1:2e:bc:8a:cc:c6:a4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5753c06290a371994d7577318685f5bc4a538d47
Validity
Not Before: Sep 10 20:40:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2787646c90ab7be1f582da63d994ea25947dcf3a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:c5:52:74:cd:5d:b1:40:67:29:3d:c3:72:49:
87:15:37:2c:8e:aa:75:1c:12:fa:f8:48:5b:26:6c:
2b:84:e7:ac:09:1f:60:90:05:2f:25:f7:d4:c1:11:
39:3c:8f:6a:09:17:6a:8e:31:11:ed:e6:0d:e0:8f:
a2:63:3b:f7:e1:f3:49:fe:1c:97:0d:39:b0:7f:bb:
4b:8a:b4:47:c5:c0:70:8d:59:48:f2:51:75:54:c9:
fd:31:dc:20:96:b3:01:50:77:b5:18:6f:48:4a:6d:
60:81:74:68:d3:4b:7a:fb:b2:45:67:19:4e:2d:a6:
6f:5d:77:78:86:30:39:d5:9a:81:25:22:1a:4e:29:
06:d7:4a:ed:89:60:68:ce:74:8a:17:1e:94:6e:cf:
b3:b4:64:dc:d9:01:2a:1f:53:8d:9d:ae:09:14:2d:
43:f6:89:38:3f:94:26:9e:03:a8:dd:56:e1:67:67:
9d:b3:f4:b6:e3:5b:71:5f:e0:fc:60:6f:92:7f:f8:
55:de:23:1f:c4:d8:81:73:bc:60:4d:6b:42:dc:47:
49:c5:96:05:ea:ba:20:6e:c8:fc:87:fb:f1:dd:4c:
0c:7a:bd:96:57:d8:66:6c:62:c2:7b:10:3a:6b:8c:
a1:1a:94:31:c5:ba:5e:57:72:d0:24:40:a8:6d:9f:
d8:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
27:87:64:6C:90:AB:7B:E1:F5:82:DA:63:D9:94:EA:25:94:7D:CF:3A
X509v3 Authority Key Identifier:
keyid:57:53:C0:62:90:A3:71:99:4D:75:77:31:86:85:F5:BC:4A:53:8D:47
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/V1PAYpCjcZlNdXcxhoX1vEpTjUc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/b41ab6-b9f3-4b4a-9b7b-1ed10954bd96/1/J4dkbJCre-H1gtpj2ZTqJZR9zzo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/b41ab6-b9f3-4b4a-9b7b-1ed10954bd96/1/V1PAYpCjcZlNdXcxhoX1vEpTjUc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
158.172.224.0/19
Signature Algorithm: sha256WithRSAEncryption
b7:7f:58:f3:b2:71:a1:97:4e:6c:54:5b:e8:eb:1e:e3:c4:95:
35:55:29:d1:2d:c5:a2:dd:55:e6:0b:92:1c:ab:c6:8f:3f:a4:
37:3c:5d:68:ad:4d:47:ad:ce:1a:e8:67:fb:72:08:c7:84:97:
97:8f:d9:55:b6:04:54:30:6b:a3:28:63:49:07:f9:ed:01:e6:
da:ae:75:22:42:27:eb:e4:2e:c6:69:44:87:46:a2:0b:e3:c7:
69:c7:0f:ee:0c:1e:53:47:82:91:16:1e:8f:38:b2:d4:fd:c3:
67:56:bc:a7:45:c9:48:39:1c:e1:61:af:9a:70:ad:38:fa:66:
e9:e2:d8:70:e9:94:ee:1a:c1:46:4a:b9:ea:66:9b:c7:87:65:
33:05:fd:ae:99:1b:0b:2f:10:df:72:48:6d:35:55:b6:a9:3c:
9b:cd:92:cb:ba:85:76:5b:64:a0:69:3c:e3:86:5c:ff:56:1c:
aa:7d:07:6c:d1:90:ef:86:ba:9e:b7:e1:d3:88:73:3b:53:16:
b2:e3:01:68:2a:1a:bd:fa:0c:bd:ab:a4:4c:85:c3:fe:aa:29:
54:7b:f4:83:0b:20:57:fc:3d:4e:d7:51:aa:5f:fc:0f:f0:68:
41:2a:6c:23:95:e6:30:81:76:11:a4:d3:a0:be:a7:ea:38:f4:
f1:66:04:ad
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYqA02XIobiaoxyhLryKzMakMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU3NTNjMDYyOTBhMzcxOTk0ZDc1NzczMTg2ODVmNWJjNGE1
MzhkNDcwHhcNMjMwOTEwMjA0MDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNzg3NjQ2YzkwYWI3YmUxZjU4MmRhNjNkOTk0ZWEyNTk0N2RjZjNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAusVSdM1dsUBnKT3DckmHFTcsjqp1
HBL6+EhbJmwrhOesCR9gkAUvJffUwRE5PI9qCRdqjjER7eYN4I+iYzv34fNJ/hyX
DTmwf7tLirRHxcBwjVlI8lF1VMn9MdwglrMBUHe1GG9ISm1ggXRo00t6+7JFZxlO
LaZvXXd4hjA51ZqBJSIaTikG10rtiWBoznSKFx6Ubs+ztGTc2QEqH1ONna4JFC1D
9ok4P5QmngOo3VbhZ2eds/S241txX+D8YG+Sf/hV3iMfxNiBc7xgTWtC3EdJxZYF
6rogbsj8h/vx3UwMer2WV9hmbGLCexA6a4yhGpQxxbpeV3LQJECobZ/YsQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCeHZGyQq3vh9YLaY9mU6iWUfc86MB8GA1UdIwQY
MBaAFFdTwGKQo3GZTXV3MYaF9bxKU41HMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVjFQQVlwQ2pjWmxOZFhjeGhvWDF2RXBUalVjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNy9iNDFhYjYtYjlmMy00YjRhLTliN2It
MWVkMTA5NTRiZDk2LzEvSjRka2JKQ3JlLUgxZ3RwajJaVHFKWlI5enpvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNy9iNDFhYjYtYjlmMy00YjRhLTliN2ItMWVkMTA5NTRiZDk2
LzEvVjFQQVlwQ2pjWmxOZFhjeGhvWDF2RXBUalVjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQFnqzgMA0G
CSqGSIb3DQEBCwUAA4IBAQC3f1jzsnGhl05sVFvo6x7jxJU1VSnRLcWi3VXmC5Ic
q8aPP6Q3PF1orU1Hrc4a6Gf7cgjHhJeXj9lVtgRUMGujKGNJB/ntAebarnUiQifr
5C7GaUSHRqIL48dpxw/uDB5TR4KRFh6POLLU/cNnVrynRclIORzhYa+acK04+mbp
4thw6ZTuGsFGSrnqZpvHh2UzBf2umRsLLxDfckhtNVW2qTybzZLLuoV2W2SgaTzj
hlz/VhyqfQds0ZDvhrqet+HTiHM7Uxay4wFoKhq9+gy9q6RMhcP+qilUe/SDCyBX
/D1O11GqX/wP8GhBKmwjleYwgXYRpNOgvqfqOPTxZgSt
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:00:51 2025 by rpki-client